SaaS Fundamentals
A Guide to Modern Cloud Solutions
Will be published approx. on 16. August 2026
Book
Paperback/Softback
544 pages
978-0-13-533474-4 (ISBN)
Description
SaaS Fundamentals: A Guide to Modern Cloud Solutions
SaaS Fundamentals is a clear, straightforward introduction to Software as a Service that blends foundational technical knowledge with real-world application. This guide helps you confidently evaluate, migrate, and navigate the intricacies of SaaS while highlighting proven solutions.
Modern organizations depend on SaaS for collaboration, networking, visibility, and security. This book explains how SaaS differs from traditional software, why it accelerates innovation, and how to assess SaaS offerings for business value, reliability, security, and cost. You'll learn how SaaS works in practice through established enterprise examples, including Cisco Umbrella, Cisco Webex, and Cisco ThousandEyes, demonstrating how cloud-managed networking, digital experience monitoring, and hybrid operations fit into modern IT environments.
Designed for busy professionals, each chapter stands alone, making it easy to reference architectures, migration planning, best practices, and detailed overviews of trusted SaaS solutions. The focus is practical, jargon-free, and directly applicable on the job.
Whether you're moving from on-premises systems or refining an existing cloud strategy, this book helps you reduce risk, simplify operations, and improve agility with SaaS.
What You Will Learn
How SaaS works and how it differs from traditional software models
How to evaluate SaaS for business value, security, compliance, and reliability
How to plan and support SaaS migrations with minimal disruption
How SaaS is used in real enterprises with Cisco Webex, Cisco ThousandEyes, and Cisco Umbrella
Key SaaS operational concepts, including identity, integration, monitoring, and governance
Emerging trends such as AI-assisted SaaS, hybrid multicloud, and edge integration
SaaS Fundamentals is a clear, straightforward introduction to Software as a Service that blends foundational technical knowledge with real-world application. This guide helps you confidently evaluate, migrate, and navigate the intricacies of SaaS while highlighting proven solutions.
Modern organizations depend on SaaS for collaboration, networking, visibility, and security. This book explains how SaaS differs from traditional software, why it accelerates innovation, and how to assess SaaS offerings for business value, reliability, security, and cost. You'll learn how SaaS works in practice through established enterprise examples, including Cisco Umbrella, Cisco Webex, and Cisco ThousandEyes, demonstrating how cloud-managed networking, digital experience monitoring, and hybrid operations fit into modern IT environments.
Designed for busy professionals, each chapter stands alone, making it easy to reference architectures, migration planning, best practices, and detailed overviews of trusted SaaS solutions. The focus is practical, jargon-free, and directly applicable on the job.
Whether you're moving from on-premises systems or refining an existing cloud strategy, this book helps you reduce risk, simplify operations, and improve agility with SaaS.
What You Will Learn
How SaaS works and how it differs from traditional software models
How to evaluate SaaS for business value, security, compliance, and reliability
How to plan and support SaaS migrations with minimal disruption
How SaaS is used in real enterprises with Cisco Webex, Cisco ThousandEyes, and Cisco Umbrella
Key SaaS operational concepts, including identity, integration, monitoring, and governance
Emerging trends such as AI-assisted SaaS, hybrid multicloud, and edge integration
More details
Series
Language
English
Place of publication
Indianapolis
United States
Publishing group
Pearson Education (US)
Target group
Professional and scholarly
ISBN-13
978-0-13-533474-4 (9780135334744)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Persons
David Hanes, CCIE No. 3491, is a principal engineer in the SaaS Support Engine at Cisco, supporting the Cisco Technical Assistance Center (TAC). Specializing in SaaS, Internet of Things (IoT), and collaboration technologies, he is focused on workflow innovation, solution architecture, and technical solution development. David is the coauthor of two books: IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things (Cisco Press, 2017) and Fax, Modem, and Text for IP Telephony (Cisco Press, 2008).
He has contributed to industry standards bodies such as the IETF and the SIP Forum and holds more than 50 patents, both pending and issued, across the domains of collaboration, IoT, security, AI/ML, wireless, and sustainability. David's technical leadership is recognized globally, and he has been invited to speak at numerous international conferences on collaboration and IoT topics. At Cisco Live, the company's flagship customer event, he has delivered more than 30 presentations and has earned seven Distinguished Speaker awards as well as induction into the Hall of Fame.
Since joining Cisco in 1997, David has served as a TAC engineer and team lead for both the WAN and Multiservice Voice teams, and as an escalation engineer specializing in a wide range of VoIP technologies. He has resolved complex collaboration issues for many of Cisco's largest customers worldwide. Prior to Cisco, David began his networking career as a systems engineer at Sprint, where he worked with frame relay and X.25 protocols. He holds a bachelor of science in electrical engineering from North Carolina State University.
