It has been said that mobile is recapitulating the development of the desktop PC. We are seeing the same blossoming of hardware, the same evolution of software, and the same growth in overall user experience and capabilities. Of course with greater complexity comes the mathematical likelihood of a greater number of bugs and vulnerabilities. Read More »
In the previous installment of our series of IPv6 posts, we covered some common myths regarding IPv6. In this post, we’ll talk about how the role of ICMP has changed in IPv6 compared to IPv4.
In IPv4, ICMP provides error reporting, flow control and first-hop gateway redirection. This functionality, which is also available in IPv6, is usually not essential to the operation of your network. With IPv6, however, ICMP has gained a much more significant and essential role because of new functionality that is now performed through ICMP. Fragmentation, Neighbor Discovery, and StateLess Address AutoConfiguration (SLAAC) represent essential functionality which is now performed using ICMP messages. Furthermore, many ICMP messages are designed to be sent to multicast addresses instead of only unicast addresses. Therefore, ICMP in IPv6 gains a whole new importance along with a new set of security concerns.
RSA 2011 was a big show for Cisco. We had a 30x30 booth with an in-booth theater, eight demo pods, speakers on several panels, and a keynote. Including speakers, the install and dismantle crew, and all of the booth staffers, we had a crew of around 100 people at the show. Demos included firewalls, virtualization, mobility, web, and security services. With the passing of Cisco Security Monitoring, Analysis, and Response System (MARS), a partner’s SIEM ecosystem display was of note, as were demonstrations of Cisco TrustSec, intrusion prevention, and Cisco Virtualization Experience Infrastructure (VXI). We also demonstrated Cisco AnyConnect running on an iPad, illustrating how Cisco can meet the needs of organizations grappling with the demands of the consumerization of IT and the security concerns that employee liable devices bring.
In the first installment of our series of IPv6 posts, we covered some basic differences between IPv4 and IPv6. In this post, we’ll talk about some common myths regarding IPv6.
The initial IPv6 standards originated in 1998 with the publication of RFC 2460 – “Internet Protocol, Version 6 (IPv6) Specification.” The main intent behind IPv6 was to solve the issue of the limited address space available in IPv4. Over time, other features such as Stateless Address Autoconfiguration (SLAAC), Network Renumbering, and mandatory IPSec support were also added to IPv6. In reality, however, the main benefit of IPv6 is the expansion of the address space. Over those 10+ years, numerous myths, however, have surfaced, many of which can impact the security of your IPv6 network. Understanding the truth behind these misconceptions is important, especially now, as IPv6 is being deployed on more and more networks.
The past year has been an interesting one in IT in general, and security in particular. We have seen the continued growth of Internet traffic, the ongoing rise of the could, the consumerization of IT and the growth of social networks, all making the challenge of delivering secure, reliable, seamless connectivity to increasingly distributed users on a proliferating forest of increasingly diverse devices. With new challenges like government-backed cyberwar efforts such as Stuxnet, hacktivism and not so anonymous DDoS attacks, a big mobility push and an emphasis on telework, IT and security groups have their hands full.
Come join us at RSA 2011 in Moscone Center in San Francisco. The show is running February 14-18 and we are excited to be showing some of our latest and greatest security solutions and technologies at Booth 1717.