SlideShare a Scribd company logo

Cloud and On Premises Collaboration Security Explained

Cisco Canada
Cisco Canada

The document discusses authentication and authorization in Cisco Spark cloud and hybrid deployments. It covers key concepts like identity management, SAML and OAuth authentication flows, encryption of messages and content, secure search indexing, and e-discovery. Hybrid data security is also explained, where encryption keys, search indexing, and e-discovery services are hosted on-premises rather than in the cloud. Maintaining encryption keys on-premises provides additional security but also responsibilities if keys are lost.

Technology
1 of 43
Download to read offline
© 2016 Cisco and/or its affiliates. All rights reserved. 1 Jan 30th 2018 Cisco Connect Cloud and On Premises Collaboration Security Explained Vince Chou Technical Solutions Architect
© 2016 Cisco and/or its affiliates. All rights reserved. 2 Agenda • Identity Management -Authentication -Authorization • Cisco Spark Cloud Security -Realms of separation, identity obfuscation, client connection, secure search/indexing/E-discovery -Hybrid Data Security
© 2016 Cisco and/or its affiliates. All rights reserved. 3 References • Cisco Spark - Cloud and On Premise Security explained https://www.ciscolive.com/global/on-demand-library/?search=brkcol-2030#/session/1484039969829001YwFb • Cisco Spark Hybrid Services Architectural Design https://www.ciscolive.com/global/on-demand-library/?search=brkcol-2202#/session/1485462759889001X5bX • Authentication and Authorization in Collaboration Deployments: concepts and architecture https://www.ciscolive.com/global/on-demand-library/?search=brkcol-2699#/session/1485462759687001XTYU • Authentication and Authorization in Collaboration Deployments: implementation and troubleshooting https://www.ciscolive.com/global/on-demand-library/?search=brkucc-2444#/session/1488238596662001CLEl • Cisco Spark Security and Privacy Whitepaper https://help.webex.com/docs/DOC-9095
4© 2016 Cisco and/or its affiliates. All rights reserved. Identity Management
© 2016 Cisco and/or its affiliates. All rights reserved. 5 Guest 5 Authentication and Authorization After authentication, the receptionist gives you a room key Your room key is your authorization token for your room and any other relevant hotel services You do not need your passport to enter your room. Your room key authorizes you to enter your room only. The room key does not identify the holder of the key. Authentication verifies that “you are who you say you are” Authorization verifies that “you are permitted to do what you are trying to do” Authentication The receptionist authenticates you by checking your passport Authorization
© 2016 Cisco and/or its affiliates. All rights reserved. 6 Authentication and Authorization (SAML and OAuth) Authorization Clients Services IdP Authentication
© 2016 Cisco and/or its affiliates. All rights reserved. 7 SAML v2.0 In Action SP-initiated Web Browser SSO Flow 7BRKCOL-2699 Service Provider: CUCM, CUC, Webex Application ABC User Web Browser Metadata Exchange 1 2 3 4 5 Identity Provider (IdP) 0 0 6 IdP
© 2016 Cisco and/or its affiliates. All rights reserved. 8 IdP SAML v2.0 In Action IdP Cookies Avoid Re-authentication 8BRKCOL-2699 Service Provider: CUCM, CUC, Webex User Web Browser Metadata Exchange 1 2 3 4 Identity Provider (IdP) 0 0 5 No authentication needed if cookie is valid
© 2016 Cisco and/or its affiliates. All rights reserved. 9 API Authorization Challenges API/Service 1 API/Service 2 API/Service 3 API/Service N Identity Provider (IdP) IdP
© 2016 Cisco and/or its affiliates. All rights reserved. 10 OAuth Authorization Framework • The OAuth 2.0 standard (RFC 6749) defines a framework to enable third-party applications to obtain limited access to a service or API on behalf of a user Users authorize client applications to securely access protected resources without sharing their credentials (access delegation) Defines authorization tokens: valet key concept Clients can be web apps, native desktop/mobile apps, javascript in browser… • Does not deal with user authentication • Broad adoption in API-driven world (cloud, microservices, integrations, …) Source: https://www.programmableweb.com/apis/directory/1?auth=OAuth
© 2016 Cisco and/or its affiliates. All rights reserved. 11 An application would like to connect to your account The application “XYZ” would like to access your basic account information. Allow application “XYZ” access? AllowDeny Do these look familiar? Authorize “XYZ” Application? This application will be able to: • Access your basic account information • Read your posts • See your list of contacts Authorize app No, thanks “XYZ” Application This application would like to: • Read and manage your files and documents • View your email address AcceptCancel
© 2016 Cisco and/or its affiliates. All rights reserved. 12 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner IMDb offers several sign in options
© 2016 Cisco and/or its affiliates. All rights reserved. 13 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner Google authenticates you
© 2016 Cisco and/or its affiliates. All rights reserved. 14 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner Google asks you to authorize IMDb to access profile data
© 2016 Cisco and/or its affiliates. All rights reserved. 15 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner Google gives IMDb an access token that allows it to access your profile data The IMDb Web App shows you your watchlist, recommendations, etc.
© 2016 Cisco and/or its affiliates. All rights reserved. 16 OAuth 2.0 In Action Roles and Generic Flow Resource Server CUCM, IM&P, Expressway, Unity Connection Authorization Server CUCM(SSOSP) Resource Owner (the user) Client (the application) User Agent (the web browser) Authentication (outside OAuth scope) Grants Authorization Requests Authorization Trust relationship1 2 3 4 5 IdP
© 2016 Cisco and/or its affiliates. All rights reserved. 17 Authorization Code Grant Access Tokens and Refresh Tokens Access Token A token that authorizes a bearer to access a protected resource Access Tokens are typically issued to a particular user with a particular scope and with a specific expiry time Refresh Token A token that an OAuth client can use to request a new Access Token on expiry of an existing Access Token
© 2016 Cisco and/or its affiliates. All rights reserved. 18 Motivation for Architecture Evolution (New AuthN/AuthZ Flow for Jabber) Support new functionality: • Push notification for Apple mobile clients • MRA Access Policy Scope Support (future) Simplify deployments: • Mobile user experience • Identity Provider performance impact (SSO) • Local, LDAP Bind, SSO Solidify architecture: • Login complexity • Enhanced edge security • Alignment with cloud solution
19© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Spark Cloud Security
