A Deeper Look at Software-Defined Access on TechWiseTV

A Deeper Look at Software-Defined Access on TechWiseTV

August 1, 2019 7 By Bernardo Ryan


– [Robb] On our last show, we covered the
introduction to Software-Defined Access. But today, we cover the details. It’s time
for the deep dive, it’s time… – [Lauren] For TechWise TV. ♪ [music] ♪ – Today is our deep dive follow-on from
the introductory show we did for Software-Defined Access. Now, SD-Access is
policy-based automation from edge to cloud. Now Robb, I think you have a recap. – I do. You know, there is just so much
to consider when we talk about the architectural change that offers this many
benefits. So what I want to do is highlight a little bit about what we’d
cover on the previous show. So this diagram shows the centrality of
two things, right? We’ve got the APIC-EM controller and DNA center. Both are at the
center. The controller’s not new. However, what you can now do with it
changes everything. See, the APKM now functions as an SDN controller. It’s still
valuable as usual. In fact, you may already be using it for any number
of things. Say, well, easy QoS, path trace, plug and play, but
it’s also fully accessible and open through APIs. Now, DNA center, put a big
star next to that one. DNA center is brand new. This is the
control center. It’s the only interface you need for a completely automated
Software-Defined Access network. We go into detail about what you can do
here in the previous intro episode but it’s not a high-level. And it falls under
these four pillars, right? Provisioning, policy, design, assurance
for administrative control. Now, policy, policy refers to how we
define and manage the conditions, the constraints, and the settings for who
is authorized and under what circumstances. Provisioning, well, that
covers the on boarding of people and devices from the sites all the way to the
IP addresses. Design over here, design includes building your site
hierarchy, your image management, the network profiles that can greatly
simplify provisioning and a whole lot of other activities. And now, assurance,
well, assurance is the final module that you might not even be used to thinking was
possible. So by definition, assurance means freedom from doubt. And
when you apply that to the operation of your network, that’s where things get
really interesting. It’s that crucial allusive 360 degree view for the clients,
the devices, the apps, and it’s using real-time data
for making all the tweaks and allowing you to resolve issues. Now, NDP, we’re getting back into the
product and technology side here. NDP is new. It’s the analytics engine for
delivering assurance. And we’ve got an entire episode dedicated
to what this is and how to get it started, so check that out for more details. Now,
switching over to the far other side, Cisco ISE. You guys know this one, ISE we
call it, the Identity Services Engine. It’s been a unique value-added component
featured a whole bunch on this show. But now, it plays a key role as the policy
store. It is unrivalled in its ease of use nowadays and the value that it can provide
for you even if you don’t decide to pursue SD-Access at this point in time. Now
underlying everything here, this is the devices that gets stuff done.
We are familiar with the routers, the switches, the wireless controllers,
the access points. Support for SD-Access may only require an iOS update. Talk
about investment protection. – And today, we’re peeking a bit further
under the cover so we can see the reality of how Cisco has combined so many existing
technologies, filled in the gaps with the missing bits and pieces so we can finally
get true automation and simplicity in our networks. SD-Access offers simplification
through automation. Now how do we back that up? Well, we reveal the engrained
challenges we’ve all dealt with for so long that we may have quit asking how and
why they have never been addressed. And then we illustrate how existing mature
technology plus a few new items to fill in the gaps can give you a simple, secure
policy-based network running from the edge to the cloud. Now Carl Solder joins Robb
in the lounge to get us started right now. ♪ [music] ♪ – Well Carl, I apologize. We couldn’t get
you a more comfortable room in the back there because…
– [Carl] It’s okay. – It’s good keeping you around because
there’s a lot of your brain I still want to tap here. We’re doing a
deep dive. So this is a complementary tie-in to the introductory show that we
did. And so with that, let’s get in a little bit deeper, still
introductory to the deep dive. What problems would you say we’re trying
to solve or we are solving, I should be more confident, that we are
solving with SD-Access? – Good question, Robb. So I think there’s
a number of problems we’re trying to solve. I would bracket them in this kind
of four categories. First one is around provisioning. Today, we have customers who
have devices with thousands of features. They’re saying it’s getting too hard to
figure out which combination of features we install to extract maximum value from
the device we just invested in. So providing the ability to install
world-class configurations, best practice configurations with the
minimum number of clicks. That’s the starting point. On the policy
side, it’s two things. It’s about policy application and it’s
also about creating user segments. So we have tried to synthesize and
simplify the whole segmentation process down to making the hardest problem to
solve as being what name you’re going to give your virtual segment.
