As part of CSIRT’s mobile monitoring offering for special events, we undertook monitoring of the corporate and customer traffic of the Cisco House at the London 2012 Olympics. This engagement presents us with an excellent opportunity to showcase Cisco technology, while keeping a close watch on potential network security threats. CSIRT monitoring for this event will be active for the entire life-span of the Cisco House, from two months before the Olympics, until two months after.
For the London 2012 engagement, we shipped our gear in a 14RU military-grade rack that is containerized: made for shipping. Inside the mobile monitoring rack we have an assortment of Cisco kit and third-party kit that mirrors the monitoring we do internally:
Catalyst 3750 to fan out traffic to all the other devices
FireEye for advanced malware detection
Two Cisco IronPort WSA devices for web traffic filtering based on reputation
Cisco UCS box where we run multiple VMs
Lancope StealthWatch collector for NetFlow data
and a Cisco 4255 IDS for intrusion detection
We mirror the signatures that we have deployed internally at Cisco out to these remote locations. Depending on the environment where the mobile monitoring rack is deployed, we may also do some custom tuning. The kit in the mobile monitoring rack can do intrusion detection, advanced malware detection, and collect and parse NetFlow and log data for investigation purposes. The Cisco UCS rack server also helps us have several VMs, allowing us to run multiple tools that complement the other devices in the rack. For example, we run a Splunk instance on a VM to collect the logs generated by all the services. The data from the gear in the mobile monitoring rack is analyzed by our team of analysts and investigators, to eliminate false positives, conduct mitigation and remediation, and finally produce an incident report if required.
There was a period in our house when Roger Black could do no wrong. The young, tall, handsome runner with the choirboy hairstyle from Portsmouth had won medals at both the 1992 and 1996 Olympics and in my wife and her friend’s eyes had an effect akin to that which Achilles must have had on all the Greek women while they waited to hear of his success at Troy. So it was with some curiosity that I met Roger for the first time in his capacity as one of our London 2012 Olympic Ambassadors. Would he still have the athlete’s demeanour, a taught spring ready to tear out of the starting blocks or pounce on an unsuspecting Trojan? Would the choirboy hair deny his 45 years?
I joined the Cisco UK & Ireland team fairly late into our London 2012 journey in August 2011 following four years in Cisco’s Services business in California and Europe. I had been lucky enough in my earlier career while working for a consumer brand to sponsor the British Bobsleigh team across a period of two winter Olympics, culminating in a medal at Nagano. I knew the excitement that comes from involvement in world-class sport and while I had not been involved in the early decisions around Cisco’s sponsorship, I was very much looking forward to being involved in probably the only Olympics and Paralympics that will take place during my lifetime in Britain.
For Cisco, London 2012 is all about leveraging network technology to create a better Britain, a brilliant futureas we see it. London 2012 is the starting gun for us, not the finishing tape as so many other sponsors see it. The legacy is what it’s all about, not just 5 weeks of incredible sporting challenge. So when we look at our 2012 marketing strategy, we always keep the end goal in mind. It is a tall order; we want to focus on the future beyond 2012 and at the same time benefit from the excitement and opportunity before and during the Games.
So how have we approached our marketing strategy for London 2012?