Video Service Protection: Simplified, Scalable and Robust Cross-Platform Security
BRKSPV-2400 Cisco Live Berlin Edmond Shapiro Video Solutions Architect Service Provider Video - Cisco Agenda
Cross-Platform Video Content & Service Protection
1. Background
2. Simplifying Operations
3. Scaling Operations
4. Strengthening Protections
5. Conclusion Agenda
Cross-Platform Video Content & Service Protection
1. Background
2. Simplifying Operations
3. Scaling Operations
4. Strengthening Protections
5. Conclusion Background – Rapidly Evolving SP Network
Enable New Business Models Protect • Secure content and revenue across all screens, networks and business models • Provide comprehensive and adaptive security to dynamic threat landscape
Launch New Experiences Monetize • Rapidly deliver compelling new experiences that increase revenue • Compete with OTT threat and increase relevance versus cord cutting
Fast and Flexible Automate • Move from months to days and minutes for supporting new services and workflows • Simplify infrastructure and service management
Reduce Total Cost of Ownership Optimize • Improve infrastructure utilization • Lower operational costs and increase efficiency
8 Background – Rapidly Evolving SP Network
Fragmented, Fragile
Video Cloud DVR VOD Broadband Services Routing Services
Slow, Outdated
Manual, Complex
Static, Siloed Compute Storage Network
9 Background - Cisco Open Network Architecture Service Providers and Content Providers
Unified Comprehensive
Video Cloud DVR VOD Broadband Services Routing Services Cloud Native Software Based
Capture xCode Encrypt Ad Insert Splice Route Package Playout Automate Virtual Network Functions Orchestration Virtual Network Functions Orchestrated
Programmable Compute Storage Network Elastic & Scalable
10 From Managed Network Distribution of Television…
Creation Distribution Consumption
Take 7
Content Service Video Creators Provider Consumer
11 …To an Open Content Ecosystem
3rd Party Sources Service Provider / Headend www…
Video Consumer
Take 7 Regional www… Headend Content Creators www… Creation Distribution Consumption Corporate Employees Video content Content Delivery Set top Satellite Telecommunications Cable www… IP Key: data centers & endpoints data centers Network (CDN) box (STB)
13 SP Operations Today is Complex and Costly
STB(s)
IP Networks
Connected Linear VOD NG IP TV Device(s) Control Control Control Plane Plane Plane
Customer Mobile Back Device(s) Office Conditional Conditional DRM DRM Access Access System A System B System A System B
Linear VOD NG IP TV Data Data Data Plane Plane Plane
14 Ever Growing Number of Platforms and Devices …
Roku Apple TV Fairplay Fairplay iPad iPhone PlayReady Fairplay
Amazon Fire TV Chromecast Android Android Widevine Widevine Tablet phone PlayReady Widevine
Xbox One PlayStation 4 Windows Windows PlayReady PlayReady Tablet phone PlayReady PlayReady
PlayReady TiVo Samsung Smart TV (IE) PC ?? Widevine PlayReady PlayReady (Chrome)
?? ?? ?? ??
