Cisco Blogs


Cisco Blog > Security

Death, Taxes, and Vulnerability Scanners

When talking about vulnerabilities, the Cisco PSIRT has probably seen it all. Vulnerabilities that can be exploited over the network, vulnerabilities that need local access, and vulnerabilities that need physical access. Vulnerabilities that affect integrity, confidentiality, and availability. Vulnerabilities at the operating system level, at the application level, or at the protocol level. Hands down, the most time consuming and complex to handle are those involving a protocol -- we need to investigate each and every Cisco product that implements the affected protocol. And if the vulnerability is in, say, IPv4… the investigation will require significant time and resources.

But there is one kind of report that makes the heart of any PSIRT Incident Manager sink -- an email from a customer asking “How do I fix these vulnerabilities?”. And attached to the email -- a report from a vulnerability scanner.

Read More »

Tags: ,

SNMP MIB Changes Related to IPv6

Simple Network Management Protocol (SNMP) is part of IETF’s Internet Protocol Suite that consists of four abstraction layers and defines a set of protocols used on the Internet. SNMP is mainly used for management and monitoring of networked devices. It can inform about the health of a network device or other reflections of its state (interfaces, IP addresses, traffic and more). SNMP is defined as part of IETF RFC 1157. For its function, it leverages Management Information Bases (MIBs), which define the structure of device information maintained. They represent a hierarchical namespace containing object identifiers (OIDs). Each OID identifies an object that holds the information of interest and can be polled or set via SNMP.

Read More »

Tags: , , ,

The Web: Recipe for Pwnage

The web, which for many people is more like the internet than a service that runs over the internet, has brought profound changes. While opening a great number of doors and creating opportunities that otherwise might not exist), the web also creates exposure and opportunities for those who would do bad things.

One of the challenges that IT and security professionals constantly face is finding the right balace between access and flexibility on one side and security on the other. The perfectly locked down, 100% airgapped network may be secure, but such an island would be less than useful for most organizations.

Read More »

Tags: ,

Cisco Security Manager UCS Server Bundles Reduce Complexity and Time to Market

September 16, 2011 at 3:25 pm PST

It’s no secret that network threats have grown significantly over the past several years – in number, as well as complexity. This growth continues to place an overwhelming burden on IT resources, who have to combat these threats on a daily basis. These guys already have a rough job of just keeping up with the sheer volume and variety of threats … but also making them go through multiple hoops and internal approvals to procure and piece together the solution from different vendors is enough to push a lot of folks over the proverbial edge!

Read More »

Tags: , , , , ,

The Inside on the Inside Cisco SIO Network World Article

September 14, 2011 at 12:11 pm PST

Several of us recently had the pleasure of working with Ann Bednarz from Network World on her feature article, “Inside Cisco Security Intelligence Operations” (SIO). We were all very pleased with the resulting article and her ability to capture and convey the intricacies of Cisco SIO. Considering the size, complexity, diversity, and distribution of the teams and technologies that make up our security operations, we knew that capturing these details and understanding Cisco SIO could have its challenges.

Read More »

Tags: