Year: 2014

June 6, 2014 1 Comment
Avatar

Mobile Public Safety: Connections on the Job

Public safety agencies continually strive to improve their effectiveness and responsiveness to incidents in their jurisdictions. With increased attention on homeland security programs, these agencies demand better interdepartmental and interagency communications with important personnel, including police officers and first responders in the field.

Mobile applications supporting police, fire, and medical response units have transitioned from simple text and voice to rich multimedia applications. Real-time video, maps with satellite imagery, Global Positioning System (GPS) tracking, and global database searches are now available in handheld devices that first responders carry with them in the field. In today’s technological sphere, public safety agencies are leveraging these new capabilities and extending their existing applications in order to enhance the efficiency and delivery of high-quality services. Continue reading “Mobile Public Safety: Connections on the Job”



Authors

Avatar

Bob Stanberry

Senior Law Enforcement Advisor

June 5, 2014 1 Comment
Avatar

RIG Exploit Kit Strikes Oil

This post was co-authored by Levi Gundert with contributions from Emmanuel Tacheau and Joel Esler.

In the last month we have observed high levels of traffic consistent with the new “RIG” exploit kit (EK), as identified by Kahu Security. This new EK reportedly began being advertised on criminal forums in April, which coincides with when we first began blocking this traffic on April 24th. Whilst the release of a new EK is not uncommon, RIG’s appearance is significant in three ways. First, because of the sheer amount of traffic we are seeing – we have so far blocked requests to over 90 domains for more than 17% of our Cloud Web Security (CWS) customers. Second, because we have seen it being used to distribute “Cryptowall”, the latest ransomware to follow in the success of the now infamous “Cryptolocker”. And third, because it continues the trend of an increased reliance upon Silverlight in EKs which we have previously written about for both the Fiesta and Angler kits. Like these other kits, we have seen RIG using malvertising to perform a drive-by attack on visitors to high profile, legitimate websites. This accounts for the high amount of traffic we have seen in the last month. Continue reading “RIG Exploit Kit Strikes Oil”



Authors

Avatar

Andrew Tsonchev

Outreach

TALOS

3 Comments
Avatar

Wi-Fi Roaming 101

Wi-Fi roaming is often a tumultuous subject.  The crux of the issue is, with Wi-Fi the roaming decision is left to the client.

In the recent years, there have been great strides in improving Wi-Fi roaming with the creation of standards-based roaming technologies.  Cisco first pioneered fast roaming many years ago with CCKM (Cisco Centralized Key Management), which was the foundation for 802.11r.  11r which was ratified by the IEEE in 2008, allows for fast roaming, even on a secure 802.1X SSID.  With 802.11r it is possible to roam without disruption during a voice or video call.

While client support of 802.11r is largely lacking in the laptop space,  there is large support in the smartphone realm.  Apple iOS devices have supported 11r since iOS 6 (http://support.apple.com/kb/HT5535).  The recent Samsung smartphones, such as the Galaxy S4, S5, and Note 3, also support 11r.

Note: Some non-802.11r clients can react adversely when connected to an 11r WLAN.  The current recommendation from Cisco is to have a separate WLAN for 802.11r clients.

802.11k is another amendment from the IEEE that helps to improve roaming.  802.11k provides a whole slew of information to the client, which allows the client to understand the RF environment and make an informed roaming decision.  This information can include channel load and AP neighbor lists.

11r and 11k help, however, that does not mean the infrastructure is irrelevant in the roaming picture.  With the help of a model train, we did some testing to figure out just how much impact the infrastructure could have.  We compared Cisco to one of our competitors, whom we will call Vendor A.

This video summarizes the results and shows the train in action, or continue reading for more details:
Continue reading “Wi-Fi Roaming 101”



Authors

Avatar

Wes Purvis

Technical Marketing Engineer

Cisco’s Enterprise Networking Group

1 Comment
Avatar

Carving Out “Me” Time in the Internet of Everything Era

In a typical week, I spend about 70 percent of my waking hours on work-related matters. Another 50 percent is devoted to my family. Which leaves 20 percent for taking care of the household, and ….

Yes, that adds up to more that 100 percent. But there simply aren’t enough hours in a day for all that needs to be done — not to mention protecting that crucial time with loved ones.

So, thank you, multitasking! I can’t be the only one who has held a child while writing emails, taken conference calls from the supermarket, or had several online meetings running simultaneously.

