Cisco Business Critical Insights: Consulting with Data, Tools and Knowledge

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome thank you everybody for coming I'm Brian Palma I run our advanced services team for Cisco does all of our professional and managed services you might remember saw me on the keynote which was exciting a great show so far I think you're really gonna enjoy what we've got for you today so we announced business critical services in October it's a new platform for our advanced services team and there's a feature in there and a platform called business critical insights Brett Dunstan is with us today he's one of our advanced senior technical advisors and he's as good as they get in our organization we've had the opportunity work together many times Bret's the brains behind a lot of what you're gonna see so not only you're gonna get to see someone who uses it or you're gonna get to see someone who designed it as well he lives outside of Melbourne Australia right and he won't tell you this when I talked to him originally told me he ran a little bit and then I found out he was one of the top five iron men in the world so he goes to Hawaii every year any places in the top five so that's pretty cool so he's got some other things he'll probably share with you some other tidbits but I think you're gonna enjoy it we hope you have a good time any questions Brett's the guy to answer it so thanks for coming today right over to you thanks this that's great so as Brian said I'm Brett Dunstan senior technical leader in advanced services based out of Australia and I'm pretty much helping to design and architect the business critical insights platform so let me just level-set if you've seen some of this before the new business critical we've got analytics automation compliance remediation and security the main part that I'm going to touch on today is the analytics component which is obviously what we're leveraging business critical insights itself so let me just move on just again the level set what's happening so what we do today we have a collector on the customer premise ok we're collecting inventory configuration show commands syslog all of that's getting put into a big zip file compressed as being encrypted sent back to Cisco encrypted okay so that's across all of our 800 customers that we're dealing with once we do that we bring it in - this profiling engine and the benefit there is that what we're doing is we're normalizing the data we're cleaning the data we're pulling out key components from the show commands okay we're also leveraging all of our aox fill notice all the engineering data we're merging all of that together with consulting engineers knowledge rules and basically what we end up with is a large I suppose you could say large data store of all this normalized data that we can then leverage okay from there that's when we bring it into our analytics platform on top of all that we're bringing in service requests from TAC we're bringing geolocation information topology modeling type information other NCE rules which obviously I'll touch on because that's a key component to the platform that we've got being a machine learning and some other custom algorithms okay so all of this together we've now got a platform inside inside Cisco that we can obviously leverage from the bottom part so we've got an internal component which I'll share we've got the external customer facing component okay so the key part of this is business critical services ok this is a service we're not talking about giving the customer another tool we're not saying here's another ran said here's another HP openview here's another here's another tool that you need to dump into your data center it's all about a consulting engineer it's all about giving them the knowledge ok so that they can consult better to the customer and what we're talking about here is we've got about 2.7 million devices which equates to about 5.6 million Sassy's so when I talk device we could have like a 9k and then other platforms we've obviously got the satellite components so that is considered one device so a stack is a device table we've got each of the individual chassis that we manage it'll make more sense in a minute into this we're also bringing in about 150 million sis logs a day ok we're also bringing in about 660 800 new service requests but the real power here is all of the knowledge that the NCS bring the consulting engineers ok so that's all this bottom part here what they're doing is that they're bringing in syslog knowledge software knowledge custom knowledge down the bottom here okay so what that means is that when they're consulting with the customer it's now actually tailored to the customers not that one size fits all yeah now I'm totally confused because the previous presentation was on my day my diagnostic from Dec and now you are showing me more or less exactly the same functionality but it's now a different tool and a different deployment model and I'm going like it's it's a very good question I was right so you think about my agnostic itself it's just like the little tech thing that's going to be too far it's going to be far above I mean that's advanced services used in network consulting engineer so yeah so so here the the my diagnostic bridge is going to infuse just a little bit in the whole system so we are much smaller there in the in the big picture absolutely yeah you know yeah absolutely right so as part of that like the diagnostic bridge that is going to be one component that we're tapping into so yeah absolutely so and the other key part is that that we're looking at a consulting engineer coming in over the top and it's all about the consulting ok it's not about single break fix one device and and you'll see there in a few minutes it's actually a larger network picture than just that so I completely yet understand where you're coming from there and the second thing we were discussing in a previous presentation and there they were dancing very carefully about that and here if I would be a Swiss bank I would be worried what types of my data do you put into Cisco datacenter so most of its metadata so we're talking about hardware platform we're