Omar Santos is a distinguished engineer at Cisco focusing on artificial intelligence (AI) security, cybersecurity research, incident response, and vulnerability disclosure. He is the cochair of the Coalition for Secure AI (CoSAI) and a board member of the OASIS Open standards organization. Omar is also the chair of the OpenEoX and the Common Security Advisory Framework (CSAF) technical committee. His work led the creation of the CSAF ISO standard.
Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is the cochair of the FIRST PSIRT Special Interest Group (SIG) and was the lead of the DEF CON Red Team Village for several years.
Omar is the author of more than 25 books, 20 video courses, and more than 40 academic research papers. His work in cybersecurity is also recognized through multiple granted patents. Prior to Cisco, Omar served in the United States Marines focusing on the deployment, testing, and maintenance of Command, Control, Communications, Computer, and Intelligence (C4I) systems.
Paul Giralt, CCIE No. 4793, is a distinguished engineer in the Cisco Security and Trust Organization (S&TO) focused on making Cisco's software secure; however, he spent most of his decades-long career at Cisco supporting all aspects of Cisco's collaboration portfolio, from the early days of CallManager 3.0 to modern-day, cloud-based collaboration, including Webex. He has spent much of his career helping customers accelerate the adoption of Cisco technologies and solutions, working with Cisco's largest collaboration deployments and working closely with engineering on improving product serviceability and cross-architecture product integrations. Paul has spent years designing, troubleshooting, and diagnosing issues on some of the largest and most complex Cisco collaboration deployments. His current focus is on making industry-leading changes to the security posture of Cisco products in the face of evolving threat actor sophistication leading to network infrastructure that is resilient to attacks.
Paul holds a degree in computer engineering from the University of Miami, is the author of multiple Cisco Press titles, is an IETF contributor, and holds numerous patents in collaboration and networking technologies.
Chad Patterson is a technical leader in Cisco's Customer Experience SaaS Engine, with more than 12 years of expertise in cloud collaboration technologies, SaaS security, and full-stack observability. He specializes in supporting and innovating across many Cisco products, including Webex and Telepresence, building solutions that enable customers and support teams to detect and resolve issues faster.
Chad is recognized for his contributions to technical innovation, having developed software tools and workflows that streamline troubleshooting and enhance customer outcomes. He is a prolific author of technical documents, white papers, and training materials, and has been responsible for developing and delivering curriculum to launch new collaboration and IoT support teams.
An active participant in Cisco's technical community, Chad has presented at major industry conferences, including Cisco Live and Cisco Impact, where he leverages his domain knowledge to empower customers and sales teams. He is also dedicated to mentoring colleagues and driving cross-functional innovation within Cisco's Customer Experience organization. Chad holds a bachelor of science in electrical engineering and a bachelor of science in computer engineering from North Carolina State University.
He has contributed to industry standards bodies such as the IETF and the SIP Forum and holds more than 50 patents, both pending and issued, across the domains of collaboration, IoT, security, AI/ML, wireless, and sustainability. David's technical leadership is recognized globally, and he has been invited to speak at numerous international conferences on collaboration and IoT topics. At Cisco Live, the company's flagship customer event, he has delivered more than 30 presentations and has earned seven Distinguished Speaker awards as well as induction into the Hall of Fame.
Since joining Cisco in 1997, David has served as a TAC engineer and team lead for both the WAN and Multiservice Voice teams, and as an escalation engineer specializing in a wide range of VoIP technologies. He has resolved complex collaboration issues for many of Cisco's largest customers worldwide. Prior to Cisco, David began his networking career as a systems engineer at Sprint, where he worked with frame relay and X.25 protocols. He holds a bachelor of science in electrical engineering from North Carolina State University.
Omar Santos is a distinguished engineer at Cisco focusing on artificial intelligence (AI) security, cybersecurity research, incident response, and vulnerability disclosure. He is the cochair of the Coalition for Secure AI (CoSAI) and a board member of the OASIS Open standards organization. Omar is also the chair of the OpenEoX and the Common Security Advisory Framework (CSAF) technical committee. His work led the creation of the CSAF ISO standard.
Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is the cochair of the FIRST PSIRT Special Interest Group (SIG) and was the lead of the DEF CON Red Team Village for several years.
Omar is the author of more than 25 books, 20 video courses, and more than 40 academic research papers. His work in cybersecurity is also recognized through multiple granted patents. Prior to Cisco, Omar served in the United States Marines focusing on the deployment, testing, and maintenance of Command, Control, Communications, Computer, and Intelligence (C4I) systems.