© 2016 Cisco and/or its affiliates. All rights reserved. 20 Spark Cloud Security - Realms of Separation Identity Service Content Server Key Mgmt Service Indexing Service Compliance Service Spark logically and physically separates functional components within the cloud Identity Services holding real user Identity (e.g. email addresses) are separated from : Encryption, Indexing and Compliance Services, which are in turn separated from : Data Storage Services Data Center A Data Center B Data Center C
© 2016 Cisco and/or its affiliates. All rights reserved. 21 Realms of Separation – Identity Obfuscation Identity Service Content Server Key Mgmt Service Indexing Service Compliance Service Outside of the Identity Service - Real Identity information is obfuscated : For each User ID, Spark generates a random 128-bit Universally Unique Identifier (UUID) = The User’s obfuscated identity No real identity information transits, or is stored elsewhere in the cloud Data Center A Data Center B Data Center C jsmith@abc.comhtzb2n78jdbc9e
© 2016 Cisco and/or its affiliates. All rights reserved. 22 Spark – User Identity Sync and Authentication Directory Sync User Info can be synchronized to Spark from the Enterprise Active Directory Multiple User attributes can be synchronized Passwords are not synchronized - User : 1) Creates a Spark password or 2) Uses SSO for Auth Identity Service
© 2016 Cisco and/or its affiliates. All rights reserved. 23 Spark – SAML SSO Authentication Directory Sync SAML SSO Administrators can configure Spark to work with their existing SSO solution Spark supports Identity Providers using SAML 2.0 and OAuth 2.0 Identity Service IdP
© 2016 Cisco and/or its affiliates. All rights reserved. 24 Client Connection Spark Service IdP Identity Service 1) Customer downloads and installs Spark Client (with Trust anchors) 2) Spark Client establishes a secure TLS connection with the Spark Cloud 3) Spark Identity Service prompts for an e- mail ID 4) User Authenticated by Spark Identity Service, or the Enterprise IdP (SSO) 5) OAuth Access and Refresh Tokens created and sent to Spark Client • The Access Tokens contain details of the Spark resources the User is authorized to access 5) Spark Client presents its Access Tokens to register with Spark Services over a secure channel
© 2016 Cisco and/or its affiliates. All rights reserved. 25 Spark Device connection Spark ServiceIdentity Service 1) User enters 16 digit activation code received via e-mail from the Spark provisioning service 2) Device authenticated by Identity Service (Trust anchors sent to device and secure connection established) 3) OAuth Access and Refresh Tokens created and sent to Spark Client • The Access Tokens contain details of the Spark resources the User is authorized to access 5) Spark Client presents its Access Tokens to register with Spark Services over a secure channel 1234567890123456
© 2016 Cisco and/or its affiliates. All rights reserved. 26 Content Server Key Mgmt Service message messagemessage filefile message Spark - Encrypting Messages and Content Spark Clients request a conversation encryption key from the Key Management Service Any messages or files sent by a Client are encrypted before being sent to the Spark Cloud Each Spark Room uses a different Conversation Encryption key Key Management Service AES256-GCM cipher used for Encryption
© 2016 Cisco and/or its affiliates. All rights reserved. 27 Indexing Service Spark IS the messageSparkIS themessage Content Server Spark IS the message Key Mgmt Service ################### Searching Spark Rooms : Building a Search Index The Indexing Service : Enables users to search for names and words in the encrypted messages stored in the Content Server A Search Index is built by creating a fixed length hash* of each word in each message within a Room ################### B957FE48 B9 57 FE 48 Hash Algorithm ################### Indexing Service The hashes for each Spark Room are stored by the Content Service ################### * A new (SHA-256 HMAC) hashing key (Search Key) is used for each room
© 2016 Cisco and/or its affiliates. All rights reserved. 28 Indexing Service “Spark”Spark Content Server Key Mgmt Service ################### Searching Spark Rooms : Querying a Search Index Search for the word “Spark” Client sends search request over a secure connection to the Indexing Service The Content Server searches for a match in it’s Hash tables and returns matching content to the client * ################### B957FE48 B9 57 FE 48 Hash Algorithm Indexing Service “Spark” Search for the word “Spark” “B9” B9 57 FE 48 ###################################### Spark IS the Message B9 The Indexing Service uses Per Room Search keys to hash the search terms *A link to Conversation Encryption Key is sent with encrypted message
© 2016 Cisco and/or its affiliates. All rights reserved. 29 Cloud Collaboration Management Portal Indexing Service Jo Smith’s ContentJo Smith’s Content Content Server Key Mgmt Service ################### Spark Compliance Service : E-Discovery Administrator selects a group of messages and files to be retrieved for E- Discovery e.g. : based on date range/ content type/ user(s) The Content Server returns matching content to the Compliance Service ################### X1GFT5YYHash Algorithm Indexing Service Jo Smith’s Content “X1GFT5YY” Jo Smith’s Content ################### X1GFT5YY The Indexing Service searches Content Server for related content Compliance Service ################### Jo Smith’s Content ################### Jo Smith’s Content ###################
© 2016 Cisco and/or its affiliates. All rights reserved. 30 E-Discov. Storage Compliance ServiceContent Server Key Mgmt Service Spark Compliance Service : E-Discovery The Compliance Service : Decrypts content from the Content Server, then compresses and re-encrypts it before sending it to the E- Discovery Storage Service The E-Discovery Storage Service : Sends the compressed and encrypted content to the Administrator on request Compliance Service Cloud Collaboration Management Portal Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Messages and Files ################### ################### ################ ################### ################### ################ Jo Smith’s Messages and Files E-Discovery Content Ready
© 2016 Cisco and/or its affiliates. All rights reserved. 31 3rd Party Integrations Cisco has developed key relationships with leading Cloud Access Security Brokers (CASB), compliance, archival and security vendors to enhance Cisco Spark and deliver key enterprise-grade features: Compliance and Archiving Archive content to comply with retention requirements and enable eDiscovery Data Loss Prevention Apply policies to content, violation alerts, and take remediation actions Identity Management Single Sign-On via SAML, Mobile Device Management (MDM), SCIM user provisioning and deactivation
32© 2016 Cisco and/or its affiliates. All rights reserved. Spark Hybrid Data Security