talking about software not bringing in like what he addresses or things like that they get anonymized okay to the majority of the parts not all customers are uploading ok so to that point but you are absolutely correct a lot of it is just pure metadata and it's if customers are not uploading in then what do you do because it sounded like you need them to upload something to you for some components absolutely but so there is there is a smaller on-prem solution that is for the like the military and defense etc but the real power here is the fact that if you can get data back into Cisco we can leverage all of this intellectual capital and knowledge which is not going out to that end point so that's where the real power is because as soon as you start to put like things like machine learning clustering algorithms etc across all of those devices that's when you get the most power out of the platform so that means there's a smaller subset for a local installation where nothing leaves the company for our in our case I'm in defense so we never would allow something like this for our most of our networks I've worked with the Australian defense and so what we do there or what we have done there in the past it gets deployed as a single unit collection and when they let's say they finish their contract they smash the hard drive they smash everything and you never get it back so completely agree yep and that is one so to touch on that so all of this is in Cisco data center to your point the power is coming into the Cisco data center as far as the on-premise solution it's quite small at the moment as a development group we're working on that to actually approve and make sure that all that scales a lot better but said the real power is is obviously when you do get it back to Cisco I have to ask another question how do Cisco partners particularly those that invest it in services organizations how delighted are they about this well funny enough I had a presentation for before hours together the partners on exactly I didn't get a lot of questions but the goal here is that we we're looking to on sell this service so from a partner perspective the technical details were obviously still working out but if a partner can so this is customizable as well so imagine if I can deliver this to a partner the partner can then either a on sell the service as a service or if we can get this platform and these are the technical details that obviously I don't know yet we have to kind of work all of that out with the partners because it's brand-new for them but if we can leverage them we can start to do customization the whole crowdsourcing the whole modeling from that absolutely yeah so feedback coming back from the partners that's a summary that I understand the idea it's an idea if I want to engage with Cisco professional services that or your organization yeah so that the engineer somehow as already all the data there or is it more for long-term con things where I actually outsource something to you and you do this in a long-term okay so a is not professional services but but that's fine so so this collector that goes on site okay so that's on the customer premise it's collecting all of that data it's bringing you back to Cisco so let's say the majority of the time it's a 12 month engagement he's like a subscription that we do some are 3-3 years some are a bit longer there's also transactional engagements which could be just like a a one-off engagement like what was being talked about that the the original kickoff meeting when they're talking about the hospital and standing up like DNA Center etc so in this case this would be more like a 12-month engagement that we're working with the customer with the goal of stabilizing their network with the goal of making sure that everything is I'll say the word optimize that make sure that everything's running how it should be running okay because what you'll so when we bring all of this in one key thing is that I've been to a lot customers and you'll say so what version of software you're running and I say everything's perfect all of our software's find all of our configurations fine and when you're go in and do an audit you'll find out that the version of code that they're running on the platform wasn't what they thought it was same with the configurations completely missing from what they thought it was so part of this is all about conformance and making sure that the network's actually running the way that they're expecting it to run but so you'll point the data the data is being pulled in from here every day so we've got a continual stream of data being updated so that's obviously where that does so a typical use case would be in complete audit across the complete infrastructure things like that yeah there is one use case absolutely yep yeah for sure sure and I suppose the key here is that I've talked to different customers and they say whatever you do do not give me another tool okay they've got enough I've talked to enough of the service providers and say I've got a million tools that we don't even use today so the power here is that this isn't a tool that we're putting on premise for the customer to drive it's not another nach tool it's not another NMS tool it's all about the nca getting the data or the consulting engineer getting that data so that they can make an informed decision that's the key that's the real craft so because you said it's not professional service which consulting engineer gets that data so I'm a little bit confused for for who assessment who will who will use that when I think of professional services I think of an engagement that someone's actually going to go and deploy hardware they're going to go and deploy configuration they're actually going to go and do an installation that's how I think of professional services so let's say you're a customer you've already got your network we're looking to optimize it it's that engineer that consulting engineer that's coming in over the top to help you and consult to you as to how you should improve your network I'm not actually necessarily going to go in and do the tapping and the fixing and the racking and stacking I'm going to come in over the top and help