Wirevolution

Enterprise Mobile Security

Subscribe!

Archive for the ‘Cisco’ Category

ITExpo: Anatomy of Enterprise Mobility: Revolutionizing the Mobile Workforce

Sunday, September 9th, 2012

If you are going to ITExpo West 2012 in Austin, make sure you attend my panel on this topic at 10:00 am on Friday, October 5th.

The panelists are Brigitte Anschuetz of IBM, Akhil Behl of Cisco Systems, John Gonsalves of Symphony Teleca Corporation, Sam Liu of Partnerpedia and Bobby Mohanty of Vertical.

The pitch for the panel is:

Enterprise mobility is one of the fastest growing areas of business, allowing companies to virtually connect with customers and employees from anyplace in the world. CIOs are facing more decisions than ever when it comes to managing their mobile workforce. Employees expect to be able to do their work on multiple platforms, from desktops and laptops to tablets and smartphones.

This session will dive into the various components of an enterprise mobility solution, provide best practices to ensure they are successful and explain how they integrate together to enable companies to grow their business. Topics will include: mobile enterprise application platforms, enterprise app stores, mobile device management, expense management, and analytics.

ITExpo East 2011: NGC-02 “The Next Generation of Voice over WLAN”

Monday, January 24th, 2011

I will be moderating this panel at IT Expo in Miami on February 2nd at 10:00 am.

Voice over WLAN has been deployed in enterprise applications for years, but has yet to reach mainstream adoption (beyond vertical markets). With technologies like mobile UC, 802.11n, fixed-mobile convergence and VoIP for smartphones raising awareness/demand, there are a number of vendors poised to address market needs by introducing new and innovative devices. This session will look at what industries have already adopted VoWLAN and why – and what benefits they have achieved, as well as the technology trends that make VoWLAN possible.

The panelists are:

  • Russell Knister, Sr. Director, Business Development & Product Marketing, Motorola Solutions
  • Ben Guderian, VP Applications and Ecosystem, Polycom
  • Carlos Torales, Cisco Systems, Inc.

All three of these companies have a venerable history in enterprise Wi-Fi phones; the two original pioneers of enterprise Voice over Wireless LAN were Symbol and Spectralink, which Motorola and Polycom acquired respectively in 2006 and 2007. Cisco announced a Wi-Fi handset (the 7920) to complement their Cisco CallManager in 2003. But the category has obstinately remained a niche for almost a decade.

It has been clear from the outset that cell phones would get Wi-Fi, and it would be redundant to have dedicated Wi-Fi phones. And of course, now that has come to pass. The advent of the iPhone with Wi-Fi in 2007 subdued the objections of the wireless carriers to Wi-Fi and knocked the phone OEMs off the fence. By 2010 you couldn’t really call a phone without Wi-Fi a smartphone, and feature phones aren’t far behind.

So this session will be very interesting, answering questions about why enterprise voice over Wi-Fi has been so confined, and why that will no longer be the case.

Video calling from your cell phone

Wednesday, December 15th, 2010

Although phone numbers are an antiquated kind of thing, we are sufficiently beaten down by the machines that we think of it as natural to identify a person by a 10 digit number. Maybe the demise of the numeric phone keypad as big touch-screens take over will change matters on this front. But meanwhile, phone numbers are holding us back in important ways. Because phone numbers are bound to the PSTN, which doesn’t carry video calls, it is harder to make video calls than voice, because we don’t have people’s video addresses so handy.

This year, three new products attempted to address this issue in remarkably similar ways – clearly an idea whose time has come. The products are Apple’s FaceTime, Cisco’s IME and a startup product called Tango.

In all three of these products, you make a call to a regular phone number, which triggers a video session over the Internet. You only need the phone number – the Internet addressing is handled automatically. The two problems the automatic addressing has to handle are finding a candidate address, then verifying that it is the right one. Here’s how each of those three new products does the job:

1. FaceTime. When you first start FaceTime, it sends an SMS (text message) to an Apple server. The SMS contains sufficient information for the Apple server to reliably associate your phone number with the XMPP (push services) client running on your iPhone. With this authentication performed, anybody else who has your phone number in their address book on their iPhone or Mac can place a videophone call to you via FaceTime.

2. Cisco IME (Inter-Company Media Engine). The protocol used by IME to securely associate your phone number with your IP address is ViPR (Verification Involving PSTN Reachability), an open protocol specified in several IETF drafts co-authored by Jonathan Rosenberg who is now at Skype. ViPR can be embodied in a network box like IME, or in an endpoint like a phone of PC.
Here’s how it works: you make a phone call in the usual way. After you hang up, ViPR looks up the phone number you called to see if it is also ViPR-enabled. If it is, ViPR performs a secure mutual verification, by using proof-of-knowledge of the previous PSTN call as a shared secret. The next time you dial that phone number, ViPR makes the call through the Internet rather than through the phone network, so you can do wideband audio and video with no per-minute charge. A major difference between ViPR and FaceTime or Tango is that ViPR does not have a central registration server. The directory that ViPR looks up phone numbers in is stored in a distributed hash table (DHT). This is basically a distributed database with the contents stored across the network. Each ViPR participant contributes a little bit of storage to the network. The DHT itself defines an algorithm – called Chord – which describes how each node connects to other nodes, and how to look up information.

