Cisco Remote Automation Development Kit (RADKit)
From NetOps to DevOps.
RADKit is a network-wide orchestrator. Experience a radical new
way of addressing your equipment, boost your Cisco Services, and
expand your capabilities.
All tech. No fluff.
Cisco TAC (CX Centers) is training all support engineers to service you more efficiently. Many cases already went from hours of Webex down to 10-15 minutes thanks to RADKit.
It's not just the TAC! Our partners are testing RADKit with their customers, and everyone confirms the efficiency and smooth learning curve.
Cisco DNA Center introduces Remote Support - a new way to experience tech support using RADKit as its core technology.
RADKit is on air! Listen to the Cisco Champion Radio podcast with our great partners. They have a lot to say about it.
Do you feel this pain?
Automation APIs are lacking, complex, or will not even work because the devices are not directly reachable. You need to collect data across a network and you end up connecting one device at a time at a snail-numbing rate. Tech Support hogs your computer in endless desktop-sharing sessions. Something unpleasant for you and them.
- Managing a network is hard.
- Automating is harder.
- Troubleshooting is daunting.
We heard you! We created RADKit.
What is RADKit?
RADKit is a Software Development Kit (SDK): a set of
ready-to-use tools and Python modules allowing efficient and
scalable interactions with local or remote equipment.
Interactively connect to remote terminals, WebUIs or desktops.
Use our powerful and easy to use API for automations.
RADKit enhances all your NetOps activities, and more.
Frequently Asked Questions
Is RADKit secure?
RADKit is “CSDL approved” - CSDL is a Cisco process that reviews software for security risks, data privacy and 3rd party licensing compliance. RADKit underwent stringent security review: code quality and dependencies are analyzed throughout the development process; our services are constantly monitored. More details are available here.
Is the data encrypted?
All data at rest or in transit is protected by industry standard algorithms (AES, RSA, SHA-2, ECDH…) and protocols (2-way authenticated TLS1.3, SSH) with long-term parameters (256-bit AES keys, 512-bit hashes, 4096-bit public keys, etc.).
What about Data Privacy and GDPR?
RADKit is vetted for Data Privacy and complies with GDPR and other laws. When used in collaboration with the TAC, RADKit facilitates or expedites the transfer of information you would normally share with your support engineer. When used for your own needs, the data remains yours and Cisco does not keep any copy of it.
Where is my inventory data kept (username, passwords,
Everything is stored in an encrypted DB on your system. The encryption key is protected by the superadmin password you configure. Keys and passphrases are never escrowed.
How are users identified?
With a mix of Single-Sign-On (SSO) authentication and X.509 certificates. All identities are trackable and revokable.
Does RADKit remain constantly connected?
It is the user's choice. RADKit can be stopped when not in use; there is a user interface button for that. Some people prefer it always-on; others like to stop it when not in use.
Does RADKit require inbound connections?
No. RADKit relies exclusively on egress connections and traverses most proxies.
Does the TAC engineer have access to my entire
No - only to the equipment you explicitly authorize.
Is RADKit some kind of VPN?
No. RADKit relies on message passing and does not establish IP connectivity between the RADKit components. In particular, there is no IP connectivity between your network and Cisco. Everything remains strictly isolated.
Where does RADKit connect to?
RADKit connects to prod.radkit-cloud.cisco.com, which is a load-balanced service hosted on AWS.
Can I dispose of RADKit when I am done?
Yes. There is a “wipe-out” button in the user interface, and you can also delete the configuration files manually should you prefer (everything is self contained so it is easy and foolproof). Uninstalling and removing RADKit is also easy; we do not install a mess on your system.
Does Cisco store any data, configs, license
information, etc. in the cloud or elsewhere?
No. Nothing. RADKit only facilitates data transfer but nothing is collected nor stored by RADKit. It is just an efficient way for you to collect data and a more secure way to exchange data with your support engineer than sending emails or manually uploading to an SR. The only exception to this rule is the audit trail that we generate for your security, that is owned by you and that never leaves your system.
How can I know/see what the TAC engineer does?
RADKit keeps a complete audit trail of the engineer's actions. Every request (even failed attempts), every command, every output is logged in real time. The audit trail is stored on your system and is inalterable by a remote TAC engineer. The audit trail is in raw format for you to process in any way you see fit. When working with the TAC, the TAC engineer will also share their screen on request (we encourage doing so).
Does everyone at Cisco have access to my
No - only the engineers you explicitly authorize and for the duration you specify. Access rights can be revoked instantaneously, at any moment, at the click of a button. There is no backdoor for anyone.
How would you compare RADKit vs Webex screen
RADKit is much more efficient for troubleshooting or managing systems. RADKit does not require to control your computer. RADKit also preserves a human- and machine—consumable audit trail which is much more effective than a session recording. If anything, RADKit is a safer way to work on a network and nicely complements Webex.
Can you prove what you say?
We provide you with a way to decrypt all config files and databases (we can't) for you to verify their content. You can access and decode every piece of data stored by RADKit on your system. The installed files are either in a self-contained directory or installed at well-known locations on your OS - this can be verified by you at any time.
What do users think?
RADKit has transformed the way to consume TAC support and help to reduce more than significantly the case duration and customer effort.Benoit Calvet
We appreciate Cisco to promote this kind of tool, and we believe if it goes further, it will result into better and quicker case resolution.Remi Coolen
RADKit from Cisco provides Partners with secure, scalable, programmatic access to their Clients' environments so they can deliver richer more useful services, while also providing Cisco's customers with full control and visibility over who has access to what. They've struck the balance of functionality and security perfectly.Richard Atkin, Head of Solution Development
Automated systems built on top of RADKit help us deliver richer services to our Clients. Systems and data that were previously locked away on-premesis are now programmatically accessible to us. RADKit's capabilities allow us to enrich our Health Monitoring, Support and AI Ops capabilities and provide a better-than-ever Client experience.Richard Atkin, Head of Solution Development
Game changer in SEV1s and SEV2s as Generic health checks and building logical topologies can be automated via RADKit.Jorge Carreno
I could connect to the customer equipment, get the logs, identify the bug and apply a fix in less than 10 minutes. It does not get any faster than that.Engin Budak
Set up a Service
You're All Set
With RADKit, you will have more time to focus on your business goals instead of managing, monitoring or troubleshooting your network!
- Securely connect to your remote networks or invite support.
- Full authentication, authorization, access-control and encryption.
- Picture-perfect audit trail.
- Address full networks at scale across domains, sites, tenants and vendors.
- Collect data, monitor, troubleshoot, download, upload or even connect.
- A powerful system for just-in—time, all-terrain orchestration.
- Efficiently automate frequent or complex tasks with network-wide APIs.
- Master REST or Netconf/YANG or take advantage of powerful CLI parsers.
- Empower your staff with an easy to learn API meant for Network Engineers and hardcore Developers alike.