you as a customer to improve your network to improve your standard some it's more of a consulting aspect so only that I have it right it's just the same organization inside sis causes are two different organizations so as an example like my peers I report to Brian but my peers are in tears the guys that would have just presented to you before so I I talked with him about the diagnostic bridge and I talked with him about their rules and their signatures etc so absolutely broader vision was reached out right we've reduced that down to a single analytics engine and I'll touch on that with the Technical Services I've got two demos one is how we're delivering today and then I've got another one kind of showing a DevOps slash crowdsourcing type model which will help to kind of explain that all good questions so I'm gonna dive straight into the demo so this is this is how a customer would see it so this is business critical insights this is the platform as the customer would actually see it okay so what we're looking at is we have what's considered a good morning screen so the idea here is that it's got events that have happened in the last 24 hours okay generally actionable events whether it's last day of support software upgrades crashes or reload so it's all about saying what's happened in the network whilst I was potentially offline I've come back nine o'clock in the morning of grab my coffee is there anything in the first five minutes of my day as a consulting engineer that I need to know about to then go on action to the customer so is this for your engineer or is this for the customer both so when I look here so back to this screen here this is internal blue is internal for me as a consulting engineer to use and I'll show you what that dashboard looks like and this is the external for the customer to use so as an example if you think here historically if you've seen advanced services so let's say we do quarterly review or we do a design review or we look at some level of software previously what we did was we we delivered it on a PDF file and we would send you 50 pages of document and I would send it to you once a quarter that would be our level of engagement you would ring me up and I would say okay let me go and generate that report and I would engage with you that way now what we're talking about is with this it's a constant thing you don't have to ring me up and ask for any information you've constantly go access to that information oh you automated the report generation well it's more than just a report but yeah absolutely just I'm little bit confused there was also another too called smart collector this is kind of an replacement for that as well so the smart collector it's actually the same collector we're just collecting slightly different data so the CSP see the Cisco collector is being used by SN T C is being used by TS the actual collector code the software itself is the same software what we're doing though is we're bringing it into Cisco and leveraging the the data in different ways collector stays the same only on the back end side q okay we actually collect different commands as well slightly different commands yep because tak is is originally more about that reactive capturing that knowledge yep does that okay I mean I kind of know it so you want to make sure that it that it comes across fit for yourself so the other piece that we look at so we look at syslog and this is my kind of demo server but everyone's got a syslog server everyone's got syslog analysis everyone does this log reporting I'd be deluded to think that they didn't okay what we're bringing to the picture is a level of filtering so we've got thousands of NCS or consulting engineers who have built intellectual capital they've built knowledge objects so that when I filter and again this good morning is all about first five minutes of my day is there anything that I need to action right now whilst I'm having my coffee so this basically takes tens of pages millions of messages and filters are down to messages that will potentially cause you a problem in the near future so I'm not going to tell about a restart I'm not going to tell you about a reload because you don't already know about that your own network management system there's something wrong so what we're trying to leverage is not not signatures yet but this is just that the first start of reducing that complete noise of the syslog down to a smaller component so then say this is what we need to look at immediately okay now I can drill into any of these I'm not going to go into too much detail with this because we obviously got limited time etc but what we have here is for any of these I can drill into this and I can see the device level syslog so I can drill in here and I can say for this device and this pneumonic that's this is what's happening over time okay so I can see training over time is it a brand new type of message if I never seen it in the last 10 days have I never seen it before how do I start to leverage this so this is the very simplistic syslog analysis and where do you get this this look from I send it to my on-site collector collector correct so if I go back if I go back here this collector inventory configuration command line and syslog so it can either be like running our syslog D or it can be just capturing from any from an NFS mount so we just get that syslog straight back to Cisco okay so what I really wanted to to kind of touch on not syslog but there's two two components that I wanted to really touch on here one is conformance okay conformance all about making sure that what me is a consulting engineer has discussed with you as a customer based on software what's the best version of code that we should be running we've sat down we've looked at the hardware we've looked at the features and we've identified what software we need to run on those platforms based on the role in the network so that's one conformance that we want to make sure configuration is another we want to make sure that all of your configurations are standard all of your configurations are running the best configuration options that they can be running and that's where I was saying before that what we do is I've talked