3. Tango, like FaceTime, has its own registration servers. The authentication on these works slightly differently. When you register with Tango, it looks in the address book on your iPhone for other registered Tango users, and displays them in your Tango address book. So if you already know somebody’s phone number, and that person is a registered Tango user, Tango lets you call them in video over the Internet.

Cisco’s Motion Announcement

Monday, June 2nd, 2008

Cisco’s Motion announcement on May 28th was huge for enterprise mobility. It defined some new terms which we will be hearing a lot: “Cisco Motion,” “Mobility Services Architecture” and “Mobility Services Engine.” Cisco Motion is the name of the “vision.” The Mobility Services Engine 3350 is a $20,000 appliance that embodies the Mobility Services Architecture, which is a part of Cisco’s Service Oriented Network Architecture.

Cisco has published a lot of useful information about these new products. A good place to start is the launch webinar, which includes an informative Powerpoint presentation. The Mobility Services Architecture is described in a white paper. There are two press releases: a conventional press release consisting of written words, and a “social media release” consisting of links to YouTube clips and podcasts.

What we’re doing here is abstracting the network control element of the architecture and the services and application integration piece. This reflects what we have been talking about for the last 2 plus years around the Services Oriented Network Architecture. It’s about how we can drive new capabilities into the network, that can be married up with a host of different applications and turned into a solution for our customers. It’s not just applications running over the network. Increasingly with this architecture, it is about applications running “with” the network.

Ben Gibson, Senior Director Mobility Solutions, Cisco Systems

Cisco describes the MSE as a “platform for partnering,” the idea being that it exposes network-level information through an open application programming interface (API) to applications delivered by independent software vendors (ISVs).

Adding wirelessness to the IP world generates network-layer information that can be useful to applications, notably information about the location of known devices, and the intrusion of unknown devices. The MSE orders that information and presents it through the API.

Cisco Motion also addresses some downsides of mobility. Adding mobility to the IT world brings a lot of new headaches:

  • There are multiple network types (currently cellular and Wi-Fi, later WiMAX)
  • There is a profusion of new device types (currently smart phones) which must be managed and tracked
  • There is a wave of innovation in consumer applications. Employees are demanding these applications in the enterprise environment.
  • Mobility also complicates compliance with data confidentiality regulations like PCI and HIPAA.

So far Cisco has identified four categories of application that can run on the MSE: Context-Aware applications, Wireless Intrusion Prevention Systems, Client Management and Intelligent Roaming.

Context Aware Applications
“Context Aware applications” seems to be Cisco’s term for applications that do asset tracking. Cisco is partnering with ISVs in both horizontal and vertical markets. These ISVs are OAT, Intellidot, Aeroscout, Pango/Innerwireless and Airetrak. The Context-Aware software is scheduled to ship in June 2008.

Adaptive Wireless Intrusion Prevention Systems

Overlay wireless intrusion prevention systems add devices to monitor wireless traffic looking for rogue access points and clients. The innovation here appears to be that the MSE exposes information from the access points and wireless controllers that eliminates the need for these overlay devices. IPS software running on the MSE can substitute for the overlay IPS, while yielding equivalent depth of reporting and features. A further benefit of running the IPS over the MSE API is that the same software will be able to handle future wireless networks in addition to Wi-Fi. The Adaptive WIPS software is scheduled to ship in the second half of 2008.

Mobile Intelligent Roaming

This is enterprise Fixed-Mobile Convergence. The MSE isn’t a mobility controller; it issues an event up through the API when it determines that the Wi-Fi network needs to hand the call off to the cellular network. This event is handled by mobility controller software from an ISV. Cisco’s launch partners for this are Nokia for phones, and Agito on the mobility controller side. The Mobile Intelligent Roaming software is scheduled to ship in the second half of 2008.

Secure Client Manager

This works with Cisco’s 802.1X and CCX products. Cisco estimates that 80% of IT’s wireless and mobility effort goes to client troubleshooting and security provisioning. The Secure Client Manager will help mitigate this problem for the imminent wave of mobile devices. The Secure Client Manager is scheduled to ship in the first half of 2009.

Unified Wireless Network Software

Cisco Motion requires a new software load for the access points and WLAN controllers: the Cisco Unified Wireless Network Software Release 5.1, which shipped in May 2008.

Parvesh Sethi’s opinions

Friday, May 18th, 2007

Parvesh Sethi is Cisco’s Vice President, Advanced Services. In his keynote at the Communications Developer Conference this week in Santa Clara, he described an interesting use case for future wireless devices:

Your phone automatically notifies the hotel when you arrive – no need to stand in line to check in. Your assigned room number appears on your phone screen. The phone acts as a wireless key for your room. In your room the hotel puts targeted ads onto your phone’s screen.

The bulk of his talk consisted of advice for developers. The two main themes were “leverage the power of the network” and “exploit the long tail.”

