<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: arial,helvetica,sans-serif; font-size: 10pt; color: #000000'>Cisco ruins everything they touch.<br><br><div><span name="x"></span><br><br>-----<br>Mike Hammett<br>Intelligent Computing Solutions<br>http://www.ics-il.com<br><br>Midwest-IX<br>http://www.midwest-ix.com<span name="x"></span><br></div><br><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><b>From: </b>"Hank Nussbacher" <hank@efes.iucc.ac.il><br><b>To: </b>nanog@nanog.org<br><b>Sent: </b>Wednesday, May 15, 2019 4:50:10 AM<br><b>Subject: </b>Cisco Crosswork Network Insights - or how to destroy a useful service<br><br>
  

    
  
  
    <p class="MsoNormal">I have started to use Cisco Crosswork Network
      Insights which
      is the replacement for BGPmon and I am shocked at how Cisco has
      managed to
      destroy a useful tool.<span style="mso-spacerun:yes">  </span>I
      have had a paid
      50 prefix account since the day BGPmon became available and helped
      two clients implement
      a 500 prefix license over the past 4 years.<span style="mso-spacerun:yes"> 
      </span>None will be buying Cisco Crosswork Network Insights, based
      on my
      recommendation.</p>
    <p class="MsoNormal">I really don’t know where to begin since there
      is so much to
      dislike in this new GUI.<span style="mso-spacerun:yes">  </span>I
      will try to
      give you just a small taste but I suggest you request a 90 day
      trial license and try
      it out for yourself.</p>
    <p class="MsoNormal">This was not designed by someone who deals with
      BGP hijacks
      or who manages a network.<span style="mso-spacerun:yes">  </span>It
      was
      probably given to some GUI developer with a minimal understanding
      of what the
      users needed.<span style="mso-spacerun:yes">   </span>How do I
      know this?<span style="mso-spacerun:yes">  </span>Take for
      example the main configuration menu:
      <a href="https://crosswork.cisco.com/#/configuration" target="_blank">https://crosswork.cisco.com/#/configuration</a>
      with the first tab of “prefixes”.<span style="mso-spacerun:yes"> 
      </span>On
      that page there is <b>no</b> mention of which ASN the prefix is
      associated
      with.<span style="mso-spacerun:yes">  </span>That of course was
      fundamental in
      the BGPmon menu: <a href="https://portal.bgpmon.net/myprefixes.php" target="_blank">https://portal.bgpmon.net/myprefixes.php</a></p>
    <p class="MsoNormal">Or take for example its “express
      configuration”, where you
      insert an ASN and it automatically finds all prefixes and creates
      a
      policy.<span style="mso-spacerun:yes">  </span>But does it know
      the name of the
      ASN?<span style="mso-spacerun:yes">  </span>Nope.<span style="mso-spacerun:yes">  </span>Something again that was
      basic in BGPmon via:
      <a href="https://portal.bgpmon.net/myasn.php" target="_blank">https://portal.bgpmon.net/myasn.php</a>
      is non-existent in CNI.</p>
    <p class="MsoNormal">Or how about the alarms one gets to an email?<span style="mso-spacerun:yes">  </span>Want to see how that looks?</p>
    From:
    Crosswork Admin [<a class="moz-txt-link-freetext" href="mailto:admin@crosswork.cisco.com" target="_blank">mailto:admin@crosswork.cisco.com</a>] <br>
    Sent: 15 May
    2019 11:39<br>
    To: Hank
    Nussbacher <a class="moz-txt-link-rfc2396E" href="mailto:Hank@mail.iucc.ac.il" target="_blank"><Hank@mail.iucc.ac.il></a><br>
    Subject:
    CCNI Notification<br>
    <br>
    Active alarm
    count 1 starting at 2019-05-15 08:34:42.960762315 +0000 UTC. Please
    click on
    the link for each alarm below: <br>
    <div style="mso-element:para-border-div;border:none;border-bottom:solid
      windowtext 1.0pt;
      mso-border-bottom-alt:solid windowtext .75pt;padding:0cm 0cm 1.0pt
      0cm"><a href="https://crosswork.cisco.com/#/alarm/ba7c5084-f05d-4c12-a17f-be9e815d6647" target="_blank">https://crosswork.cisco.com/#/alarm/ba7c5084-f05d-4c12-a17f-be9e815d6647</a><br>
    </div>
    <p class="MsoNormal" style="margin-bottom:0cm;margin-bottom:.0001pt">Compare
      that
      with what we used to get:</p>
    <p class="MsoNormal" style="margin-bottom:0cm;margin-bottom:.0001pt"> </p>
    ====================================================================<br>
    Possible
    Prefix Hijack (Code: 10)<br>
    ====================================================================<br>
    <br>
    Your
    prefix:<span style="mso-spacerun:yes">          </span>99.201.0.0/16:<br>
    Prefix
    Description:<span style="mso-spacerun:yes">   </span>Kuku net<br>
    Update
    time:<span style="mso-spacerun:yes">          </span>2018-08-12
    17:50 (UTC)<br>
    Detected by
    #peers:<span style="mso-spacerun:yes">   </span>140<br>
    Detected
    prefix:<span style="mso-spacerun:yes">      </span>99.201.131.0/24<br>
    Announced
    by:<span style="mso-spacerun:yes">         </span>AS222246 (BGP
    hijacking Ltd)<br>
    Upstream
    AS:<span style="mso-spacerun:yes">          </span>AS111111
    (Clueless ISP
    allowing customer hijacking Ltd)<br>
    ASpath:<span style="mso-spacerun:yes">               </span>555555
    444444 333333 111111 222246<br>
    Alert
    details:<span style="mso-spacerun:yes">       
    </span><a class="moz-txt-link-freetext" href="https://portal.bgpmon.net/alerts.php?details&alert_id=830521190" target="_blank">https://portal.bgpmon.net/alerts.php?details&alert_id=830521190</a><br>
    Mark as
    false alert:<span style="mso-spacerun:yes">  </span><a class="moz-txt-link-freetext" href="https://portal.bgpmon.net/fp.php?aid=830521190" target="_blank">https://portal.bgpmon.net/fp.php?aid=830521190</a><br>
    <p class="MsoNormal">That is just a small sampling.<span style="mso-spacerun:yes">  </span>Maybe two years down the
      road, Cisco will
      speak to customers first before destroying a useful service.</p>
    <p class="MsoNormal">Anyone else trying this out and feels the same
      or feels differently?<br>
    </p>
    Disappointed,<br>
    Hank<br>
    <p class="MsoListParagraph"> </p>
    
  

</div><br></div></body></html>