© 2016 Cisco and/or its affiliates. All rights reserved. 33 Secure Data Center Content Server Key Mgmt Service Spark – Hybrid Data Security (HDS) Compliance ServiceIndexing Service Hybrid Data Security Hybrid Data Services = On Premise : Key Management Server Indexing Server E-Discovery Service
© 2016 Cisco and/or its affiliates. All rights reserved. 34 HDS includes:  Key Management Server  Search indexer  eDiscovery backend Whilst HDS offers unique security features to customers in that they, and they alone, can store and own the encryption keys for their messages and content…. These benefits also come with significant responsibilities : A HDS Deployment requires significant customer commitment and an awareness of the risks that come with owning encryption keys… Complete loss of either the configuration ISO or the Postgres Database will result in loss of the decryption keys stored in HDS. This will prevent users from decrypting space content and other encrypted data. If this happens, an empty HDS can be restored, however, only new content will be visible. Hybrid Data Security – Positioning : HDS may not be desirable for all customers
© 2016 Cisco and/or its affiliates. All rights reserved. 35 Secure Data Center Key Mgmt Service Content Server Key Mgmt Service message messagemessagemessage HDS - Encrypting Messages & Content Spark Clients request an encryption key from the Hybrid Key Management Server Any messages or files sent by a Client are encrypted before being sent to the Spark Cloud Encrypted messages and content stored in the cloud Key Management Service Encryption Keys stored locally
© 2016 Cisco and/or its affiliates. All rights reserved. 36 Secure Data Center Key Mgmt Service Encrypted messages from Clients are stored in the Spark Cloud Key Mgmt Service message Content Server message messagemessage If needed, Spark Clients can retrieve encryption keys from the Hybrid Key Management Server Key Management Service These messages are sent to every other Client in the Spark Room and contain a link to their encryption key on the Hybrid Key Management Server HDS - Decrypting Messages & Content
© 2016 Cisco and/or its affiliates. All rights reserved. 37 Secure Data Center Indexing Service Spark IS the messageSparkIS themessage Content Server Spark IS the message Key Mgmt Service ################### The Indexing Service : Enables users to search for names and words in the encrypted messages stored in the Content Server ################### B957FE48 B9 57 FE 48 Hash Algorithm ################### Indexing Service ################### * A new hashing key (Search Key) is used for each room Hybrid Data Security: Search Indexing Service
© 2016 Cisco and/or its affiliates. All rights reserved. 38 Secure Data Center Indexing Service “Spark”Spark Content Server Key Mgmt Service ################### Hybrid Data Security: Querying a Search Index Search for the word “Spark” Client sends its search request over a secure connection to the Indexing Service ################### B9 B9 57 FE 48 Hash Algorithm Indexing Service “Spark” Search for the word “Spark” “B9” B9 57 FE 48 ###################################### Spark IS the Message B9 *A link to Conversation Encryption Key is sent with the encrypted message
© 2016 Cisco and/or its affiliates. All rights reserved. 39 Secure Data Center Indexing Service Content Server Spark Compliance Service : E-Discovery X1GFT5YY Indexing Service Jo Smith’s ContentJo Smith’s ContentJo Smith’s Content Key Mgmt ServiceCompliance Service Cloud Collaboration Management Portal ############################################################################ ######################################Jo Smith’s Content Jo Smith’s ContentJo Smith’s Content“X1GFT5YY”X1GFT5YY Hash Algorithm Admin selects a group of messages and files to be retrieved for E-Discovery e.g. : based on date range/ content type/ user(s) The Content Server returns matching content to the Compliance Service The Indexing Service searches the Content Server for selected content
© 2016 Cisco and/or its affiliates. All rights reserved. 40 Secure Data Center Key Mgmt ServiceCompliance Service Cloud Collaboration Management Portal E-Discov. StorageContent Server Spark Compliance Service : E-Discovery The Compliance Service : Decrypts content from the Content Server, then compresses and re-encrypts it before sending it to the E- Discovery Storage Service E-Discovery Storage Service : Sends the compressed and encrypted content to the Administrator on request Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Messages and Files ################### ################### ################ ################### ################### ################ Jo Smith’s Messages and Files E-Discovery Content Ready
© 2016 Cisco and/or its affiliates. All rights reserved. 41 Secure Data Center A Hybrid Data Security Architecture vSphereHybrid Data Services Node (VM) Docker ECP Mgmt Container HDS Containers Hybrid Data Services Node (VM) Docker ECP Mgmt Container HDS Containers HDS Cluster Config File IDE Mount IDE Mount ECP (Enterprise Compute Platform): Management containers which communicate with the cloud and perform actions such as sending health checks and checking for new versions of HDS. HDS (Hybrid Data Security): Key Management Server, Search Indexer, and eDiscovery Services. HDS Cluster Config: An ISO file containing configuration information for the local HDS cluster. e.g. Database connection settings, Database Master Encryption key, etc. IDE Mount: Mount point of the read-only HDS Cluster Config ISO file containing the configuration settings for HDS system. Customer Provided Services Postgres Database Syslogd Database Back Up System Back Up
© 2016 Cisco and/or its affiliates. All rights reserved. 42 HDS Install Prerequisites See prerequisites in https://www.cisco.com/go/hybrid-data-security X.509 Certificate, Intermediates and Private Key PKI is used for KMS to KMS federation (Public Key Infrastructure) Common Name signed by member of Mozzila Trusted Root Store No SHA1 signatures PKCS12 format 2 ESXi Virtualized Hosts: Min 2 to support upgrades, 3 recommended, 5 max Minimum 4 vCPUs, 8-GB main memory, 50-GB local hard disk space per server kms://cisco.com easily supports 15K users per HDS. 1 Postgres 9.6.1 Database Instance (Key datastore) 8 vCPU, 16 GB RAM, 2 TB Disk. User created with createuser. Assigned GRANT ALL PRIVILEGES ON database. 1 Syslog Host hostname and port required to centralize syslog output from the three HDS instances and management containers A secure backup location The HDS system requires organization administrators to securely backup two key pieces of information. 1) A configuration ISO file generated by this process 2) The postgres database. Failure to maintain adequate backups will result in loss of customer data. See <Section on Disaster Recovery>. Network Outbound HTTPS on TCP port 443 from HDS host Bi-directional WSS on TCP port 443 from HDS host TCP connectivity from HDS host to Postgres database host, syslog host and statsd host
Thank you.

