Cisco Blogs


Cisco Blog > Security

Cisco Live! Milan Post-Show Launch Update: Freely customize your ISE Portals Like a Pro!

The portals that your employees and guests use for enterprise mobility and guest access are a reflection of your company brand and putting your best foot forward means customizing them for a better user experience. The challenge is that customization often requires someone with knowledge of HTML, Java, CSS, and even jQuery skills – in addition to having design skills to properly feature content.

While Cisco offers brand new, out-of-the-box customization with Cisco Identity Services Engine (ISE) 1.3, we wanted to give customers the ability to do much more – so we’ve introduced a new, web-based tool called the ISE Portal Builder that we demo’d at Cisco Live! in Milan, Italy. The show attendees who came by our booth and attended private showings were really amazed by the capabilities offered and they recognized that the ISE Portal Builder enabled almost anyone to build a beautiful guest, BYOD, profile, sponsor, or MDM portal in minutes at no additional cost.

While we already improved the ISE 1.3 ability to quickly model workflows and do basic customization, utilizing the ISE Portal Builder designers can choose from a suite of templates, or create their own using a drag-and-drop page creator. In addition, we’ve made it easy to import, layout, and manage images and other displayed files. You can add advertisements and banners in different places, and even add them into a rotating carousel. You can select up to 17 languages and even create a custom portal for each!

To access the tool go to http://isepb.cisco.com and register using your CCO ID.

Tags: , , ,

Cisco Hosting Amsterdam 2015 FIRST Technical Colloquium

Registration is now open for the upcoming FIRST Technical Colloquium May 4-6, 2015 at Cisco Systems in Amsterdam, Netherlands. Please contact us at amsterdam-tc@first.org for any questions. The event already has an exciting preliminary program covering:

  • Attacks Against Cloud Server Honeypots
  • Emerging Threats – The State of Cyber Security
  • Cisco IOS and IOS-XE Integrity Assurance
  • CIIP and NIS Directives and Their Implication for CERTs – Recent German Activities
  • APT Attack & Mobile Threats – MyCERT Case Studies
  • Challenges in Applied Threat Intelligence
  • SSHCure: Flow-Based Compromise Detection Using NetFlow/IPFIX
  • Next Level Red Team vs. Blue Team

As well as many more current issues facing the incident response community! Learn how organizations operationalize intelligence to mitigate and detect advanced threats, and listen to war stories from front line incident responders and managers.

The event’s line-up includes notables from KPMG, IBM, CERT, Cisco, MyCERT, Alertlogic, and many others. Looking forward to a great TC in Amsterdam!

https://www.first.org/events/colloquia/amsterdam2015

Jeff Bollinger and Matt Valites

Tags: ,

The Dreaded “5-Tuple”

5-tuple

If you were to ask any security administrator who had to manage the security policies across an organization, they would probably define the “5-Tuple” as a “hard to understand, cryptic method leftover from the 1990s’ policy management for implementing access control and segmentation capabilities in networks.

Despite its complexity, 5-Tuple has been a mainstay in performing access control and segmentation for decades. However, Cisco has provided an alternate deployment approach to the pains of the “5-Tuple” approach to managing security policies across the organization by delivering Cisco TrustSec across our product portfolio so that Security Teams could consolidate their security policies, scale segmentation, and create a security fabric that spans across the entire organization. Read More »

Tags: , ,

Malicious PNGs: What You See Is Not All You Get!

This post was authored by Earl Carter and Nick Randolph.

Threat actors are continually evolving their techniques. One of the latest Graftor variants is delivering a Malware DLL via a PNG file delivery mechanism. Graftor basically indicates some type of trojan hiding in a piece of software. Hiding executables and DLLs in PNG files is yet another attempt to avoid detection and deliver malicious content to user systems. In this instance, the malicious content is placed at the end of the real PNG file data.

Read More »

Tags: , , ,

The Proliferation of Mandates: A Growing Threat to Supply Chain Security

As the focus on securing Information and Communications Technology (ICT) supply chains intensifies, the number of standards and guidelines is increasing at a troubling pace. These well-intended efforts to provide a framework for security may very well be “cooking the global ICT supply chain goose,” without moving the security needle. For more on this challenge see SC Magazine from the CSO’s Desk: The proliferation of mandates.

Tags: , ,