Paul Giralt, CCIE No. 4793, is a distinguished engineer in the Cisco Security and Trust Organization (S&TO) focused on making Cisco's software secure; however, he spent most of his decades-long career at Cisco supporting all aspects of Cisco's collaboration portfolio, from the early days of CallManager 3.0 to modern-day, cloud-based collaboration, including Webex. He has spent much of his career helping customers accelerate the adoption of Cisco technologies and solutions, working with Cisco's largest collaboration deployments and working closely with engineering on improving product serviceability and cross-architecture product integrations. Paul has spent years designing, troubleshooting, and diagnosing issues on some of the largest and most complex Cisco collaboration deployments. His current focus is on making industry-leading changes to the security posture of Cisco products in the face of evolving threat actor sophistication leading to network infrastructure that is resilient to attacks.
Paul holds a degree in computer engineering from the University of Miami, is the author of multiple Cisco Press titles, is an IETF contributor, and holds numerous patents in collaboration and networking technologies.
Chad Patterson is a technical leader in Cisco's Customer Experience SaaS Engine, with more than 12 years of expertise in cloud collaboration technologies, SaaS security, and full-stack observability. He specializes in supporting and innovating across many Cisco products, including Webex and Telepresence, building solutions that enable customers and support teams to detect and resolve issues faster.
Chad is recognized for his contributions to technical innovation, having developed software tools and workflows that streamline troubleshooting and enhance customer outcomes. He is a prolific author of technical documents, white papers, and training materials, and has been responsible for developing and delivering curriculum to launch new collaboration and IoT support teams.
An active participant in Cisco's technical community, Chad has presented at major industry conferences, including Cisco Live and Cisco Impact, where he leverages his domain knowledge to empower customers and sales teams. He is also dedicated to mentoring colleagues and driving cross-functional innovation within Cisco's Customer Experience organization. Chad holds a bachelor of science in electrical engineering and a bachelor of science in computer engineering from North Carolina State University.
Content
Introduction xxv
Part I SaaS Fundamentals
Chapter 1 What Is SaaS? 1
Cloud Types 2
IaaS, PaaS, and SaaS Cloud Computing Models 10
Everything as a Service 17
Shared Responsibility Model 19
The Business Case for SaaS 21
Summary 24
References 25
Chapter 2 SaaS Architecture 27
Logical Model 29
Review of SDN Logical Model 29
SaaS Control Plane and Application Plane 33
Architectural Model 35
NIST Cloud Computing Reference Architecture 36
SaaS Architectural Model 38
Infrastructure 42
Compute 43
Storage 44
Network 46
System Software and Tools 48
Application Services 51
Microservices and Serverless Architectures 52
Business Logic and Core Functionality 58
Database Services 60
Structured, Unstructured, and Semi-Structured Data Types 61
Relational and Non-Relational Database Types 63
Presentation Services 69
Integration Services 73
Custom Integrations with APIs, Webhooks, and WebSockets 74
Prebuilt Integrations with Apps, Connectors, Modules, and Adapters 76
Security and Privacy 78
Cloud Security Controls 79
Identity Access and Management 80
Visibility and Monitoring 82
Management and Analytics 82
Multitenancy 88
Summary 91
References 93
Chapter 3 Migrating to SaaS 95
Discovery 96
Cost of Ownership 97
Partial or Full Migration 98
The Reason to Identify Key Features and Functionality 98
Application Configuration 99
Application Integrations 100
Network Requirements 101
Security 102
Migration Requirements 103
Design and Planning 104
Network Requirements 105
Connectivity 105
Quality of Service 106
Bandwidth 107
Virtual Private Network (VPN) 108
Data Migration 109
Testing 110
User Acceptance Testing (UAT) 110
Automated Testing 110
Application Metrics 111
Security Testing 112
Fallback Planning 114
Implementation 115
Staging Environment 115
Application Cutover Strategy 116
Hard Cutover 116
Parallel Applications 117
Staged Migration 119
SaaS Provider Migration Tools 120
Value Realization 120