– Really? – Yeah. And then clicking the button and
having that application applied across the entire network. – Because when you say segmentation, I
think most people have a bunch of problems that suddenly come up, fear and
uncertainty, doubt. – Yeah, VNS, VRS, NPS, VPNs. I mean, what
do I do? So taking a big headache away from that.
– Yeah. Maybe tomorrow. – Also how we assign consistent
policy across all the different kinds of devices that we
have in the network, routers, switches, access points. – That’s another one that scares me. – They have slightly different ways in
configuration mode to apply that. So how can we do that consistently so that
irrespective of how and when I connect to the network or where, I’m going to have
the right policy assigned to me? And then last but not least, it’s about
understanding exactly what the heck is going on in your network. You’ve got
users, you’ve got devices, you’ve got things, you’ve got applications
running across your network. Rather than getting into the SEA Alliance
saying, “Okay, show interface, packet camp, bit camp.” I mean, that’s
okay, but what does it really tell me? It’s much better if I know that Robb Boyd
logged on to the network at 8:09 in the morning, he’s using five applications.
Oracle is one of those. Oracle is having a little bit of a
problem. Now I’m going to give you some guidance around where I think that problem
might be occurring and maybe some suggestions around how to fix that. That’s
really what we’re trying to do. – Talking to the IT side. You’re not gonna
ask Robb. – No.
– You’re just handling it for Robb. – Just handling it for Robb.
– I like that. – Absolutely. – Why have we not done this kind of
thing sooner? Because it feels like we’ve known about these problems
for a long time. – We have known about these problems for a
long time, and I think part of it is just the size and the enormity of the problem
set of how we go about solving them. – Because we have tried to tackle them,
but it’s been adding stuff on, I think, historically. – We have. And if you look across the
industry, there’s been attempts at solving slices of the problem. The whole SD-WAN
solutions that are coming out in the market right now are trying to address the
problems in the WAN side. You know, [inaudible] attempts,
we’ve started to look at enterprise. But really, we haven’t got the right
technology pieces to solve this as a whole. Now I think with the maturity
of a lot of the developments that happened on the STN forefront across the
industry and also within Cisco, we’ve taken a lot of those lessons and
we’re bringing them together. And I think now, we’ve got the right
packages of technology components to solve it in a single way. – So now is the right time?
– Now is the right time. – And obviously, we want people to start
testing this and working with it. But just before you go and before we go
back over to the lab to get into more depth on this, set up for us the
technologies that are being used to do this. Because I think they’re familiar
names, they’re stuff we’ve heard of, perhaps not in the enterprise side. – So underlying technology foundation
elements, VXLAN for our date transport. LISP, which is our control plane, keeping
track of where users are in the network. The whole TrustSec architecture which is
our framework for assigning the policy. They’re three very key components I think
we’re going to explore in a little while. But also the notion around fabric. What is
a fabric? What are the key fabric components? We have border node. We have
control plane. We have H-node. What they are, what do they do
when do you create them, how do you create them. I think these are
all elements that we’ll discuss. – And they’re not about
necessarily adding new stuff on and getting rid of what you’ve got.
This is just about existing roles changing a bit for devices a lot of people may
already have in the network. – It is.
– Just to make sure that that’s clear. – Absolutely. So I think we have to have
an understanding of that so that when you come to implement this,
you have a better understanding of exactly what you have to do. – All right. Carl, thank you so much.
– Thank you, Robb. – All right. We’re going to get deep.
