Cisco Blogs

Cisco Blog > Security

The Cisco Security Thought Leaders Top of Mind Blog Series

As you think about the security of your company, employees, information and assets, what are the topics that are “top of mind” for you? What keeps you up at night?

Starting next month on the Cisco Security Blog, we will be sharing a series of “Top of Mind” blog posts from our security leaders. These experts from Cisco’s diverse security community offer a wealth of knowledge and experience on all aspects of security. They will share their top of mind concerns, considerations, approaches, and solutions as they focus on securing the Cisco enterprise. We believe the information they share will be important thought leadership, direction and guidance for you to consider applying in your own environments.

We welcome your input to keep this security dialogue interactive and relevant to you. In fact, we’d like to challenge you to use this forum to challenge us, by sharing your thoughts and concerns, and asking the hard questions that will lead us all to be more secure. If there is a specific topic you would like to hear about, let us know. We look forward to the discussion, so that together we can improve our collective security.

Tags: ,

Access Control: Understanding iACL vs tACL

Other than semantics, what’s the difference between the two access control list configurations presented below? They both look much the same, in fact, but the key differentiation is one of context! Take a few minutes and read ahead…


ip access-list extended Access-Control
permit tcp host eq 80
permit udp host eq 69
deny tcp any eq 23
deny ip any any
access-list 150 permit tcp host eq 80
access-list 150 permit udp host eq 69
access-list 150 deny tcp any eq 23
access-list 150 deny ip any any


Understanding ACLs (access-control lists), or moreover, the difference between standard ACLs, extended ACLs, VLAN ACLs (VACLs), and access-control entries (ACEs) — the individual lines that comprise an ACL — is a challenge in and of itself, but now you read a Cisco Applied Mitigation Bulletin (AMB) and see the terms iACL and tACL: great, another acronym and concept to grasp? You bet!

Read More »

Tags: ,

Even Security Administrators Deserve a Break – Part 1 of 2

By now, most of us have heard Cisco executives utter the words, “Work is no longer a place you go, but what you do.” Now we’ve all heard hundreds of these snappy one-liners in our careers, written by some marketer for the sole purpose of making a particular presentation more memorable. And like you, I easily dismiss catchphrases soon after the completion of the presentation. But for me, this one is different – because it’s so true. In fact, looking back over just the past 10-15 years, I find it hard to believe how much technology has changed the way we all live and work.

Read More »

Security Schemes – Why Keep Them Public?

Should we or should we not keep our security protocols and algorithms public? The debate has been going on for quite some time. It might even have taken place in the Roman Empire when Caesar Cipher was used to encrypt Julius Caesar’s messages. It has been the norm for a long time for all new security methods to be published externally in order to receive academic and public scrutiny, in a way so that they prove themselves.

Read More »


Adapting Levels of Assurance for the NSTIC

This is part of an ongoing series on the National Strategy for Trusted Identities in Cyberspace. The introduction to this series can be found here.

One of the goals of the National Strategy for Trusted Identities in Cyberspace (NSTIC) is to support a wide range of use cases. These might include everything from low-value purchases to making adjustments to critical infrastructure, like power systems, where someone might get hurt if an unauthorized action takes place.

Read More »

Tags: , , , ,