Validate 121
Uplift 122
Utilize 122
Common Migration Challenges 122
Network Changes 123
User Adoption 124
Security Concerns 124
The Need to Prevent Unauthorized Access 125
Loss of Data 125
Vulnerability Management 125
API Security 125
Shadow IT 125
Summary 126
References 127
Chapter 4 Security and Privacy for SaaS 129
SaaS Security Basics 129
Data Protection and Privacy Concerns 130
Common Threats to Data Security in SaaS Platforms 130
Data Breaches 130
Data Leakage 131
Insider Threats 132
Advanced Persistent Threats (APTs) and Nation Sponsored Attackers 134
Ransomware 136
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks 137
Regulatory Compliance and Certifications 137
General Data Protection Regulation (GDPR) 137
Payment Card Industry Data Security Standard (PCI DSS) 138
International Organization for Standardization (ISO) Standards and Certification 138
Europe's Cyber Resilience Act (CRA) 139
Federal Risk and Authorization Management Program (FedRAMP) 139
System and Organization Controls (SOC 1, 2, and 3) 142
The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) 143
Data Sovereignty 144
Architectural Considerations for Data Partitioning and Tenant Isolation 147
Tools and Techniques for Preventing Data Loss in a SaaS Setup 149
Encryption 149
Data Masking and Tokenization 152
Data Classification and Tagging 154
Integration of DLP Solutions with Existing Systems 157
Identity and Access Management (IAM) 158
Centralizing Identity Management 158
Enforcing Multifactor Authentication (MFA) 161
Using Cisco Duo and MFA 163
Understanding FIDO Technology 163
Implementing Single Sign-On (SSO) 168
Looking at SAML, OAuth, and OpenID Connect 170
Monitoring and Analyzing User and Application Account Activities 173
Best Practices for Monitoring and Analyzing Activities 174
Access Control Mechanisms 175
Continuous Monitoring and Incident Response 176
Best Practices for SaaS Incident Response 177
The Automation of Everything in SaaS to Enhance Security and Efficiency 179
SaaS Security Management 180
SaaS Security Posture Management (SSPM) 180
Cloud Access Security Broker (CASB) 181
Summary 182
Part II SaaS Solutions
Chapter 5 Collaboration: Webex Meetings and Messaging 185
Product Capabilities 186
Webex Meetings 187
Webex Messaging 192
Asynchronous Video (Vidcast) 195
The Webex Platform 196
Infrastructure 197
Application Services 199
Authentication and Authorization 200
Encryption and Key Management 201
Meeting Management and Control/Media Services 204
Messaging Services 209
Recording, Speech, and AI Services 210
Presentation Services 211
Database Services 211
Provisioning Database 211
Messages Database 212
Management and Analytics Data Storage 212
Logging Data 213
Integration Services 213
Management and Analytics 214
Security and Privacy 218
Summary 220
References 220
Chapter 6 Collaboration: Webex Calling 221
Product Capabilities 223
Call Routing and Dial Plan Management 224
User Management 227
PSTN Connectivity 227
Cisco Calling Plans 227
Cloud-Connected PSTN Partners (CCPP) 228
Premises-Based PSTN 229
Emergency Calling 231
Calling Endpoint Support and Management 231
Calling Features 233
Customer Experience Features 235
Interoperability 236
Analytics and Troubleshooting 237
High Availability and Survivability 240
Artificial Intelligence (AI) Features 242
The Webex Calling Platform 243
Infrastructure 243
Application Services 245
Call Control Services 245
Edge Services 247
Media Services 248
Provisioning Services 249
Device Management Services 250
Presentation Services 250
Database Services 251
Integration Services 252
Management and Analytics 252
Security and Privacy 253
Summary 254
References 254
Chapter 7 Collaboration: Webex Contact Center and Webex Connect 255
Cisco Cloud Contact Center Products 257
Product Capabilities 258
Omnichannel Communication 259
AI-Powered Features 260
Virtual Agents 261
Cisco AI Assistant 261
Advanced Call Routing 262
Skills-Based Routing 264
Agent-Based Routing 265
Flow Designer 265
Analytics and Reporting 267
Integrations 269
Webex Workforce Optimization 272
Webex Contact Center Platform 274
Infrastructure 274
Application Services 276
Contact Interaction Management 277
Queues and Routing 279
Desktop Agent 279
Presentation Services 280
Database Services 281
Flow Configurations 281
User Profile Information 282
Logging and Telemetry 282
Management and Analytics 283
Integration Services 284
Security and Privacy 285
