 Good morning, good afternoon, good evening, and welcome to my session on unpacking the complexity of IoT environments. In this session, I'll talk about how IoT is digitally transforming different industries, and I'll give a couple of examples of that as well. Then I'll talk about three main challenges for the network of IoT environments. Security, scalability and simplicity. Lastly, I'll talk about how Cisco is meeting these challenges, and I'll give a couple of demos as well. Let's get started. IoT is digitally transforming different industries. On the right, I have a couple of examples for you. The first one on the top left is you can see a mining truck. The mining industry is a very hostile environment, because down in the mine, there are many hazards. For example, there's always a hazard of any cave-ins, or there's a hazard of a gas leakage, and obviously there's no daylight down there either. Ideally, you don't want to send humans down there if you can avoid it. You can see the truck in the picture. Apparently, the latest one models of this type have autonomous options as well. So the entire truck can go down the mine, pick up the ore and come out without a human on board. Here's a fun fact of a challenge these guys were facing. Apparently, the autonomous driving works too good. What do I mean by that? That means that these trucks drive exactly in the same track, no matter how often they go in and out, and this speeds that the road starts to wear out. So this is why the team had to introduce some variants in there, so the truck has more variants in where it's driving and doesn't wear out the road too fast. Top right is another good example. This is a manufacturing environment. Obviously, manufacturing has been using robots for a long time. However, what is new now is that these robots are more and more connected. There are good reasons to connect these robots. For example, you can now get temperature, vibration and current information from the robot, which you can use to do predictive maintenance. Because for these big manufacturers, if these robots fail, it could be very expensive. So therefore being able to prevent any failures or to do only the maintenance when it's really required is huge cost savings for them. However, networking all these environments also comes with risks because once it's connected, it could potentially be compromised over the network as well. The next area you can see on the bottom left is agriculture. We all know that global warming is coming and therefore the farmers have to adapt to this environment. They feel watering feels for a while, but what they can do now is IoT. For example, they could put humidity sensors into the ground, connect it with a weather management station that forecasts how much rain is coming and therefore water the plants the exact amount they need. Not too much to not waste water and power to pump the water and not too little to still get maximum yield from the fields. So this is definitely revolutionizing the agriculture area as well. On the bottom right, you can see our oil and gas industry. They've been using IoT for a while as well. Many of these guys are using it for safety reasons. A, for the equipment safety so that the drill doesn't break if you get the right IoT data out of it like vibration while it's drilling down into the ground. Or any gas leakage detection sensors that you want to connect to make sure your workers are safe in the environment. Now, all of these environments have a couple of key challenges. And I want to highlight now three key networking challenges for these IoT opportunities. The first one I want to talk about is the most important one, security. They have been countless examples in the past where a compromised IoT system led to a much bigger incident. I have a link down here for you which one of the most interesting cases I found, which is where Target got compromised a couple of years ago. And the intruders compromised the HVAC system and the HVAC system then let them get access to more financial details from customers. For example, there have been also other examples where autonomous vehicles got hacked remotely or manufacturers were hold hostile with ransomware attacks. So this is why for most IoT use cases security is the first question they ask. It's the biggest concern is the solution secure. The second biggest challenge we see is scalability. The internet has been growing for a long time and you can see here on the time scale that since I go back here about five years, the amount of devices have been increasing over time. However, we are now at a breaking point where with the increase of IoT devices, the number of devices will just exponentially grow over time. You can see a couple of predictions here from Nokia, IDC and IHS where these predictions are. However, you can see the amount becomes massive. So therefore it is important to have a scalable way to manage these devices. The last one, tying into the first term, in my opinion, is simplicity. None of this works if you can't do it simply. These days we have to do more with less teams. We have to have the people able to learn new technologies and deploy these within minutes. Therefore, it is very important that the tools we build are secure, scalable, but also at the same time simple to use. Now, how is Cisco meeting these challenges? And here are a couple of examples now around security. The first part is that you have to secure the device. This starts from the hardware layer, where in our case we integrated a couple of sensors in the hardware itself. The first one here would be the accelerometer or gyroscope. In this case, you'll be able to sense if the device is moved. We have input alarm for digital sensors in there, so you can connect it to other things like, for example, a door open relay. There's GPS asset tracking and geofencing involved, mostly for the remote and mobile assets that might be driving around, let's say, pump trucks or any other big vehicles. And just to give you an example use case here is that many times our customers put our devices into, for example, ATM machines, and then the ATM can sense if somebody tries to shake it too hard or rob it by the accelerometer and gyroscope. It will also be able to see if the door is opened by force by the input alarm if there's a door sensor. And if your ATM is all of a sudden moving around as the GPS signal shows that it is being moved around, you know something fishy is going on. Last one here is a quite simple one, but still quite effective as well, the SIM card locking plate. What we've realized is that if people see something that they think might be useful for themselves next to the router, maybe a USB plug or a USB stick or a SIM card, for example, they take it out and these things get stolen a lot. With a simple locking plate or an even better in our case, we often have the SIM card only accessible once you take the entire module out. This is prevented, so therefore this is a very simple first line of security. The software is also important to secure. We start here with a trust anchor model is how we call it. This is a hardware chip that is on our hardware, which comes from factory with a crypto certificate integrated, which means that any forges of the hardware could not forge this piece and therefore they couldn't rebuild our hardware. Because this trust anchor module is required to do the secure boot and this secure boot then authenticates that our software is legitimately coming from Cisco. Inside Cisco we then have our processes to ensure the security of our devices via our Cisco Security Development Life Cycle, the CSDL. We have vulnerability testing and our PSUIT and TALUS group ensure that there's no vulnerabilities coming in later on. Privacy is very important for the network communications themselves. The first concern many people have is that if they would enable encryption, would it slow down performance? For many devices that is the case, however for us we've now integrated fast hardware based encryption like a crypto core processor that helps offload encryption and decryption tasks, which is why you can enable these crypto features without risking any performance degradations. Secure network protocols. This means that we use stuff like SSH over TALENET or HTTPS over HTTP. Basically secure protocols to make sure that even if you manage the devices, a man in the middle attacker would not be able to get any credentials from you. The last one here is secure defaults. This is coming from our software design where we say by default for example we do have password policy in place or there is no default username and password. In many OT environments you have devices that are never get any password updates. So therefore the default password is on the device for the entire lifetime. And this is very easy for hackers to compromise. So therefore we're thus not having any default password and forcing the user to change the password at first login. This is a very basic feature but it is a good start into securing the OT environment. Policy. We have the option to get full visibility into what is going on in the network with NetFlow for analytics and then we can get to this stealth watch. We also have the option to get traffic copies with features like R-Span and ER-Span so you can see exactly monitor what is going on on the network. And with our management tools which I will show you in a moment as well you can set one set of security policies across your entire network the campus network as well as the enterprise network. Securing the applications. So we have also the option to put application level firewalls on our devices. We can host applications on our IOX edge compute platforms. On there we can then do a digital signage validation to make sure that the software has not been tampered with even if it's the third party apps that's running on there. And we can sign this code. Once again I want to highlight here. Security is important on our devices however it is very important in OT environments because these are normally not hosted in the data center where you already have physical security around them. These are often out in the field where people would have physical access to the area. They might break into a filing cabinet on the roadside. They might be able to go over a fence to access a gear. So it is in a more hostile environment which is why these security features are even more important in OT environments than in IT environments. Now let's talk about scalability. How is scalability handled? In the first example here we have the box by box configuration which is in a manual process very error prone. Because in most cases you have to change something in the configuration. They are not all 100% identical. There might be a hosting you have to change. There might be a public IP you have to change. There might be something you have to change in the configuration and that often leads to configuration challenges when you do it manually. However when we use automation to do the same it is a very scalable and simple way. Let me show you in a moment of how we do this exactly. Now how are we meeting the simplicity challenge? I am going to give you an example of two concepts of how things can be instructed. The first example here on the left you see a picture of a Google Maps snapshot with detailed instructions. Imagine you are going to a cab and you want to go to the airport. There are two ways you can tell the cab driver where you want to go. A. You can do as we say here we give detailed instructions along the route. We say hey in four minutes in 900 meters take a turn on Burrard Street to Hull Street and so on. So this is a declarative instructions way. What is more interesting and more important now though is giving imperative instructions. This is where you just give the intent of what you want to do. In