Author: cantechit

Meraki – What is so special?

cantechit Meraki

Meraki has been in the limelight for some time, however when Cisco started to really put money into the organisation, and let them use some of their IP, the R&D really took off. In the past year and a bit we have seen amazing things come out of the Meraki camp, and the new MC74 telephone is just one of those very interesting developments.

Many call me a “fan boy” but really I am just a “get things done” person – and when it comes to the needs of a large majority of my clients, I can get things done, faster and better much of the time with Meraki.

I really see Meraki as ahead of its time, if you look at disruptive technologies like the Apple Newton or Google Glass – these were all technologies that simply came out too early. This is why I feel many people do not understand the real benefits of something like Meraki.

Why am I calling it “Meraki” – why not talk about switches, routers, firewalls and features. That’s because just like Meraki’s own marketing campaign “Full Stack” I like to call the entire suite “Meraki” – as a single entity.

Automation At Heart

There is two camps out there right now, the SDN camp which is really focused at those doing difficult things many times – and then there is the automation camp which is really more related to doing difficult things easier.

For those in the super huge enterprise, or service provider space, they need to automate difficult things because it takes a long time. For those in Medium business space, we need to automate because it makes what we do easier, Cisco is leading the way with features like iWAN App and EasyQOS are leading the charge when it comes to enterprise automation.

However just like these products are new, and somewhat mis-understood, I think the real value of Meraki is baked right in, it is the ability to automate the difficult tasks that provides value.

If you are an organisation of 100-250 people, your IT budget is not getting big enough fast enough, and your team is not doubling as your workload is – so making things easier to manage through automation and simplification must be a focus.

Time to Value

I keep saying that I want to have a race, pick IT equipment vendor #1, and have the best expert you have build X/Y/Z network while someone does the same on Meraki. Anyone who has worked on the stack KNOWS that the Meraki will be faster.

It’s about workflow and tools. In today’s complicated world of inter-networking technologies, in order to deliver true value I need a management stack, that means products like Cisco Prime, or Wireless Engine, or APIC – any number of tools are needed to provide next-gen network management visibility and manageability. Meraki starts with all of that — done for you — it is running already. This is a HUGE time to value.

What this means is that automated, managed, monitored (all the way to Layer 7) and well operated networks are automatic with Meraki. The deployment tools, management and monitoring are where you start – not what you do when you are finished. This translates to extremely rapid time to value for customers. Add in the template capability and the fact devices are all self provisioning and you can do something that no other vendor will let you do. Program, build and deploy network equipment that is still in transit. Yes, that’s right, normally my clients networks are already configured before the hardware even hits the dock.

New Features – Free

When most clients purchased Meraki products last year, they didn’t get many of the features you have today, Advanced Malware Protection (AMP), iWAN, Port Isolation, templates, NetFlow, these are not small features – these are huge – and with most vendors you would be forced into a costly upgrade – upgrade, click enable on feature – done. That is one hell of a way to deliver value.

Disruptive Marketing

Why did Meraki get as popular as it did, and as a result catch Cisco’s eye? Geeks. Meraki figured out that if they can win over the geek community, they can win over the customers, after all the geeks make the product recommendations. We all knew how they did that — Free Gear — who doesn’t want some free gear to play with at home – Meraki figured out how to get geeks to try their product – fall in love with it, then buy more.

They have also started running “free switch” offers as well if you want to try those out — oh and you keep them when you are done.

This continued with their partner community. You will see partner SE’s labelled as “CMNA” Cisco Meraki Network Associate – of which yes, I am. Once you pass a test, and take training you receive this certification. Why are these classes full of students, over and over and over? — Free Lab Gear — Meraki provides a switch, firewall and AP to each person that passes the course.  This also means each and every certified CMNA has their own lab to test, learn, troubleshoot and solve problems with.   I have re-deployed my trial firewall at more customers as a temporary trial than I can count, every single one, ended up purchasing a Meraki MX.

Easy to Learn

The interface is just so darn intuitive. Honestly everyone I show the interface to says things like “Wow I don’t need training for this, it is all very obvious” — and it is.