Recommended

How To Have Magical Meeting Experiences
How To Have Magical Meeting ExperiencesHow To Have Magical Meeting Experiences
How To Have Magical Meeting Experiences
Cisco Canada
 
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural Design
Cisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural DesignCisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural Design
Cisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural Design
Cisco Canada
 
Cisco Connect Vancouver 2017 - Embedding IR into the DNA of the business
Cisco Connect Vancouver 2017 - Embedding IR into the DNA of the businessCisco Connect Vancouver 2017 - Embedding IR into the DNA of the business
Cisco Connect Vancouver 2017 - Embedding IR into the DNA of the business
Cisco Canada
 
Cloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security Explained
Cisco Canada
 
Cisco Connect Toronto 2017 - Introducing the Network Intuitive
Cisco Connect Toronto 2017 - Introducing the Network IntuitiveCisco Connect Toronto 2017 - Introducing the Network Intuitive
Cisco Connect Toronto 2017 - Introducing the Network Intuitive
Cisco Canada
 
Cisco Connect Vancouver 2017 - How to have magical meeting experiences
Cisco Connect Vancouver 2017 - How to have magical meeting experiencesCisco Connect Vancouver 2017 - How to have magical meeting experiences
Cisco Connect Vancouver 2017 - How to have magical meeting experiences
Cisco Canada
 
Cisco Connect Halifax 2018 Application insight and zero trust policies with...
Cisco Connect Halifax 2018 Application insight and zero trust policies with...Cisco Connect Halifax 2018 Application insight and zero trust policies with...
Cisco Connect Halifax 2018 Application insight and zero trust policies with...
Cisco Canada
 

Recommended

How To Have Magical Meeting Experiences
How To Have Magical Meeting ExperiencesHow To Have Magical Meeting Experiences
How To Have Magical Meeting Experiences
Cisco Canada
 
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural Design
Cisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural DesignCisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural Design
Cisco Connect Vancouver 2017 - Cisco Spark Hybrid Services Architectural Design
Cisco Canada
 
Cisco Connect Vancouver 2017 - Embedding IR into the DNA of the business
Cisco Connect Vancouver 2017 - Embedding IR into the DNA of the businessCisco Connect Vancouver 2017 - Embedding IR into the DNA of the business
Cisco Connect Vancouver 2017 - Embedding IR into the DNA of the business
Cisco Canada
 
Cloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security Explained
Cisco Canada
 
Cisco Connect Toronto 2017 - Introducing the Network Intuitive
Cisco Connect Toronto 2017 - Introducing the Network IntuitiveCisco Connect Toronto 2017 - Introducing the Network Intuitive
Cisco Connect Toronto 2017 - Introducing the Network Intuitive
Cisco Canada
 
Cisco Connect Vancouver 2017 - How to have magical meeting experiences
Cisco Connect Vancouver 2017 - How to have magical meeting experiencesCisco Connect Vancouver 2017 - How to have magical meeting experiences
Cisco Connect Vancouver 2017 - How to have magical meeting experiences
Cisco Canada
 
Cisco Connect Halifax 2018 Application insight and zero trust policies with...
Cisco Connect Halifax 2018 Application insight and zero trust policies with...Cisco Connect Halifax 2018 Application insight and zero trust policies with...
Cisco Connect Halifax 2018 Application insight and zero trust policies with...
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Canada
 
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud AdoptionCisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Canada
 
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUICisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Canada
 
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Cisco Canada
 
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Canada
 
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with ViptelaUnderstanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Cisco Canada
 
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloudCisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Canada
 
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Canada
 
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Canada
 
Cisco Connect Toronto 2018 consuming public and private clouds
Cisco Connect Toronto 2018 consuming public and private cloudsCisco Connect Toronto 2018 consuming public and private clouds
Cisco Connect Toronto 2018 consuming public and private clouds
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For YouCisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Canada
 
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WANCisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural designCisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Canada
 
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experienceCisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Canada
 
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Canada
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Canada
 
Cisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is nowCisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is now
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Canada
 
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Canada
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
JacksonMorgan9
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
PolarSeven Pty Ltd
 

More Related Content

What's hot

Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Canada
 
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud AdoptionCisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Canada
 
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUICisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Canada
 
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Cisco Canada
 
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Canada
 
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with ViptelaUnderstanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Cisco Canada
 
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloudCisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Canada
 
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Canada
 
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Canada
 
Cisco Connect Toronto 2018 consuming public and private clouds
Cisco Connect Toronto 2018 consuming public and private cloudsCisco Connect Toronto 2018 consuming public and private clouds
Cisco Connect Toronto 2018 consuming public and private clouds
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For YouCisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Canada
 
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WANCisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural designCisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Canada
 
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experienceCisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Canada
 
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Canada
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Canada
 
Cisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is nowCisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is now
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Canada
 
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Canada
 
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Canada
 

What's hot (20)

Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper dive
 
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud AdoptionCisco Connect Toronto 2017 - Simplifying Cloud Adoption
Cisco Connect Toronto 2017 - Simplifying Cloud Adoption
 
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUICisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
Cisco Digital Network Architecture – Deeper Dive, “From the Gates to the GUI
 
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
 
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
Cisco Connect Toronto 2017 - Cloud and On Premises Collaboration Security Exp...
 
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with ViptelaUnderstanding Cisco’s Next Generation SD-WAN Solution with Viptela
Understanding Cisco’s Next Generation SD-WAN Solution with Viptela
 
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloudCisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
Cisco Connect Vancouver 2017 - Compute infrastructure for a hybrid cloud
 
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
Cisco Connect Halifax 2018 cloud and on premises collaboration security exp...
 
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
 
Cisco Connect Toronto 2018 consuming public and private clouds
Cisco Connect Toronto 2018 consuming public and private cloudsCisco Connect Toronto 2018 consuming public and private clouds
Cisco Connect Toronto 2018 consuming public and private clouds
 
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For YouCisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
Cisco Connect Vancouver 2017 - Cisco Meraki -Let Simple Work For You
 
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WANCisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
Cisco Connect Vancouver 2017 - Understanding Cisco next gen SD-WAN
 
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural designCisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
Cisco Connect Halifax 2018 Cisco Spark hybrid services architectural design
 
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experienceCisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
Cisco Connect Vancouver 2017 - Optimizing your client's wi fi experience
 
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
 
Cisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is nowCisco Connect Toronto 2017 - Your time is now
Cisco Connect Toronto 2017 - Your time is now
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
 
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
Cisco Connect Vancouver 2017 - Cisco's Digital Network Architecture - deeper ...
 
