I have had many people ask me about what Cisco Live is like, from my perspective as a long-time attendee and a member of the Hall of Fame Elite for speakers. While my perspective may be a bit different than your average attendee, I thought I’d give it a shot and write it up.
思科是一个生活mazing event. Some years, I may present at Cisco Live up to 4 times per year, and this was one of those years.
- Cancun, Mexico – December 2017
- Barcelona, Spain – February 2018
- Melbourne, Australia – March 2018
- 佛罗里达州奥兰多市,美国 - 2018年6月
当我还是一个年轻的降压和开始参加思科直播,他们实际上被称为“的Networkers”对我,仍然介绍了思科现场最精彩的部分。在技术意义上不能联网,但人的网络是不胜枚举。这就像与人聚会,我能看到年复一年;我得到满足新人们每一次。
This year I got stopped in the hall by an old friend I have not seen in many years, as well as a wonderful surprise reunion with a former student of mine who I have not seen in 16 years.
作为思科安全业务部门的工程师,我也得到相当定期满足一定的客户;但没有什么比成千上万的人分享相似的兴趣在那里,并具有1:数百人(至少)1交谈。顶一下,断跟“专家会面”的会议在那里我得到满足与客户1:在配备白板及一些标记一个小型会议室1!正是在这些房间客户解释他们独特的问题对我来说,与我们携手解决在一起。也许,如果我们幸运的话,我们甚至会拿出世界饥饿问题的解决方案。:)
This year I was crazy enough to present 4 separate times. There is a tremendous amount of work that goes into every session at CiscoLive, and I decided to quadruple that this year. What was I thinking? We are working on these presentations constantly, we have regular reviews of the content, and we do put blood, sweat, and sometimes tears into this work. Why do we do it? Because we believe in our technologies and this is our chance to share that with all of you!
Not only are the speakers working on our sessions early. We are often the same people who are running the network at CiscoLive. Friends of mine like Nicole Wajer are part of the NOC team as well as rock-star presenters on topics related to security and IPv6; while other friends of mine like Brandon Culler and Jim Florwick have the crazy task of supporting the high-density wireless networks required to seamlessly support 22,000+ concurrent users, with rooms having thousands in the same room at any given time.
Now let’s break down this year’s event day-by-day:
Sunday – Not for the faint of heart
所以,现在你知道一点的巨大预会议的努力,今年,我得在星期六早上开始进行准备工作,和我的周日会议的预演。这是正确的,我说,星期天。虽然思科住在技术上周一开始,他们总是提供在周日这个“奖金”的一天充满了tectorials和动手实验。对于那些在家里,一个盖膜是一个“额外”的会议,花费多一点对正常注册费顶部,是不是典型的90或120分钟的分组讨论会更长。甲覆膜通常运行4或8小时,这取决于该主题。
Only the most hard-core attendees come for the tectorials and are willing to subject their brains to the mind-melting effort of a 4 or 8-hour deep dive on any technology. But they sure do attend & subject themselves to that level of pain every year.
今年以来,上周日,我的同事,Naasief Edross,我提出了一个4小时的覆膜覆盖集成的思科安全产品一起事件响应流程(我的部分),然后如何将事件响应流程与自动化3rd党的工具,如幻影,弹性和Exabeam(Naasief的一部分)。
I closed Sunday out by being honored as the “closing keynote” for the first ever Talos Threat Research Summit (TTRS), where I presented on “The importance of visibility in a world where we are going blind”。This session focused on how the bad guys are hiding in encrypted traffic, using Cisco network intelligence to perform selective decryption and Encrypted Traffic Analytics (ETA); as well as using endpoint tools like AnyConnect Network Visibility Module (NVM) & our Cisco Security Connector (CSC) for iOS to get telemetry from the endpoints themselves.
TTRS was a brand-new sub-conference, and while it was kind-of a part of Cisco Live, it was also kind-of separate. The audience seemed to be VERY engaged & very interested in security technology and details. So, I felt a little sheepish presenting a keynote style presentation instead of something technically deep in the weeds, although I received very positive feedback. Lesson learned for Talos Threat Research Summit 2.0: go deep on technology – assuming I get invited back, of course.
Monday – First official day, podcasts, book signings, MTEs and kilts!
Monday did not include any presentation sessions for me but was filled with “meet the expert” (MTE) meetings, recording a Cisco Security TAC podcast with industry legend David White, Jr and CCIE Security extraordinaire Kevin Klous; followed by a “meet the author” book signing of our new CCIE Security book volume 1.
Aaron Woland
Recording the podcast with some legends!
The Cisco Security TAC podcast is a very long-running and popular podcast hosted by some of the TAC leaders. On the podcast, they often talk about customer problems, how they solved them, how to troubleshoot technologies, and other common themes you expect to hear from security and TAC experts. If you’ve never listed the podcast, check it out.
思科出版社举办一些“满足作者”会议,where you get to meet up with the author of some of your favorite Cisco Press titles that are also on sale in the on-location Cisco store. Since I have authored a number of books now, and my latest one “Integrated Security Technologies and Solutions - Volume I” was just released, I was invited to host one of these meet the author sessions with my three co-authors.
This session was yet another way to get some great interaction with folks who are using security solutions daily, and possibly studying for certification. It’s always so great to hear/learn what people are doing for security & what they really think in a comfort zone when they will be as candid as possible.
