Hey there, this is Shannon McFarland, head of Cisco DevNet and the Cisco Open Source Program Office. And I am back with the second of the series on MCP for DevOps. And we're going to briefly talk a little bit about a few of the many use cases that are out there that I'm seeing that customers and partners are telling me that they're gravitating to. and then we're going to build on these use cases over bunches of different demos and hands-on kind of sessions coming up here on YouTube. If you did not catch the first blog on MCP for DevOps with the architecture and components overview, that's something that you'll want to take a look at. I'll provide links for that and there's also a YouTube version of that same overview if you're aligned to video format. Let's do a recap of what we talked about on those two assets. We mentioned that model context protocol, something that Anthropic as an institution brought as an open source project, is a tool mechanism for linking into a variety of different non-AI native tool sets, APIs, services. And so it allows you to take an AI application or an agentic application and very quickly leverage the MCP SDK, which is a client to server communication flow, and leverage all kinds of tools, GitHub repos and CACD systems and file systems and databases and all of that stuff without actually having to write integration code for every one of those endpoints or every one of those tools natively inside your agents or natively inside your AI calls. And so that's kind of what MCP is about. And that's a little bit of a recap. And I think that what I talked about in both of those assets was what it was, which is a lightweight communication protocol designed to ease the toil and burden of having AI-enabled applications communicate with APIs, databases, and so forth. And also, it's just plumbing. It is a protocol, right? And so lots of protocols, they're just plumbing. But without those protocols, we don't have a standard way of actually implementing and observing and securing and connecting things together. And so MCP is very important in that regard. It's equally important to know what MCP is not. MCP is not a messaging protocol for agent agent communication. It's not an LLM. It's not a database itself. It's not even a platform. And it's not a replacement for your APIs and your data buses and all of those types of things. It's really there to lower or reduce or in some cases remove the toil of integrating with these types of systems. Now, the focus of this series is for DevNet and SecOps, right? That is really the community that is involved in the Cisco DevNet or the developer relations group at Cisco. And so some of the generic use cases that I'm seeing that apply to all of those happen to deal with leveraging the MCP software development kit, the SDK, which is a single SDK that has a client and a server component to it to handle, you know, the automation of routine tasks. So if you're, trying to generate reports across a large number of data sources, or you're trying to create repos or manage repos or create PRs and do it across a multitude of different repos or at large scale at a high frequency, and you want to do that without having to run a bunch of GitHub commands, it's really good. If you want to build Ansible playbooks or manage pipelines, These are things that are really good in an MCP environment. If you are trying to work through a unified data or action management system where your AI application is really trying to be the glue or the centralized hub for lots of diverse systems, such as maybe you're working with an observability solution with Splunk. You've got an orchestration system with Cisco NSO. You've got an AI security platform with Cisco AI Defense. and you're trying to singularly make sense of one specific bit of data or one trouble ticket or one problem area across a multitude of those different solutions or platforms. So that's yet another use case. Then there's things like it's going to help you get enhanced context and get a little bit better information that's richer and faster to help you make rapid and more accurate decision making. it's also really good you know when you are looking at compliance and security across a lot of different systems and it would normally have to take experts and a lot of lot of code to get you know visibility across different compliance systems and making sure there's security and did you do auditing and what's the trail look like on that audit so again compliance and security across a diverse number of systems MCP would be very good at. Now, one of the things that come up in the DevNet SecOps space is like, hey, I build GINJA templates for my Ansible playbooks. I have that stuff inside of GitHub or a GitLab or some other kind of repo that's taking care of basically the flow and the approvals and the storage of that. This stuff makes its way into CI like or CD like Argo CD. And then eventually I manifest all of that data and all of that tooling to some sort of outcome to something like a Cisco API. And MCP is absolutely perfect in that. And so this series that we're going through, you're going to actually see hands-on real demonstrations of how we build upon things like GitHub and database access and things like netbox inventory. And how do we feed all of that stuff into a pipeline that we ultimately use against Cisco product sets. Now, I want to take a moment to just kind of talk about a few of the things we're going to get into more technically through this series. So from a DevOps point of view, we're absolutely going to get into use cases like CACD automation, you know, code management, obviously GitHub and those types of things where we're dealing with branch management and PRs and triaging issues and, And, you know, just kind of sorting out once we go into a build environment, for example, between CICD and our manifest or artifacts, can we leverage things like Docker Scout to scan, you know, for the security of the images that we're either importing or dependent upon or even building. Infrastructure automation is another one that we're going to get into. Obvious places there where you are looking at Terraform and you're building or leveraging or manipulating your own providers. Again, Ansible playbooks all the way from zero to hero in that space. This is something that's going to be very applicable to