Cisco Blogs


Cisco Blog > Security

Cisco IPS Signature Retirement and the Default Configuration

Walter Sulym from the Cisco IPS team explains the signature retirement process and how the default configuration is determined.

Tags: ,

SCADA Syndrome and Lifelong Education

How many times have we encountered a situation where some part of the software industry starts small, in a closed environment, then grows and attracts a lot of attention before realising that things were not designed properly for this changed environment? On a large scale, I would say three times. It happened with the Internet, operating systems, and system and industrial control systems (also referred to as SCADA). This transition from a closed environment to an open environment inevitably exposes aspects that were overlooked during the development phase. The speed of this transition will only exacerbate the situation. Because SCADA systems are currently going through this transition I will call this a “SCADA Syndrome.”

Read More »

Cisco 4Q11 Global Threat Report

The Cisco 4Q11 Global Threat Report has been released. The report covers the period from 1 October 2011 through 31 December 2011 and features data from across Cisco Security Intelligence Operations. This quarter’s contributors were Cisco Intrusion Prevention System (IPS), Cisco IronPort, Cisco Security Research and Operations (SR&O), and Cisco ScanSafe.

Read More »

Tags: ,

Correlating NetFlow Data for Proactive Security: Network Notoriety

Prelude

In this short article the reader will first learn what NetFlow is and how it works. Next the reader will understand how it can be as an important security tool. Finally, a technique for correlating NetFlow results with public sources of Internet reputation, along with the tool “Netoriety,” which implements the technique, will be introduced and explained.
Read More »

Tags: , ,

Cisco IPS Sensor Default Signature Configuration Modifications

The threat landscape is an ever evolving environment that must be addressed with constant iteration. Since the Cisco Intrusion Prevention System signature configuration has grown over the past few years, the Cisco Security Research and Operations IPS Signature Development Team performed an exhaustive review of the default IPS signature settings currently shipping. As a result of that analysis, the team will be releasing changes to the default signature set via signature updates in a two-phase process over the course of several months.

Read More »

Tags: , ,