15 With Complex Native Security Architectures
DTCP/ VidiPath Not supported Not supported Not supported Multicast Not supported Not supported Not supported Home Network Not supported Not supported Require PR 3.0 capable device
DVR Not supported Not supported Require PR 3.0 capable device Not supported Write your own app with WV Write your own app with PR Sync & Go hardening. No rights revocation hardening. No rights revocation
Not supported. Root & Leaf Not supported. Root & Leaf Use Root & Leaf licenses Linear EBR concept is not portable concept is not portable
Linear Key Rotation or Entitlement Key Rotation or Entitlement Key Rotation or Entitlement revocation revocation revocation VOD Device Identification Device Identification Device Registration Device Registration Device Registration Entitlement control Entitlement control Entitlement control App & Platform Integrity App & Platform Integrity App & Platform Integrity Concurrency Concurrency Concurrency CDN access tokens CDN access tokens CDN access tokens Expiration enforcement PlayReady Widevine FairPlay
16 With Support for Multi-Platform Video Services
rd Service Provider Backend 3 Party OTT Services Netflix, YouTube
Gateway / DVR 3rd party DRM devices: CA DRM * PlayReady – xBox 360, STV * FPS – Old AppleTV * Widevine – Chromecast Multi-DRM Gateway
• Fusion • Evolution • PC, Mac • MHA Computers • iOS, New AppleTV Mobiles • RDK IPC • Android (AndroidTV, FireTV) • 3rd party • Windows Mobiles, METRO... • DTV DRM DLNA TV • Xbox ONE • Sagem • PS3/4 • Zodiac • Roku • HDMI dongles
17 Agenda
Cross-Platform Video Content & Service Protection
1. Background
2. Simplifying Operations
• Multi-DRM Framework, Common Control Plane Policy Enforcement
3. Scaling Operations
4. Strengthening Protections
5. Conclusion Simplifying Content & Service Protection Capture/Store Distribute Consume
Data Center 3 Set Top Box 6 DRM/OTT SPP/IP 1 CA/Broadcast 4 DRM/Home IT Security network 2 Multi DRM DRM/OTT Devices
5 Multi-DRM/OTT Data Center Security
VideoGuard Everywhere – Content & Service Protection
19 Simplify Security Operations – Hybrid Environments
Authorization / Activation tokens
Content Security Customer Device (s)
Conditional Access Application SM Back SM Front End End Customer Entitlements Control Back CA Back CA Front Plane Content Security Client Office End End CA CA License Security SDK Player Broadcast Delivery Agent Device CA Activation Device Schedule Activation Secure Micro Multi-DRM Device License Control Control OS / Middleware
AC/Events ECM / Keys provisioning Secure Micro Data Plane Support for MUX ABR-E One-Way Environment
20 Simplify Security Operations – Two-Way Environments
Authorization / Activation tokens
Content Security Customer Device (s)
Conditional Access Application
Customer Entitlements Control Back CA Back CA Front Plane Content Security Client Office End End CA CA License Security SDK Player Broadcast Delivery Agent Device CA Activation Device Schedule Activation Multi-DRM Device License Control Control OS / Middleware
AC/Events ECM / Keys provisioning CA Support for Data Plane Two-Way MUX ABR-E Broadcast Environment
21 Simplify Security Operations – IP Only Environments
Authorization / Activation tokens
Content Security Customer Device (s)
Application
Customer Entitlements Control Back Plane Content Security Client Office License Security SDK Player Agent Device CA Activation Device Schedule Activation Multi-DRM Device License Control Control OS / Middleware
AC/Events ECM / Keys provisioning Multi-DRM Data Plane Support for MUX ABR-E IP Only Environments
22 Simplify Integration of Native DRMs
Multi-DRM Product Unified Multi-DRM Framework Integration Integration
VGE DRM … PlayReady Widevine PlayReady Fairplay Widevine
VGE Multi-DRM Framework
PlayReady Widevine Headend Services Headend Services Headend Services
23 A Video Service Protection Platform is more than DRM Content Protection Application Integrity Sync & Go Home Network Event-Based Location and Proximity DTCP-IP support VGE Multi-DRM Concurrency Framework Device Management Registration Device Integrity License Traditional Keys DRM
24 User Context Control Policies Preference
Concurrency Proximity • Control Plane sets and Security System enforces User policies
• Every Service Provider application results in new Place Device Activity Time Content Enforcement requirements Account
Network Status
Content
25 Linear Schedule Event Control Policies
Subscription Only Free Preview Banner Only PPV Purchase Only Subscription & PPV
Recording Recording No Skip No Out of Home Recording
