Avatar

Cisco IT has always strived to improve the user experience.  It is often overlooked in some IT organizations, but Cisco IT has service managers who are held accountable for the feedback they get for their service sectors.  This focus on how we perform means we are constantly pushed to improve how users interact with the technology.

As part of our ISE deployment, we’ve rolled out the guest networking early as a capability (as discussed in previous blogs). To begin I need to explain a policy choice Cisco makes for Guest account creation. Out of the box, ISE offers the ability to set policy that guest accounts have ‘self-registration’, like one would expect at a coffee shop or a hotel. Connect to the appropriate WiFi, accept an Acceptable Use Policy (AUP), and you’re off to the Internet. Our information security policy is to have an eligible sponsor at Cisco (Employee or Contractor) create the guest account. This has been the policy for a long time, well before the deployment of ISE as our guest solution. It wasn’t until ISE 1.2 Patch 5 that we’ve been able to do something about the actual experience of creating a guest account.

In partnership with our internal Workplace Resources (WPR) partners, we’ve solved this – with the help of ISE 1.2. In about half of the Cisco offices worldwide, we have what are called “Lobby Ambassadors”, these are people who welcome guests and ensure they are properly badged and escorted into our buildings. As mentioned, they ‘badge’ these guests and this badge system is a web-based application that is leveraging the Guest API in Cisco’s ISE 1.2 (Patch 5 and above) to do two things with one process. As the guest arrives, the Lobby Ambassador inputs the relevant information for a visitor badge, but at the time they push “Create” the API sends information over to ISE, creates the guest account, and then ships back the password to the badge system. The result of creating a visitor badge is both the badge (something they had to get anyway) and the guest networking account. Below is a sample badge:

APIs-blog-guest-badge-oct14

The badge is two parts. The main part is the one that goes on the chest and has the normal info on the visitor badge but also the new second label is detached and has the password (so it is separate from the username) and a few directions on how to connect to the guest network.

This change will have a huge impact on the user experience but it will also have great productivity gains. While we can’t use a Cost Savings approach to the productivity gains, a back of the envelope amount of person hours saved comes to 126,000 hours annually (based upon 500,000 guest accounts created annually by Lobby Ambassadors globally). At an estimate of 2,080 workable hours in a year, that saves over 60 full-time staff hours in a year. 60 people. That’s a difference worth noting.