All of this occurred to me as I struggled to find time for this blog. Writing forces me to shut off everything around me and reflect on the things that really matter — in a world that is rapidly changing, increasingly complex, and in which technology can sometimes seem a mixed blessing. When I do finally carve out an opportunity to write, it is precious time, which I cherish.

But writing is hard. Trust me, I’ve thought about creating a blog for years, and my past is riddled with failed attempts to start. Each time, I hesitated for too long, wondering whether people would really want to hear what I have to say. Like many writers, I have wondered if my compositions were too long, too short, too personal, too corporate, too banal, too deep ….

But as much as I appreciate your attention, dear reader, this time around I realize that I am writing the blog for me, the writer. Like many of us, I navigate a harried, high-pressure life. And this blog is my time, my space, to do something creative and expressive.

Continue reading “Carving Out “Me” Time in the Internet of Everything Era”



Authors

Avatar

Anja Langer Jacquin

Managing Director

Cisco Consulting Services

Leave a Comment
Avatar

#HigherEdThursdays – Cybersecurity for Higher Education: Is your network protected?

Cybersecurity is a hot topic and a major concern for all organizations.  No one is immune, and indeed, higher education institutions can fall victim to large breaches as well.  In fact, according to PrivacyRights.org, below are a few examples from the last 6 months:

Date Name

Records Lost
22-Apr-14 Iowa State University

29,780
27-Mar-14 The University of Wisconsin-Parkside

15,000
20-Mar-14 Auburn University

Unknown
6-Mar-14 North Dakota State University

290,000
26-Feb-14 Indiana University

146,000
19-Feb-14 University of Maryland

309,079
27-Nov-13 Maricopa County Community College District

2,490,000

Theft, intellectual property loss, and loss of individual’s personal data affect all organizations in varying degrees.  While higher education institutions face many of the same challenges as government and commercial organizations, they also have worries that are unique to their environments. Some of the higher education specific cybersecurity topics include:

  • Data Privacy & Security – Colleges posses the Personal Identifying Information (PII) of their students AND students parents, faculty and alumni – the numbers add up quickly.  In addition to the usual PII, this can also include: medical, financial, academic and other data.
  • Device Mobility – The average student currently has 3 devices and this is expected to grow to 5 devices in the next few years.
  • Application Protection & Control – Education specific applications have become a target for bad actors and file sharing sites cause concern of digital rights violations in Higher Education.
  • Digital Learning & Assessment – On-line classes and testing provide one-to-one learning opportunities, more choice, and cost reduction in Higher Education.  It must be secure
  • Protecting Intellectual Capital – Research universities have become a prime target for intellectual property theft.   They risk loosing valuable data and the possibility of losing grant funding.

Threats have become more sophisticated and protecting the enterprise with these topics in mind needs to be more sophisticated also.  It is no longer enough to harden access to the network and think you are OK.  Because the bad guys trying to steal your data are using so many different types of attack, effective defense requires a multi-level approach.

Cisco recently acquired SourceFire, and we have adopted their frequent question to customers: “If you knew you were going to be breached, what would you do differently?”  The 2014 Cisco Annual Security Report studied the web traffic of corporate networks and every one had connections to domains that are known malware threat sites or threat vectors – an indication that bad things are on every one of these networks and likely on most networks.  Think about the question again – what would YOU do differently?  That is what we all should be doing.

We recommend looking at the Attack Continuum of  “Before, During, and After” with the following actions for each phase:

  • Before an attack you want to harden your network, to enforce security policies with controlled, segmented access to resources.
  • During an attack you want to defend your network by detecting the threats and blocking them from getting in.
  • After an attack you want to contain the threat, determine the scope of the problem, remediate the damage, and get back to educating students.

The conventional perimeter protections such as firewalls, intrusion prevention, and anti-virus are still part of a good defense in depth framework, but more is now needed.  We offer many parts of the solution, of course, and have experts who work with universities to address their specific security needs. But no matter who you work with, please look carefully at what you can do differently to protect your students and your institution from these new, advanced threats.

Our upcoming whitepaper will focus on some of these trends, challenges and strategies for higher education. You can register to receive the whitepaper as well as a compilation of all the #HigherEdThursdays blog series upon completion.  Reserve your copy now.

Happy #HigherEdThursdays!



Authors

Avatar

Peter Romness

Cybersecurity Principal, US Public Sector CTO Office

Leave a Comment
Avatar

What does it take to make change?

May 2014 was a big month for me! I had a long trip to Australia and San Francisco for Cisco Live. This was my 2nd Cisco Live that I’ve attended, and the global event is making a positive impression on me.