The power of the network bit is to be expected from Cisco. The long tail part was a theme at many of the other presentations in the conference. For those who haven’t read the book, the idea is that the enormous reach of the web at relatively minuscule cost allows products that in the past would have been too narrow in appeal now to be commercially viable, and when combined with enough other low-volume products, to be lucrative. For example, a book that sells two copies a month isn’t worth carrying in a retail bookshop. But an online bookstore with a hundred thousand such titles would glean annual revenues in the tens of millions of dollars.

Sethi explained that custom programming for a particular enterprise used to be prohibitively expensive. But now the Web is packed with useful components that you can invoke through simple APIs. Web development environments automatically take care of the hard stuff for you, stuff like security, transcoding, QoS, authentication. Application acceleration is available right in the network. The open application development environment makes it possible for people to add their own value. This unleashes the long tail effect for the component vendors.

The example Sethi gave for this type of application was a real-world one, from an individual Subway franchisee – not Subway Corporate. The application runs on a Cisco phone. When an employee arrives in the morning, he logs in on the phone. This means no need for a time clock. Suppose four employees are scheduled to work a shift, but only three clock in. Previously one would have to start calling to find a substitute, leaving only two to perform the work. Now the phone system starts outdialing automatically, calling down the list of substitutes until one responds with a touchtone. Meanwhile, back in the store, the phone reminds the employees about essential process steps, like putting the bread in the oven. If the employee doesn’t acknowledge that he has done it, the system calls the supervisor to snitch. Sethi claimed that this application yielded a 30% increase in lunchtime revenue in its first month of operation.

Openness of the development environment, the ability for users to modify Cisco’s system and incorporate it into applications built on a whole set of such open components was one of four “Pillars of UC development” that Sethi identified. The other three were security, simplicity and virtuality (access to the application via any device, any where).

Cisco buys WebEx, loses faith

Saturday, March 17th, 2007

Cisco has two main customer constituencies: network service providers and business IT departments. One of WebEx’s crown jewels is its MediaTone network. This is a global private network, with dedicated fiberoptic links and multiple peering points to the Internet. If Cisco doesn’t sell this off, they will be competing with their customers in one of their primary markets. Unlikely to fly, though Cisco sometimes doesn’t seem to mind treading on toes.

This leaves the remainder of WebEx, the application (SaaS) side. It’s a natural complement to two of Cisco’s current business lines, filling a gap between their Unified Communications Manager (VoIP PBX) products and their high-end telepresence offerings.

As Cisco gets into more and more of the software services that run over IP networks, they end up competing more and more with Microsoft among others, and in an odd way for an Internet company.

Cisco rode the Internet Protocol to the stars. An article of faith amongst the IP cognoscenti is that the network must be stupid. This means that we conceive of the Internet as an amorphous connectivity cloud with computers on its periphery. Some of them are clients and some of them are servers. The Internet doesn’t care which is which. This is very powerful, because anybody with an IP address can set up a web site (a.k.a network service). This is anathema to the traditional network service providers who want to provide value (get revenue) in the network beyond mere connectivity. The Internet world (like Google) and the PC world (like Microsoft and Intel) love the stupid network model because it lets them innovate. The owners of the wires hate it because it forces them into the role of mere connectivity providers, since they are incapable of innovation at the service level.

But Cisco’s bread and butter is network equipment. Cisco doesn’t sell servers. So every service that migrates from the stupid network model to the intelligent network model increases Cisco’s potential market. Cisco hasn’t yet apostatized, but these actions are building gravitation in that direction. They have already ported their IP PBX to IOS, and they are allegedly even warming up to IMS!

Background
Forbes article on the acquisition.
CNET interview with WebEx CEO Subrah Iyar.

Charlie Giancarlo on telepresence at VoiceCon

Wednesday, March 7th, 2007

This morning’s keynote speech at VoiceCon by Cisco’s Charlie Giancarlo was polished and entertaining. What jumped out for me was his description of telepresence. He had just demoed video phone calls, then went on to telepresence. My immediate thought was, “yes, a video phone call with a bigger screen.” But Charlie must have met this reaction before because he started to stress the radical nature of telepresence. As you know, telepresence is the idea of putting a bunch of big-screen LCDs around a conference table so it looks as though people are sitting there. HP and Dreamworks have had a system called Halo for a couple of years, but it’s hugely expensive.

Charlie’s point about the novelty of telepresence is that you have to experience it to understand it. He said that after a few minutes of a meeting, you forget that the person isn’t really there, and the subjective nature of the interaction is that it is face-to-face.

The second surprise from Charlie was that the Cisco version of telepresence has a total cost of around $10,000 per month per telepresence room. This seems to be a lot lower than the cost of Halo.

I can believe that you have to experience it to understand it, because of Tivo. TV viewing is a completely different (and much better) experience with Tivo. Tivo owners are all evangelists. They tell their Tivo-less friends that they will love it if they just try it. The friends believe it, but they don’t bother to get a Tivo. Then, when they do, their reaction is “why didn’t you tell me?” and they become ignored evangelists, too. But I still don’t have a Slingbox.