Aaron Woland
3名作者满足客户谁的书我们刚刚签署(失踪作者:梅森·哈里斯)。
正如我所说,思科Live是非常友好的,几乎是家庭式的文化,周一也#KiltedMonday的家 - 一个长期的思科传统穿短裙上的重大会议的第一天!它可以让像我这样的posers到通道我们内心的威廉·华莱士和假装我们是苏格兰人的一天,如果不出意外,这证明你放肆穿短裙上20,000人会议的第一天官。
Aaron Woland
#KiltedMonday meet up.
该#KiltedMonday满足了发生在的解决方案(WOS)世界中的社会化媒体休息室,和我们有现场游戏和竞赛奖杯!
种种这使我的WOS,这就是你找到近百个展位的合作伙伴一个巨大的场地/供应商以及思科自己的权利旁边一些有趣的小活动区 - 就像巨大的规模Connect4,国际象棋,跳棋和战舰游戏,甚至果岭对于那些高尔夫球手在那里。
In the WoS, you can wander around from vendor to vendor & learn about their product offerings, see live demonstrations, hear presentations about their specific area of expertise, ask questions to experts, even whiteboard solutions with Cisco TAC, and (of course) pick up a lot of swag.
Up in the WoS, we even have our very own Threat Wall, where we show the dashboards of our security tools for the live traffic of the conference. You can see the ThreatWall proving the point I made at the TTRS, where the majority of traffic is encrypted nowadays.
Aaron Woland
The "Threat Wall" showing security dashboards for the live traffic at CiscoLive.
Monday finally closed with a customer dinner where we in the Cisco Security Business Group (SBG) took a bunch of customers out to a nice dinner. I myself was sitting next to and across from three customers that I may never have met face-to-face without the dinner. It was absolutely fantastic to hear their point of view as a smaller shop with just a few guys having to manage many of our advanced threat solutions day in & day out, what they struggle with and what they want to accomplish.
As a side note: I am currently in the planning stages of a trip to go out and meet with them onsite to see their operation first hand and help them with their solution designs.
周二 - 主题演讲,会议,MTE的和我们要找的机器人
I unfortunately don’t get the opportunity to see the keynote sessions, because my schedule is so packed when I’m at CiscoLive. So, for me Tuesday began with three more MTE’s, during which my phone blew up with people notifying me that my name and picture was displayed up on the big screen at Chuck Robins’ opening keynote, being honored for being in the ranks of the Hall of Fame Elite for speakers. That was really cool, and I wish I could have seen it in person.
After those MTE’s and some prep-time, I presented at one of Tuesday’s last sessions with a 4-6pm ranting to a sold-out crowd of ~500 attendees in my “therapy session”:Advanced Security Integrations, Tips & Tricks. In this session I get to clarify years of misunderstood Cisco marketing around “Rapid Threat Containment” & “Threat Centric NAC” and explain real world uses of the integrations, as well as tricks on working with it all for automating the incident response orchestration. Also, I explain thatQuarantine means “nothing” unless you configure it to do something; and I explain that concept in a nice, calm demeanor :)
星期二晚上证实有太多可供选择的方案。有托管方的选择出席的厂商,有晚宴,思科客户团队进行托管,思科出版社作者晚餐,思科DevNet上党等。我选择参加CCIE党,所有活动(或退休)CCIE的和客人被邀请到独家的庆祝活动。今年的CCIE党在卢卡斯电影公司独家星球大战批准在迪斯尼未来世界中心的隐藏区域地举行,所以我决定把我美丽的妻子和我这个独家怪胎巨星。
Aaron Woland
我和我的CCIE党避免了冲锋队的另一半.
Wednesday – Whispers, sessions and beer
Wednesday morning was started with what’s known as a “Whisper Suite” where customers can reserve time with Cisco executives in a private room to have very private NDA discussions. In this session I got to speak candidly about current capabilities and roadmaps to a group of engineers and managers from an unnamed customer regarding Cisco’s Advanced Malware Protection (AMP), Threat Grid, and Cisco Visibility – while TK Keanini, Distinguished Engineer and product line CTO, spoke about Encrypted Traffic Analytics and Stealthwatch. The session was eye opening for both parties. The customer got to learn about what our current capabilities are and where we are headed, while we got to learn all about their challenges.
周三下午和我一起呈现给持续站立室只人群对我的端点安全会议“端点安全,你的最后防线”。在这个会话我复习策略securing all endpoints, and then I dive deeper into some technologies like Cisco Security Connector (CSC) for iOS, AnyConnect NVM itself as well as using NVM with Stealthwatch, Splunk & IBM QRadar. I also dive into newer AMP for Endpoints features and protections like the Exploit Prevention (ExPrev) and Malicious Activity Protection (MAP) features that have been added to AMP recently.
My last session on Wednesday was something brand new for Cisco Live this year: “Beers with Engineers”. This is an open event where we setup tables for different security topics & have an open bar for beer. Attendees come to this event, grab a beer or two, and sit down at the table that most interests them.
我很荣幸再次与我的偶像,TK Keanini。TK不仅在高级威胁组织一个杰出的工程师,他也很nCircle公司的前CTO(由绊网收购)和Lancope公司的前CTO(已被思科收购)。我们的桌子主题是“Security Analytics & Advanced Threats”,和与会者可以和我们谈谈什么。我们甚至去了话题,谈到了思科身份服务引擎(ISE)了一下,太,即使有一个单独的区域ISE主办克雷格Hyps,你可以在图片中的白色沙发看。
Aaron Woland
Beers with engineers.