26 Common Policy Enforcement (VGE Features) • Linear Subscription • Tiered Bundles • À La Carte • Pay Per View Store/Forward, HEP • Free Preview Linear Channels and Live Events • EPG Coloring Variety of Concurrency Limits • Overt and Covert fingerprinting Video On Demand • Pre-Encrypted VODPolicy, Location and CDN Access Control • Transaction VOD Device/App Authentication Download, Sync & Go • Subscription VOD and Proximity Control • Session VOD • Request Queuing • Free VOD Home Network Sharing • Local Catalog DTCP-IP Import/Export • Background Download • Progressive Download Event-Based Entitlements CA Termination and Transcoding Support • Secure Completion Report • Electronic Sell Through • Different rules per operation Device Registration and Management • Rental window for viewing, for • Template basedEmergency license Alerts on Live Channels download creation in Gateways Rights Revocation Rich Set of Business Rules • Device type(for subscription and and downloaded assets) Network type restrictions • Blackouts, locations and proximity • Rentals, download counters • Copy protection/Output controls 27 Agenda
Cross-Platform Video Content & Service Protection
1. Background
2. Simplifying Operations
3. Scaling Operations
• Optimization of MPEG Broadcast, Adaptive Bit Rate Encryption & Key Handling
4. Strengthening Protections
5. Conclusion MPEG Broadcast Conditional Access Systems
Linear TV
Video Audio ECM-1 ECM-2
Switched Digital TV Video CAS CAS Scrambler Audio Multiplex (1) (2) ECM-1 MPEG ECM-2
On-Demand TV
Video Audio ECM-2
DOCSIS • CAS elements are typically Data resident (e.g. Secure Micro) • DCAS are downloaded and thus not resident
29 MPEG Broadcast Key Rotation for Content Encryption
MPEG Broadcast Key Rotation Signaling seconds
PMT Delay
Video A A A Audio ECM-1 B B ECM ECM-2 Cipher A A A B B B B B Playout
• Delay Start is signaled by SimulCrypt Protocol • PMT signals MPEG Components that are scrambled as well as scrambling cipher
30 Network and Key Management (Distributed Headend)
Headend
Headend
Headend Front
Front DCAS System
End End
Headend Back-End Back-End
- -
Back-End Back-End
Front
Front End
End Back-End Back-End Headend
- - Headend Front-End Front-End
Headend
Headend Headend Headend
31 Adaptive Bit Rate – Multi-Format Distribution
Program Insertion Program • Complex Management
Low • High
Med Distribution
Storage Costs High
Program Insertion Program
3G
Low Med
32 Adaptive Bit Rate – Optimized Distribution
Program Insertion Program • Consistent Management
3G • Reduced
Storage Costs
Low
Med High
33 Minimize Number of Stream Formats
Fairplay iPad HLS Android Widevine 30 HD channels phone 70 SD channels PlayReady 3000 VOD assets HSS (IE) PC Widevine (Chrome)
DASH PlayStation 4 PlayReady
34 Minimize Number of Stream Formats
VGE iPad Save cost by reducing: • Number of encoders/ Android VGE transcoders 30 HD channels phone • Storage in origin and 70 SD channels HLS 3000 VOD assets edge cache servers VGE PC • Bandwidth between origin and edge cache PlayStation 4 servers VGE $10M savings
35 VGE DRM Client Structure and Capabilities
ABR IP Local Storage Content Acquisition Service Protection Module Module
Multicast IP Cisco Player/ Live Channels Device authentication Codec VOD HN device management Download 3rd party device management Broadcast PDL Device Integrity (JB, Rooting etc) Cache Background Download SD/HD/4K separation Mobile Device Local Catalog Dynamic device robustness levels CDN Failover License/Business Rules Native Player WiFi/3G switching Event Based Access Home Stream and Manifest Emergency alerts Network Transformation Content Encryption/Re-encryption Embedded Playlists AirPlay and similar Concurrency Device s/w or Location based policy h/w Player DLNA CDN access restrictions (tokens) Proximity Diagnostic and UI support rd Key fingerprinting 3 Party Forensic watermark ingestion player Local Storage CA termination DVR protection Trans-coding support DTCP import/export DLNA/Home rd rd 3 Party 3 Party DRM hardening Network Content format transformation CE device vendor self integration kit TEE support
36 Simplify Integration of Multiple Device Clients For each device the system must perform the following: • Identify • Application Integrity • Secure Time • Monitor • Authenticate • Device Integrity (i.e. JB) • Secure Decoding • Revoke • Activate/Register • Secure Storage • Output Protection • Renew
PC/Mac Browser PC/Mac App Win8 Mobile/ Android Client iOS devices STB devices Roku Connected TV Browser Metro App WebKit HTML/Flash Java Objective C WebKit BrightScript Browser .NET HTML/JS HTML App Application Application HTML App Application App Security Application JS SDK Plugin/CDM Middleware NDK Security Security Security Security SDK SDK SDK SDK SDK SDK SDK TEE
VGE-Agent VGE-Agent VGE-Agent VGE-Agent VGE-Agent VGE-Agent VGE-Agent VGE Agent
Player Player Player Player Player Player Player Player
OS and X.509 X.509 OS and H/W OS and H/W OS and H/W OS and H/W OS and H/W KLAD H/W Certificate Certificate
37 ABR Key Rotation – Events + SCTE 35 ABR-E Configuration: Notes: HLS Live Channels Event Aligned Keys DASH with SCTE switching Similar to time based schedule, HSS but the key switch is triggered by SCTE info inside the stream EVN: KN EVN+1: KN+1 EVN+2: KN+2 instead of a chronologic timer.