We’re going over to Shawn and Lauren and they’re going to talk about those roles,
talk about what it means in this SD-Access and make sure you understand as
we go a little bit further. Thanks for hanging with us. – Welcome back to TechWise TV,
Shawn. We’re so happy to have you here. – [Shawn] Thanks, Lauren. – We’re talking about SD-Access. What is
SD-Access? – We’ve actually had campus fabric as a
product shipping for a little while. So SD-Access is really taking campus
fabric and then adding all the automation and assurance on top of it. – Okay. So that makes sense if I know what
a fabric is. But maybe we should dive into first what is a fabric. Or especially what is campus fabric,
what’s unique about that? – Well, so to start out with, we
use the term fabric a lot. It’s not unusual or unique. But the campus
fabric is really based on this concept of an underlay and an overlay. Okay? So if
you hear the term fabric, that’s what people mean, they mean an
overlay. So you start out with your traditional network, the way
that you think of it, right? – Switches…
– Switches, routers. – Protocols. They actually have their own
protocols, their own control plane. But we’re using this now just as a
transport mechanism. So that’s where this term underlay comes from, it’s just
underneath. And then when you think of a fabric, it’s really running
over the top, right? – So a logical…
– That’s right. – …almost virtual kind of but… – That’s right. It’s just virtually
running between the different edge devices and it really doesn’t matter what’s in the
middle from a transport perspective. – So I’ve got my hardware, it’s set up,
pristine, forwarding stuff. Great.
– Yep. – And most importantly, the host
themselves, the end devices, they don’t actually know what’s in the middle, right?
They just know they connect to this device, they get out on the other side,
and it’s done. – It’s all smoke and mirrors. – It’s all smoke and mirrors, it’s all
magic. Well, the magic actually comes from encapsulation, right? The other important
thing here is about the encapsulation. I’m just putting additional information on
the header that gets me from one side to the other side. – So encapsulation isn’t that difficult. I
mean, we’re already using GRE, MPLS. – That’s right. Yeah.
– Things like that, so. – We have lots of examples of
encapsulation, so it’s actually pretty common. But it’s really important to keep
this picture in your mind because if you keep this picture in your mind, then all
the others in campus fabric become very simple. – I love this slide, because a lot of
people don’t understand overlay necessarily. Just remember, it’s kind of
living above it, right? – That’s right, that’s right.
A fabric is an overlay. So I also get asked frequently, why an
overlay, right? So I created this just to kind of explain that. Now imagine
yourself…that’s you, right? And you’re the average…
– Looks just like me. – Completely. You actually have
two competing requests that are coming at you as the average IT person. So the
business naturally wants you to maximize uptime, right? It’s natural. Keep the
business running all the time no matter what. So our nature is to keep things
simple, right? Don’t turn on any special features, don’t do any complex types of
programing, just keep it simple, right? At the same time you’ve
got all kinds of new users. I know on the show, you guys
have talked a lot about all these new capabilities, IoT,
and these things. But how is the IT person going to keep it
simple and add all these new capabilities, right? So one of the beautiful parts about
an underlay, overlay model is the underlay actually solves that maximize uptime. Keep
it simple, just put in maximum redundancy, maximum links, and don’t
touch it. Its only job is to forward. – There you go. – On the other hand, having a
logical topology, like you said, in the overlay, now I can give you all
these services. This is where all the flexibility and all the magic comes from. – Even new services [inaudible] through… – May not even imagine them yet.
– Right. Okay. – That’s right. So campus fabric is really
broken down to three major things. The first part is the control plane based
on Location Identity Separation Protocol or LISP. Then we’re going to use a new
data plane which is the encapsulation piece using virtual extensible LAN or
VXLAN. Now the extra piece is the policy plane, and that’s based
on Cisco TrustSec. – So I mean, I’ve seen all of these
protocols before. What’s really new here? – Yeah, that’s an excellent point. All of
these have been around for a long time, several years in fact, and they’ve been
deployed widely in different areas of the network. What’s new is really bringing
them all together. Okay? And in many cases, they’ve only been in
the data center or they’ve only been in service provider only specific situations.
So really putting all three of them together and making a unique fabric for
the campus is what’s new. – And then with DNA center on top, I can
automate all that from… – That’s right.
– …an easy GUI. – Exactly.
– All right. – Exactly. So let’s look a little bit
closer at each one this starting off with the control plane. So the real
goal of LISP is to simplify your routing. So create that overlay network, right? And
if you do that in a traditional way…the problem with traditional routing protocols
is they’re very heavy, right? It works. We’ve been doing it for
20, 30 years. But I have to keep track of every single address. And any time
something changes, I have to update that address, right? – Yeah. It takes up space,
takes up… Yeah. – CPU and all these things. So one of the
reasons, one of the main reasons to go with LISP is that it actually separates
the host addresses from the topology addresses, right? And in this way, I only
have to keep track of things that are local to me. And it’s a map-based system,
so everything’s kept in the central mapping system which makes the whole thing
very, very lightweight. – So I have, like, a database just full of
where things are. But it’s LISP, so it’s Location Identify
Separation Protocol. – That’s right. LISP is one of the few
acronyms that actually means what it sounds like. Yeah. Now the most common
analogy for LISP is DNS, DNS for routing basically. So when you
have DNS, your computer is basically asking, “Where is cisco.com?” It doesn’t
know where cisco.com is. And the DNS server replies with, “Hey,
this is the IP for cisco.com.” It says, “Okay. I know where to send it.” right?
