I’ve had some recent discussions with colleagues in the armed forces regarding cyber security and how they consider “cyber” to be the fourth warfighting domain along with land, air, and sea. They describe how cyber has its own terrain made up of computing resources. As I further thought through this concept I saw a striking resemblance between the network and air warfare. To elaborate on this thought I must first set the context around the concept of air supremacy.
There are probably many different variations of the definition of air supremacy but let’s just use “the degree of air superiority wherein the opposing air force is incapable of effective interference” for the purpose of this blog. I borrowed this definition from NATO. There are two key words in the definition, “degree” and “effective.” Prior to achieving supremacy one must first move from parity, through superiority to eventually supremacy. Air parity is the lowest degree in which a force can control the skies above friendly units. In other words, prevention of opposing air assets from overwhelming land, air, and sea units. Read More »
I enjoyed Jennifer Geisler’s interview with Praveen Akkiraju from the Services Routing Technology Group.
One of the main messages from Cisco’s Live! was centered around the value of the network and Praveen made a great connection between the Cloud and the network. Cisco owns the infrastructure, from the endpoint to the Cloud, and is able to provide a unique perspective to deliver applications. With the right network, we get to see, optimize and enforce security policies at all connection points.
The network certainly gives us a great opportunity to enhance the Cloud user experience!
We are very pleased to announce that the ASR 1000 family of routers has been evaluated using the Common Methodology for IT Security Evaluation (Version 3.1) for conformance to the Common Criteria for IT Security Evaluation (Version 3.1) and was awarded a Common Criteria Certificate by NIAP (National Information Assurance Partnership). The evaluation assurance level (EAL) for the product is EAL4 augmented with ALC_FLR.2.
The ASR 1000 is functionally compliant with three Protection Profiles:
Router: U.S. Government Router Protection Profile For Medium Robustness Environments, version 1.1
VPN: U.S. Government Virtual Private Network (VPN) Boundary Gateway Protection Profile For Medium Robustness Environments, version 1.2
Firewall: U.S. Government Protection Profile for Traffic Filter Firewall For Medium Robustness Environments, version 1.1
In fact, the ASR 1000 is the only product in the market that is certified as a router,firewall and VPN device!
The following ASR 1000 platforms have been certified:
ASR 1002 with ESP5 or ESP10
ASR 1004 with RP1 or RP2 and ESP10 or ESP20
ASR 1006 with dual RP1 or RP2 and dual ESP10 or ESP20
For more information about the certification, and for the security target document, validation report and actual certificate, please refer to the NIAP/CCEVS web site at http://www.niap-ccevs.org/st/vid10361.
Jennifer Geisler speaks with Shannon McFarland, Corporate Consulting Engineer in the Office of the CTO, Cisco about the common questions regarding IPv6 deployment including such topics as campus, WAN/branch and data centers.