SCTE change SCTE change
E
-
channels
-
ABR Sub
Channel ID Key Event N Channel ID: N Event N+1 Event N SIP KeyStore
38 ABR Key Rotation + Schedule Changes ABR-E Configuration: Notes: HLS Live Channels Event Aligned Keys with SCTE DASH switching There are two ways to signal HSS With/without SCTE showing ID schedule changes: 1. SCTE EVN: KN EVN+1: KN+1 EVN+2: KN+2 Signals when current event is finished SCTE change SCTE change If Showing ID is present in SIP info, SCTE may
also indicate which event E
- is next/skipped.
2. Long Poll to SIP channels
- May provide
new/changed schedule ABR Sub including start/end time or skipped/added events. May work in conjunction Channel ID Key Event N Channel ID: N with SCTE or separately. Event N+1 Event N
SIP Long Poll on KeyStore schedule change 39 ABR Key Rotation – Emergency ABR-E Configuration: Notes: HLS Live Channels Event Aligned Keys with SCTE DASH switching Service provider can invoke HSS With/without SCTE showing ID emergency interface and force ABRE into special KeyID and EVN: KN EVN+1: KN+1 EVN+2: KN+2 corresponding key that must be preauthorized for all the clients.
SCTE change SCTE change
E
-
channels
-
ABR Sub
Channel ID Key Emergency Event N Channel ID: N Key Event N+1 Event N SP Emergency trigger SIP Long Poll on KeyStore schedule change 40 ABR Key Rotation – Content Quality Aware Encryption ABR-E Configuration: Notes: HLS Live Channels EAK with SCTE switching DASH Quality aware encryption Sub-channels are logically grouped into SD, HD, 4K groups and each such group is encrypted EVN: KN EVN+1: KN+1 EVN+2: KN+2 using different key (provided by the KeyStore). SCTE change SCTE change Available on live channels and
4K VOD assets.
E - HD All previously explained features are available in conjunction with quality aware encryption method. SD ABR Emergency alert forces all keys to KeySD ; KeyHD ; be the same. Channel ID N N Emergency Event N Channel ID: Key4KN Key Event N+1 Event N SP Emergency alert trigger SIP Long Poll on KeyStore schedule change 41 ABR Key Rotation – Watermark Support ABR-E Configuration: Notes: HLS Live Channels EAK with SCTE switching DASH Quality aware encryption Small portion of the stream is WM/FP encryption duplicated and encrypted with different extra keys. EVN: KN EVN+1: KN+1 EVN+2: KN+2 Can be used for Key SCTE change SCTE change Fingerprinting in which case the duplicated packets are identical or
4K for Forensic watermarking, in E
- which case the packet copy is HD modified by the watermarking technology.
SD ABR
WM/FP pair KeySD ; KeyHD ; Key4K ; Channel ID N N N Event N Channel ID: WM/FP sequence keys Event N+1 Event N
SIP Long Poll on KeyStore schedule change 42 Agenda
Cross-Platform Video Content & Service Protection
1. Background
2. Simplifying Operations
3. Scaling Operations
4. Strengthening Protections
• Security & Trust Relations for Secure Micro, STB, Connected & Mobile Devices
5. Conclusion Experience Matters in Trust Relationships
460 Software/Hardware Security Engineers Unhacked dedicated to VideoGuard security 500M VG since 2003 products Secure Micros 400M NSK SOCs Proactive “moving from Broadcom, target” security ST, Intel, Entropic, Next gen released Mstar and others OpSec before prev. gen Gather intelligence hack 40 Researchers 24 Languages Security 6 Continents Researchers Reverse engineers Pentesting experts World-class cryptographers
44 Trust Relationships Inferred Transient Permanent Robust
Secure Micro Technology Provenance Use: Protect One-Way Broadcast Content Responsibility: Single Mission, Single Owner Renewability: Upgradable as needed Delegated Indirect Robustness: Stand-alone, Decentralized Direct
Given
Owned
45 VideoGuard – Secure Micro Technology
State Technically of the Art Superior Compartmental