this case we would say cab driver please take me to Vancouver International Airport. And we trust the cab driver knows how to do the low level part meaning the exact instructions on where to turn left, right or straight. And therefore he will get us there safely and we only have to give him the intent. This is the basic concept behind intent based networking. Now let's talk a bit more about security. How is security done today? If you have a network and you want to now put a new segment in there put a new VLAN on there. There are different steps you would have to take. Here are a couple of examples. You first define the groups in the Active Directory. Then you define the policies in the AAA server which might be VLAN based or subnet based. Then you have to implement those VLANs and subnets, create a DHCP scope, create layer three interfaces everywhere. You have to make sure that the routing is enabled and map SSIDs to the interfaces and VLANs as well as the WLC. Lastly you have to implement policies, define ACLs, apply ACLs, make sure you don't make any mistakes while doing that. And that requires you to use many different user interfaces and many different tools. In this case here we say our AAA server the WLC and also in some cases the device CLI has to be used. And if you use the device CLI many cases it looks like this. You can see here this is an access list example with many entries. And many of our customers have access lists that are in the tens of thousands of lines long. And here is a big challenge with this kind of management. You don't really know what's going on in each individual line or at least you don't know the reason for it. Normally if something is not working and it's not supposed to work you are happy and you are okay with putting a new ACI line in there. But nobody would ever go back into a system with 10,000 lines and try to clean it up and remove lines to make it more readable. That just very rarely happens which is why these bring a risk of management over time. And if you don't keep these ACLs across all your devices synchronized you then run a risk of having certain security holes open at some of these devices. Now let me show you how we can simply scale security with Cisco DNA center. In this case I'm going to start and create a virtual network. I'm going to click on the left and then I give it a name. In this case I'll say IoT Virtual Network. Now I can choose which device I want to add into this virtual network. For example, batch readers, cameras and let's say the HVAC system. And now I just click Save and that's all I had to do to create this virtual network. So there's no need to map specific IP addresses or MAC addresses to this. I just give our tool the intent of which types of devices I want to have in the network and the tool goes ahead in the background and creates a virtual network and populates it throughout my network. Now let's see what we would do around security. So for group-based access control you can see here we have now our metrics that shows us exactly who is allowed to talk to who with the green fields showing an explicit permit, red field explicit deny, other ones are custom ingray and you can see on the top right here that the default action is permit. Now if I want to check what's going on for example my mouse here shows me that my HVAC system can talk to my development servers. I don't want that. That shouldn't happen. So let me see. If I now click on this box I can see if I want to enable or disable the policy and I can also change the contract. In this case I want to deny the policy and therefore once I click now change my box will turn red and now my HVAC system is not able to talk to my development servers anymore. Next I want to talk about securing operational networks. OT networks have some special considerations. The first one is that in OT people usually just plug in devices as they roll out new machines and new cells. They don't keep a good track record of which IPs they gave out or which mac addresses are on these devices or which ports they plug them into. Which is why for most OT networks there is a large number of unknown devices on the network and they can't just disconnect them because it might be an operation machine which might shut down if it is disconnected from the network. Next point here is that OT never patches. In the IT world we use from our phones and our tablet and our Windows laptops or Mac laptop that these devices automatically push their updates down. We get a notification. We might postpone it a couple of times but we are basically forced to reload very soon after the patch is deployed. In OT that doesn't fly. OT's first priority is people's safety. The priority 2, 3 and 4 are all to keep the production running and the machines running. Therefore unless the patch is required they wouldn't do it. It just brings in an unnecessary risk. Next is about the traffic profile in an OT network. In OT the devices need to talk to each other. Meaning this east-west traffic. This is where PLCs have to coordinate across different machines. For example the production of a pod or a machine or a car. So therefore most traffic does never leave the factory floor. In IT this is obviously different where our stuff normally talks to the cloud or the data center. The last point here is that we need to build compliance reports. This is important for factory floors to get certifications. Now this slide talks about where we should employ the security. Let me talk first a bit about the industrial control systems ICS network on the bottom left here. You might be used to the standard access distribution core network from enterprise networks. In the OT network this is done in the per-do model. And here the per-do model or level 0 and 1. Especially the cell level. This is where the end devices that drive the machines that PLCs connect to. The per-do level 2 is where the supervisor level is. This is the