Cisco dCloud Team Releases SD-Access V2

The Cisco dCloud team has released SD-Access V2 lab which includes DNA Center.

Due to the dCloud environment being so popular you may need to wait until later this week to get your hand on it, but the good news is, it delivers.    Many have been asking about getting their hands on DNA Center.     This is a BETA – so following the lab guide is advisable or things may not work – keep in mind it isn’t actually programming real switches in the back end.

2017-07-11 15_20_06-4D_SD_Access_v2 (1).pdf

Well it is here, and you get to setup a new network, deploy SSID’s, and build policy.   Right now this is just a DNA Center demo walk through.   You will get the change to design, provision and build policy in the live demo.   DNA Assurance – NDP or Network Data Platform is not available at this time.

The team was quick to get this demo in our hands, so go out there and get your hands on DNA and see how intuitive you think it is.



Cisco dCloud rolls an iWAN + APIC-EM Lab V2

For those who are a fan of iWAN, or just want to get their hands on it, the Cisco #dCloud team has launched a new APIC-EM V2 Lab around iWAN.

dCloud is a virtual demonstration and lab cloud service available free to Cisco partners, but it can be extended to clients by request.    The best part is you get the time to go through their pre-defined lab, or just kick the tires, on your own time – this is no power point or video virtualized demo.  It’s the real deal.

The new V2 version adds a more realistic version for those looking to showcase, test or try out iWAN in a true dual DC format.     They have also added some very important elements to testing iWAN, including virtual WAN impairment and Traffic generators.iwanlabv2

To access this lab hit up – it requires partner level access but your partner can extend the lab to you for free, so contact your partner to try this out.

The lab also includes Prime and LiveAction

What is #DCloud and the new DCloud @Splunk Lab

I have not written much on the blog about DCloud, and I spend days and then not days on DCloud testing and learning.  It is currently one of my favorite tools from Cisco, and something that no other vendor in the industry is doing.   Cisco is spending a ton of dough on this, and for good reason.

What is DCloud?

What is the worst thing about your lab, assuming in this day in age you even have one?    Unless you are extremely vigilant, it is always broken.   Someone is in a rush, they do something in the lab which almost always involves changing something or breaking something and then when you need it, it’s broken.

The other problem is that your lab is really only setup one way.   Do you have 3 versions of UCCX?  How about 3 different management tools.    I am sure Justin Chin-You @jchinyou does over at Cisco, but for many of us it does not work that way.

What DCloud does is give you the ability to test, demonstrate and run 143 (as of this writing, they are constantly adding more) different labs, demos and sandboxes.   On everything from iWAN, ACI, Voice, Video, Routing, Switching, Management tools, SDN and many more.    Instantly.

Checkout this quick Youtube video from #DCloud Steve

They even have real hardware for some demos, and if you want you can connect real telephones to it — Wait.. how?   They have a slick VPN setup, with pre made configs that you can use to extend the lab right into your office.

It really is that good.    Labs turn up in moments,  everything is just setup and ready to go – and you can either follow their lab guides for demos or learning — or just login and mess around.   Don’t worry you cannot damage anything when you are done the lab resets automatically.   This is no simulator, this is the real deal and you are more than welcome to hack around and learn.   They even have traffic simulators so that when you do firewall and security labs, there is actual traffic in there.    You get full admin access – passwords for god access into everything.   Build your own demo or lab scripts based on their hardware setup if you want.   This is not just for demo.    Ever wanted to play with a new technology like iWAN or SDN and just do not know where to start?   They include a full PDF lab guide for you with step by step instructions if you want.

Here is a quick video posted by the #DCloud team showing one of my favorite labs

Hot off the E-Mail presses – #DCloud Rolls Splunk

One tool I just have not had enough time with – is Splunk.  Did you know Splunk made software – they make more than t-shirts.     Splunk does an amazing job of visualizing and analyzing security products in a consolidated way.    Now you can actually get your hands on it, in DCloud and try it your for yourself without the pressure of a timeline.

Here is the descriptor right from the DCloud site.

Splunk and Cisco have collaborated to deliver out-of-the-box visibility across Cisco-centric security environments using ASA/PIX/FWSM firewalls, Identity Services Engine (ISE), pxGrid, FirePOWER IDS, Advanced Malware Protection (AMP), Web Security Appliance (WSA) and Email Security Applicance (ESA). The scenarios in this solution illustrate how the Cisco Splunk Security Suite delivers unified visibility across Cisco devices to help:

  • Protect you before an attack happens
  • Enable you to respond quickly during an attack
  • Enable you to perform a rapid forensics investigation after an attack

Splunk Enterprise 6.2 with Cisco Security Suite v1 provides a consolidated view of your organizational posture across the entire Cisco security environment, with the ability to drill down into specific areas, including:

  • Email security using ESA.
  • Web security categorizes web traffic coming from the proxy using the WSA.
  • Network security presents data from Cisco ASA pix, Next Generation Firewall with FirePOWER IPS, and new detection data.
  • Identity services present user and device information from the ISE policy management platform.

Ranges of trigger alert thresholds can be set to queue events, leveraging data from multiple security routes and sources. Using this solution, it is possible to combine Cisco AMP data with device information from ISE in order to identify infected devices and classify events.


Scenario 1: Dashboard Overview

Scenario 2: Service Impact Analysis