Cisco Blogs


Cisco Blog > Security

Securing BGP sounds great but is there a tradeoff in terms of router performance?

October 10, 2012 at 2:45 pm PST

A primary concern of any network administrator when configuring new IOS features is the potential impact the enabling of new features will have on router performance including CPU utilization and memory usage.

It is fully expected that the layering of additional features, in this case BGP security features, will undoubtedly have an adverse impact on the available memory of an IOS router. But, based on our testing, the results were not quite what we expected… Read More »

Tags: , , ,

Injecting the Python Interpreter Via GDB

Recently I was evaluating the security of an application sandbox and I needed a way to inject some kind of interface into the sandboxed application in order to explore the possibilities available from that context. The main objective was to be able to easily explore file and system call access to determine what was allowed/denied. I decided the most suitable interface I could use for this exploration would be the Python interactive shell.

The first step I needed to take was to get the Python library (libpython) loaded into the address space of the target application. The easiest way that I could think to do this was to utilize the call command in the Gnu Debugger (GDB). GDB’s call command performs a debugee procedure call by injecting a new thread into the debugee and controlling the startup state. Since GDB already performs the necessary steps, I could take advantage of this by issuing the command:

Read More »

Tags: , ,

Managing Communications During Customer-Impacting Incidents

No matter how you prepare, you never know how or when it will begin. The phone rings and sixty seconds later a sense of dread emerges. It grows slowly, peaking just as you hang up the phone. Sitting back in your chair, you take a deep breath and turn your mind to all the customers, executives, and journalists who will soon know what you know.

You and I both have a sense of the work involved in managing customer-impacting data exposures, privacy breaches, or malicious attacks. These are high pressure, high profile incidents that demand the very best response team—a team that includes technical and non-technical expertise.

Working as I do with Cisco security and incident response teams, I sit alongside some great people who understand the value of having a professional communicator at the table. With a technical response underway, the communicator can do what they do best—summarize the topic, identify impacted audiences, assess their needs, and craft the required messaging. Regardless of their department—public relations, employee communications, customer communications, or marketing—these people will be critical to sustaining customer relationships and protecting your organization’s reputation.

Read More »

Tags: , , ,

Security Industry Visionary Joins Cisco

We are in the middle of several major market trends and transitions, including mobility, cloud and virtualization. Security is at the center of these massive transitions, and our customers tell us that they want simplicity and seamlessly integrated solutions for their network architectures. These industry disruptions require new thinking to create innovative technological solutions that will solve our customers’ biggest problems.

Enter Bret Hartman.

Bret has joined Cisco as the new Chief Technology Officer (CTO) for the Security Technology Group, which encompasses all of Cisco’s core security products. For Cisco, Bret will define our overall security technology strategy, particularly as it relates to how security technology integrates across the network infrastructure. Ensuring that our strategy transitions into value-added customer solutions will be critical as we move to an integrated security architecture that leverages the network.

Read More »

Tags: , , , , , , , ,

IPS Performance Explained

Data sheet performance numbers are often used to make purchasing and deployment decisions for network devices. This is true for Intrusion Prevention Systems (IPS) as well. However, the nature of IPS is such that performance can vary greatly based on multiple factors, including the traffic mix seen at the IPS, signature tuning, and the software version in use. As a result, basing an IPS deployment purely on data sheet numbers is difficult. Cisco has demystified data sheet performance metrics for its IPS 4500 and IPS 4300 products via a detailed technical paper that walks the reader through each performance number.

Read More »

Tags: , ,