Today Cisco Security Intelligence Operations (SIO) has released its Semi-annual Cisco IOS Software Security Advisory Bundle, the second and final IOS bundle publication of 2012. Today’s release includes nine advisories, of which five have workarounds.
As in previous bundle publications, Cisco SIO has provided an array of security resources to help customers secure their networks. This collateral is not unique to bundle security advisories and instead is part of SIO’s response to current security events. Resources include: Read More »
Tags: Cisco, IOS, ios bundle, psirt, security, vulnerability
I have commented before on numeric passwords, and how they can and cannot be used securely. Apparently, not everyone has been reading my blog. Developer Kevin Burke has apparently discovered a phone company that limited customer passwords to a six-digit code, with only the numbers 0-9 as options. Combined with not having any failed password lockouts, nor requiring any other information besides username (your phone number) and the six-digit password, this is a recipe for disaster.
Read More »
Tags: authentication, passwords, security, strong passwords
- 100% IT is struggling to keep up with mobility trends
- Mobile threats have doubled from 2010 to 2011
- Around four in ten American users are likely to click on an unsafe link
And with all of these changing dynamics, user expectations continue to rise while the risk of security vulnerabilities rises. Yet, one of the expectations is a demand for safe access to essential business productivity and collaboration applications from anywhere, on any device (personal or organization acquisition), along with a consistent experience across multiple device types. This is the new workspace.
So, how do recent data center security enhancements play an important role in an ever more mobile and Bring-Your-Own-Device (BYOD) reality? The reality of the ever-increasing proliferation of devices for each user gives rise to a need for increased scalability and security in the data center even more evident. Users who bring their own device expect a good experience accessing the applications that reside in the data center. IT wants to ensure that applications delivered from the data center or internally are appropriately accessed and protected from any malicious actions. Securing a mobile and BYOD environment does not simply start at the endpoint; it must take an architectural approach from endpoint traffic traversing through the network to the data center. Cisco takes a comprehensive approach to securing applications, content, and devices delivered to any workspace, in any location, based on type and posture, location and time, and user’s role—ensuring an uncompromised user experience and giving your employees the freedom to be highly productive.
Read More »
Tags: bring your own device, byod, ISE, mobile threats, policy
In this last part of this series I will discuss the top customer priority of visibility. Cisco offers customers the ability to gain insight into what’s happening in their network and, at the same time, maintain compliance and business operations.
But before we dive into that let’s do a recap of part two of our series on Cisco’s Secure Data Center Strategy on threat defense. In summary, Cisco understands that to prevent threats both internally and externally it’s not a permit or deny of data, but rather that data needs deeper inspection. Cisco offers two leading platforms that work with the ASA 5585-X Series Adaptive Security Appliance to protect the data center and they are the new IPS 4500 Series Sensor platform for high data rate environments and the ASA CX Context Aware Security for application control. To learn more go to part 2 here.
As customers move from the physical to virtual to cloud data centers, a challenge heard over is over is that they desire to maintain their compliance, security, and policies across these varying instantiations of their data center. In other words, they want to same controls in the physical world present in the virtual – one policy, one set of security capabilities. This will maintain compliance, overall security and ease business operations.
By offering better visibility into users, their devices, applications and access controls this not only helps with maintaining compliance but also deal with the threat defense requirements in our overall data center. Cisco’s visibility tools gives our customers the insight they need to make decisions about who gets access to what kinds of information, where segmentation is needed, what are the boundaries in your data center, whether these boundaries are physical or virtual and the ability to do the right level of policy orchestration to maintain compliance and the overall security posture. These tools have been grouped into three key areas: management and reporting, insights, and policy orchestration.
Read More »
Tags: ASA-CX, Cisco ASA, cisco firewall, Cisco Security, cisco sio, Cisco UCS, cloud, data center, data center security, DC, firewall, Identity Services Engine, intrusion prevention, IPS, ISE, it security, netflow, network security, pci-dss, policy, security, server, threat defense, TrustSec, virtual, virtualization, VMDC
As previously discussed here on the Cisco Security blog, the Cisco Product Security Incident Response Team (PSIRT) follows a twice-per-year schedule for disclosing high-severity security vulnerabilities in Cisco IOS Software. The next Cisco IOS Software Security Advisory Bundle will be released on the 26th of September at 16:00 GMT. Our Security Vulnerability Policy describes the schedule best:
In direct response to customer feedback, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday 16:00 GMT of the month in March and September of each calendar year. This schedule applies to the disclosure of Cisco IOS Software vulnerabilities and does not apply to the disclosure of vulnerabilities in other Cisco products.
We offer several convenient and timely ways to learn of new
Cisco Security Advisories and Cisco Security Advisory Bundles.
Read More »
Tags: Cisco, Cisco Security, IOS, psirt, security, security advisories