Cisco Blogs


Cisco Blog > Security

Security Features vs. Securing Features

December 21, 2012 at 7:08 am PST

Secure software is a hot topic these days and many people have ideas about what should be done to achieve it. For years, the focus of many software vendors was on security features. Add a firewall. Add SSL to secure data flows. Positive security features are great, but they don’t do much to address every potential security issue that result from insecure code.

At this year’s Cisco SecCon conference, Bryan Sullivan, Microsoft’s Security Program Manager, addressed the issue of writing secure code with a diagram like the following:

Security Features vs Securing Features

His point is that there is much more work to do in securing all the features of a product than simply writing the security features. Writing security features, although important, is only 10% of the workload of creating secure code. The other 90% of the coding work is meant to ensure that all non-security codebase is secure. This includes input validation, output encoding, and overflow defense.

These practices are part of software quality, and they don’t usually appear on a feature list and often fail to appear on customer requirements lists. Customers don’t often ask for things such as:

  • This product should be free of cross-site scripting vulnerabilities
  • This product shouldn’t have client-side security validation that can be bypassed by a determined attacker
  • This product shouldn’t store my passwords or key data in plain text files might be leaked

Read More »

Tags: , ,

Cisco Signs Joint Venture Agreement

According to the Cisco Visual Networking Index, China’s internet traffic will grow 600 percent in the next two years. At that point, China will also be home to nearly a quarter of the world’s broadband users and 21 percent of the world’s connected devices. This substantial growth, combined with the country’s rapid urbanization, opens the door to many new business opportunities.

With this in mind, Cisco today announced the latest in its strategy to capitalize on the growing China market, a US$ 200m joint venture with China Electronics Software Information Service Co., Ltd. Cisco will contribute 43% and China Electronics Software Information Service Co., Ltd 57% of the joint venture funding. The joint venture agreement is subject to the appropriate regulatory approvals.

The joint venture will provide valuable end to end solutions for public services and industry applications. For example, one solution may be an education cloud to help parents, teachers, and students in schools all across China access the latest education material through interactive whiteboards, laptops, tablets, and other devices.

Based in Shanghai, the joint venture will create new, open standards-based products not currently offered by Cisco, and integrate those new products with existing technologies and create cloud-based solutions including cloud storage, cloud management and network transportation, for public and private projects in China.

Read More »

Tags: , ,

End of the World Revisited: No More IPs!

We’ve posted this before, but in honor of the end of the Mayan calendar and the destruction of the world which was forecast for today we’re posting it again. In our mind, not having any more IP addresses would be a terrible event -  if you’re going to build the Internet of Everything you need a lot of IP addresses! Read More »

Tags: , , ,

Celebrating the Gift – Cisco TelePresence connects, engages Los Angeles students

Choir_Compressed_BetterThis holiday season, the Urban Entertainment Institute, Cisco and the Los Angeles Unified School District (LAUSD) have joined forces to address the achievement gap in education, the dropout rate and the need to keep performing arts in schools by integrating academics, arts and technology to bridge the cultural gap in education throughout the world.

Unprecedented budget pressures are forcing K-12 schools across the nation to think differently about how to deliver learning to their students. As such, we’re seeing a growing acceptance of collaboration technologies in schools to increase quality learning and engage students, and to relieve some financial pressures.

One such school district implementing Cisco TelePresence video systems is the Los Angeles Unified School District (LAUSD). Serving some 700,000 students, LAUSD has deployed TelePresence to avoid cutting its arts programs, instead scaling the program across the large geographical area of Los Angeles and beyond with video.

Read More »

Tags: , , , ,

Cisco Social Media Listening Center Tour Guide

December 20, 2012 at 3:00 pm PST

Welcome to a tour of Cisco’s Social Media Listening Center!

Welcome to the Social Media Listening Center (SMLC). We’ve developed this exhibit to show our commitment to the voice of the customer. By being present in the social web the minute we find a conversation about Cisco, or someone in need of customer support, our social media listening center allows Cisco to drive to action.

Contents

Cisco Live!
Global Conversations
Social Media Influencers
Industry Landscape
Social Media Scoreboard
Word Cloud

The Purpose of our Listening Center

There are several reasons for creating the listening center. They are:

  • To promote Cisco’s commitment to social media and gain valuable insights from the perspective of the customer
  • To demonstrate that we are leveraging Cisco’s industry leadership and innovation to drive a standard of social media listening and engagement across our organization
  • To show how Cisco is using our own technology to power the display
  • The Cisco Technology

Read More »

Tags: