Re: Cisco Crosswork Network Insights - or how to destroy a useful service

["Douglas C. Stephens via NANOG" <nanog () nanog org>]

I would like to point out another more straightforward ignorant UI
design decision for this new service.  The login screen assumes and
requires all Cisco.com account usernames to be email addresses.  Many
are not, especially for folks like me who have had theirs for decades.


On 5/15/2019 4:50 AM, Hank Nussbacher wrote:
> I have started to use Cisco Crosswork Network Insights which is the
> replacement for BGPmon and I am shocked at how Cisco has managed to
> destroy a useful tool.  I have had a paid 50 prefix account since the
> day BGPmon became available and helped two clients implement a 500
> prefix license over the past 4 years.  None will be buying Cisco
> Crosswork Network Insights, based on my recommendation.
>
> I really don’t know where to begin since there is so much to dislike in
> this new GUI.  I will try to give you just a small taste but I suggest
> you request a 90 day trial license and try it out for yourself.
>
> This was not designed by someone who deals with BGP hijacks or who
> manages a network.  It was probably given to some GUI developer with a
> minimal understanding of what the users needed.   How do I know this? 
> Take for example the main configuration menu:
> https://crosswork.cisco.com/#/configuration with the first tab of
> “prefixes”.  On that page there is *no* mention of which ASN the prefix
> is associated with.  That of course was fundamental in the BGPmon menu:
> https://portal.bgpmon.net/myprefixes.php
>
> Or take for example its “express configuration”, where you insert an ASN
> and it automatically finds all prefixes and creates a policy.  But does
> it know the name of the ASN?  Nope.  Something again that was basic in
> BGPmon via: https://portal.bgpmon.net/myasn.php is non-existent in CNI.
>
> Or how about the alarms one gets to an email?  Want to see how that looks?
>
> From: Crosswork Admin [mailto:admin () crosswork cisco com]
> Sent: 15 May 2019 11:39
> To: Hank Nussbacher <Hank () mail iucc ac il>
> Subject: CCNI Notification
>
> Active alarm count 1 starting at 2019-05-15 08:34:42.960762315 +0000
> UTC. Please click on the link for each alarm below:
> https://crosswork.cisco.com/#/alarm/ba7c5084-f05d-4c12-a17f-be9e815d6647
>
> Compare that with what we used to get:
>
>  
>
> ====================================================================
> Possible Prefix Hijack (Code: 10)
> ====================================================================
>
> Your prefix:          99.201.0.0/16:
> Prefix Description:   Kuku net
> Update time:          2018-08-12 17:50 (UTC)
> Detected by #peers:   140
> Detected prefix:      99.201.131.0/24
> Announced by:         AS222246 (BGP hijacking Ltd)
> Upstream AS:          AS111111 (Clueless ISP allowing customer hijacking
> Ltd)
> ASpath:               555555 444444 333333 111111 222246
> Alert details:       
> https://portal.bgpmon.net/alerts.php?details&alert_id=830521190
> Mark as false alert:  https://portal.bgpmon.net/fp.php?aid=830521190
>
> That is just a small sampling.  Maybe two years down the road, Cisco
> will speak to customers first before destroying a useful service.
>
> Anyone else trying this out and feels the same or feels differently?
>
> Disappointed,
> Hank
>
>  

-- 
Douglas C. Stephens             | Network Systems Analyst
Information Technology          | Phone: (515) 294-6102
Ames Laboratory, US DOE         | Email: stephend () ameslab gov