Cisco Blogs


Cisco Blog > Government

Advanced Malware Protection Can Help Keep Defense Agencies’ Networks Secure

It seems like these days, you can’t read the news without seeing something about a cyberattack or data breach. While the digital economy and the Internet of Everything (IoE) are creating huge opportunities for value creation in both the public and private sectors, they also create huge opportunities for security breaches. With an expanded attack surface created by the IoE, cybercriminals look to take advantage of the influx of new devices and increasing network complexity. While a large cyberattack on a private company might be painful financially, a hack on some of our nation’s defense agencies could hurt much more.

The Department of Defense (DoD) is a high-priority target for hackers of all types, but especially for advanced malware creators who are seeking to steal intellectual property, capabilities and strategies from the U.S. government.  These threats aren’t only isolated incidents from hacktivist groups; they often come from other advanced nation-states. The protection of military information and network assets is a part of national security and the DoD needs the tools to protect itself from cyberattacks.

One way the DoD and other agencies are looking to better protect their networks is by using advanced malware protection (AMP) tools. AMP helps detect “bad” files as they move across a sensor and flags the files for removal so that they don’t corrupt the rest of the network. Cisco’s AMP services are industry-leading; it was named a leader in Gartner Magic Quadrants for Intrusion Prevention Systems in 2014 and improved its position in 2015. It was also tested during NSS Labs’ rigorous next-generation firewall testing and received the highest effectiveness rating possible.

Figure1

Figure 1. Gartner’s 2015 Magic Quadrant for Intrusion Prevention Systems

Cisco AMP is unique from its competitors in that it can place sensors throughout the network. Unlike most companies’ sensors, which must be attached to the firewall, Cisco’s sensors are compatible with a large variety of devices and platforms, such as switches, virtual machines and the cloud. By allowing for sensors in other places in the network, Cisco AMP casts a wider and finer net to catch malware.

Additionally, Cisco AMP tracks files throughout the whole network. For most advanced malware systems, a file is only flagged as good or bad when it crosses a sensor. But with Cisco AMP, the file is tracked throughout and continually evaluated. That means if a file was initially tagged as good but more information appears, Cisco AMP can detect that anywhere in the network, flag it, and have the file removed. Continuously monitoring files enables security managers to get rid of corrupted files rapidly – which means the network can recover more quickly as well.

Figure2

Figure 2. Point-In-Time Detection vs. Cisco’s Continuous Detection

Another way that Cisco AMP sets itself apart from other security options is through its ability to trace a file’s path and remove other files it has potentially corrupted. The corrupted file is patient zero, but CiscoAMP can find every other patient it touched to ensure the threat is completed eradicated.

As DoD networks become increasingly complex, with more devices requiring access from remote areas, the capabilities Cisco AMP solutions provide will be even more important to ensure these critical networks are secure. No matter how it is utilized, Cisco AMP can help the Department of Defense and other public sector agencies defend their sensitive information from cyberattacks. Click here to learn more about Cisco AMP solutions.

Tags: , , , , , ,

#WednesdayWalkabout Series: The Smart City Revolution

Co-authored with Munish Khetrapal

Upping Your Livability Index

As cities and countries around the globe are facing an onslaught of new and confusing challenges such as urban sprawl, safety and security, traffic congestion, and transportation accessibility, it is increasingly becoming important for public sector leaders to provide smart solutions. And as leaders further embrace the smart city narrative, the main question remains as to how these digital technology solutions will help their citizens and communities.

Motivations for adopting smart city initiatives vary, but one primary reason that has emerged is the desire to enhance ‘livability’. Livability plays an important role in how cities compete with other cities for tax dollars, jobs, residents, employers, investment, and positive perceptions. Improving livability can be seen both as a strategic asset that contributes to growth, and as a key ingredient to happier, healthier citizens. And when push comes to shove, technology is an enabler, not the end game. Putting people in the forefront is key.

Smart City Walking Tour

Throughout this series, we’ve taken you through a whirlwind of important industry trends, smart technologies, and places of digital transformation. At the Internet of Things World Forum that took place in Dubai this week, many of our spotlighted topics converged and took center stage to demonstrate the cross-vertical impact of IoT. In this week’s post, our digital citizen is participating in our IoT World Forum Smart City Experience tour.