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
Cisco Connect Vancouver 2017 - So you want to go to the cloud! Simplifying cl...
 

Similar to Cloud and On Premises Collaboration Security Explained

AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
JacksonMorgan9
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
PolarSeven Pty Ltd
 
#CiscoLiveLA 2017 Presentacion de Miro Polakovic
#CiscoLiveLA 2017 Presentacion de Miro Polakovic #CiscoLiveLA 2017 Presentacion de Miro Polakovic
#CiscoLiveLA 2017 Presentacion de Miro Polakovic
ITSitio.com
 
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWSACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
AWS User Group Kochi
 
O Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10bO Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10b
Bruce O'Dell
 
RICOH THETA x IoT Developers Contest : Cloud API Seminar
RICOH THETA x IoT Developers Contest : Cloud API Seminar RICOH THETA x IoT Developers Contest : Cloud API Seminar
RICOH THETA x IoT Developers Contest : Cloud API Seminar
contest-theta360
 
Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud Age
Artur Alves
 
WebRTC Identity in SAML Federations
WebRTC Identity in SAML FederationsWebRTC Identity in SAML Federations
WebRTC Identity in SAML Federations
Mihály Mészáros
 
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...
Amazon Web Services
 
KubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdfKubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdf
Hitachi, Ltd. OSS Solution Center.
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
Kasun Indrasiri
 
What API Specifications and Tools Help Engineers to Construct a High-Security...
What API Specifications and Tools Help Engineers to Construct a High-Security...What API Specifications and Tools Help Engineers to Construct a High-Security...
What API Specifications and Tools Help Engineers to Construct a High-Security...
Hitachi, Ltd. OSS Solution Center.
 
Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016
Brian Spector
 
Identity Management: Using OIDC to Empower the Next-Generation Apps
Identity Management: Using OIDC to Empower the Next-Generation AppsIdentity Management: Using OIDC to Empower the Next-Generation Apps
Identity Management: Using OIDC to Empower the Next-Generation Apps
Tom Freestone
 
CISCO’s Cloud Journey (Keynote at Cloud Symposium)
CISCO’s Cloud Journey (Keynote at Cloud Symposium) CISCO’s Cloud Journey (Keynote at Cloud Symposium)
CISCO’s Cloud Journey (Keynote at Cloud Symposium)
Marcus McEwen
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access Manager
Novell
 
Cloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud ServicesCloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud Services
VMware Tanzu
 
Cloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud ServicesCloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud Services
Chris Sterling
 
AWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoTAWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoT
Amazon Web Services
 

Similar to Cloud and On Premises Collaboration Security Explained (20)

AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
 
#CiscoLiveLA 2017 Presentacion de Miro Polakovic
#CiscoLiveLA 2017 Presentacion de Miro Polakovic #CiscoLiveLA 2017 Presentacion de Miro Polakovic
#CiscoLiveLA 2017 Presentacion de Miro Polakovic
 
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWSACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
ACDKOCHI19 - Enterprise grade security for web and mobile applications on AWS
 
O Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10bO Dell Secure360 Presentation5 12 10b
O Dell Secure360 Presentation5 12 10b
 
OAuth 2.0 101
OAuth 2.0 101OAuth 2.0 101
OAuth 2.0 101
 
RICOH THETA x IoT Developers Contest : Cloud API Seminar
RICOH THETA x IoT Developers Contest : Cloud API Seminar RICOH THETA x IoT Developers Contest : Cloud API Seminar
RICOH THETA x IoT Developers Contest : Cloud API Seminar
 
Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud Age
 
WebRTC Identity in SAML Federations
WebRTC Identity in SAML FederationsWebRTC Identity in SAML Federations
WebRTC Identity in SAML Federations
 
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...
 
KubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdfKubeConRecap_nakamura.pdf
KubeConRecap_nakamura.pdf
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
What API Specifications and Tools Help Engineers to Construct a High-Security...
What API Specifications and Tools Help Engineers to Construct a High-Security...What API Specifications and Tools Help Engineers to Construct a High-Security...
What API Specifications and Tools Help Engineers to Construct a High-Security...
 
Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016
 
Identity Management: Using OIDC to Empower the Next-Generation Apps
Identity Management: Using OIDC to Empower the Next-Generation AppsIdentity Management: Using OIDC to Empower the Next-Generation Apps
Identity Management: Using OIDC to Empower the Next-Generation Apps
 
CISCO’s Cloud Journey (Keynote at Cloud Symposium)
CISCO’s Cloud Journey (Keynote at Cloud Symposium) CISCO’s Cloud Journey (Keynote at Cloud Symposium)
CISCO’s Cloud Journey (Keynote at Cloud Symposium)
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access Manager
 
Cloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud ServicesCloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud Services
 
Cloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud ServicesCloud Native Java with Spring Cloud Services
Cloud Native Java with Spring Cloud Services
 
AWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoTAWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoT
 

More from Cisco Canada

Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devops
Cisco Canada
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic fr
Cisco Canada
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco Canada
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dc
Cisco Canada
 
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco Canada
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco Canada
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Canada
 
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco Canada
 
Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018
Cisco Canada
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v final
Cisco Canada
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco Canada
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Canada
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Canada
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Canada
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
Cisco Canada
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
Cisco Canada
 
Cisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicing
Cisco Canada
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Canada
 
Cisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zero
Cisco Canada
 

More from Cisco Canada (20)

Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devops
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic fr
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dc
 
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse locale
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
 
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybrides
 
Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v final
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
 
Cisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicing
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
 
Cisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zero
 

Recently uploaded

みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 

Recently uploaded (20)

みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 

Cloud and On Premises Collaboration Security Explained

  • 1. © 2016 Cisco and/or its affiliates. All rights reserved. 1 Jan 30th 2018 Cisco Connect Cloud and On Premises Collaboration Security Explained Vince Chou Technical Solutions Architect
  • 2. © 2016 Cisco and/or its affiliates. All rights reserved. 2 Agenda • Identity Management -Authentication -Authorization • Cisco Spark Cloud Security -Realms of separation, identity obfuscation, client connection, secure search/indexing/E-discovery -Hybrid Data Security
  • 3. © 2016 Cisco and/or its affiliates. All rights reserved. 3 References • Cisco Spark - Cloud and On Premise Security explained https://www.ciscolive.com/global/on-demand-library/?search=brkcol-2030#/session/1484039969829001YwFb • Cisco Spark Hybrid Services Architectural Design https://www.ciscolive.com/global/on-demand-library/?search=brkcol-2202#/session/1485462759889001X5bX • Authentication and Authorization in Collaboration Deployments: concepts and architecture https://www.ciscolive.com/global/on-demand-library/?search=brkcol-2699#/session/1485462759687001XTYU • Authentication and Authorization in Collaboration Deployments: implementation and troubleshooting https://www.ciscolive.com/global/on-demand-library/?search=brkucc-2444#/session/1488238596662001CLEl • Cisco Spark Security and Privacy Whitepaper https://help.webex.com/docs/DOC-9095
  • 4. 4© 2016 Cisco and/or its affiliates. All rights reserved. Identity Management
  • 5. © 2016 Cisco and/or its affiliates. All rights reserved. 5 Guest 5 Authentication and Authorization After authentication, the receptionist gives you a room key Your room key is your authorization token for your room and any other relevant hotel services You do not need your passport to enter your room. Your room key authorizes you to enter your room only. The room key does not identify the holder of the key. Authentication verifies that “you are who you say you are” Authorization verifies that “you are permitted to do what you are trying to do” Authentication The receptionist authenticates you by checking your passport Authorization
  • 6. © 2016 Cisco and/or its affiliates. All rights reserved. 6 Authentication and Authorization (SAML and OAuth) Authorization Clients Services IdP Authentication
  • 7. © 2016 Cisco and/or its affiliates. All rights reserved. 7 SAML v2.0 In Action SP-initiated Web Browser SSO Flow 7BRKCOL-2699 Service Provider: CUCM, CUC, Webex Application ABC User Web Browser Metadata Exchange 1 2 3 4 5 Identity Provider (IdP) 0 0 6 IdP
  • 8. © 2016 Cisco and/or its affiliates. All rights reserved. 8 IdP SAML v2.0 In Action IdP Cookies Avoid Re-authentication 8BRKCOL-2699 Service Provider: CUCM, CUC, Webex User Web Browser Metadata Exchange 1 2 3 4 Identity Provider (IdP) 0 0 5 No authentication needed if cookie is valid
  • 9. © 2016 Cisco and/or its affiliates. All rights reserved. 9 API Authorization Challenges API/Service 1 API/Service 2 API/Service 3 API/Service N Identity Provider (IdP) IdP
  • 10. © 2016 Cisco and/or its affiliates. All rights reserved. 10 OAuth Authorization Framework • The OAuth 2.0 standard (RFC 6749) defines a framework to enable third-party applications to obtain limited access to a service or API on behalf of a user Users authorize client applications to securely access protected resources without sharing their credentials (access delegation) Defines authorization tokens: valet key concept Clients can be web apps, native desktop/mobile apps, javascript in browser… • Does not deal with user authentication • Broad adoption in API-driven world (cloud, microservices, integrations, …) Source: https://www.programmableweb.com/apis/directory/1?auth=OAuth
  • 11. © 2016 Cisco and/or its affiliates. All rights reserved. 11 An application would like to connect to your account The application “XYZ” would like to access your basic account information. Allow application “XYZ” access? AllowDeny Do these look familiar? Authorize “XYZ” Application? This application will be able to: • Access your basic account information • Read your posts • See your list of contacts Authorize app No, thanks “XYZ” Application This application would like to: • Read and manage your files and documents • View your email address AcceptCancel
  • 12. © 2016 Cisco and/or its affiliates. All rights reserved. 12 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner IMDb offers several sign in options
  • 13. © 2016 Cisco and/or its affiliates. All rights reserved. 13 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner Google authenticates you
  • 14. © 2016 Cisco and/or its affiliates. All rights reserved. 14 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner Google asks you to authorize IMDb to access profile data
  • 15. © 2016 Cisco and/or its affiliates. All rights reserved. 15 Example: “Sign in with Google” at IMDb IMDb Server Resource Server IMDb Web App Client Google Authorization Server Johnny Example Resource Owner Google gives IMDb an access token that allows it to access your profile data The IMDb Web App shows you your watchlist, recommendations, etc.
  • 16. © 2016 Cisco and/or its affiliates. All rights reserved. 16 OAuth 2.0 In Action Roles and Generic Flow Resource Server CUCM, IM&P, Expressway, Unity Connection Authorization Server CUCM(SSOSP) Resource Owner (the user) Client (the application) User Agent (the web browser) Authentication (outside OAuth scope) Grants Authorization Requests Authorization Trust relationship1 2 3 4 5 IdP
  • 17. © 2016 Cisco and/or its affiliates. All rights reserved. 17 Authorization Code Grant Access Tokens and Refresh Tokens Access Token A token that authorizes a bearer to access a protected resource Access Tokens are typically issued to a particular user with a particular scope and with a specific expiry time Refresh Token A token that an OAuth client can use to request a new Access Token on expiry of an existing Access Token
  • 18. © 2016 Cisco and/or its affiliates. All rights reserved. 18 Motivation for Architecture Evolution (New AuthN/AuthZ Flow for Jabber) Support new functionality: • Push notification for Apple mobile clients • MRA Access Policy Scope Support (future) Simplify deployments: • Mobile user experience • Identity Provider performance impact (SSO) • Local, LDAP Bind, SSO Solidify architecture: • Login complexity • Enhanced edge security • Alignment with cloud solution
  • 19. 19© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Spark Cloud Security
  • 20. © 2016 Cisco and/or its affiliates. All rights reserved. 20 Spark Cloud Security - Realms of Separation Identity Service Content Server Key Mgmt Service Indexing Service Compliance Service Spark logically and physically separates functional components within the cloud Identity Services holding real user Identity (e.g. email addresses) are separated from : Encryption, Indexing and Compliance Services, which are in turn separated from : Data Storage Services Data Center A Data Center B Data Center C
