Ahhhh, Physical Security! It usually constitutes one of the major weak links in IT security's armor. All you have to do is look at the demand for Network Access Control (NAC) to be convinced. Most don't realize that Cisco has been in the physical security business for a while now, mostly in the IP Video Surveillance (IPVS) sector. Cisco sells HD IP Video Cameras, Video management systems, DVRs, and all the other pieces to complete a full IP Video Surveillance Solution. Read more
Today Cisco externally announced it's newest Ironport Web Security Appliance (WSA) code version. The big splash feature is a brand new, built from scratch, URL filtering engine. Cisco is calling it Web usage Controls. It consists of a list based traditional URL filtering database plus a new dynamic URL categorization engine for un-categorized URLs. Read more
Cisco started to include reputation functionality in its IPS sensors about 6 months ago with its 7.0 release. The data has been collected on how effective it has been so far. The findings are significant. Cisco's addition of reputation data to its IPS sensor software has resulted in a 100% increase in effectiveness over signature protection alone. Additionally, it has been found that a reputation lookup and drop can be done 100 times faster than a traditional signature check and drop. IP address reputation is just like a credit score in finance. Read more
I've been receiving this question more and more recently from Cisco ACS customers so figured I'd post my answer here for all to view. As some of you already know, Cisco's ACS software received an overhaul this past year. Many of the features that ACS customers have been asking for, for a while, have finally made it into ACS 5.0.
Here are the top 10 new features that will affect your upgrade decision. You can use this info to make up your own mind if you should make the switch from 4.x yet.
Cisco on Tuesday warned users of its Unity unified communications products that they are at risk from a flaw in Microsoft Internet Explorer that spurred Microsoft into an emergency, out-of-band patch. In addition, Cisco on Monday released a patch to fix multiple flaws in its WLAN controllers that affect a long list of Cisco routers. Read more
Last week Cisco posted the 3.3 version of its enterprise class Cisco Security Manager (CSM) product. All sorts of new features were introduced, most especially are performance improvements throughout, ASA 8.2 support, IPS 7.0 support, ASR router support, and finally full support for IOS zone-based firewall. Another notable feature is the bulk import/export functionality. This allows you to work with objects, devices, and device overrides in bulk instead of the previous per device method.
Here is a list of all the new features added (according to release notes): Read more
President Obama recently announced the results and his perspective of the 60-day cyber security review he requested earlier this year. This makes him the first president to ever put their name with such a report. Following the results of the 60 day cyber security review, the Obama administration has made clear the urgent need to upgrade our nation's information technology infrastructure with a particular focus on securing those systems. Read more
With all of the free webinars, VoD, IP/TV, and forum sessions available on the web it can be hard to find what you’re looking for. To that end I put together a list of some of the upcoming online security events that Cisco will be putting on in the next few months. The topics are wide ranging and the content varies from advanced to beginner and technical to marketing. Have a look and see if something catches your eye.
• Email Security Events Read more
Well our time together this month is nearly over. I hope you have enjoyed the postings and that they have in some way either inspired or assisted you with your CCNA Security studies. Given the end goal of obtaining a new certification for many is to either gain employment or advancement, I thought I would focus this final post on the CCNA Security “job market”, if you will. Read more
Internal networks are notoriously insecure so why wouldn’t you encrypt PCI data end to end? What makes an Internal Network somehow so inherently secure that encryption is not needed? I would contend that even the idea of an Internal Network is inconsistent with today’s network architectures. Companies have moved to ubiquitous access, perimeter-less networks, rendering the concept of an Internal Network inappropriate. Read more
Are there Botnet controlled hosts on your network? Are your hosts infected with malware or spyware that is trying to “phone-home"? How would you know? One way to find out is to employ Cisco ASA’s new Layer 4 Traffic Monitoring (L4TM) feature. L4TM detects infected clients by tracking rogue “phone-home” traffic. Read more
Ever run into a product that MARS doesn’t support but you wished it did? Have you ever created your own custom parser to support a product that MARS didn’t have natively? If you answered yes to either of those questions then this blog will be right up your alley. Read more
Cisco’s SAFE Security Design and Implementation Guide is back. Cisco has given its SAFE Guide a complete makeover and brought it up-to-date with today’s threat environment. True to the legacy of the old SAFE Guide an updated version of the then popular SAFE Poster is available for your cube wall as well! Read more
Cisco Systems has been voted onto the twenty-one member PCI Security Standards Council (SSC) Board of Advisors. The official announcement from the council should come in early May. The Board of Advisors is elected every two years, with the last election being in 2007. In a nutshell, the PCI Security Standards consist of 12 main IT security requirements that work to reduce digital credit card fraud. Read more
Ever wondered what that blank slot in your ASA5505 is for? Well now you know, it’s for a modular IPS card. Adding full-blown IPS to the ASA5505 will substantially increase its ability to protect you. The AIP SSC-5 provides up to 75 Mbps of IPS or IDS throughput and supports both IPv4 and IPv6 networks. The 75Mbps performance with 4000 maximum connections per second should be able to accommodate just about any SOHO or branch office configuration, the sweet spot for the ASA5505. Read more
Cisco announced a slew of new security offerings at RSA this morning. The most exciting is also an industry first, Cisco added reputation lookups to their IPS. This has resulted in a 2x better catch rate versus just IPS alone. The beauty of reputation is that it is fast, in fact Cisco is reporting it is 100 times faster than a normal signature match. I’ll be blogging on that topic in more detail later, but first here is list of all of the announcements Cisco made at RSA.
Here is Cisco’s RSA press release: Read more
Read more
Corporate security teams around the world are seeing their budgets get hacked and slashed down to the bare bones (just like every other dept). Many of those that are tasked with the protection of their company’s digital data are frustrated and concerned. Without those dollars they will struggle to keep the shields up and perimeter secured. That’s when we need to turn to the old adage use what you have for support. Read more
Over the years I’ve assisted many security directors in their process of justifying new security projects and budgets. I’ve seen countless techniques used by security teams in an effort to free up hard to attain dollars for security projects. There are two techniques I’ve seen work with a very high degree of success that I wanted to pass along to you all. Read more
On a weekly basis Cisco’s Intellishield group will post a free overview of what’s happening in the security world. The reports provide a high level overview of what’s happening in these areas:
*Vulnerability
*Physical
*Legal
*Trust
*Identity
*Human
*Geopolitical
*Miscellaneous
*Upcoming Security Activity
I find the geopolitical information very interesting, mostly because it is hard to find it elsewhere.
The risk reports are also available as podcast downloads or via RSS feed.
Take a look at their archive of Risk Reports here Read more
The Leader in Network Knowledge