To give you an idea how obvious it is, the Meraki CMNA certification course is a single day. That is right, routing, switching and wireless – in a single day. We are not talking about expert un-boxers either, 802.1X, troubleshooting, routing protocols, firewalling, it is all covered in that single day. Caviet – they do require you to have existing skill-set, CCNA recommended.

Their training is also out of the ordinary, instead of providing you with a long list of screenshots, they identify outcomes as you build your training lab – you are not walked through how to do things – they say things like “Go to the firewall, and create a new vlan” – expecting you to figure it out. Studies have shown 80% better retention in students that figure things out vs those who are walked through something.

Subscription Fears

This is the single biggest argument I hear against Meraki. However when was the last time you purchased switches and routers from any other vendor and didn’t buy their support. Yes, I will admit there are some clients who buy switches without support and then carry spares, but that doesn’t provide you with software support, or a 24×7 helpdesk, when Meraki delivers on value, the support system really does work – with an integrated help system built right into the portal, and no fumbling around to get the vendor access to gear to help you, I swear I save at least an hour per help incident.

With security becoming a huge focus for many organisations, subscriptions can be seen everywhere these days. Luckily you get a huge amount of value from Meraki, integrated AMP and SourceFire built right in to the firewall.   Customers who had purchased 3 year subscriptions, 3 years ago didn’t even have SourceFire, or AMP – but they do now.  That right there is worth the cost of admission.

Summary

Cisco has left Meraki alone – and that is a good thing, the same thing happened with Linksys as well. The reality of this means the Meraki team can continue to operate as a skunk works building amazing disruptive new technologies. That does not mean that technology has not trickled down from the mothership, SourceFire, PoE power supplies, AMP and many Cisco technologies have found their way into the Meraki line up.

For clients 0-500, Meraki is a natural fit for 90% of them, but just like any product it has to be qualified, and when properly qualified for a client – no product delivers the ease of use, time to value, and overall manageability of a Meraki full stack.

I cannot wait to see what they do with that phone.

Breakfast and Learning – Cisco Live

cantechit CLUS

Breakfast at Cisco Live! has been a controversial topic, and while @networkingnerd is busy taking care of important topics like fixing the CCIE,  I’m going to battle one closer to my stomach.

Breakfast.

We have had quite the debacle when it comes to breakfast, the hot food story back in San Diego was interesting,  but this year what we got was continental.    Muffins, doughnuts,  sugar filled pastry, and mini boxed cereal – and coffee.  Let me be very clear, the coffee station was awesome, and appreciated.

This isn’t a typical tweet/blog about how I wasn’t happy with the food – this is about academics, learning and science.

“Food is like a pharmaceutical compound that affects the brain,” – ULCA Professor of Neurosurgery and Physiological Science Fernando Gómez-Pinilla.

These are deep technical topics,  there are sessions on BGP architecture – at 8AM.   Many people were out until after midnight (yes go to bed earlier if you have an early session – but many do not) .   Everyone is sleep deprived going at 200mph at Cisco Live – we need a good breakfast.   Even if you were not out until 2AM – breakfast is still important.

This year I resigned to paying out of pocket $25-30 – per day – to get a decent breakfast because the provided breakfast was not acceptable.   We pay $1800+ to attend – sorry but continental isn’t good enough.   Most employers will not reimburse a food expense because it is covered by the event, and real breakfast is off site, which is a pain with 8AM sessions.

A recent study on breakfast consumption at  Tufts University  showed that “results indicated that breakfast consumption and breakfast type affected cognitive performance, particularly spatial memory, short-term memory, visual perception, and auditory vigilance.”

The key here is BREAKFAST TYPE – they compared basic dry cereal with something more hearty – oatmeal – and they found that they “performed better on a short term memory task after consuming the oatmeal breakfast compared to when they consumed the ready-to eat cereal or no breakfast”

These are long sessions we are in – and we are listening – and the same study identified that the oatmeal over regular dry cereal caused the test subjects to ” perform(ed) better on a short term memory task and an auditory attention task than when they had the ready-to-eat cereal.”

