Cisco Blogs


Cisco Blog > Security

Ask the DC Security Expert: Three things to know about data center firewall application visibility and control

I recently interviewed Mike Geller, a 15-year Cisco veteran and a security architect, who focuses on securing infrastructure, devices, and services delivered by service and cloud providers to governments, enterprises, and end users. I asked Mike to discuss three key feature sets that firewalls should have today to enable users to securely access the applications in the data center. This topic is very timely as application control is quite the “in vogue” topic.

#1: Network Integration

Mike takes the position that security is an attribute of the network versus a siloed, bolt-on element. With applications delivered from a combination of the cloud, service provider or hosted data center (the on premise data center at the enterprise or the mobile endpoint), security is pervasive across all domains. Integrating security into the network fabric that is used to deliver key business applications is the only way to offer services at the size and scale of today and tomorrow. How do you approach full integration of security?  Let’s break it down.  Read More »

Tags: , , , , , , , , , , ,

Collecting IT Security Intelligence Globally, Using it Locally

“Think globally, act locally” is a phrase, now cliché, because it expresses an incontrovertible and immediately graspable truth. The global-local concept applies when it comes to mobilizing globally-collected cyber threat data, which in turn informs local IT operations against hackers and criminals. Of note, data collections spanning the globe don’t appear magically out of the blue, nor can they be engineered by just “anybody.” This crowd-sourced data must come from IT operations across the world to be collected, analyzed, and actioned. It’s a 24-hour cycle requiring the collective actions of organizations contributing to a mutually beneficial result. I have more to say about this in a video blog post on YouTube.

Tags: , , ,

Cisco Security Masters Dojo Course at CanSecWest 2013

My colleague, Joe Karpenko, and I will be presenting the Network Threat Defense, Countermeasures, and Controls Security Masters Dojo training course at the CanSecWest 2013 Applied Security Conference.

Attendees will perform two roles. First, as a Security Practitioner who will secure and harden devices within an organization’s network infrastructure, and second, as a Security Incident Response Investigator who must correctly detect, classify, and prevent threats targeting a network by configuring and deploying advanced network threat defenses and countermeasures. Read More »

Tags: , , ,

RSA Conference: T-Minus 30 Days and Counting

A month from now, thousands of cyber security friends, colleagues, professionals, hackers, defenders, sellers, buyers, old timers, and newbies will descend on San Francisco for the 2013 RSA Conference. We will challenge one another about what has changed, create new topics and new words to describe the previously indefinable, scare the heck out of each another, and ask the same questions…often: “What’s changed in the last year? Is it better? Is it worse? Is it new?”

“Security in Knowledge” is an apt theme for this year’s RSA. It resonates with me, given my very strong opinions that no company can effectively manage cyber security alone, either people-wise or data- and information-wise. Can any organization analyze 13 billion web requests per day? 150 million endpoints? A daily deluge of 75  terabytes of incoming data? You can’t cope with that yourself. We need to move to crowd-sourcing security, creating security knowledge, and ultimately increasing effectiveness rather than watching the ship continue to take on water at intermittently slowed rates.  Read More »

Tags: , , , , ,

Streamline Your Data Center with Three Key Optimized Security Measures

The data center is at the heart of promoting IT transformation. Mobility initiatives have created a need for increased connections; power initiatives have created a need for greater efficiency; and the increased need for real-time workload processing are driving that change. I see these as “signature” trends in 2013 and also highlighted these in my earlier post this year. Conventional IT security approaches often add complexity and usually impede efficiency gains. What’s needed is an approach that does not introduce latency or require the data center to be reconfigured to accommodate security. Neither should it introduce a myriad of new of tools, new reports, and new processes.

Very few vendors can claim to provide an end-to-end architecture where security is a key programmable element of the underlying data center fabric. This capability not only accelerates the adoption of virtualization and cloud technologies but also mitigates the complexity associated with disparate and siloed security technologies. The benefits are increased business agility backed by assured security posture, strong alignment of business function to security and reduced operational costs. In this paradigm, data center and IT executives will no longer be forced into making tradeoffs between business function and security to ensure newer and more capable services.

Read More »

Tags: , , ,