The FUTURE of Information Security Engineers - Cisco Security Automation (DNA CENTER)

so if you're currently a security engineer or maybe you're thinking about becoming a security engineer automation and programmability is at your doorstep is it good is it bad I don't know what's going on guys welcome back to network Chuck big thanks to Cisco sponsor of this video and they sent me to Cisco live back in June which it was amazing it's essentially comic-con for network engineers and security engineers then really anybody in IT you would love it there I promise now one of my missions while I was there was to get the lowdown the all

the info on this network programmability thing this networks automation things content-based networking software-defined networking tonight DevOps I think I covered all the buzzwords let me know in the comments below if I missed any and that was the big theme this year at Cisco live network programmability now that's not a new concept we've heard this term for a while and up until very recently it was just a scary story we told junior network engineers before bed to scare them but now I think it's starting to stick like really now one of the big keynotes something was

said that really stuck out to me like really stuck with me and it's a pretty big deal for Cisco to be telling network engineers this because you know the kind of the networking company right they said you are a developer so you are a developer what like we're developers now just like that now that is pretty heavy I'm gonna unpack this even more in the coming videos watch this one thing I hadn't thought about or considered was that it wouldn't just hit the old good ol routing and switching guys it's gonna hit all tracks and

the one I want to talk about today is security [Music] now before you start screaming oh the network security field is dead Network Chuck said so programmers are taking our jobs no no no hold on slow down guys you're the programmer remember this change involves you it requires you it actually depends on you and it's kind of amazing now Cisco has been working on something and it's actually pretty amazing it's called DNA Center the digital network architecture now this could take up to four or five videos on its own it's it's heavy it's a lot

of stuff but let me give you the thousand foot view Cisco wants you to deploy manage maintain automate they want you to do everything for your network from one portal one little area to login that means you know you're not logging into a bunch of different routers and switches I mean if you've seen my secure CRT from past jobs I mean it's just lists and lists of routers and switches it's ridiculous secure CRT is like buddy and then putty is basically how you connect or SSH into your routers the most popular one anyway so it's

basically an SDN controller which is a software-defined networking controller which is kind of the hub the base of where you'll deploy all your your automation but it's like an SDN controller but on steroids and that's just me being a bit shy about it it's it's a lot more and again I'll talk much more about that later because it's I spent a lot of time learning about so you design and monitor your network in DNA Center and then you can actually automate the provisioning and configuration of your APs your routers your switches and DNA Center essentially

this is the place you will live to do everything as a network engineer and as a developer let's just go would say now I told you that to tell you this the super big awesome cool thing let's just go live this year they always have one big cool thing they got to tell you is that DNA Center a place where you'll manage all your stuff is now open open they have a px which if you don't want ap is it's basically allowing programmers to integrate their code with whatever application that is so if you have

probe so if you have programmers or you are a programmer that means you can make your own app that can integrate with DNA Center which controls your entire network that means you can integrate anything and everything you want into your network using DNA center and it's api's okay okay well what does that look like and why do you even care I mean you're you're studying for your CCNA you're studying for your CCP your security engineer you you use the tools you know unlove you don't don't care about any of that you should check this out

so right now we're focusing on security now as a security engineer wouldn't you love a situation where suddenly you're just really amazing at your job and you almost did nothing to make that happen let me show you so let's pretend a threat is coming towards your network like you know ransomware like the wanna cry virus that was a rough one so when attacker is trying to attack you that Orcas trying to affect your users with ransomware wanna cry it's coming it's here now relax you're good you've implemented stealthWatch no okay no Cisco product I know

what is stealthWatch stealthWatch is a super smart robot run analytics engine basically it's designed to sniff out bad stuff like want to cry or ransomware coming into your network now security geeks pay close attention I have to mention this because it's soap really it's amazing what it does it does something cool that really no one else in the industry does just yet and it has to do with encrypted traffic now what is really great about encrypted traffic well you can't see inside it it's it's safe it keeps you secure so if you're making a bank

transaction you're your traffic is encrypted so a hacker can't look into it now what's the bad thing about encrypted traffic well as a security engineer you can't see inside it yeah there is good traffic it should be encrypted and protected like your your bank account number or your transaction information going across the internet but hackers will also hide their malware inside and curb the traffic which makes it extremely difficult for security engineers to find out if ransomware is coming into their network and who it's infecting it's estimated that by 2019 70% yes 70% of all

attacks on all malware will be encrypted which means basically 70% of attacks you won't be able to look into or see unless you decrypt now most solutions require you to decrypt traffic to be able to see inside that and see if any you nasty malware is coming at you right and yeah it's possible to decrypt but it's super expensive to buy hardware that can decrypt a lot of traffic and it can make your network kind of slow it's it's super complex not to mention actually decrypting traffic it can be a huge privacy violation in a

ton of countries so be careful you see that's where stealthWatch comes in stealthWatch can just eyeball that traffic and know if it's bad or good without decrypting it which is kind of crazy but how does it do that it uses the network of course and we'll use cisco routers and switches and it'll use this thing the special new thing they have called ETA encrypted traffic analytics so the cisco routers and switches will have this ETA data and it will send it to stealthWatch now okay fine ETA how does it actually know if there's malware inside

these packets if it's encrypted like that's by definition you can't see inside it right so what it will do and it's pretty cool is it will use mater data it will also monitor traffic flows and kind of get a baseline to figure out what this traffic is so it'll baseline like normal behavior like good old traffic that you want and it will also have a lot of good information on what is bad it can profile bad traffic basically it's sending net flow on steroids just super net flow as telemetry about malware and all the dirty