Now talk about the rest of the food, I do not want this to be just an attack on dry cereal – lets talk about the pastry.   Very high in refined sugars.    This causes a sharp rise and fall in blood glucose which causes a very quick crash as opposed to the slow sustained glucose release.

The oatmeal in this study provided the same carbohydrates and fat as the ready-to-eat cereals, but it contained fibre and PROTEIN.     You leave feeling full, with a slow steady energy release and less crash with a full breakfast instead of ready-eat-cereals and high sugar pastries.

The Last Word

The final word is this.   I hope @CiscoLive is listening – and if you read this article, please re-tweet this article and tag @CiscoLive .   This event is about learning, it is about the pursuit of knowledge.   That pursuit begins with a proper and hearty breakfast, and due to scheduling, going off site for breakfast simply isn’t reasonable.  We need the event to provide us with the physiological needs to learn the best we can at this event.

References:

http://newsroom.ucla.edu/releases/scientists-learn-how-food-affects-52668

Click to access MahoneyEtAl.pdf

 

Cisco DNA Series: Beyond Marchitecture

cantechit Cisco

Remark:  After posting, I actually had additional thoughts – so I have added them in here.  That’s right, I edit after publishing.

At Cisco Live! 2016, “DNA” was everywhere.   The Digital Network Architecture. Clearly a focus by Cisco Systems.    As someone who received multiple briefings before the big event I kept fighting to get past the marketing.   Even the day of, and throughout Cisco Live, I still struggled to understand what was under the actual hood of DNA.   Finally a light bulb went on.

I want you to stay with me here –  Cisco DNA is like OSI – it is a MODEL.   Most customers will not deploy ALL of the DNA features or architectures.   Some might use one, two or all of them.    You don’t need to use API’s and programming languages to accomplish this, and it isn’t about automating things you don’t need automated.

I am inherently a technical person.   However as you move forward in your career, it is about looking further out, and looking at the 50,000 FT view.   You really do need to look at the bigger picture.

So let me express my dis-content with marchitecture.

 

“The Network Intrinsically Understands What Needs To Be Done”  — Ok this is what I have a problem with.  You are making this seem WAY easier than it is.  This is a dis-service to the entire IT Industry when you make things sound that easy to CEO’s who fund our IT departments and teams.     They expect autonomic networks that create software, fancy mobile apps and automatically nuclear bomb hackers that attempt to get into my software.   It is not that simple.    This also takes away from the very smart CCIE and other professionals who take YOUR business requirements and transform those into a functioning network.   No network “Intrinsically understands” unless someone tells it how to.   That’s way too Sky Net.

“It’s like turning proverbial lead into gold” — Really?   Come on.

“It is your very own blueprint to success”

DNA

This isn’t a 50,000 ft level – this is looking down on Earth from Mars.   If our intention is to create some kind of over arching architecture (say that 5 times fast) that actually functions like Sky Net, then we really do need to go that far back.    The business and “C” level types are going to love this – it sounds amazing.  However the technical people really do see the marchitecture.  So let me the technical people start to drill down.

It starts with the blueprint – that you see above.   For the “C” level types, Cisco is claiming 85% faster network provisioning, 79% reduction in network install costs, 2X software value, 100X faster threat detection and 80% more energy savings and reduced maintenance costs.

IT departments see “Great, so my budget is getting cut, and i’m going to be forced to do more – with less”  Well, yes, but that’s assuming you are RUNNING the Cisco DNA architecture.  This could actually be a way to modernise your infrastructure with promises like that – but be careful, promising 79% reductions in installation costs for hardware might be a bit hasty.  Once you spend the money and don’t return the future savings you could find yourself on LinkedIN Jobs.  Read the fine print (and trust me, Cisco is careful about putting little superscript numbers over every one of those claims)

Even Cisco’s own content on the model is more whiteboard and less hands on.

dnatechwise

The DNA architecture and model is more about outcomes, than technologies and products – but somehow we need to get from the promise to production

It really is all about APIC-EM

APIC_EM_2

It is amazing how APIC-EM started as a little platform to do some automation and now an entire architecture has almost been built upon it.

APIC-EM is the automation platform surrounding Cisco DNA.  New services are being developed for this right now.