• Physical, Logical and • Custom secure micro • Monitor, identify, validate and Algorithm-based layered hardware-based security system neutralize attack vectors before security (peeling the onion) any specific service provider is • Algorithm-based system protects affected • Secure Micro content Authentication and Pairing and saves bandwidth • Service Provider-specific secure micros prevents domino-effects • Control Word encryption • Card changeovers deliver new and deter piracy features • Electronic Counter-measures • Electronic counter-measures • STB hardening keeps them in the • Secure software download keeps hackers guessing field longer • Blacklists & Spots • Features adapt to service provider requirements • Return path security
• Unique Security Warranties
46 Trust Relationships Inferred Transient Permanent Robust
Provenance Set-Top Boxes Use: Cost-Effective Video Service Delivery Responsibility: Service Provider Owned Delegated Indirect and Managed Device Direct Renewability: Software Updates Robustness: Dedicated Software & Hardware Given System On Chip (SOC)
Owned
47 Standard Encryption Key Handling
SCTE 201 KLAD Root Key Derivation • Profile 0 mandatory • Profiles 1A, 2A, 2B optional
ETSI KLAD Descrambling: • CSA2, AES mandatory worldwide • SCTE-52 conditional mandatory for US cable
Multiple KLAD Blocks Supported Proprietary KLAD block for Encrypted CW
48 Root of Trust Relationships
49 Root of Trust Scalability
100s of Dozens of TAs Device Qualifiers
Billions of Keys
Millions of 1000s of Active Device Devices Providers
50 Managed Device Protections
Features Implementation • Secure chipset • SOC and STB • Prevent Unauthorized • Hardware design & access to Flash implementation • Prevent Unauthorized • Software design & access to RAM implementation • Protect sensitive data & • Production process content • Repair & maintenance • Maintain chain of trust • Certification • Prevent SW breaches • Security approvals
51
51 Trust Relationships Inferred Transient Permanent Robust
Provenance Connected Devices Use: Primary Screen TV Responsibility: Viewer Owned Device Delegated Indirect (Unmanaged by a Service Provider) Direct Renewability: 3rd Party Managed Updates – App Stores Given Robustness: General Purpose Hardware with Specialized Graphics Owned
52 Trust Relationships Inferred Transient Permanent Robust
Provenance Mobile Devices Use: Secondary Viewing, Short-Form Responsibility: Viewer Owned Device Delegated Indirect (Unmanaged by a Service Provider) Direct Renewability: 3rd Party Managed Updates – App Stores Given Robustness: General Purpose Hardware with Specialized Graphics Owned
53 VGE – UHD Device Security VGE-Hybrid VGE-Connected VGE-OTT VGE-Connected VGE-OTT NSK STB NSK STB NSK STB Generic TEE Generic TEE AES or 128 Bit Encryption Key CSA3 P P P P P NSK2 or Secure Media Pipeline TEE P P P ? ? HW Client Integrity Secure Boot P P P P P HW Client Authentication Key Ladder P P P ? ? Secure Output Protection HDCP 2.2 P P P ? ? Stream Piracy Protection Watermarks P P R P R Breach Response Op Sec P P P P P Event based key generator Scheduler P P P P P Content based key generator Scheduler P P P P P Security Revocation Conditional P P P P P Security Review Audit P P P X X
54 Trust Relationships Inferred Transient Permanent Robust
Provenance
Desktops/Laptops Delegated Indirect Direct Use: General Purpose Compute Responsibility: Viewer Owned Device Given Renewability: Unmanaged Software Updates Robustness: General Purpose Hardware Owned and Graphics
55 VGE DRM – Moving Target (Whitebox Cryptography)
K1 K2 K3 K4 K5 K6 K7 K8 Kn+1 Kn+2 Kn+3 Kn+4 Kn+5 Kn+6 Kn+7 Kn+8
K9 K10 K11 K12 K13 K14 K15 K16 Km+1 Km+2 Km+3 Km+4 Km+5 Km+6 Km+7 Km+8
K17 K18 K19 K20 K21 K22 K23 K24
K25 K26 K27 K28 K29 K30 K31 K32 • Proactive and Dynamic moving targets K33 K34 K35 K36 K37 K38 K39 K40 • Utilized for untrusted
K41 K42 K43 K44 K45 K46 K47 K48 Execution Environments
K K K K K K K K • Requires Randomized 49 50 51 52 53 54 55 56 Implementations of a
K57 K58 K59 K60 K61 K62 K63 K64 Common Feature Set