to different customers and they say our configurations are perfect but as soon as you delve into them you always find some level of anomaly okay and it's those anomalies in their configuration that can obviously cause you problems yeah so this KPI is all about making sure that you're conforming to both your best practices where it's a golden template in your network or a discussion that we've had relative to software aox field notices pieces just to make sure that your network is actually running and configured as you've designed it okay intent absolutely because chances are I'll put money on it that if you think that your networks running the way you think it is chances are I've seen it a million times that it's not and I used to work in TAC in the best quote I ever heard from a customer we changed nothing but what we did change we change back so you obviously change something so this is helping you capture that best quote I've ever heard when I worked in in two years previously I had to drop that one in there so again I can drill into all of these like I can drill into oops I had pre-loaded these just I can obviously drill into any of them so what we're looking at here this is I just should share one component of the conformance so this is just purely looking at software and that's his current state so we have two flavors of conformance we have absolute conformance which is our green and that is the version of code that we've all decided on that platform is running that version of code or that tract is running that version of code then we have flexible conformance which is n minus 2 by default so it's the version of code that we agreed upon either now or the previous one or the previous one obviously if you're a 10,000 node network you're never going to upgrade that overnight so you're still in conformance to n minus 2 by default that can be n minus 1 at that part is absolutely configurable and the benefit here is that when you start to share this with management at least when we get down here all of these tracking and trending management that we're working with when you go to a QB are you go to that that meeting with management at least here everyone knows where we stand with focusing on a particular software version we're focusing on let's say we're focusing on here is a firewalls on the far far left and you guys if we're going to focus on that let's make sure that we're actually tackling that if we've talked to the customers see level or two that director-level and we've all agreed let's focus on that for this next ninety days or this next quarter let's actually track that and make sure that we're actually meeting our targets so it's keeping both our Cisco honest along with the customer to make sure that we actually everything is moving in the right direction that was that n minus 2 if you never heard that so flexible means that if we've agreed to run 12 to 23 s that's the version we want to run now but last last month let's say we were going to run 12 to 22 s okay I can't upgrade every device at the same time so those two versions are still actually valid they're still relevant versions of code to run so we kind of I don't want to deem the the customer I don't want to ding the engineer that I'm peers with at the customer level by saying as soon as we change versions you're out of conformance which is obviously not correct okay so it's managing that in this case is there anything that is lower than n minus 2 so what happens if it is so n minus 2 well that's that that is considered n minus 2 n minus 3 anything above that is considered n minus 3 I have something that is n minus 3 or it's it's instantly considered not conforming in this instance okay so do I see is there something in there that is not confirmed absolutely if I click on that hopefully my Internet's okay so here you've got flexible conformance false so this device here that RTP 6 STS 7 K it's not conforming at all either flexibly or actually conforming so we would go and tackle that device talk to the customer talk to the might peer at the customer and say how do we get this on to the recommended version 6 to 10 okay the reason why is because conformance effective conformance as you explain it is like it's perfectly conforming and it's like up to n minus 2 con performance that could be flexible yes so I was missing the non at all conformance bar up there well that's that it's whatever is missing two hundred percent so what's missing - 100 percent all right okay yeah no it's just it's time to tired okay if I put that in that's gonna confuse other people so I suppose what I really wanted to then completely shift and explain what the platform is all about so this is our customer platform okay custome gets this partners get this what our engineers get access to let me just move across to this one so as you'll see we've got a lot more menus at the top let me just make this a bit bigger for you guys a lot more menus at the top so this is our internal portal this is what the consulting engineers have access to so we've got things like root cause analysis we've got global we've got a whole lot of new things that the NCE gets access to what they also get access to is the platform as a whole what I mean by that is they can go and they can go and create their own dashboards they've got access to all of those devices you've got access to all of that data okay so when I'm actually working with my customer I can tailor the dashboard I can build a whole new dashboard so now instead of historically in a program you may have 20 30 40 developers you give them a business document you give him the document is this is what I want you to build now what we've done is we've enabled all of our consulting engineers to tackle the problem if they choose to so now we've actually opened this up to about 2,000 new I said new in quotes developers that can they're helped to tailor this okay so what I was doing I was talking to an engineer and this is one of our DevOps one so this absolutely is not available this is just something that we put together because it was a question that they had to us okay so this is where the engineer gets to build what they need to to answer a question and so things like