IMG_3675

Read More »

Tags: , , , , , , , , , ,

#WednesdayWalkabout Series: IoT Changing the Public Safety Landscape

Co-authored with Kacey Carpenter

Technology Changing the Game

The industry continues to change, reflecting both emerging approaches to delivering innovative IT solutions, and also the faster paced, more complex environment faced by government officials. These topics share a common theme – citizen expectations continue to rise. Government leaders must be agile enough to adapt to changing circumstances and to rapidly deliver safer and smarter outcomes for their cities and countries. Considering what will be valuable and critical for success for effectively managing in the digital era, the public sector is increasingly turning to the Internet of Things (IoT) and the immense opportunities it will provide to turn data into insights and drive highly relevant and compelling outcomes.

The IoT has been increasingly influencing the public safety realm. Thanks to the plethora of connected devices that can collect real-time data – such as body-worn cameras – it’s possible to begin leveraging the real-time, actionable data this ecosystem delivers, enabling public-safety professionals to help keep citizens safer and communities more secure. By harnessing IoT technologies for public safety, first responders and law enforcement can more easily respond to emergencies and even prevent situations from turning into emergencies in the first place.

Real-time police operations at IoT World Forum in Dubai

In this week’s post, our digital citizen is back from the future. Our citizen was fortunate enough to jump a week ahead to this year’s IoT World Forum, set to take stage on Dec 6-8 in Dubai. The visit was to witness the demonstration of a solution built from the ground up and customized for the Dubai municipality.  Read More »

Tags: , , , , , , , , , , ,

Using best better practices with Cisco UCS Manager

I’ve been working with Cisco UCS since the very beginning. From the earliest days, whenever a customer ran into problems, I would often be asked to help figure out what was going wrong and to help fix it. Generally, this would involve a review of the system, and when we found less desirable configurations we would work with the partner and customer to clean things up. As a part of this process, I began documenting the good and the bad I saw, which evolved into what I describe as UCS “better” practices. This post aims to describe some of these practices and why they are useful. Follow-up posts will expand on this and include additional important practices. Read More »

Tags: , , , , , , ,

What’s New in High-Performance Computing: Science DMZ and SC15

The 27th annual SuperComputing conference is next week from November 15-20 in Austin, TX. The conference spotlights the many applications of high-performance computing (HPC) and innovations from around the world that are affecting the space. SuperComputing 2015 will attract the premier scientists, engineers, researchers, educators, programmers, system administrators, and developers in the international supercomputing community, and they’ll all be in Austin next week to talk about the latest and greatest in HPC!

We’re extremely excited to have some of our own Cisco representatives on hand, both to learn from the experts that will be present and to share some of Cisco’s initiatives in the HPC space. If you’re going to be at SuperComputing 2015, check out these two Cisco-led sessions:

Dave Goodell, Technical Leader Software Engineering

Monday, November 16 1:30-5:00 PM Room 12

Jeffrey M. Squyres, Technical Leader, Engineering

Wednesday, November 18 12:15-1:15 PM Room 18CD

In addition, there will be daily presentations happening at the Cisco booth (#588) throughout the conference on topics like Application Centric Infrastructure (ACI), Next Generation Firewalls and HPC with Cisco UCS. There will also be a presentation on Science DMZ led by Cisco’s Jason King and Chris Hocker. Science DMZ is a subnetwork that is secure, but doesn’t have the performance limits that can occur with traditional security devices like firewalls. Science DMZ is designed to handle high volumes of data and is an important part of supercomputing.

However, it has been difficult to implement securely with traditional network protocols and hardware. One way to tackle this problem is using software defined networking (SDN). In fact, Cisco recently published a whitepaper on how an event-based SDN solution can utilize blocking and steering actions to improve both the security and efficiency of the traditional Science DMZ. You can check out the full whitepaper to learn more about this approach to Science DMZ.

If you’re going to SuperComputing 2015, be sure to stop by booth #588 to say hi and learn more about Science DMZ and hear from our HPC experts.

Hope to see everyone there!