Now apply that same kind of thinking to routing. I don’t know where this
destination address is. I’m trying to reach Lauren. I don’t know where Lauren’s
at. I just ask the map system, “Where is Lauren right now?” It return and
says, “Lauren’s over here.” I say, “Okay, great. I’ll send it over there.” – I mean, it’s really like dynamic routing
except a little more flexible I guess. – That’s right, that’s right. So as you
dig a little deeper into LISP, there’s a couple of key things to keep
track off, a couple of names that you’ll hear. And these are all just
the highpoints for campus fabric. You’ll hear us talk a lot about end-point
identifiers. So this is your actual IP address, and it’s going to be like a
specific /32 or a specific MAC address for that host. And then you’ll hear routing
locators, and that’s just a fancy way of saying the interface of that router
switch, right? Now the whole magic is through this mapping system. We talked
about that. It’s the DNS for routing, right? And it’s really simple. All you
have to do is make a mapping between where is this end-point and what’s the router
it’s currently connected to. – It’s like a telephone book for
cellphones. – That’s right, exactly right. So you can
have just one map server, you can have multiple map servers for
redundancy, these kind of things. But the important thing here is just a
simple mapping between the end-point ID and the routing locator, right? – And this map server is in fact a server,
it’s living on a switch somewhere? – Good question. It can be either/or. It
actually can run on a Cisco iOS router or a iOS switch. But we can also support that
externally on a virtual machine. – Perfect. – So once I have the mapping system, like
I said, the edge devices, all they need to do is ask, “Where is this
at?” right? And that’s these tunnel routers. They also perform the
encapsulation and de-encapsulation, so putting that VXLAN header on. But when
they need to figure out, “Where is Lauren?” right?
They’re going to ask the map system, “Where is Lauren?” And the map system will
tell them and say, “Okay. I’m going to send that packet now to the
other side.” And it’s as simple as that. – It seems easy. – Yeah. It’s very easy. There is a special
one called a proxy tunnel router, and this is basically if I don’t know
where else to go, right? So if the map system doesn’t know where it
is, just enter the proxy tunnel router. And that’s mainly used for things like the
internet where I just don’t know… – Yeah, outside my internal network. – Yeah, that’s right, that’s right. – Or maybe just a different
network within… – That’s right. – But behavior is the same as a tunnel
router. That’s why we just call it a proxy tunnel router. Everything else is the
same. It’s very, very simple. – All right. – So one of the things I emphasized in the
beginning was host mobility, right? Identity separation, right? So one
of the key things in this example is just to show that in this example,
I’ve got a guy here in building one who’s going to talk to some application in the
data center, pretty standard stuff. But I want to emphasize, what happens when
he moves to a different building, right? So that’s what I’m
trying to show here. – Kind of like a high-level packet walk. – That’s right, that’s right. How does
mobility actually happen? So when he first starts talking, and as we
said, the first top router, his job is to just, “Hey, he’s connected
to me right now.” right? So the map system says, “Okay.” And what I
do want to draw attention to is I’m advertising the /32 because that means
this exact host address and he’s currently connected to this edge device. Okay? And
from there, traffic starts flowing. It’s fine. He says, “Where is
this data center device?” It’s over here, send it. Okay? – How it always worked. – Yeah. But what happens if he moves over
to a different building? Traditionally, you would have to change
your IP address, right? So that doesn’t happen any longer. So now
what happens is when the host starts communicating on the other side, the other
first top switch will say, “Oh, he’s currently connected to me.”
right? So he then updates the map system and says, “He’s connected to me now.”
right? Meanwhile, the map system will tell the old guy, “Hey, he’s connected to this
new one.” and then traffic continues. – And the right gateways
are over here, too. – Yep.