  • 21. © 2016 Cisco and/or its affiliates. All rights reserved. 21 Realms of Separation – Identity Obfuscation Identity Service Content Server Key Mgmt Service Indexing Service Compliance Service Outside of the Identity Service - Real Identity information is obfuscated : For each User ID, Spark generates a random 128-bit Universally Unique Identifier (UUID) = The User’s obfuscated identity No real identity information transits, or is stored elsewhere in the cloud Data Center A Data Center B Data Center C jsmith@abc.comhtzb2n78jdbc9e
  • 22. © 2016 Cisco and/or its affiliates. All rights reserved. 22 Spark – User Identity Sync and Authentication Directory Sync User Info can be synchronized to Spark from the Enterprise Active Directory Multiple User attributes can be synchronized Passwords are not synchronized - User : 1) Creates a Spark password or 2) Uses SSO for Auth Identity Service
  • 23. © 2016 Cisco and/or its affiliates. All rights reserved. 23 Spark – SAML SSO Authentication Directory Sync SAML SSO Administrators can configure Spark to work with their existing SSO solution Spark supports Identity Providers using SAML 2.0 and OAuth 2.0 Identity Service IdP
  • 24. © 2016 Cisco and/or its affiliates. All rights reserved. 24 Client Connection Spark Service IdP Identity Service 1) Customer downloads and installs Spark Client (with Trust anchors) 2) Spark Client establishes a secure TLS connection with the Spark Cloud 3) Spark Identity Service prompts for an e- mail ID 4) User Authenticated by Spark Identity Service, or the Enterprise IdP (SSO) 5) OAuth Access and Refresh Tokens created and sent to Spark Client • The Access Tokens contain details of the Spark resources the User is authorized to access 5) Spark Client presents its Access Tokens to register with Spark Services over a secure channel
  • 25. © 2016 Cisco and/or its affiliates. All rights reserved. 25 Spark Device connection Spark ServiceIdentity Service 1) User enters 16 digit activation code received via e-mail from the Spark provisioning service 2) Device authenticated by Identity Service (Trust anchors sent to device and secure connection established) 3) OAuth Access and Refresh Tokens created and sent to Spark Client • The Access Tokens contain details of the Spark resources the User is authorized to access 5) Spark Client presents its Access Tokens to register with Spark Services over a secure channel 1234567890123456
  • 26. © 2016 Cisco and/or its affiliates. All rights reserved. 26 Content Server Key Mgmt Service message messagemessage filefile message Spark - Encrypting Messages and Content Spark Clients request a conversation encryption key from the Key Management Service Any messages or files sent by a Client are encrypted before being sent to the Spark Cloud Each Spark Room uses a different Conversation Encryption key Key Management Service AES256-GCM cipher used for Encryption
  • 27. © 2016 Cisco and/or its affiliates. All rights reserved. 27 Indexing Service Spark IS the messageSparkIS themessage Content Server Spark IS the message Key Mgmt Service ################### Searching Spark Rooms : Building a Search Index The Indexing Service : Enables users to search for names and words in the encrypted messages stored in the Content Server A Search Index is built by creating a fixed length hash* of each word in each message within a Room ################### B957FE48 B9 57 FE 48 Hash Algorithm ################### Indexing Service The hashes for each Spark Room are stored by the Content Service ################### * A new (SHA-256 HMAC) hashing key (Search Key) is used for each room
  • 28. © 2016 Cisco and/or its affiliates. All rights reserved. 28 Indexing Service “Spark”Spark Content Server Key Mgmt Service ################### Searching Spark Rooms : Querying a Search Index Search for the word “Spark” Client sends search request over a secure connection to the Indexing Service The Content Server searches for a match in it’s Hash tables and returns matching content to the client * ################### B957FE48 B9 57 FE 48 Hash Algorithm Indexing Service “Spark” Search for the word “Spark” “B9” B9 57 FE 48 ###################################### Spark IS the Message B9 The Indexing Service uses Per Room Search keys to hash the search terms *A link to Conversation Encryption Key is sent with encrypted message
  • 29. © 2016 Cisco and/or its affiliates. All rights reserved. 29 Cloud Collaboration Management Portal Indexing Service Jo Smith’s ContentJo Smith’s Content Content Server Key Mgmt Service ################### Spark Compliance Service : E-Discovery Administrator selects a group of messages and files to be retrieved for E- Discovery e.g. : based on date range/ content type/ user(s) The Content Server returns matching content to the Compliance Service ################### X1GFT5YYHash Algorithm Indexing Service Jo Smith’s Content “X1GFT5YY” Jo Smith’s Content ################### X1GFT5YY The Indexing Service searches Content Server for related content Compliance Service ################### Jo Smith’s Content ################### Jo Smith’s Content ###################
  • 30. © 2016 Cisco and/or its affiliates. All rights reserved. 30 E-Discov. Storage Compliance ServiceContent Server Key Mgmt Service Spark Compliance Service : E-Discovery The Compliance Service : Decrypts content from the Content Server, then compresses and re-encrypts it before sending it to the E- Discovery Storage Service The E-Discovery Storage Service : Sends the compressed and encrypted content to the Administrator on request Compliance Service Cloud Collaboration Management Portal Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Messages and Files ################### ################### ################ ################### ################### ################ Jo Smith’s Messages and Files E-Discovery Content Ready
  • 31. © 2016 Cisco and/or its affiliates. All rights reserved. 31 3rd Party Integrations Cisco has developed key relationships with leading Cloud Access Security Brokers (CASB), compliance, archival and security vendors to enhance Cisco Spark and deliver key enterprise-grade features: Compliance and Archiving Archive content to comply with retention requirements and enable eDiscovery Data Loss Prevention Apply policies to content, violation alerts, and take remediation actions Identity Management Single Sign-On via SAML, Mobile Device Management (MDM), SCIM user provisioning and deactivation
  • 32. 32© 2016 Cisco and/or its affiliates. All rights reserved. Spark Hybrid Data Security
  • 33. © 2016 Cisco and/or its affiliates. All rights reserved. 33 Secure Data Center Content Server Key Mgmt Service Spark – Hybrid Data Security (HDS) Compliance ServiceIndexing Service Hybrid Data Security Hybrid Data Services = On Premise : Key Management Server Indexing Server E-Discovery Service