Summary 286
References 287
Chapter 8 Security: Identity and Access Management 289
Cisco's Zero Trust and Continuous Trust Philosophy 290
The Shift to Identity as the Perimeter 291
Cisco's Zero Trust Framework 292
The Principle of Continuous Trusted Access 294
An Introduction to Cisco Duo 295
From Traditional MFA to Phishing-Resistant Passwordless 295
Overview of FIDO2 and WebAuthn 296
Case Study: Implementing FIDO2/WebAuthn with Cisco Duo for Passwordless Authentication at Cisco 297
Implementation Process 298
Passwordless Implementation Lessons Learned and Recommendations 299
Single Sign-On (SSO) and Duo 300
Passwordless Authentication 300
Device Trust and Health 300
Getting Familiar with Cisco Duo via the Free Tier 301
The Duo Cloud-Native Platform and On-Premises Components 301
Duo Authentication Proxy 302
Duo Network Gateway (DNG) 304
More Than 400,000 VPN Connections per Month 304
The Cisco Duo Identity and Access Management (IAM) Platform 305
Duo Identity Routing Engine 306
Hardware-Free Phishing Resistance 306
More on Cisco Identity Intelligence 307
Summary 307
References 308
Chapter 9 Security: Cisco Umbrella and Cisco AI Defense 309
From OpenDNS to Cisco Umbrella 310
Secure Internet Gateway and Secure Access Service Edge 310
An Analysis of Umbrella's Converged Functions 312
Predictive Security with AI, ML, and Talos 313
Domain Generation Algorithms (DGAs) 314
Command-and-Control (C2) Callbacks 316
Umbrella Investigate 317
Cisco Umbrella Deployment Scenarios 318
Policy Configuration Best Practices 320
Cisco AI Defense: Securing the AI Revolution 321
The Rise of Shadow AI 321
The Developer's Dilemma: Securing In-House AI Applications 322
Cisco AI Defense Four-Pillar Framework for AI Security 323
Summary 325
References 326
Chapter 10 Security: Cisco XDR, Splunk, and Cisco Vulnerability Management 327
Unifying Telemetry for Accelerated Response Using Cisco XDR 329
Cisco XDR Architectural Deep Dive 329
Data Ingestion and Normalizations 329
The Analytics and Correlation Engine 330
Licensing Tiers (Essentials, Advantage, Premier) 331
Cisco XDR Core Capabilities and AI-Powered Detection 331
Cross-Product Context, Incident Prioritization, and Cisco Talos Threat Intelligence Integration 331
Automated Guided Response and Containment Actions 332
Guided Playbooks, Workflows, and Forensics 332
Data-Driven Insights with the Splunk Ecosystem 333
Splunk Enterprise and Splunk Cloud Platform 333
Splunk for Security Operations and Splunk Enterprise Security 334
Going Beyond Security with Observability and IT Operations 336
Splunk AI Toolkit: Operational Machine Learning on the Splunk Platform 338
Cisco Vulnerability Management: Prioritizing Risk with Data Science 340
Risk-Based Vulnerability Management (RBVM) 340
Data Ingestion and Intelligence Feeds 341
The Scoring Mechanism, Asset Criticality, and Context 342
Operationalizing Vulnerability Management 342
The Power of Integration: A Unified Security Strategy 344
Splunk, Cisco XDR, and CVM Technical Integration Points 345
Correlating Threats with Vulnerabilities 346
A Practical Workflow: From Vulnerability Awareness to Orchestrated Response 347
Cisco's AI Assistant 348
Summary 349
References 350
Chapter 11 Observability and Monitoring: Cisco AppDynamics and Splunk 351
The Basics 352
What Is Full-Stack Observability? 352
Observability vs. Monitoring 353
OpenTelemetry and MELT 354
AppDynamics + Splunk 356
SaaS Security Practices-AppDynamics and Splunk 359
Data Encryption 359
Access Control 360
Disaster Recovery 360
Audit Logging 362
Multitenancy 362
Splunk Observability Cloud-Architecture Overview 363
Cloud-Native Observability 363
Data Collection 364
AppDynamics-Architecture Overview 365
SaaS and On-Premises Observability 365
Controllers and Agents 367
Controllers 367
Agents 369
Core Observability Features 370
Application Performance Monitoring (APM) 371
Infrastructure Monitoring 374
End-User Monitoring 376
Browser Monitoring 376
Mobile Monitoring 378
IoT Monitoring 378
Synthetic Monitoring 379
Log Observer Connect 380
Summary 383
References 384
Chapter 12 Observability and Monitoring: Cisco ThousandEyes 387
Architectural Overview 388
Agent Types 391
Endpoint Agent 392
Enterprise Agents 393
Cloud Agents 394
Agent Tests 396
Enterprise and Cloud Agent Tests 396
Routing Test 397
Network Tests 398
DNS Tests 399
Web Tests 400
Voice Tests 403
Endpoint Agent Tests 405
Path Visualization and Dashboard Snapshots 407