– Okay. – In fact, we use any NE [inaudible]
Gateway so they can be the same on every edge switch. – Perfect. Okay. – Now the same kind of thing happens in
reverse. Initially, the data center application will be sending to this
specific device, right, because that’s what the last thing he was told to do.
When the host moves over, the host that is no longer connected,
he’ll say, “Hey, I don’t have him anymore. Please check with the map
system.” So it’s as simple as that. He then checks with the map system.
Meanwhile, the new device is connected and traffic continues. – And this all happens pretty
quickly, I would hope? – Yeah. A few hundred milliseconds is the
most. Yeah, very fast. We use the DNS analogy. It’s
very, very lightweight, a few kilobits per second and it happens
very, very quickly. – Okay. That’s, yeah, important, right? – Yeah. So next, let’s look at the VXLAN
piece. Of course, we start out with our original frame. It’s got IP and
it’s got Ethernet. Now, LISP does have its own encapsulation but
it was built for IP mobility because it’s identity separation, right? So the key
thing about LISP is decoupling the IP from its location. But when we would do it, we
would throw away the MAC address. I don’t need that for IP, right?
So it’s… – We’re at layer three now. – Yeah. It’s pure layer three, pure IP
communication. So it’s considered a layer three overlay. Now, one of the reasons
we chose to use VXLAN which is now prevalent in the data
center, is it carries the Ethernet frame with it. – And why is that important? What does
that actually do for us? – Yeah. So if I only use layer three, I
could only ever communicate at IP. If I had any broadcast traffic or
Link-Local Multicast that’s using a MAC address, I wouldn’t be able
to support that. – That makes sense. – So by doing this, I can actually support
both layer two and layer three. – So, yeah, kind of a hybrid. – That’s right. It’s the best
of both worlds. So we talked earlier about
the underlay and the overlay and I said encapsulation is probably the magic, the
most important piece. So I’ve organized this just to look at the
VXLAN header and kind of show you the underlay pieces and the overlay pieces. In
the underlay, this is what all the intermediate devices see in the middle. So
when they’re communicating, the device in the middle, they only see
IP. As far as they know, it’s just a normal IP packet. It has a
standard UDP header. They don’t know any different about it.
– Just a regular Ethernet. – They don’t have to support campus fabric
at all. It’s just basic IP to them. Now one of the interesting things about
the UDP header is that’s actually what identifies it as a VXLAN frame. So when it
finally does get over to the other side, the other side says, “Oh, this is a VXLAN
frame. Let me take a look at it.” – Unpack it more. – Unpack it more, that’s right. And that’s
where the VXLAN header kind of kicks in. So one of the things in addition to
being able to carry the original Ethernet header, we can now use other fields within
the VXLAN header and that’s kind of a new magical piece of it. – Sounds like you’re about to tell us some
interesting things about the information we can carry here. – That’s right. Because that’s
really the connection for the third point, which was the policy plane with Cisco
TrustSec. So one of the new things that Cisco’s done is actually extend the
original VXLAN and add virtual routing and forwarding as well as Cisco TrustSec with
scalable group tags into the VXLAN header itself. – The VRF kind of gives us that network
isolation if we need it. And we’ll talk a little bit more about
scalable group tags. – That’s right. Yeah. So unfortunately,
you can’t talk about TrustSec without talking about
what’s the problem. We’ve built networks based on IP forever.
And just like LISP decoupled the IP from its location, the goal of TrustSec is
really to decouple its identity from its IP address, right? Because as long as I
have addresses, I have to build my policies based on those addresses. The
only way I know how to do it. – So we’re still talking about host
mobility. We’re just talking about, so great, okay, that host can
still communicate. But is the policy still being assigned? And that’s
where TrustSec comes in. – That’s right, that’s right. So
we’ve been doing this for 20, 30 years. Everybody loves to
build address-based access lists and all the complexity
that comes with that. – So easily readable. – Yes. And don’t change anything. So the
key goal in this particular case is to give something else other than the address
to make the identity. So what they come up with was this
group-based tag. And when a user comes in, they get associated with this
tag. And now whenever I build an access list, I only have to use the tag. I don’t
actually care what its IP address is anymore. – But before VXLAN, we couldn’t
carry that information from source to destination, right? – Well, we’ve had TrustSec for several
years but it was carried in a specific part of the layer two header. And this
actually made it complicated for people to actually deploy TrustSec. So one of the
beautiful things about using the VXLAN is now because it’s an overlay, I can
actually finally realize the advantages of TrustSec. – To include that.
