Cisco Blogs


Cisco Blog > Security

Seven Things to Complete Before Deploying Cisco Identity Services Engine

Connected devices are spreading like kudzu on the Carolina roadside. Cisco Identity Services Engine (ISE) is a great way to manage the devices on your network and with implementing some best practices, I can say you will save time. Below are 7 ideas that will help:

1. Find an Executive Sponsor.

Security policies can now be supported at a network level using ISE. Official IT policies around accessing information based on BYOD were often circumvented. But now with ISE, we’ve been able to implement policies that provide the right access, but can’t be circumvented. This makes it more important than ever that you have executive-level sponsorship. Truth be told, which IT project wouldn’t benefit from the executive backing? My first experience with an executive sponsor was with an excellent CIO who resembled Pope Francis and spoke like a wicked good Bostonian. He tasked me with pursuing business groups and obtaining feedback on IT process changes. The CIO called me his “Man in Havana”. My coworkers lovingly changed it to “Cabana boy” because we made fun of each other at every opportunity. The point is, busy manufacturing and software development directors found time for my questions and follow-up meetings because an executive was driving the effort.

Read More »

Tags: , , , ,

Massive Canadian Pharmacy Spam Campaign

On Tuesday May 28, 2013 at 17:30 UTC a massive pharmaceutical-based spam campaign began, using the Subject: header “Only 24 Hours Left to Shop!”. Cisco witnessed volume rates peaking as high as 8 out of every 10 spam messages being sent. The indiscriminate nature of the attack’s recipients suggests that most anti-spam vendors, including Cisco, will have blocked this attack very quickly.

Pharma Spam Volume Graph

Read More »

Tags: , ,

Design & Implementation Guide: What’s In a Name?

This may seem to some a rhetorical question, right? It’s in the name! A guide that describes the design and implementation of a system or solution. That seems simple enough. Cisco Design and Implementation Guides (DIGs) can be found in the Cisco Design Zone. Many of these designs are Cisco Validated Designs (CVDs) that include internal or external testing, some are reference designs, and some are visionary architectures or best practices documented by experienced engineers.

As a Network Architect, I came to Cisco to develop CVDs and accelerate business solutions beyond just the “marketecture” vision. I wanted to prove how products and systems can be used to create end-to-end solutions that work better together, more than just the sum of their parts, solving real-world business problems.

Read More »

Tags: , , , , , ,

If You Didn’t Care About HIPAA Before, You May Need to Now

The HIPAA Omnibus Final Rule, released January 2013, greatly expands the number of organizations that must comply with HIPAA beyond the known ‘Covered Entities.’

The Final Rule expands the definition of a Business Associate to include an organization that ‘creates, receives, transmits or maintains’ PHI. Adding the term ‘maintains’ into the definition makes a big difference and will include a lot more businesses than before. The Department of Health and Human Services (HHS) estimates that 250,000 – 500,000 additional entities will be considered a Business Associate and therefore must comply with HIPAA. Read More »

Tags: , , , , ,

Network Threat Defense at Black Hat 2013

Join us at Black Hat 2013 in Las Vegas this July, for our two-day hands-on Network Threat Defense, Countermeasures, and Controls course. Courses will be offered on July 27-28 and July 29-30, and attendees will learn and perform two network security roles. First, as a Security Practitioner, you’ll learn to secure and harden network infrastructure devices, and second, as a Security Incident Response Investigator, you must correctly detect, classify, and mitigate threats attacking a network by configuring and deploying advanced network threat defenses and countermeasures. Learning these roles will help you prepare for and respond to real world threats such as the recent Financial ServicesSpamHaus, and OpUSA Denial of Service Attacks. Read More »

Tags: , , , , , , ,