Internet, WAN, Cloud, and Traffic Insights 409
Integrations 411
Prebuilt 411
Custom 412
Cisco AI Assistant Integration 413
Summary 415
References 416
Chapter 13 Management: Cisco Meraki 417
Meraki Platform Capabilities 418
Meraki Dashboard 419
Security Appliances (Cisco Meraki MX) 422
Switches (Cisco Meraki MS) 425
Wireless Access Points (Cisco Meraki MR) 428
Cellular WAN Gateways (Cisco Meraki MG) 431
Cameras (Cisco Meraki MV) 432
Sensors (Cisco Meraki MT) 434
Device Management (Meraki Systems Manager) 436
The Cisco Meraki Cloud 438
Infrastructure 439
Application Services 441
Presentation Services 443
Database Services 444
Integration Services 445
Management and Analytics 447
Security and Privacy 449
Summary 450
References 451
Chapter 14 Management: Cisco Intersight 453
Intersight Overview 454
Cloud-Managed Compute 455
SaaS vs. On-Prem Implementation 458
Device Integration (Cisco and Third Party) 458
Key Features and Functions 461
Automation and Insights 467
Orchestration 467
Programmability and Infrastructure as Code 470
Architecture 474
Common Deployment Scenarios 477
Common Workflows and Use Cases 480
Device Onboarding and Security 481
User Management 486
TAC Integration 488
Summary 491
Reference 492
9780135334744 TOC 3/23/2026
Part I SaaS Fundamentals
Chapter 1 What Is SaaS? 1
Cloud Types 2
IaaS, PaaS, and SaaS Cloud Computing Models 10
Everything as a Service 17
Shared Responsibility Model 19
The Business Case for SaaS 21
Summary 24
References 25
Chapter 2 SaaS Architecture 27
Logical Model 29
Review of SDN Logical Model 29
SaaS Control Plane and Application Plane 33
Architectural Model 35
NIST Cloud Computing Reference Architecture 36
SaaS Architectural Model 38
Infrastructure 42
Compute 43
Storage 44
Network 46
System Software and Tools 48
Application Services 51
Microservices and Serverless Architectures 52
Business Logic and Core Functionality 58
Database Services 60
Structured, Unstructured, and Semi-Structured Data Types 61
Relational and Non-Relational Database Types 63
Presentation Services 69
Integration Services 73
Custom Integrations with APIs, Webhooks, and WebSockets 74
Prebuilt Integrations with Apps, Connectors, Modules, and Adapters 76
Security and Privacy 78
Cloud Security Controls 79
Identity Access and Management 80
Visibility and Monitoring 82
Management and Analytics 82
Multitenancy 88
Summary 91
References 93
Chapter 3 Migrating to SaaS 95
Discovery 96
Cost of Ownership 97
Partial or Full Migration 98
The Reason to Identify Key Features and Functionality 98
Application Configuration 99
Application Integrations 100
Network Requirements 101
Security 102
Migration Requirements 103
Design and Planning 104
Network Requirements 105
Connectivity 105
Quality of Service 106
Bandwidth 107
Virtual Private Network (VPN) 108
Data Migration 109
Testing 110
User Acceptance Testing (UAT) 110
Automated Testing 110
Application Metrics 111
Security Testing 112
Fallback Planning 114
Implementation 115
Staging Environment 115
Application Cutover Strategy 116
Hard Cutover 116
Parallel Applications 117
Staged Migration 119
SaaS Provider Migration Tools 120
Value Realization 120
Validate 121
Uplift 122
Utilize 122
Common Migration Challenges 122
Network Changes 123
User Adoption 124
Security Concerns 124
The Need to Prevent Unauthorized Access 125
Loss of Data 125
Vulnerability Management 125
API Security 125
Shadow IT 125
Summary 126
References 127
Chapter 4 Security and Privacy for SaaS 129
SaaS Security Basics 129
Data Protection and Privacy Concerns 130
Common Threats to Data Security in SaaS Platforms 130
Data Breaches 130
Data Leakage 131
Insider Threats 132
Advanced Persistent Threats (APTs) and Nation Sponsored Attackers 134
Ransomware 136
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks 137
Regulatory Compliance and Certifications 137
General Data Protection Regulation (GDPR) 137
Payment Card Industry Data Security Standard (PCI DSS) 138
International Organization for Standardization (ISO) Standards and Certification 138
Europe's Cyber Resilience Act (CRA) 139
Federal Risk and Authorization Management Program (FedRAMP) 139
System and Organization Controls (SOC 1, 2, and 3) 142
The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) 143
Data Sovereignty 144
Architectural Considerations for Data Partitioning and Tenant Isolation 147
Tools and Techniques for Preventing Data Loss in a SaaS Setup 149
