Security Technical Architect
We have come to a time when vendors and industry professionals will tell you that it is almost guaranteed that you will have a security incident. So much so that the message is not if you will be attacked but when. This kind of messaging probably feel like a scare tactic, but the sad truth…
Automation, along with terms like artificial intelligence, machine learning and threat intelligence are common buzzwords that you will hear or read about when you are following industry trends. When it comes to security, we don’t typically lump automation in with these other terms. But, in fact, automation can help you respond to threats and increase…
Many of us working in information and network security today did not have formal training or education in security, but rather came into it from some other field. Some of us saw something in security that sparked our interest, or we were passionate about understanding how things work — seeing what would change if you…
— by Brandon Jackson, Jennifer Lugo, Jason Owens and Jesse Wiener There has been a lot of information and articles published over the last few days regarding what some initially reported as a security issue with Intel CPUs. As more research and information has become available, some of the details previously announced appear to have…
In April, the Center for Internet Security announced that Emotet arrived in the U.S. This malware represents a serious threat. It has largely targeted financial organizations in Europe, but other industries also have been infected. With Emotet’s recent arrival in the U.S., IT professionals should be aware of what this malware is, how it works…
With Cisco’s recent launch of the Catalyst 9000 series of switches, there are many new and interesting features that come along with it. The Catalyst 9000 switches were designed by Pininfarina from the ground up with usability, airflow, noise, ease of maintenance and energy efficiency in mind. They are also announcing “intent based” networking, which…
When you think of next-generation firewalls, you probably think they are only used to help secure the network. They have features like user identification, URL filtering, intrusion prevention systems (IPS), malware prevention and application identity and control. All those items are directly related to security and controlling what users and systems can and cannot do,…
On December 7, Cisco published the end of life for its popular Access Control System (ACS) product. ACS has been the de facto standard for device network authentication and device administration for many years. With both RADIUS and TACACS+ authentication services, it served the needs for many customers for a long time. This raises the…
If you have been following industry news or this blog, you will have heard and read about application programming interfaces (APIs) repeatedly. I am not going to talk about what APIs are in this post, but if you want to learn more a good place to start is always Wikipedia and Cisco’s own DevNet. What…
On February 10, Cisco Systems published a vulnerability relating to the VPN function in the Cisco ASA software. This vulnerability is listed as CVE-2016-1287 and relates to the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) function of the ASA. With this vulnerability, a remote attacker could send a crafted User…
If you’ve ever had the task of requesting and installing a digital certificate on a web server or network device, you’ve probably found it tedious. And maybe you were surprised at the price public certificate authorities charge for their most basic certificates. While any self-signed certificate can provide an identity to set up a secure…
Cisco Live has always been a place for network professionals to gather and share ideas, to learn about new technologies and trends, and to allow Cisco to announce new products and strategies. One of the exciting security products announced at Cisco Live 2015 was the Cisco Firepower 9300, a threat-centric security platform for service providers.…
I heard a question the other day that caught me off guard. “Why do you guys even sell IPS (Intrusion Prevention Systems), is there even value in that anymore? Shouldn’t you just recommend patching vulnerable systems?” Let’s start with the second question, yes we do recommend patching. But the reality is that not every system has a…
Cisco’s Identity Services Engine was first released in May of 2011 as version 1.0 and they recently released version 1.3. That doesn’t sound like much of a change, does it? But regardless of version numbers, the product has continued to evolve since its initial release to accommodate the changing network-wired, wireless and remote access VPN…
Starting in Cisco’s Adaptive Security Appliance (ASA) software version 9.3.1, Cisco has added inline Security Group Tagging (SGT) support to the ASA-5500X and 5585X product lines. If you are not familiar with SGT aka TrustSec, it allows you to tag a packet with an identity field as it travels through the network. Why would anyone…
My last post covered some of the bring-your-own-device (BYOD) issues companies are facing and how to use Cisco’s Identity Services Engine (ISE) to help define access restrictions, while still providing users a good experience. I also went through and demonstrated how this segmentation worked and how it was enforced on the wireless LAN controller (WLC). As…
The Problem Bring your own device (BYOD) means something different to everyone you talk to. Is it company issued mobile devices, is it the employee’s mobile devices, or is it employees bringing their personal laptops to work? No matter how you define it, I would argue BYOD devices do not need the same access to…