– Yeah. – Very cool. – All right. So how do the
users actually get into the actual group? Earlier, when I talked about
Software-Defined Access interacting with other pieces, this is where the Cisco
identity services comes in. So after it’s authenticated all the
devices, then you just start building these groups, group tags, right? And all
my access lists are based on that group tag, right? So this is standard TrustSec
thing. But the really important thing here is we have different ways of
getting the users into that group tag. So the traditional way would be some kind
of dynamic authentication and certainly for the
flexibility, we prefer the dynamic model. – So dynamic meaning I don’t have
to use subnets or VLANs anymore. I can say this person and this person are
both in this group even though they’re in different subnets, different VLANs? – That’s right. – I don’t care. But I need them to have
the same policy. – That’s right. And it’s really part of
their user login. It could also be like a specific device if they
have this kind of mobile phones or this IoT device. So once I’ve identified what
they are, I just put them into a group and it doesn’t matter anymore where they’re
actually located. – But can we still do it the more
traditional way? – Yeah. So maybe your company
is not quite ready for this full dynamic classification. Common examples are like,
.1X, MAC address bypass. But this has been kind of in itself a
growing pain for different customers. So if you’re not quite ready for that, you
can actually make the static associations. So you’ve
probably built your VLANs in a certain way, you built your IP subnets in a
certain way, this is where the doctors are, this is where the engineering
department is. And then you can just directly map that VLAN or that IP
subnet to an SGT. – So I can kind of keep the traditional
model and maybe migrate slowly? – Slowly move in.
– That’s right. – I like that. – So this slide, it’s really just to kind
of give you a visual reference. Put it all together, right? I keep talking
about the magic of the overlay and putting these values into the encapsulation. So in
this example, the first [inaudible] device figures out who you are, puts you into a
group, right? And along with that group, I’m going to put you in a specific virtual
network, right? So everything is secure, I know where you are. It’s independent of your
current IP subnet. – That VRF information.
– That’s right. I pack that into the VXLAN header. Because VXLAN is an IP header,
it can travel all the way over the network, finally gets to the other side.
He takes it out and now I can actually do that group-based enforcement
on the other side. – And I don’t care where these
switches are. They might even be in two totally different buildings
or something but… – Yeah. As long as you give me IP from the
two things, they can be as far apart as necessary. – Awesome. – Before I go, I want to leave you guys
with a couple of key points. – You know, in other episodes, we talked a
lot about the DNA center and Software-Defined Access. So
that’s the DNA controller, the importance of ISE, importance of
analytics engine, those kind of things. But as far as the campus fabric,
just some key things to kind of leave you with. And we talked about them from a
technical terms. There’s a translation for all of these in LISP terms. What we wanted
to do for campus fabric was simplify things, right? So what we’ve done is we’ve
kind of changed the terminology a little bit. And I’ll start out with
the control plane node. That’s your LISP map server. – Okay. So these are the roles of the
campus fabric. – Of the campus fabric.
– So the map server, great. – Keeps track of everything. Next is the
border nodes. Like the name suggests, he talks inside the fabric, he also talks
outside the fabric. – The customs officer of…
– That’s right, that’s right. – …of the campus fabric. – And then the fabric edge nodes.
So these are where your access layer switches where the
users actually connect. He’s responsible for doing the identity part. And can’t
forget wireless. So this is one of the new editions also
to campus fabric. So instead of just doing a traditional wireless, we’re going to
actually integrate the wireless mobility with the control plane. So now all the
wireless clients gets the same capabilities as the wired clients. – That’s awesome. For host mobility, I
mean, wireless is obviously very important just as important as wired. So
that’s very cool. Remember three things, right, VXLAN, LISP, and Cisco TrustSec.
That’s what we really need to look into. Thanks so much, Shawn. That was so
informational. I really appreciate it. And thank you
for watching the Software-Defined Access show. We did a deep dive today. If you’re
dying to see DNA center GUI or the demo, please watch our intro show. Thank you for
watching today. Be sure and follow us online. All of our social media stuff is
on the screen. Check us out on Facebook, on Twitter, all the usual channels. And
you can always find all the shows including the back catalogue at
techwisetv.com. See you on the next one.