Cisco Blogs


Cisco Blog > Security

Cisco Identity Services Engine (ISE) 1.3 and Cisco AnyConnect 4.0 Are Now Available!

Cisco customers, partners, and field have been eagerly awaiting the release of the latest version of the Identity Services Engine and the AnyConnect Secure Mobility Client. Well, the wait is now over! After another highly successful limited availability program, Cisco ISE 1.3 and Cisco AnyConnect 4.0 are now available for full orderability as of Friday, November 7, 2014.

With a focus on simplifying user experiences, the latest release of Cisco ISE accelerates enterprises’ capabilities to deploy secure network access easily in just hours. For administrators deploying Guest Access or Enterprise Mobility (a.k.a. “BYOD”) or for end-users onboarding their devices, these processes are now more streamlined than ever before. Expanding secure access across the entire network is also easy with Cisoc ISE by utilizing Cisco TrustSec to enable Software-Defined Segmentation (SDS) that creates contextual segmenation policies aligned with business usage. Flexible, tiered licensing allows customers to right-size their deployments for the features they need and want. Overall, secure access policy and control is centralized and simplified in order to securely and consistently deliver vital business services, enhance infrastructure security, enforce compliance, and streamline service operations. Read More »

Tags: , , , ,

Talos Discovered Three More Vulnerabilities in Pidgin

This post was authored by Yves Younan and edited by Armin Pelkmann

Table of contents

CVE-2014-3697, VRT-2014-0205
CVE-2014-3696, VRT-2014-0204
CVE-2014-3695, VRT-2014-0203

Cisco Talos is announcing the discovery and patching of another three 3 CVE vulnerabilities in Pidgin (An open-source multi-platform instant messaging client -- see wikipedia page). These vulnerabilities were discovered by our team and reported to the Pidgin team. They were found during our initial look at Pidgin which resulted in the first 4 vulnerabilities released in January, but were reported to Pidgin a little later and took longer to get patched. Now that these vulnerabilities were patched in the latest version of Pidgin, 2.10.10, we want to publicly disclose our findings.

 

The first vulnerability (CVE-2014-3697, VRT-2014-0205) is in the routines Pidgin uses to handle smiley and theme packages in Windows. These packages can be downloaded from websites and installed by dragging and dropping them to Pidgin. The packages are TAR files and Pidgin handles them by un-tarring the files to a specific directory. Read More »

Tags: , , , , , ,

A Dynamic Integration: FireSIGHT and ISE

With the security landscape constantly evolving and attackers innovating at the rapid pace, it is important that we keep up with attackers.  For this reason we have based our security on imperatives like being visibility-driven and platform-based.

Organizations need total visibility of their environments for full contextual awareness, ultimately enabling better network protection, since we can’t protect what we can’t see.  The imperative of being platform-based is also important for more simplified architectures with fewer security devices that smoothly integrate with existing IT environments, capable of sharing deep contextual data.

These imperatives working in concert mean defenders can now move towards security systems that see everything and share context and intelligence for correlation to dynamically apply controls in real-time based on what is seen and learned.

These imperatives are also central to the Identity Services Engine (ISE) and its partner ecosystem powered by Platform Exchange Grid (pxGrid) to share contextual information between platforms for better visibility, mobile device compliance, cyber threat defense, threat remediation, network troubleshooting and IoT security.

The continued integration of Cisco and Sourcefire continues to show the commitment to an evolving and powerful security portfolio, based on these imperatives.  Today we unveil another integration: Cisco ISE with FireSIGHT Management Center using pxGrid.

FireSIGHT Management Center is the management console for Cisco ASA with FirePOWER Services and Cisco FirePOWER appliances providing total, real-time network visibility and security automation.  Cisco ISE is our security policy management platform unifying and automating secure access control to enforce role-based access to networks and network resources.

Now, corporate environments with networks that contain both FireSIGHT and ISE can use them together for threat detection and quarantine.

Cisco ISE leverages pxGrid technology to integrate with FireSIGHT so it can collect identity contextual information from ISE for identity-based event logging as well as specifying quarantine actions for remediation.  Simply put, when an AMP for Endpoints malware detection appears in FireSIGHT, it dynamically instructs ISE to quarantine the infected endpoint.

With FireSIGHT and ISE working together for more dynamic controls, we drive further momentum after introducing Cisco ASA with FirePOWER Services and incorporation of Advanced Malware Protection (AMP) on Cisco content security products.

To install please visit the Cisco support community or visit our booth at Cisco Live Cancun November 3-6 for a demo.  For information on ISE, please see our recent post on the Cisco Identity Services Engine (ISE) and its expanding technology partner ecosystem.

Tags: , , , , , ,

Ensuring Security and Trust Stewardship and Accountability

In our increasingly interconnected world, the Internet of Everything is making trust a critical element of how people use network-connected devices to work, play, live, and learn. The relentless rise in information security breaches underscores the deep need for enterprises and governments alike to trust that their systems, data, business partners, customers, and citizens are safe.

Consequently, I see an evolution taking place regarding accountability in cybersecurity moving up to the boardroom level, an issue I discussed earlier this year in Fortune. In a recent Information Systems Audit and Control Association (ISACA) report, 55 percent of corporate directors revealed that they have to personally understand and manage cyber as a risk area. The National Association of Corporate Directors recently published a document on corporate directors’ ownership and management of risk in cyber for public companies. In March of this year, an SEC commissioner said that the SEC plans to create a requirement for corporate directors regarding managing cybersecurity as a risk.

Read More »

Tags: , , , , ,

The Value of Endpoint and Network Protection Together

As I’ve discussed in past blog posts, advanced malware and sophisticated attacks are relentless as they compromise environments using new and stealthy techniques. Modern malware is dynamic and exists in an interconnected ecosystem that is constantly in motion. It will use an array of attack vectors, take endless form factors, and launch attacks over time.

In contrast, most security tools today are stuck in time – a point in time to be exact. They scan files once at the point of entry to determine if they are malicious, letting the supposedly “good” files in, and kicking the known “bad” files out. If the malicious file isn’t caught at point of entry, or if it evolves and becomes malicious AFTER entering the environment, point-in-time detection technologies give us little recourse after an infection occurs.

Read More »

Tags: , , , ,