Avatar

This is the second and final part of my series about security logging in an enterprise.

We first logged IDS, some syslog from some UNIX hosts, and firewall logs (circa 1999). We went from there to dropping firewall logging as it introduced some overhead and we didn’t have any really good uses for it. (We still don’t.) Where did we go next? Read on.

Continue reading “Security Logging in an Enterprise, Part 2 of 2”



Authors

Gavin Reid

CyberCzar/Director

Public Sector

Avatar

Update 2 5/9/2013:

Microsoft has released a “Microsoft fix it” as a temporary mitigation for this issue on systems which require IE8. At this time, multiple sites have been observed hosting pages which exploit this vulnerability. Users of IE8 who cannot update to IE9+ are urged to apply the Fix It immediately.

Update 5/6/2013:

An exploit for this bug is now publicly available within the metasploit framework. Users of the affected browser should consider updating to IE9+ or using a different browser until a patch is released. Given the nature of this vulnerability additional exploitation is likely.

At the end of April a Watering Hole–style attack was launched from a United States Department of Labor website. Many are theorizing that this attack may have been an attempt to use one compromised organization to target another. Visitors to specific pages hosting nuclear-related content at the Department of Labor website were also receiving malicious content loaded from the domain dol.ns01.us. Initially it appeared that this attack used CVE-2012-4792 to compromise vulnerable machines; however, Microsoft is now confirming that this is indeed a new issue. This issue is being designated CVE-2013-1347 and is reported to affect all versions of Internet Explorer 8.

Continue reading “Department of Labor Watering Hole Attack Confirmed to be 0-Day with Possible Advanced Reconnaissance Capabilities”



Authors

Craig Williams

Director

Talos Outreach

Avatar

Cisco’s server power engineering team recently compared the Cisco UCS 5108 Blade Server Chassis with B200 M3 blade servers against HP’s BladeSystem c7000 Enclosure and HP ProLiant BL460c Gen8 blade servers.

Continue reading “Cisco UCS vs. HP BladeSystem Power Efficiency Comparison”



Authors

Bill Shields

Senior Marketing Manager

Product and Solutions Marketing Team

Avatar

Last week, a delegation from Cisco, led by  President for Cisco Latin America Jordi Botifoll, had the opportunity to participate in the eighth meeting of the World Economic Forum on Latin America. (See video below). The theme of the event was “Delivering growth, strengthening societies.”

The event took place in Lima, Peru, a country which has recently enjoyed sustained economic strength and a vigorous business revival. That resurgence has helped it join the group of countries (Brazil, Mexico, Colombia, Chile and Panama) driving Latin America’s economic development.

The topics discussed at this year’s Forum were radically different to previous years. Macro topics like macroeconomic stability, fiscal discipline and exchange rate policies, which dominated discussions at previous summits, gave way to micro topics such as the resurgence of the middle class, the future of education, competitiveness, productivity, innovation and new models for maintaining sustainable economic growth. Most conversations also contemplated the need to move in the short term, from an economy based on natural resources and raw materials, to one based on value-added sectors.

 This thematic shift is due, no doubt, to the successes in Latin America in the past decade. Indeed, during the last decade, the region as a whole has seen an unprecedented economic growth, at a time when other regions of the world have stopped growing or even decreased. One proof point:  in the last 10 years, Latin America added 50 million people to the middle class, and moved 70 million people of poverty. It is expected that economic growth in the region will hover around 4% in the coming years.

From the perspective of information and communication technologies ICT, the opportunities are huge. Only 10% of the population in the region has access to a fixed broadband connection today. It is anticipated that in the next five years, 400 million people will gain access to broadband, 260 million of them through wireless connections. Large investments in infrastructure will be needed to realize these goals.

From the perspective of education and jobs, it is estimated that nearly half of the 589 million people in the region are aged less than 25 years.  Innovative thinking will be required to deliver appropriate education to those young people, and to create 50 million new jobs for them in the next decade. This contrasts with the shortage of ICT professionals in the region by 2015, which we estimate will be approximately 300,000 trained professionals.

 Jordi Botifoll participated as a panelist in the session “New engines of growth.” In this and other discussions, we talked about the role technology and the network in particular plays to increase the competitiveness of the region and to enable productivity increases.

It is during these times of prosperity and optimism, and when the winds are in our favor, that the region needs structural reforms that will enable the region to be more competitive. And for this it is important to undertake long-term investments in critical areas such as education, technology and infrastructure and thus close the competitiveness gap with other countries.

If we do not have major changes in this regard, the region cannot maintain sustainable levels of economic growth and social inclusion. According to the Global Competitiveness rankings from WEF, among the 144 countries measured by the report, the country with the best position in the ranking from Latin America is Chile (33), followed by Panama (40), Brazil (48), Mexico (53), Peru (61), Colombia (69), Argentina (94). Still a long way to go. There are new opportunities for the region, but also great challenges ahead.