  • 34. © 2016 Cisco and/or its affiliates. All rights reserved. 34 HDS includes:  Key Management Server  Search indexer  eDiscovery backend Whilst HDS offers unique security features to customers in that they, and they alone, can store and own the encryption keys for their messages and content…. These benefits also come with significant responsibilities : A HDS Deployment requires significant customer commitment and an awareness of the risks that come with owning encryption keys… Complete loss of either the configuration ISO or the Postgres Database will result in loss of the decryption keys stored in HDS. This will prevent users from decrypting space content and other encrypted data. If this happens, an empty HDS can be restored, however, only new content will be visible. Hybrid Data Security – Positioning : HDS may not be desirable for all customers
  • 35. © 2016 Cisco and/or its affiliates. All rights reserved. 35 Secure Data Center Key Mgmt Service Content Server Key Mgmt Service message messagemessagemessage HDS - Encrypting Messages & Content Spark Clients request an encryption key from the Hybrid Key Management Server Any messages or files sent by a Client are encrypted before being sent to the Spark Cloud Encrypted messages and content stored in the cloud Key Management Service Encryption Keys stored locally
  • 36. © 2016 Cisco and/or its affiliates. All rights reserved. 36 Secure Data Center Key Mgmt Service Encrypted messages from Clients are stored in the Spark Cloud Key Mgmt Service message Content Server message messagemessage If needed, Spark Clients can retrieve encryption keys from the Hybrid Key Management Server Key Management Service These messages are sent to every other Client in the Spark Room and contain a link to their encryption key on the Hybrid Key Management Server HDS - Decrypting Messages & Content
  • 37. © 2016 Cisco and/or its affiliates. All rights reserved. 37 Secure Data Center Indexing Service Spark IS the messageSparkIS themessage Content Server Spark IS the message Key Mgmt Service ################### The Indexing Service : Enables users to search for names and words in the encrypted messages stored in the Content Server ################### B957FE48 B9 57 FE 48 Hash Algorithm ################### Indexing Service ################### * A new hashing key (Search Key) is used for each room Hybrid Data Security: Search Indexing Service
  • 38. © 2016 Cisco and/or its affiliates. All rights reserved. 38 Secure Data Center Indexing Service “Spark”Spark Content Server Key Mgmt Service ################### Hybrid Data Security: Querying a Search Index Search for the word “Spark” Client sends its search request over a secure connection to the Indexing Service ################### B9 B9 57 FE 48 Hash Algorithm Indexing Service “Spark” Search for the word “Spark” “B9” B9 57 FE 48 ###################################### Spark IS the Message B9 *A link to Conversation Encryption Key is sent with the encrypted message
  • 39. © 2016 Cisco and/or its affiliates. All rights reserved. 39 Secure Data Center Indexing Service Content Server Spark Compliance Service : E-Discovery X1GFT5YY Indexing Service Jo Smith’s ContentJo Smith’s ContentJo Smith’s Content Key Mgmt ServiceCompliance Service Cloud Collaboration Management Portal ############################################################################ ######################################Jo Smith’s Content Jo Smith’s ContentJo Smith’s Content“X1GFT5YY”X1GFT5YY Hash Algorithm Admin selects a group of messages and files to be retrieved for E-Discovery e.g. : based on date range/ content type/ user(s) The Content Server returns matching content to the Compliance Service The Indexing Service searches the Content Server for selected content
  • 40. © 2016 Cisco and/or its affiliates. All rights reserved. 40 Secure Data Center Key Mgmt ServiceCompliance Service Cloud Collaboration Management Portal E-Discov. StorageContent Server Spark Compliance Service : E-Discovery The Compliance Service : Decrypts content from the Content Server, then compresses and re-encrypts it before sending it to the E- Discovery Storage Service E-Discovery Storage Service : Sends the compressed and encrypted content to the Administrator on request Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Content################### Jo Smith’s Messages and Files ################### ################### ################ ################### ################### ################ Jo Smith’s Messages and Files E-Discovery Content Ready
  • 41. © 2016 Cisco and/or its affiliates. All rights reserved. 41 Secure Data Center A Hybrid Data Security Architecture vSphereHybrid Data Services Node (VM) Docker ECP Mgmt Container HDS Containers Hybrid Data Services Node (VM) Docker ECP Mgmt Container HDS Containers HDS Cluster Config File IDE Mount IDE Mount ECP (Enterprise Compute Platform): Management containers which communicate with the cloud and perform actions such as sending health checks and checking for new versions of HDS. HDS (Hybrid Data Security): Key Management Server, Search Indexer, and eDiscovery Services. HDS Cluster Config: An ISO file containing configuration information for the local HDS cluster. e.g. Database connection settings, Database Master Encryption key, etc. IDE Mount: Mount point of the read-only HDS Cluster Config ISO file containing the configuration settings for HDS system. Customer Provided Services Postgres Database Syslogd Database Back Up System Back Up
  • 42. © 2016 Cisco and/or its affiliates. All rights reserved. 42 HDS Install Prerequisites See prerequisites in https://www.cisco.com/go/hybrid-data-security X.509 Certificate, Intermediates and Private Key PKI is used for KMS to KMS federation (Public Key Infrastructure) Common Name signed by member of Mozzila Trusted Root Store No SHA1 signatures PKCS12 format 2 ESXi Virtualized Hosts: Min 2 to support upgrades, 3 recommended, 5 max Minimum 4 vCPUs, 8-GB main memory, 50-GB local hard disk space per server kms://cisco.com easily supports 15K users per HDS. 1 Postgres 9.6.1 Database Instance (Key datastore) 8 vCPU, 16 GB RAM, 2 TB Disk. User created with createuser. Assigned GRANT ALL PRIVILEGES ON database. 1 Syslog Host hostname and port required to centralize syslog output from the three HDS instances and management containers A secure backup location The HDS system requires organization administrators to securely backup two key pieces of information. 1) A configuration ISO file generated by this process 2) The postgres database. Failure to maintain adequate backups will result in loss of customer data. See <Section on Disaster Recovery>. Network Outbound HTTPS on TCP port 443 from HDS host Bi-directional WSS on TCP port 443 from HDS host TCP connectivity from HDS host to Postgres database host, syslog host and statsd host