Cisco Blogs


Cisco Blog > Security

Cisco IPS Signature Coverage for OpenSSL Heartbleed Issue

The Cisco IPS Signature Development team has released 4 signature updates in the past week. Each of the updates contains either modifications to existing signatures or additional signatures for detection of attacks related to the OpenSSL Heartbleed issue. I’m going to take a moment to summarize the signature coverage.

To best utilize your Cisco IPS to protect against the OpenSSL Heartbleed issue:

  • Update your sensors to signature update pack S788.
  • Enable and activate sub-signatures /3 and /4 for signature 4187, leaving /0, /1, and /2 disabled and retired (by default, signature 4187 is disabled and retired across all sub-signatures).
  • Sub-signatures /3 and /4 are set at a severity of Informational and Low, respectively, and will not drop traffic by default. If after monitoring the sensor alerts, you are comfortable dropping traffic inline based on those alerts, you will need to add an action of “deny-packet” to each signature.

Further detail regarding the released signatures:
Read More »

Tags: , , , ,

Cisco Partner Weekly Rewind – April 18, 2014

April 18, 2014 at 7:30 am PST

Each week, we’ll highlight the most important Cisco partner news and stories, as well as point you to important, Cisco-related partner content you may have missed along the way. Here’s what you might have missed this week:

Off the Top

Bob Gault had a great blog this week on “When and How to Use Cloud.” He took a look at private versus public cloud and how to make the decision between the two, along with when it makes more sense to run a combination of the two.

Make sure you consider all options before talking to your customers. Be sure to check out Bob’s blog and let him know what you think of his conclusions.

Partner Voices

Not to toot my own horn, but I had a pretty interesting blog this week as well. I had the chance to talk to Manjula Talreja a few weeks back. We discussed how cloud providers succeed in multiple markets. She had some great insights and pointed me to a white paper Cisco wrote in conjunction with Dimension Data on business models for cloud providers.

There really is some great information about cloud provider success in the latest Partner Voices blog. Check it out and let me know what you think! Read More »

Tags: , , , ,

Summary: IoT Holds Great Promise – But Ensuring Its Security Takes Strong Leadership and Teamwork!

April 18, 2014 at 7:20 am PST

Despite the many benefits of IoT, the billions of connected sensors, devices, and other smart objects it comprises will also dramatically increase the diversity of threats we will face. As a result, ensuring that we can reap the overwhelming benefits of IoT without undermining security will take strong leadership and a great deal of teamwork throughout the industry. That’s why I’m proud that Chris Young, Senior Vice President, Cisco Security Group, recently made the list as one of the top 100 thought leaders for IoT!

Read the full blog post to learn more.

Tags: , , , , , , , , ,

IoT Holds Great Promise – But Ensuring its Security Takes Strong Leadership and Teamwork!

April 18, 2014 at 6:00 am PST

Many people take the term “Internet of Things” too literally, and assume that IoT is about the things, themselves. But they’re missing the whole point! It’s not the “things” that makes IoT special. After all, connected devices are neither new nor particularly interesting, particularly since the data each individual item produces is of little value. But by networking these devices together, IoT enables us to benefit from their ability to combine simple data to produce usable intelligence. In turn, that intelligence can be used by businesses to increase operational efficiency, and by individuals to make life easier and more comfortable.

But despite the many benefits of IoT, the billions of connected sensors, devices, and other smart objects it comprises will also dramatically increase the diversity of threats we will face. As a result, securely embracing IoT will require a multi-layer approach to security – including cloud, perimeter, physical, and device-level security, as well as end-to-end data encryption.

Ensuring that we can reap the overwhelming benefits of IoT without undermining security isn’t going to happen on its own; it will take strong leadership and a great deal of teamwork throughout the industry. That’s why I’m proud that Chris Young, Cisco’s Senior Vice President of Security, recently topped the list as one of the top 100 thought leaders for IoT! It will take leaders like Chris, who have a strong understanding of security and a passion for IoT, to help ensure that we can securely embrace IoT.

I honestly expect IoT to change the world in a variety of ways. But truly harnessing its power requires that we inspire and cultivate a true culture of security throughout every level of the extended network – which means that leadership and teamwork will be far more valuable than the technology, itself.

Tags: , , , , , , , ,

On Cisco.com password changes

Last week I published a brief blog about the OpenSSL heartbeat extension vulnerability, also known as the Heartbleed bug.

One commenter asked, “What about the Cisco.com website? Is it safe to change our passwords on the site?” We received a handful of similar questions from customers today, so I would like to offer our formal advice.

The Cisco Security Incident Response Team (CSIRT) has not found any Cisco.com infrastructure that was vulnerable to the Heartbleed vulnerability. There is also no evidence to suggest a compromise of Cisco.com user accounts.

You are safe to change your password by visiting the Cisco.com profile management page – in fact regular password changes are something we actively recommend.

Regardless of the website you are visiting, use of a strong password and regular password changes are an important part of online safety. If you are looking for more password advice, we recommend the following US-CERT security tip: Choosing and Protecting Passwords.

Tags: , , ,