Not everyone is an SDN believer, infact some think SDN is still an unproven, non standarized technology.  Many are betting on automation and not software definition – some bet on both.    If you are a network professional without coding skills (like me), APIC-EM will seem a little more intuitive.

Cisco Plug and Play,  EasyQOS and iWAN App are the big key points in the DNA portfolio we get from APIC-EM.    Coming soon will be my article on EasyQOS, all I can say is – it will change how you think about QOS, a technology many simply gave up on and said “just get more bandwidth, it’s easier”

More on EasyQOS in my next blog post…   However the key message is that Cisco is moving from QoS to QoE – it is about Quality of Experience – that’s not a marketing term either, in DNA, we tell the system what quality we want for various applications – and QoS is automatically configured for that.  More on that later.

 

NFV – Not Just For Service Providers

Enterprise “NFV” aims to take out physical Routers, Firewalls, Accelerators and Wireless LAN Controllers in the branch.   The idea is centralised management and deployment with everything virtual in the branch.    This can be run either on a UCS C220 server, or on top of a ISR4000 with UCS-E blade.

 

Most of the content you will see online from Cisco — is like the above, very abstract.  However we can get more into the meat and potatoes of Enterprise NFV from our friends at TechFieldDay.    Here is an actual demo of NFV deployment with some good questions from the delegates

 

Security at Heart

TrustSec, StealthWatch and ISE are all the key security products at play in DNA,  I know entire customers who went down the ISE path – and cancelled projects from complexity, so while high security, flexibility and reduced operating costs might be the end result of DNA – security isn’t cheap, and getting there will not be either.    These products can have a long installation cycle / process.

Getting from Promise to Production with DNA Readiness Model

This is where we have an issue, before we can have an elastic multi domain secure flexible network – we need to deploy the tools for DNA.    As Rod Soderbery of Cisco says “Adopting Cisco DNA is a Journey”  – that is for sure, this will not be an overnight change for any organization.

dnajourney

They call it a journey,  start with base automation, move to policy based services on APIC like iWAN and EasyQOS, and then add your more advanced security, think ISE,  more software control and then Digital Services.   Each is a step in the journey to DNA.   I don’t know many organisations that are even close.

Marketing The End State To Start Conversations

This is the problem for IT organisations – “Digital Services” – see that end green bubble, that’s how this is being sold to the “C” level types – they don’t understand the blue bubbles but we all know a lot of work has to be done to reach those trans-formative “Digital Services”

The good news at least for Cisco is that on all the news of DNA and the hype, the stock hit an all time high. If this does nothing more than start the conversations about next generation infrastructure,  next generation firewalls and security products, or maybe the entire DNA architecture then this will be good for Cisco.

 

 

 

 

 

Networking Field Day 12 – Announced

cantechit Tech Field Day

NFD-Logo-150x150

I am pleased to be selected as a delegate for Networking Field Day 12.      For those who are not familiar with the team at www.techfieldday.com and their amazing online content.  Steve / Tom and the team work very hard to bring you top notch technical content.

Think Cisco Live type presentations, in a significantly smaller environment.   The best part is that you get to watch online and submit Q&A.   So make sure you book some time August 10-12 for presentations from all of the vendors listed

NFD12

I will post a link to the live feed the day we go live at Network Field Day 12!

In the meantime – here is the schedule for the event.

NFD12Schedule

More about Tech Field Day…

 

Veeam Launches Cloud Connect

cantechit Tech Field Day, Uncategorized , ,

As a delegate for Tech Field Day Xtra at Cisco Live this year I was pleased to sit in on a presentation from Veeam about their new Cloud Connect product.

Previously only available to large enterprise, rapid DR response times, DR data centre space and IP mobility were things that smaller organizations could only dream of doing.   Veeam is responding to that need.

veeam_2014_logo_color

First, let’s remember the rule as a reminder

3 – Copies

2 – Different Media

1 –  Off Site

 

We have a few challenges to getting this data “Off-Site”.  Many are still using tape,  but more and more people want to get this data off-site automatically, and more often.

Many organizations are trying to reduce RTO – Recovery Time Objective.     How fast can we get back online after a serious problem?