I’ve been to scores of events, many for my role here at Veeam (a Cisco partner) but Cisco Live brings something different to the table. The themes of the events may change, but I feel the Cisco Live embodies the core of the change with trends such as the Internet of Everything. This is relevant today and in the future, but each of us can consume this theme differently.

As a technologist, I take in these themes and have the obligatory “Wow!” and “That’s cool!” after taking it all in; but what about when we return and get back into our daily routine? How do we get from here to there and make real change in our IT practice? That’s the hard part, but I’m convinced we can all get there in our own way.

CiscoBiscuits

 

 

 

 

 

 

 

 

Continue reading “What does it take to make change?”



Authors

Avatar

Rick Vanover

Product Strategy Specialist

Cisco Champion

Leave a Comment
Avatar

Combining Cloud, NFV, and SDN to create agile new services

Volker TegtmeyerWritten By Volker Tegtmeyer, Senior Manager Product & Solution Marketing

The industry is going through a huge business transformation. Enterprises want to focus their resources and investments on their core business rather than investing in non-core IT operations. They are looking at consuming network and IT services from the cloud, rather than investing in in-house operations. Consumers are raising their expectations, demanding to have a consistent application experience on any device at any place and at any time. And consumers expect the same experience at work, which drives overall consumerization of IT.

The market opportunity is huge and can be described as the ‘Internet of Everything’, as people, machines, and processes are communicating with each other at an exponentially increasing scale. This creates new opportunities for everyone.

As part of this, Service Providers can apply innovative technologies, like Software-Defined Network (SDN), (Network Functions Virtualization (NFV) and orchestration platforms, in their networks to overcome the current rigidity and complexity of today’s network infrastructure and operations. This opens new business opportunities.

Disaster Recovery as a Service is one example of Continue reading “Combining Cloud, NFV, and SDN to create agile new services”



Authors

Avatar

Sanjeev Mervana

Vice President of Product Management

Emerging Technologies & Incubation

June 4, 2014 Leave a Comment
Avatar

OpenStack with ACI whiteboard Video illustrations by Lucien Avramov

According to Gartner’s Andrew Lerner, many of the networking practitioners running mainstream corporate networks have only surface-level knowledge of OpenStack as evidenced in his recent blog. To assist networkers to understand Openstack, we created an easy white-board style video illustration of OpenStack for beginners with specific use-cases, featuring networking in a Cisco ACI context.  Lucien Avramov  from Cisco’s Insieme Business Unit, a lead Technical Marketing Engineer and an OpenStack evangelist  gleefully signed up to do the Videos. In this blog, I am pleased to present highlights of the videos.

Lucien rightfully starts his white-board Videos with one that discusses the basics, namely “What is OpenStack and Networking”.

videoluciena

This video covers OpenStack and Networking. Lucien does a deep-dive into the Neutron project and explains Neutron basics and its interaction with the physical and virtual networks of a Data Center.

For OpenStack with Networking watch

https://youtu.be/YWkHzavBGEc

The last video covers the benefits of ACI with OpenStack.  In this Video Lucien describes the workflow between ACI and OpenStack. You will learn the benefits of ACI with OpenStack including the ACI policy model, physical and virtual environment integration, hardware tunnels, service chaining and telemetry such as health scores, troubleshooting and visibility.

videolucien2

For ACI with OpenStack Video click, http://youtu.be/pQXysWvCPRQ

Stay tuned for more advanced video based use-case illustrations of OpenStack with ACI in near future.

Relevant Links

www.cisco.com/go/aci

www.cisco.com/go/nexus9000



Authors

Avatar

Ravi Balakrishnan

Senior Product Marketing Manager

Datacenter Solutions

Leave a Comment
Avatar

#EngineersUnplugged S5|Ep13: Big Data on Cisco UCS

In this week’s episode, Robert Novak (@gallifreyan) and Steve McQuerry (@smcquerry) talk about Big Data on UCS. Real world use cases including UCS Manager, UCS Central, and more.

Big Data, Big Unicorn, courtesy of Robert Novak and Steve McQuerry
Big Data, Big Unicorn, courtesy of Robert Novak and Steve McQuerry

This is Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:

  1. Episodes will publish weekly (or as close to it as we can manage)
  2. Subscribe to the podcast here: engineersunplugged.com
  3. Follow the #engineersunplugged conversation on Twitter
  4. Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja
  5. Practice drawing unicorns

Join the behind the scenes by liking Engineers Unplugged on Facebook.



Authors

Avatar

Amy Lewis