help offload the manage of that stuff. And then things ultimately like streamline incident response where you may have a series of tools that are involved in the detection of a change inside of your GitHub environment that's going to trigger a test, that's going to trigger a deployment to staging. And then ultimately, once it's there and we've got health checks in place that feel good, then we're going to send a notification to something like Cisco WebEx, right? So there's a whole bunch of chain of things that we're going to kind of work through over a pretty lengthy series that we've got in front of us. As it relates to NetOps, a lot of that stuff all still applies, right? Where we're doing things where we are taking inventory management from NetOps or from something like NetBox, and we are making sure that that is in synchronicity with the actual real configuration state of our Nexus environment or our Catalyst environment or Meraki environment, whatever it is. And we want to, again, make sure that MCP is allowing us to, from a single client or a multiple client kind of environment, allow us to reach out and grab information through these different MCP server tools, bring them into us, let us utilize AI to mix that stuff together to give us a real-time context to go do the next thing, right? And so this would be a great area that I think that people can really do a lot of discovery. John Copiabanco, if you've not followed him, he does a great job of really talking about the NetOps use case and how you can utilize a variety of tools, PyATS and a bunch of stuff, to bring this information together, make sense of it, and then send it back out as an automated workflow. where you're detecting anomalies or you're monitoring network performance and something's not right with ISIS and you've lost a peer or latency is bad in your SD-WAN environment. You bring these things together, you kind of work through them, build a brand new manifest or a brand new script or a brand new API call to go out into, for example, your cloud infrastructure to automate the change of your environment. It could be a triggered response to auto-scale something inside your Kubernetes environment. So the NetOp use cases is probably endless in the numbers of things that you can do with it. You know, one that I started off with, the very first thing that I started off using this is I had an environment where I had a data center environment. And the, you know, the constant change to go out and make one change to an OSPF router or something like that. It was like, hey, gee, wouldn't it be cool if I could, through natural language, go and say, add a new OSPF v3 IPv6 route with this particular prefix on this particular infrastructure and allow it to go in through an MCP server, make a call to a Cisco API environment through REST or NetConf or whatever the case might be, and actually trigger the implementation of that command. And so that's a very common example of something that I would use it for. And then finally, kind of wrapping up here around some of the use cases that we're going to get into. From a SecOps point of view, this is a very exciting space where you can have proactive threat responses, where you've got AI agents, for example, that are out there looking for problems. And they could swiftly detect and mitigate a threat by utilizing the AI agentic interface that is communicating with tools. And again, MCP is not there to manage and control those agents. It's there to provide those agents access to tools. And so when you've got one or multitude of agents kind of like working in different areas of your SecOps environment, it can go out and detect these things and then start taking conditional access on them where you can maybe want to go and just simply adjust a firewall in the Cisco Secure firewall. Or it could be that you've got endpoints that are misbehaving with malware and you got Cisco Secure endpoint that triggers something into the environment we go through when that AI agent starts talking to other AI agents saying, okay, how strict do we get? Do we just isolate this one? Do we isolate the subnet? Do we isolate the site? And so you can begin to start gluing those things together. And then you, again, like we did with NetOps, you then introduce this automated vulnerability management, right? It's like, okay, what was the root cause of this? And how do we make sure that it doesn't happen again? And so we can take that state or that knowledge of all of those complex inner workings on the MCP server side, the tool side, bring them together, leverage AI, leverage other observability platforms that can help us understand context, and then build a brand new automated strategy that is better and faster at detecting and taking action there. And right, that's that next step of really taking the information and then doing something with it. And then finally, end-to-end real-time incident orchestration. And that is where each one of these tools that set off an alarm bell as we go through the pipeline of a threat. We can turn around and bring a comprehensive incident response to it, not only to the things that we talked about where we're actually taking action to just kind of stop the bleeding, but we can also go through and learn programmatically across these various complex systems to detect things faster again and proactively build better firewall rules, better malware detection, and better alerting. And so I'm pretty excited about this space. I'm not a huge security person day to day, but this is definitely something when I talk to our customers at Cisco Live, where they actually are really excited about the SecOps space with utilizing MCP across a variety of different tools. So that's a little bit of a walkthrough. The blog post that I'll refer you to has definitely got a lot more context to it. There's some graphics there that kind of spell out some of the things that I'm talking about here. But I'm pretty excited about what we've got coming up in this series, what we're going to do next as it relates to gluing together tools like GitHub and Argo CD and Cisco Firewall and Meraki Dashboard and Cisco Ice and a bunch of these things together and really start to stack together a pretty nice looking operationally centric use case story for you. So I appreciate it. I hope you stick around. Thanks. Have a good day.