By Tony Shakib, Vice President of IoT Vertical Business, Cisco
I’ve been in IT for a long time and I often hear that data is worth its weight in gold. Well, I recently spoke with Canadian-based Dundee Mining Company about how the data generated from their mines is now “connected” and helping the mine produce more gold – more economically and more safely.
Today’s cities are experiencing the emergence of a new imperative from public leaders and industries. “Digital urbanism” is rapidly becoming a central pillar for urban planners, architects, developers, and transportation providers, as well as in public service provision.
From a public leadership perspective, cities can be viewed as microcosms of the interconnected networks that make up the Internet of Everything (IoE). In fact, cities serve as “fertile ground” for realizing value from IoE.
Visitors to the Cisco booth at this year’s IBC will no doubt be curious to see our new Open UX Snowflake.
Snowflake, the Videoscape Unity flagship UI, is now offered on HTML5, powered with cloud technology. As a multi-award winning UI, Snowflake never fails to turn heads, which makes it the Formula One race car of UIs. The kind you want to brag to your friends about. No matter what device subscribers use, Snowflake provides an engaging and consistent way for them to find and view video content.
At first glance, one might think that not much has changed. But like a Formula One race car, Snowflake isn’t just about good looks. It’s also about what’s under the hood.
Snowflake has a new, powerful web-based engine that makes it simpler, faster, and richer.
So what enhancements will Open UX Snowflake bring for service providers and consequently subscribers? Read More »
Our first SecureDC twitter chat created some great industry dialog around security for Software Defined Networks (SDN) as well as using SDN to improve security. SDN is going through a similar hype cycle as seen with cloud and we feel that it’s important to focus more on education now and broader collaboration, so that users can benefit from the tremendous potential SDN holds.
More Education, Less Buzz
We kicked off our conversation by asking what are the most pressing issues around SDN were. @Joltsik, Principal analyst at Enterprise Strategy Group, felt that users are confused with so much buzz, yet there’s little in the way of education.
@Raj_Samani, Chief Innovation Office at the Cloud Security Alliance and CTO at McAfee, went one step further indicating that greater transparency is also needed. However, @Jgreene3rd, Technical Lead for Data Center Security Technologies at Intel, noted that the upside of buzz is that it drives greater demand for availability, which in turn fuels education.
SDN and Improving Security
@KenSBeck, Principal Engineer at the Cisco Security Technology Group Office of the CTO, led an interesting discussion on how APIs for programming the network at network speed will allow security intelligence to be much more dynamic and eventually part of the network itself. @shl_eax_1, Technical Lead Engineer at Cisco Security Technology Group Office of the CTO, further noted how global visibility of the network hastens the speed with which security issues get resolved.
@fsmontenegro elaborated on how SDN security can enable more intelligent, granular and efficient response, and that SDN improves security by adding policy exceptions at the network layer with redirect flow. @vernonxt, SVP for ICT Research at IDC, honed in on SDN enabling better policy management. @AndiMann, Vice President at CA Technologies, speculated with automation enabling embedded policy and preventing random changes, shouldn’t SDN be able to do the same.
SDN Impact on Regulatory Compliance
@alokmittal65, Chief of Staff for the Cisco Security Technology Group Office of the CTO, stressed the need for auditing, logging and monitoring of policy change events.
@Raj_Samani also noted that with greater proliferation of devices, the ability to achieve greater attestation on the endpoint becomes more challenging. @KenSBeck drew attention to leveraging network awareness of user, geo location, and device as contextual elements that can make attestations much more meaningful.
@KenSBeck, our host from the Office of the CTO at Cisco, closed with words of advice and a hint of what is in store.
Detours is a library offered by Microsoft Research for interception of functions on x86 and x64 platforms. It is sold for commercial use to various vendors that build products ranging from security to gaming applications.
Detours is often injected into most or all of the processes, either system-wide or in the context of the logged in user. The most common way this is done is through the AppInit_Dlls registry value. Because the injection is typically applied to a large number of processes running under various permissions, extra care must be taken to ensure the library and its usage are very carefully reviewed by engineers with a strong understanding of the implications of such wide hooking.
We have used this library in our own security products at Cisco (both CSA and AnyConnect) to provide certain security functions on the system. During one of our research projects earlier this year, we noticed a peculiar pattern on Windows systems where processes we were hooking had a change in the in-memory permissions, which marked the headers of the modules from the normal READ/EXECUTE to now include WRITE as well.
This was quite alarming to us, because a dll should not be writeable when loaded into memory. What was interesting, and led to clues of what might be the cause, was that it was only the dlls that had functions we were actively trying to hook. They were the common Win32 dlls that one would typically intercept methods for, such as Kernel32.dll.