Here is a quick intro into Veeam Cloud Connect by Clint Wyckoff @clintwyckoff –

 

The RTO Challenges

“15 Minutes” is a common theme these days.  With current technology this is pretty easy to do — On Site.     Once we decide that for whatever reason we want to recover off site we have a few challenges.

  1.    Backup Copies – that data has to be off site, we have to get it there
  2.    Data Availability – That data has to be AVAILABLE.   No tapes stored in a vault or a box, and nothing that we have to “restore” in order to bring it online
  3.    Connectivity

I want to discuss a few options we have for #3….

Assuming you have data centre space, either yours, or rented.

1)   Over the WAN – Different IP – This has all sorts of challenges, application issues, hostname resolution, firewall considerations,  NAT if it is published.   There are some tools out there that help you with this, but it always has been a bit of a dogs breakfast.

2)  Over the WAN – Same IP – This gets complicated fast,  your choices are move the entire subnet,  use a protocol like OTV (expensive on the hardware side) or some other method.

Option 1 is what we have been doing for years,  various tools have tried to make it easier (Think DoubleTake) but it was very hard to get working, and you need infrastructure – real infrastructure on the far end.

Options 2 is expensive, and complex, not something many customers want to invest both time, money and resources in.

 

 

Veeam NEA

VeeamCC

Without any “geekery”, without OTV, or VPN links,  Cloud Connect with NEA – Network Extension Appliance allows your virtual machines to power back up at the DR data centre with zero effort by the customer.   The IP does not change – the application comes up, and the Network Extension Appliance simply transports the traffic destined to and from that VM back to the customer site.   They operate as a proxy-arp on site for the IP and MAC of the server.

The reverse replication can happen, and then when ready you can fail back.

This is bringing the benefits of very large scale enterprise level availability – to the SMB sized customers.      With a personal level of control.

You don’t need any special network gear, storage or servers.   You don’t even need to own data centre space.    You purchase resources from a Veeam Cloud Connect provider, and your service is up and running in shared infrastructure.

Reduced Operating Costs

This means reduced operating costs, you are not paying for dedicated DR infrastructure at your provider,  your machines are not running consuming resources, and the product is designed for “Pay as you grow” so you can start small and grow without significnat capital outlay

Wrap

This is a great idea – the complexities of the network connectivity alone associated with the traditional method make many shy away, and when you add in the Veeam backup product which is already well respected in the industry and now provide off-site recovery with the click of a mouse, in my opinion, Veeam has a winner here.

DEMO

Watch below as Veeam provides a great demo of the product while the Tech Field Day team asks the hard questions

 

Where is the #CLUS Wrap!?

cantechit Uncategorized

I’ve had a few ask me…

I flew back from Las Vegas on Friday from Cisco Live 2016, after a horrible day of flying, and getting home, and a day of jet lag recovery – plus a day out at http://www.racelab.co  another thing that I have now committed my personal time to – I find myself back at my regular day job.

It is not without complete and utter amazement that I return to “real life” completely overwhelmed by Cisco Live 2016 this year.    I felt every waking moment, I was feeling the beat of the event in ways I have never experienced before.

Honestly the event could have gone an extra 3 days for me to get everything I wanted out of it – but I don’t think my body would have held up.   Each day I walked in excess of 20,000 steps (The American Heart Association recommends 10,000 as a “goal”).   This is no picnic vacation, waking at 6AM every day, to be in sessions for 8AM, and then not getting to bed until midnight (or later for some)

I was overwhelmed – more than ever with what was happening at Cisco Live – and in the coming days I am expecting to pen BLOG articles on the following topics.

  • Cisco Live – 2016 Wrap Up
  • Cisco Live – Social Pass Benefits
  • OpenGear
  • VEEAM
  • Cisco Cloud Connected ISR Security
  • APIC-EM / EasyDNS
  • Cisco Digital Network Architecture

Coming from an event where I was asked to be a speaker, I will also talk about my experiences as a speaker, and what I got out of that.

I had an amazing technical experience, learned a ton of information thanks to Tech Field Day (More on that later),  and those mentors and amazing technical people I was hanging with.   I mean at one point I was having a few drinks with two product designers listening to them wax and wane over design.   Is this where innovation happens?   I think so.

Add to that the best Pink Floyd rendition for a friends birthday in the end and you cap off an amazing week of learning from both the event and friends alike.

Like I said in my own session – content is king, and at least I have a fair bit to work with for the next while.

 

 

 

 

Meraki MC74 and Spark Voice in Canada – Too Late?

cantechit Uncategorized

We all say that technology moves even faster than the speed of business.

Right now Meraki MC74 and Cisco Spark Voice services are available in the USA, but currently not in the Canadian market.   Hosted Skype for Business (Lync) and Broadsoft based offerings have been available for YEARS here in Canada.

The biggest push from IT manufacturers and VARs these days is of course all forms of Software as a Service (SaaS), with the obvious push by all organisations for recurring revenue, and customer looking for a more “user cost” based model the industry is changing to a service based model.

Disrupt or be Disrupted

This has been Cisco’s latest trend,  go and disrupt a marketplace.   Something like the MC74 is a dream for SMB, ok the features are limited today, but for the travel agent, or retail store – it’s dialtone – many don’t need more.     A single IT manager could manage 20-30-50 locations of Meraki infrastructure with ease.

Cisco SPARK aims at a more medium business, more feature rich, a collab and instant message service platform, and full voice services.

However like anyone who has played Command and Conquer (throwback!) if you let your enemy build their base while you are popping the popcorn and going to the bathroom, you may find yourself fight off SCUD missiles with nothing more than a weak infantry.

Ok, let me get past the video game references.    Skype and Broadsoft offerings are everywhere, and they are now quite mature.   The MC74?   Well it’s a new offering, once again not in Canada.      How much market share will be lost in 8+ months – and let’s remember, the push is multi year contracts for the big discount.  So these customers are lost for years

The Phone Lock In

Telephones are the lock in – once I have sold you MY phone, which doesn’t work on another service – that will prevent you from leaving.  Why are so many clients still using M2616 telephones on old Nortel CS1000 systems (Option 11-81C) – because telephones are $300+ items, so an office of 100 people is $30,000 in hardware.    1000 people?   Now we are talking $300K

TDM System Retirement

CS1000 systems are getting old in the tooth – with many clients looking to remove it.   As basic voice becomes the new requirements, and online services prodiving the rich experiences, “Basic Voice” is what many SMB’s are looking for.

Nortel Norstar customers are finally seeing hardware start to fail on these bulletproof systems – these customers need out, and they need out now.

Older TDM systems are coming out – right now – how many will be removed in 8+ months?

Some just need Dial Tone

Skpye (consumer),  Spark Free or paid,  and other platforms provide a lot of rich capabilities, many for free.    I could go ahead and just buy Spark non voice later on if I wanted.

Retail, basic commercial and other markets really just need dial tone, and those basic needs could be augmented with services later on.

Is 2017 too late for Cisco Spark and Meraki?

I guess we will find out – my opinion is that a lot of market share and ground will be lost in the meantime to competitive solutions, and all of these will be multi-year contracts.

Speaking at Cisco Live!

cantechit Uncategorized

With a mere days left until Cisco Live!   It’s been announced I will be speaking at the Think Tank about building your personal brand with Social Media.   I am honored that Cisco would ask me to speak on such an amazing topic  – I promise I will not monopolize the mic – too much.

My personal views over the last year, my journey into the Cisco Champions program, and most importantly how I have continued to maintain my independence as an online blogger and writer.    I will also have some interesting announcements.    Come to this session and find me – and get yourself a Cisco HyperFlex Gumby!

CISTHT1001

Join Kim Austin the Collaboration Snarketing expert from Cisco,  Dustin Beare – Network Engineer for Midcontinent Communications and ME – Justin Cohen @CANTECHIT from Long View systems.

What will we talk about?  Well, Social Media, how we have built, and are continuing to build our brands online

Click HERE to sign up for this session

In addition to that, Sunday Jul 10, 4:00 PM meet up with Cisco Live NetVet Jonathan Davis and me to help you find out how to get the most out of Cisco Live.   Come to the New to Cisco Live Meet Up.

newtolive