Encryption 149
Data Masking and Tokenization 152
Data Classification and Tagging 154
Integration of DLP Solutions with Existing Systems 157
Identity and Access Management (IAM) 158
Centralizing Identity Management 158
Enforcing Multifactor Authentication (MFA) 161
Using Cisco Duo and MFA 163
Understanding FIDO Technology 163
Implementing Single Sign-On (SSO) 168
Looking at SAML, OAuth, and OpenID Connect 170
Monitoring and Analyzing User and Application Account Activities 173
Best Practices for Monitoring and Analyzing Activities 174
Access Control Mechanisms 175
Continuous Monitoring and Incident Response 176
Best Practices for SaaS Incident Response 177
The Automation of Everything in SaaS to Enhance Security and Efficiency 179
SaaS Security Management 180
SaaS Security Posture Management (SSPM) 180
Cloud Access Security Broker (CASB) 181
Summary 182
Part II SaaS Solutions
Chapter 5 Collaboration: Webex Meetings and Messaging 185
Product Capabilities 186
Webex Meetings 187
Webex Messaging 192
Asynchronous Video (Vidcast) 195
The Webex Platform 196
Infrastructure 197
Application Services 199
Authentication and Authorization 200
Encryption and Key Management 201
Meeting Management and Control/Media Services 204
Messaging Services 209
Recording, Speech, and AI Services 210
Presentation Services 211
Database Services 211
Provisioning Database 211
Messages Database 212
Management and Analytics Data Storage 212
Logging Data 213
Integration Services 213
Management and Analytics 214
Security and Privacy 218
Summary 220
References 220
Chapter 6 Collaboration: Webex Calling 221
Product Capabilities 223
Call Routing and Dial Plan Management 224
User Management 227
PSTN Connectivity 227
Cisco Calling Plans 227
Cloud-Connected PSTN Partners (CCPP) 228
Premises-Based PSTN 229
Emergency Calling 231
Calling Endpoint Support and Management 231
Calling Features 233
Customer Experience Features 235
Interoperability 236
Analytics and Troubleshooting 237
High Availability and Survivability 240
Artificial Intelligence (AI) Features 242
The Webex Calling Platform 243
Infrastructure 243
Application Services 245
Call Control Services 245
Edge Services 247
Media Services 248
Provisioning Services 249
Device Management Services 250
Presentation Services 250
Database Services 251
Integration Services 252
Management and Analytics 252
Security and Privacy 253
Summary 254
References 254
Chapter 7 Collaboration: Webex Contact Center and Webex Connect 255
Cisco Cloud Contact Center Products 257
Product Capabilities 258
Omnichannel Communication 259
AI-Powered Features 260
Virtual Agents 261
Cisco AI Assistant 261
Advanced Call Routing 262
Skills-Based Routing 264
Agent-Based Routing 265
Flow Designer 265
Analytics and Reporting 267
Integrations 269
Webex Workforce Optimization 272
Webex Contact Center Platform 274
Infrastructure 274
Application Services 276
Contact Interaction Management 277
Queues and Routing 279
Desktop Agent 279
Presentation Services 280
Database Services 281
Flow Configurations 281
User Profile Information 282
Logging and Telemetry 282
Management and Analytics 283
Integration Services 284
Security and Privacy 285
Summary 286
References 287
Chapter 8 Security: Identity and Access Management 289
Cisco's Zero Trust and Continuous Trust Philosophy 290
The Shift to Identity as the Perimeter 291
Cisco's Zero Trust Framework 292
The Principle of Continuous Trusted Access 294
An Introduction to Cisco Duo 295
From Traditional MFA to Phishing-Resistant Passwordless 295
Overview of FIDO2 and WebAuthn 296
Case Study: Implementing FIDO2/WebAuthn with Cisco Duo for Passwordless Authentication at Cisco 297
Implementation Process 298
Passwordless Implementation Lessons Learned and Recommendations 299
Single Sign-On (SSO) and Duo 300
Passwordless Authentication 300
Device Trust and Health 300
Getting Familiar with Cisco Duo via the Free Tier 301
The Duo Cloud-Native Platform and On-Premises Components 301
Duo Authentication Proxy 302
Duo Network Gateway (DNG) 304
More Than 400,000 VPN Connections per Month 304
The Cisco Duo Identity and Access Management (IAM) Platform 305
Duo Identity Routing Engine 306
Hardware-Free Phishing Resistance 306
More on Cisco Identity Intelligence 307
Summary 307
References 308
Chapter 9 Security: Cisco Umbrella and Cisco AI Defense 309
From OpenDNS to Cisco Umbrella 310
Secure Internet Gateway and Secure Access Service Edge 310
An Analysis of Umbrella's Converged Functions 312
Predictive Security with AI, ML, and Talos 313
Domain Generation Algorithms (DGAs) 314
Command-and-Control (C2) Callbacks 316
Umbrella Investigate 317
Cisco Umbrella Deployment Scenarios 318
Policy Configuration Best Practices 320
Cisco AI Defense: Securing the AI Revolution 321
The Rise of Shadow AI 321
The Developer's Dilemma: Securing In-House AI Applications 322
Cisco AI Defense Four-Pillar Framework for AI Security 323
Summary 325
References 326
Chapter 10 Security: Cisco XDR, Splunk, and Cisco Vulnerability Management 327
Unifying Telemetry for Accelerated Response Using Cisco XDR 329
Cisco XDR Architectural Deep Dive 329
Data Ingestion and Normalizations 329
The Analytics and Correlation Engine 330
Licensing Tiers (Essentials, Advantage, Premier) 331
Cisco XDR Core Capabilities and AI-Powered Detection 331
Cross-Product Context, Incident Prioritization, and Cisco Talos Threat Intelligence Integration 331
Automated Guided Response and Containment Actions 332
Guided Playbooks, Workflows, and Forensics 332
Data-Driven Insights with the Splunk Ecosystem 333
Splunk Enterprise and Splunk Cloud Platform 333
Splunk for Security Operations and Splunk Enterprise Security 334
Going Beyond Security with Observability and IT Operations 336
Splunk AI Toolkit: Operational Machine Learning on the Splunk Platform 338
Cisco Vulnerability Management: Prioritizing Risk with Data Science 340
Risk-Based Vulnerability Management (RBVM) 340
Data Ingestion and Intelligence Feeds 341
The Scoring Mechanism, Asset Criticality, and Context 342
Operationalizing Vulnerability Management 342
The Power of Integration: A Unified Security Strategy 344
Splunk, Cisco XDR, and CVM Technical Integration Points 345
Correlating Threats with Vulnerabilities 346
A Practical Workflow: From Vulnerability Awareness to Orchestrated Response 347
Cisco's AI Assistant 348
Summary 349
References 350
Chapter 11 Observability and Monitoring: Cisco AppDynamics and Splunk 351
The Basics 352
What Is Full-Stack Observability? 352
Observability vs. Monitoring 353
OpenTelemetry and MELT 354
AppDynamics + Splunk 356
SaaS Security Practices-AppDynamics and Splunk 359
Data Encryption 359
Access Control 360
Disaster Recovery 360
Audit Logging 362
Multitenancy 362
Splunk Observability Cloud-Architecture Overview 363
Cloud-Native Observability 363
Data Collection 364
AppDynamics-Architecture Overview 365
SaaS and On-Premises Observability 365
Controllers and Agents 367
Controllers 367
Agents 369
Core Observability Features 370
Application Performance Monitoring (APM) 371
Infrastructure Monitoring 374
End-User Monitoring 376
Browser Monitoring 376
Mobile Monitoring 378
IoT Monitoring 378
Synthetic Monitoring 379
Log Observer Connect 380
Summary 383
References 384
Chapter 12 Observability and Monitoring: Cisco ThousandEyes 387
Architectural Overview 388
Agent Types 391
Endpoint Agent 392
Enterprise Agents 393
Cloud Agents 394
Agent Tests 396
Enterprise and Cloud Agent Tests 396
Routing Test 397
Network Tests 398
DNS Tests 399
Web Tests 400
Voice Tests 403
Endpoint Agent Tests 405
Path Visualization and Dashboard Snapshots 407
Internet, WAN, Cloud, and Traffic Insights 409
Integrations 411
Prebuilt 411
Custom 412
Cisco AI Assistant Integration 413
Summary 415
References 416
Chapter 13 Management: Cisco Meraki 417
Meraki Platform Capabilities 418
Meraki Dashboard 419
Security Appliances (Cisco Meraki MX) 422
Switches (Cisco Meraki MS) 425
Wireless Access Points (Cisco Meraki MR) 428
Cellular WAN Gateways (Cisco Meraki MG) 431
Cameras (Cisco Meraki MV) 432
Sensors (Cisco Meraki MT) 434
Device Management (Meraki Systems Manager) 436
The Cisco Meraki Cloud 438
Infrastructure 439
Application Services 441
Presentation Services 443
Database Services 444
Integration Services 445
Management and Analytics 447
Security and Privacy 449
Summary 450
References 451
Chapter 14 Management: Cisco Intersight 453
Intersight Overview 454
Cloud-Managed Compute 455
SaaS vs. On-Prem Implementation 458
Device Integration (Cisco and Third Party) 458
Key Features and Functions 461
Automation and Insights 467
Orchestration 467
Programmability and Infrastructure as Code 470
Architecture 474
Common Deployment Scenarios 477
Common Workflows and Use Cases 480
Device Onboarding and Security 481
User Management 486
TAC Integration 488
Summary 491
Reference 492
9780135334744 TOC 3/23/2026