nasty stuff in our network traffic no side note you could actually use DNA Center to configure all this stuff like a super quick because just like net flow you have to configure your routers and switches to send data to your net flow collector and with stuff watch if you want to send ETA yet to configure your routers and switches to send ETA to stealthWatch DNA Center will have you up and running in minutes so stealthWatch can look at encrypted traffic in the clear without decrypting it and can't determine with high certainty that's what Cisco says

it can determine with high certainty if there is malware in that traffic in the cool part remember what I said about DNA Center in the fact that it's open api's well you'll be able to connect stealthWatch to DNA Center why is that cool we get this the same place where you configure monitor maintain deploy automate your network you can also see all your security analytics all in one place one place one portal not the log into fifteen different products one so basically you just hang out in DNA sensor while you monitor all the things alright

so back to our scenario here let's open this up a bit now tell you about a demo on the show floor at Cisco live the security network programmability automation thing ah super slick here we go so mr. wanna cry our dirty nasty ransomware he's he's on his way he's wearing his disguise he's encrypted and he's on his way to your network he tries to slip past our defenses to infect our users without being detected hey but we're good stealthWatch smells in a mile away and boom this info is available in DNA Center your zit you're

hanging out already just looking at everything else you can see and then BOOM stuff watches hey hey hey DNA center we got a we got a we got a bad dude coming your way now I'm gonna tell you again DNA center is open meaning we can integrate a lot of stuff not just Cisco products now most companies well I would hope most companies have an IT SM and information technology service management basically it's like a ticketing system and among other things like inventory management and so if your NIT you know what a ITSM is you

know what tickets are in in requests and projects and if you're not an IT yet but you'll want to get into IT you're gonna know a lot about this soon one of the biggest IT SMS out there is ServiceNow now Cisco in their demo integrated ServiceNow a total third-party ITSM has nothing to do a Cisco they integrated this with DNA Center all right we're getting to the good part here we go so mister wanna cry our ransomware tried to sneak past our network defenses but stealthWatch he knows he's bad dude he tells DNA center now

here's where the cool programming thing comes into play the automation DNA center instead of you having to sit there and monitor it and go oh I noticed something no no DNA center takes care of it for you he knows mr. wanta cries bad news thanks to stealth watch and utilizes his openness to open a ticket with ServiceNow so so far ticket created we didn't do a thing yet this ticket has been set up to notify the security team you you get your email or maybe it's a mobile notification you're like oh huh mr. wanna cry

he's a pretty bad dude and then you hit the big old bad button quarantine and then you put your phone down or you close your email and then service now using the api's well tell DNA sensor hey this guy said to quarantine it and DNA DNA Center quarantines once the user is quarantined DNA Center then talks it back to service analysis hey service now you know the thing you want me to do about quarantine I already did it it's done can you let that security guy know can you get him off youtube for a sec

and we get the alert oh hey hey it's already done man being a security engineer it's hard right so what do we just see what we saw automation at work that scenario how much work did you actually do in that scenario not a whole lot you got a notification I mean it's it's like checking Facebook and checked it Oh corns yeah I'm gonna quarantine that and that was it the automation to mitigate that threat was in place it's pretty cool no that's just a simple demo example that Cisco provided it it took them three weeks

to program this that's it now do you see how this could like streamline your processes I mean if you're an IT right now if you're an IT department you probably have tools and products that are in this demo right that's okay you can integrate that with the API and DNA Center and you can automate all the things now what's cool about that scenario is did you even have to be involved as the security engineering did you even have to be involved in that scenario no not really you could have had a service desk guy just

take care of that for you to mitigate while you're doing something you actually want to do like watching YouTube I mean let me start known studying for your next certification or I guess both or watching this now seeing this example opens my eyes a bit because again as a network engineer as and I've worked with security stuff and all that Wi-Fi stuff and all all the fun stuff stuff I you get scared about the automation in the programmability because you don't want to be without a job you're thinking okay all the things I normally do

on a day-to-day these things are being automated so what do I do that's why Cisco saying hey no no you're not just an engineer anymore because I mean we still need guys like you who know how things work but now that you're not spending all your time on mundane tasks like that you can actually start learning a bit of program and then coming up with these incredible solutions I mean with the open API you can pretty much do anything you want you can integrate anything into your this was cool because DNA Center is like our

controller our big Sdn controller for our network so DNA Center allows us to automate everything in our network with anything we want to use which is kind of sweet you're only limited by your imagination and of course your your programming skills I mean if you have--if approach if you have a programming team or a bunch of developers yeah you could have them do it for you or you could just learn it yourself now I think the age of just like hearing network programmability and all these buzzwords and going oh yeah that'll be the day hey

that's over like it's it's here and it's becoming more mainstream with DNA center when Cisco starts putting out products that are really pushing it I think it's here guys and in the fact that it's becoming mainstream across all tracks that we've heard about it affecting routing and switching that's that's been the case but collaboration security wireless it's gonna be all of us guys whoo well guys that was about it I wanted to show you something really cool that I saw Cisco live there's automation stuff the network programmability and I wanted to come at it at

first cuz I again I have more videos coming out about this but I wanted to show you from the perspective is something I hadn't thought about and that's security security is huge and lucrative so I want to get you guys excited about programmability instead of being a little timid about our afraid or not not wanting to change embrace that change man it's coming the only way you come out on top is by embracing it and like I said I've got more stuff coming I talked with a ton of companies who have integrated theirs their software

solutions or their own custom apps with DNA Center to do cool things with the network I'm gonna get to still preview I haven't talked with a company who has DNA Center automating the configuration for Juniper stuff so we're using Cisco products you configure third-party products so it's it's interesting stuff trust me so if this DNA Center thing is intriguing to you or you want to learn more about it I got a link below click to find out more like do it right now why not or up here go ahead I'll wait anyways I'll catch you

guys later keep studying Gayle not Python get your CCNA talking to you [Music]