aggregation level. The per-do level 3 is at the northbound to our industrial DMZ level. Now if you would put the deep packet inspection on to the per-do level 2. This is suboptimal because as I said most control traffic is local to the cell so it would never cross the level 2. If you want to go down to the lowest level, the per-do level 0 or 1 and do your deep packet inspection here, it gets very expensive because you would have to roll out a very broad span network to capture all traffic at the very bottom of the network. Which is why it makes a lot of sense to embed the sensors directly into the network and you don't have to build up a separate span network for it. Let me briefly introduce you to cyber vision here and how it is working. Cyber vision has two main components. One is a cyber vision center which is running on a big UCS server for example inside the data center. And then it gets data or it gets the application flow data which is just lightweight metadata from cyber vision sensors. And these sensors are installed on the network devices itself. And therefore there is no additional hardware required, there is no need for an out-of-band network and there is no impact on the performance of the network either. This is very easy to deploy with a low TCO. But let me actually show you how this looks like. Here is our dashboard of Cisco Cyber Vision running in Dcloud. So if you want to, you can run this demo yourself as well. And when I start this now, I would first start at exploring what's going on in my network. On the dashboard that we see right now, we have a big overview of what's happening. So we can see we have 108 components here, fill that into 13 groups with 237 activities. And there are already vulnerabilities discovered and I'll talk about what this means in a moment. But I don't want to see my entire dashboard. I don't want to see it filtered down a little bit. So there's a couple of presets here that I can use to filter down to a certain factory or certain division inside my OT network. In this case I want to look at the Munich OT traffic. And this filters it down to 12 components in my network with 7 activities and so on. And in this filter here, I can now also get some pre-classification. I can see the tax area here, how many devices I have at which level, meaning how many controllers are there, engineering stations or host config servers. It also detects a couple of software pieces like Windows here. But what's really interesting is that it can detect the activities as well and tag them. Meaning cyber vision can detect if a controller just does a read on a variable, write it, or does more critical things like start, stop the CPU or program the PLC again. Which is what I highlighted in red. You can also see the protocols that are used in this network. Now this is nice, but let me go into the map view. Let me just make it a little bit bigger here for you as well. So this is a nice way of representing which devices talk to which and what is seen on my network. And you can see here it's classified, I did this manually, into a drilling machine, a packing machine and the building management. Now I want to see some details on any of these machines. So if I click on the Dell machine for example, I get details on the right side here. There's tags for it, what it is, what it does, activities which gives me modules on that. And then the properties on the bottom give me details about the machine itself. And this is all happening just from sniffing the traffic in the network. There's no active polling going on here, so therefore there's no intrusion on the network and no risk implied. You can see another example here is my S7 station with the red 10 on it. And this red 10 refers to the known vulnerabilities on the system, meaning the cyber vision center goes ahead and scans a vulnerability catalogue for what is applicable to my network here. And it even gives me a score which means how critical this issue is. And now the OT folks can go in here and scan through these and see if any of these vulnerabilities is important enough to justify patching their appliance. And you can see there's a rather long list of this example. Now the last one example here is the red arrow. And this now shows me who is talking to whom and what about in the network. So I can open this flow view and I can now see that my component I just clicked on before, my Dell machine here was talking to an S7 machine on different ports. You can see the TCP protocol and you can even see the tag meaning what it did. So I can see here that the Dell machine did a start and stop of the CPU as a last action as well which might be critical. I can of course also get this information into a baseline and therefore once I have a good running state in my factory, I just record the state and then put this into my baseline. Whenever a new device comes into the network I can get an alert on it. Or even if an existing trusted machine gets compromised I can see that it might behave differently, issue different commands to an already allowed talking to end station. So this is very powerful for our OT folks to see what is happening on the network. Well that let me go to my summary. There are many networking challenges and IoT deployments including security is number one, scalability and of course simplicity. Security and scalability doesn't help you if you can't deploy it simply. Now how is Cisco working here? On the security side we have hardware and software security on our devices, we have network and application security as well. The scalability is handled via automation and none of this is useful unless we have a simple way to do it in our case with intent based networking. I hope this has been informative for you. I'd like to thank you for viewing. We'll open the live Q&A now. If you have questions after the live Q&A or watching this recording, feel free to send me an email or a LinkedIn message. Thank you.