56 Agenda
Cross-Platform Video Content & Service Protection
1. Background
2. Scaling Operations
3. Simplifying Operations
4. Strengthening Protection
5. Conclusion Cisco – Holistic Approach to Content Security Data Center Video Service Anti-Piracy Security Protection Services
Protect headend Deliver premium content and Ensure that others don’t infrastructure, video content, services securely over any profit off of your content and customer data network to any screen illegally
End-to-end Content Security
58 VideoGuard Everywhere – Maximize content and service protection with an optimized, scalable and robust security solution
Used today in 1 of 3 pay TV 460 software/hardware homes worldwide security engineers
>4.5M active mobile devices 300M active client devices in a single OTT deployment
Protecting over $100 billion in 8 years of proven global customer revenue DCAS deployments
Longest unhacked record, Studio-approved security over 10 years
59 VideoGuard Everywhere Video Security Solutions for Service Providers and Media 1 2 3 VGE VGE VGE Hybrid Connected OTT
Security Services
Security for Security for two- Security for ‘Over hybrid way the Top’ delivery Satellite/IP Cable/Telco to any screen networks networks
Single cloud, any access network, any device, cost effective, always secure
60 VideoGuard Everywhere – Platform / Device Support
Available Now Roadmap Function/Feature Q1CY16 -- Q3 – Q1CY17 – Q3 – Q1CY18 . 1 PC / Mac – Any browser (unplugged) 2 IOS – Includes iPhone4, iPad 2 and up 3 Android – Includes Kindle, FireTV, GoogleTV 4 Windows – Integrated Backend Ops 5 SP Managed STBs – ST, Broadcom, Intel 6 Games Consoles – PS3, Xbox One, Xbox 360 7 Streaming STBs – Apple TV 8 HDMI Dongles – ChromeCast, AmLogic 9 4K Smart TVs – Samsung, LGE Sony 10 4K Intel PC with SGX TEE 11 4K SP Managed STBs – Many new models
64 VideoGuard Everywhere – Network Applications
Available Now Roadmap Function/Feature Q1CY16 -- Q3 – Q1CY17 – Q3 – Q1CY18 . 1 Control – Cisco Infinite Solutions Integration 2 Control – Unified Token Interface 3 Cloud – Rapid Deployment, CI/CD 4 Cloud – Hybrid Cloud 5 Cloud – ELK, ZEUS, Dashboards 6 Control – Integrated Backend Ops 7 Control – Integrated Client Ops 8 Cloud – VGS joins VGDRM as Stateless, A/A 9 Cloud – SimulCrypt 2.0 10 Cloud – VideoGuard As A Service 11 Control – Self-Service Installation
65 Beyond Video Service Protection… Data Center Security support
NGFW DoS / DDoS NGIPS AMP Corporate network Video head end Data Center Security Next-Generation Firewall Web Security Web Security (NGFW) Email Security
Next-Generation Intrusion Email Security Prevention System (NGIPS)
Denial of Service (DoS) / Threat Grid (Sandboxing) DDoS
Identity Services Engine Lancope StealthWatch & TrustSec 2-5693-45-66
Advanced Malware Threat Grid Lancope AnyConnect AnyConnect ISE & TrustSec Protection (AMP) (Sandboxing) StealthWatch
Protect video content, infrastructure, and customer information
66 Call to Action
• Learn more about Cisco Service Provider Video Security Solution: http://www.cisco.com/c/en/us/solutions/service-provider/video-security-solutions/index.html
• Learn more about Cisco VideoGuard DRM: http://www.cisco.com/c/en/us/products/video/videoguard-drm/index.html
• Learn more about Cisco’s VideoGuard Everywhere: Multi-DRM Framework: http://www.cisco.com/c/en/us/solutions/collateral/service-provider/videoscape-videoguard-security- solution/white-paper-c11-734000.html
• Meet the Engineer Availability: Location: Messe, Hall 2, Level 1
• Tuesday, 16 Feb 2016: 16:00 – 18:30
• Wednesday, 17 Feb 2016: 11:00-13:00
• Thursday, 18 Feb 2016: 16:00 – 17:00 Complete Your Online Session Evaluation
• Please complete your online session evaluations after each session. Complete 4 session evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt.
• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Thank you