so what this is all about is we've far left we've received a new case number I've obviously used bogus case numbers in this case but they're real service requests could could be coming in live and as soon as we get that case number I grab that serial number and I'll look it up in our database of that 5 million chassis 5 million devices if I find a match what I then do I can find out whether it's running the right version of code so instantly I know if they've opened a service request is it running the version of code that we've all talked about that we should be running so instantly I know whether the problem is potentially related to that ok we've also got our Product ID the key here that we're now adding let me just drag this across you'll see a lot of words here called similar ok similar device similar company similar device name so what we've done is we've taken every single device that we've got access to hardware software features and a few other characteristics and we've created a fingerprint for every single device that we've got access to ok so what I can now do is if I've got an event whether it's a syslog event whether it's a service request whatever that event is I can now take that that fingerprint from that device that's got the event and I can say show me any other device in my ecosystem that matches in this case 85% similar so now I know if I've got a problem on this device here and it's a singular issue I also know any other device in my network in this case this guy's 92% similar it may eventually have that same problem potentially so now depending on what the problem is we're now actually getting in front the curve we're now doing that predictive or pre-emptive style looking so now I can say if I've got 10 devices that are 95 99 98 % similar they may actually have the same problem so if the TAC has got a single case the int consulting engineer can get in front of the curve and they can say are these devices the same I can now go and look at those other 10 512 devices and see if they're actually going to have same type of issue I think that just got to wind up then I'll touch on one final thing and hopefully this will load up because this was so what we now do again this is from a devops environment so this is what a consulting engineer has built on our internal platform so now what we do is we take that to the next level and if geolocation is important I know exactly where that device is I know exactly what's happened if it's relevant its physical location then I know that as a consulting engineer so when I talk to the customer I know who I'm talking to I know what I'm talking about we also have topology or connected parts of the device so I know that this is the device it's got the problem in this case if it's bgp i know who it's also connected to okay so nothing necessarily special there lots of network management stations have topology lots a network management stations have geolocation it's the ability now that what we've done is we've given all of that knowledge all of that information into the platform so now a consulting engineer can take that next step they can consult if I give this to a consultant consulting engineer now not only do they see all this information they don't have to go running around looking for the information it's at their fingertips they've actually got more time to consult they've got more time to spend with their customer okay so that's the real crux here business critical s is service it's all about a consulting service the platform that we've got here as I said it's got the internal and it's got the external as you were talking about earlier we're working with the the TS advantage guys we are working very closely with TS along with a lot of other internal parts of cisco to make sure that the outcome that the NCE or the consulting engineer can give to our customer is the best answer we can ever give them okay if I get if I don't have access to the data or if I don't have access to the tools I can't consult to the customer so it's all about getting that data to the person that needs it most so that they can make that informed decisions such that when they talk back to the customer it's a no-brainer so I think that was the winder before yeah so I'll finish there and any obviously throw any questions I have one question across the whole cisco portfolio this is only working with switches and routers or you support nearly everything that you have in the portfolio so pretty much everything in the portfolio I don't have the like we do in the UCS and switches and etc what we are tapping into next is DNA Center I've got I'm starting to talk to the DNA guys it's not just Cisco so I could give you a topology I'll tell Huawei Lucent juniper I don't care it's all SNMP it's all inventory we've got parses that do all that so obviously I'm not going to have a service request for a juniper box that's obviously not going to happen but if there's a Juniper box here that I know it's MAC address and I've been able to capture like SNMP RFC information I'm gonna put your juniper box here and if there's an issue between connecting from this box here through to this box and it's a general juniper box in the middle I'm gonna know that okay so you having a more generic approach and trying to get everything into your database take whatever you give me I'll take it toaster I don't care the more information that I can give my NCA or my consulting engineer the better answer the better decision the better outcome he's going to give you that's that's my goal so I kind of work back office so whenever I can do to give them knowledge I'll give them anything can send me that toasters running hot yeah absolutely yeah yeah I mean what Brian said I was actually going to connect my bike up not to to this but basically connect my bike up measure power what's all that kind of stuff just for because I can
Info
Channel: Tech Field Day
Views: 1,474
Rating: undefined out of 5
Keywords: Tech Field Day, TFD, Cisco Live, Cisco Live Europe, Cisco Live Europe 2018, CLEUR, CLEUR18, Cisco
Id: 7b_ABaoE_xQ
Channel Id: undefined
Length: 33min 10sec (1990 seconds)
Published: Tue Feb 06 2018
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.