Authors

Felipe Lamus

PR Manager

Latin America

Avatar

Logging is probably both one of the most useful and least used of all security forensic capabilities. In large enterprises many security teams rely on their IT counterparts to do the logging and then turn to the IT logging infra when they need log information. That in itself isn’t bad; however, the needs/requirements for IT may not be a 100% fit for a CIRT. Read on to find out how we handled it.

Continue reading “Security Logging in an Enterprise, Part 1 of 2”



Authors

Gavin Reid

CyberCzar/Director

Public Sector

Avatar

If you’re looking for Cisco in the cloud next week, you’ll have your choice of events. The source of all of this cloud knowledge, Las Vegas. Who knew that was where the cloud started?

#EMCworld #CiscoEMCW

First up, Cisco Data Center Cloud team can be found at EMC World, Booth 401, at The Venetian/Palazzo, May 6-9.

For all of the latest information on Cisco’s presence, from theater presentations to demos to speaking sessions, visit www.cisco.com/go/emcworld

#EngineersUnplugged

We will be shooting the first half of Season 3 of Engineers Unplugged in front of a live audience! Surrounded by whiteboards and as a part of the EMC Elect Space of EMC Square, the social hub, we’re pretty excited about the line up of guests and topics. Want to learn more? Ping me @CommsNinja or visit EngineersUnplugged.com.

Unicorns and Waffles, Together Againe waffles to a whole new level.
Unicorns and Waffles, Together Again

There will be unicorns.

#Interop

But wait, there’s more! Just down the strip, at Mandalay Bay, May 6-10, you’ll find Cisco at Interop. For all of the details on the keynote, speaking sessions, and Booth 1327, visit: www.cisco.com/go/interoplv

#Cloud2020

If that’s not enough Vegas cloud for one week, Cisco’s Rodrigo Flores will be speaking at the Cloud 2020 Summit, and we’ll be providing coverage.

That’s what’s happening during the day, but what about the community? Where can you meet with your peers? Beyond the numerous official parties, and there are many, here’s where you can meet up with @CiscoDC peers.

  • Monday, May 6, 9:30-11:30 pm: Join Matthew Brender (EMC), John Troyer (VMware), and Amy Lewis (that’s me, from Cisco, if that wasn’t readily apparent) for an informal non-sponsored Tweetup (BYOWallet). We podcast as The Geek Whisperers, a show about all things Social Media in Enterprise IT. Social is a part of all of our careers these days, and we’d love to hear what it means to you. Come out and say hi.
  • Tuesday, May 7, 11 pm – 1 am: It’s Vegas, baby! After the official parties end, it’s time for Waffle Club. The first rule of Waffle Club, don’t talk about Waffle Club. Space is limited, and spots are going quick.
  • Wednesday, May 8, 10 pm until: Tech Field Day’s Buzzword Bingo Bash! What could be more fun that coming out to apply all the terms you’ve used and abused during the week. This is a crossover event in a neutral location, easy to get to from EMC World or Interop.

So safe travels to all who are coming. We look forward to catching up with old friends and meeting new. Please stop by the booths and say hi, or hunt one of us down by following the Twitter stream.

For everyone watching at home, pop some popcorn, and get ready for the ride. We’ll do all we can to bring the action to you. Send questions, suggestions, and feedback: here on the blog or to @CiscoDC or @CommsNinja. We’re listening!

 

 



Authors

Avatar

By Brenda Germundson and Kerry Best

Can local governments improve the overall citizen experience, and at the same time increase workforce productivity? Yes, and cities are doing it now. Providing on-demand access to innovative services, whenever and wherever, opens up a whole new world to local government.

“We had a hard time meeting constituent and customer expectations,” says Jorge Pazos, chief information officer, City of Melrose. “Melrose residents go home, and on the train they can open up their iPad, they can program what’s going to be on their DVR that night, they can rearrange their Netflix queue, do banking, and pay bills, and then they come to municipal government, and it was like going back to the 1970s.”

Continue reading “Cloud for Local Government Global Blog Series, Local Government Success in the Cloud”



Authors

Brenda Germundson

Global Public Sector Marketing Lead

Global Industries Marketing

Avatar

Some might argue that retail banking is known more for its inconveniences than its convenience. As an example, the common term ‘banker’s hours’ is synonymous with “being open for the shortest and most inconvenient amount of time”. Despite that legacy, retail banks have made a concerted effort and real progress to extend services through various delivery channels to improve the retail banking customer experience.

Banks may have closed the customer service gap with other industries, but like other industries, must stay ahead of the consumer to deliver an experience that provides profitable value and differentiation. According to a recent report, what most customers want from their banks is greater access and more personalized experiences (in the form of advice, products, and services).

It’s not a surprising conclusion especially to the banking industry which has adapted a retail industry term – omnichannel – to describe the needed capabilities to deliver a consistent customer experience across all channels.

The Cisco Connected Customer Experience Report for Retail Banking – a global survey of consumers and bank professionals conducted in early 2013 – highlights the opportunities and the challenges that banking institutions face in meeting current and future customer expectations. Globally, consumers ranked Continue reading “Customers Desire More Personal Service From Their Banks”



Authors

Al Slamecka

Global Financial Services BDM

Cisco Industry Solutions Group