The recent disclosure of 46 new security fixes in iPhone 3.0 is just part of the proof the iPhone is ready for Enterprise adoption. Read more
President Obama recently announced the results and his perspective of the 60-day cyber security review he requested earlier this year. This makes him the first president to ever put their name with such a report. Following the results of the 60 day cyber security review, the Obama administration has made clear the urgent need to upgrade our nation's information technology infrastructure with a particular focus on securing those systems. Read more
There are lots of IT Security related urban legends floating around the Internet. Some have malicious intent and others are just for fun. Some have been with us for years but still refuse to die. Here is a list of my top IT Security Urban Legend picks for this year.
1) Department of Homeland Security mandates that all PC manufacturers install keyboard-logging devices in all PC keyboards. Read more
With all of the free webinars, VoD, IP/TV, and forum sessions available on the web it can be hard to find what you’re looking for. To that end I put together a list of some of the upcoming online security events that Cisco will be putting on in the next few months. The topics are wide ranging and the content varies from advanced to beginner and technical to marketing. Have a look and see if something catches your eye.
• Email Security Events Read more
In case you haven’t been paying attention Botnet DDoS attacks passed the 40 Gigabits/sec mark in 2008 according to Arbor Networks. The shear size of today’s Botnets has reached into the mind-boggling realm of 1.9 million bots in a single Botnet. Couple that with the fact that Botnet DDoS attacks are one of the hardest assaults to defend against and you have a real nightmare scenario on your hands. Read more
Internal networks are notoriously insecure so why wouldn’t you encrypt PCI data end to end? What makes an Internal Network somehow so inherently secure that encryption is not needed? I would contend that even the idea of an Internal Network is inconsistent with today’s network architectures. Companies have moved to ubiquitous access, perimeter-less networks, rendering the concept of an Internal Network inappropriate. Read more
Are there Botnet controlled hosts on your network? Are your hosts infected with malware or spyware that is trying to “phone-home"? How would you know? One way to find out is to employ Cisco ASA’s new Layer 4 Traffic Monitoring (L4TM) feature. L4TM detects infected clients by tracking rogue “phone-home” traffic. Read more
Ever run into a product that MARS doesn’t support but you wished it did? Have you ever created your own custom parser to support a product that MARS didn’t have natively? If you answered yes to either of those questions then this blog will be right up your alley. Read more
What is the real deal with iPhone application development? Is it easy, hard, or somewhere in between? I just took a weeklong iPhone development course to find out. Like many iPhone owners, I want to have my own App Store shot at fame and fortune (well at least the fortune part:). Ever since I purchased my iPhone I thought it would be cool (and maybe profitable!) to develop my own iPhone app for the App Store. When I heard that a developer class was coming to my hometown of Denver I decided to seize the opportunity to throw my hat in the ring. Read more
Cisco’s SAFE Security Design and Implementation Guide is back. Cisco has given its SAFE Guide a complete makeover and brought it up-to-date with today’s threat environment. True to the legacy of the old SAFE Guide an updated version of the then popular SAFE Poster is available for your cube wall as well! Read more
Cisco Systems has been voted onto the twenty-one member PCI Security Standards Council (SSC) Board of Advisors. The official announcement from the council should come in early May. The Board of Advisors is elected every two years, with the last election being in 2007. In a nutshell, the PCI Security Standards consist of 12 main IT security requirements that work to reduce digital credit card fraud. Read more
Ever wondered what that blank slot in your ASA5505 is for? Well now you know, it’s for a modular IPS card. Adding full-blown IPS to the ASA5505 will substantially increase its ability to protect you. The AIP SSC-5 provides up to 75 Mbps of IPS or IDS throughput and supports both IPv4 and IPv6 networks. The 75Mbps performance with 4000 maximum connections per second should be able to accommodate just about any SOHO or branch office configuration, the sweet spot for the ASA5505. Read more
Cisco announced a slew of new security offerings at RSA this morning. The most exciting is also an industry first, Cisco added reputation lookups to their IPS. This has resulted in a 2x better catch rate versus just IPS alone. The beauty of reputation is that it is fast, in fact Cisco is reporting it is 100 times faster than a normal signature match. I’ll be blogging on that topic in more detail later, but first here is list of all of the announcements Cisco made at RSA.
Here is Cisco’s RSA press release: Read more
Read more
Corporate security teams around the world are seeing their budgets get hacked and slashed down to the bare bones (just like every other dept). Many of those that are tasked with the protection of their company’s digital data are frustrated and concerned. Without those dollars they will struggle to keep the shields up and perimeter secured. That’s when we need to turn to the old adage use what you have for support. Read more
Gartner released its latest Network Access Control (NAC) magic quadrant results for 2009. Cisco’s NAC solution came out on top in both the completeness of vision category and the ability to execute category. This puts Cisco’s NAC solidly up and to the right on the magic quadrant. Gartner’s report also pointed out that Cisco’s NAC solution is deployed by significantly more customers than any of the other vendors ranked. Read more
Over the years I’ve assisted many security directors in their process of justifying new security projects and budgets. I’ve seen countless techniques used by security teams in an effort to free up hard to attain dollars for security projects. There are two techniques I’ve seen work with a very high degree of success that I wanted to pass along to you all. Read more
One of the best places to be in almost any company is a job in or around their sales departments. Sales are a company’s lifeblood so those that can directly influence those sales usually enjoy higher pay and more job perks. However, nothing is for free right? So the trade-off is you typically have less job security and work longer hours. If you don’t bring in the numbers to meet your sales quota you’ll be out of the job before long. One thing you definitely can’t do is “coast” in a sales job. IT sales jobs are no exception to this rule. Read more
On a weekly basis Cisco’s Intellishield group will post a free overview of what’s happening in the security world. The reports provide a high level overview of what’s happening in these areas:
*Vulnerability
*Physical
*Legal
*Trust
*Identity
*Human
*Geopolitical
*Miscellaneous
*Upcoming Security Activity
I find the geopolitical information very interesting, mostly because it is hard to find it elsewhere.
The risk reports are also available as podcast downloads or via RSS feed.
Take a look at their archive of Risk Reports here Read more
This is the scariest, stealthiest, and most dangerous exploit I've seen come around since the legendary Blue Pill! No, I'm not just trying to sensationalize this or spread fear, uncertainty and doubt. This is serious and represents a massive new security threat for us all. Read more
Advertisement: |
Jamey Heary, CCIE No. 7680, is the author of the Cisco NAC Appliance: Enforcing Host Security with Clean Access book by Cisco Press. Jamey is a seasoned security technologist with over 15 years in the IT field with 10 years focused on IT security. His areas of expertise include network and host security design and implementation, security regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP, and Microsoft MCSE. He is also a Certified HIPAA Security Professional. Jamey is currently a Security Consulting Systems Engineer with Cisco, though the opinions expressed here are his own. Jamey is a member of Network World's Cisco Subnet blog community.
The Leader in Network Knowledge
