On April 10, 2013, a collective of politically motivated hacktivists announced a round of planned attacks called #OPUSA. These attacks, slated to begin May 7, 2013, are to be launched against U.S.-based targets. #OPUSA is a follow-up to #OPISRAEL, which were a series of attacks carried out on April 7 against Israeli-based targets. Our goal here is to summarize and inform readers of resources, recommendations, network mitigations, and best practices that are available to prevent, mitigate, respond to, or dilute the effectiveness of these attacks. This blog was a collaborative effort between myself, Kevin Timm, Joseph Karpenko, Panos Kampanakis, and the Cisco TRAC team.
If the attackers follow the same patterns as previously witnessed during the #OPISRAEL attacks, then targets can expect a mixture of attacks. Major components of previous attacks consisted of denial of service attacks and web application exploits, ranging from advanced ad-hoc attempts to simple website defacements. In the past, attackers used such tools as LOIC, HOIC, and Slowloris.
Publicly announced attacks of this nature can have highly volatile credibility. In some cases, the announcements exist only for the purpose of gaining notoriety. In other cases, they are enhanced by increased publicity. Given the lack of specific details about participation or capabilities, the exact severity of the attack can’t be known until it (possibly) happens. Read More »
Tags: advisories, ASA, botnet, botnets, Cisco Security, Cloud Computing, cloud security, data center security, DDoS, exploits, firewall, incident response, IPS, IPS signatures, malware, mitigations, security, targeted attacks, TRAC, vulnerability
The Global Certification Team is proud to announce the FIPS 140-2 crypto certification of the Cisco Adaptive Security Appliance (ASA) family. This certification covered the following models: Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances. The ASA’s were evaluated at level 2 and earned FIPS certificate #1932 on software version 22.214.171.124.
The Cisco ASA 5500 Series helps organizations to balance security with productivity. It combines the industry’s most deployed stateful inspection firewall with comprehensive next-generation network security services. More information on the Cisco ASA family can be found on Cisco.com!
Get up to the minute updates on Cisco product certifications from the official Cisco Global Certification Team twitter, @CiscoCertTeam!
FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.
Tags: 5500, 5505, 5510, 5520, 5540, 5550, 5580, 5585, adaptive, appliance, ASA, security, SSP-10, SSP-20, SSP-40, SSP-60
I recently interviewed Mike Geller, a 15-year Cisco veteran and a security architect, who focuses on securing infrastructure, devices, and services delivered by service and cloud providers to governments, enterprises, and end users. I asked Mike to discuss three key feature sets that firewalls should have today to enable users to securely access the applications in the data center. This topic is very timely as application control is quite the “in vogue” topic.
#1: Network Integration
Mike takes the position that security is an attribute of the network versus a siloed, bolt-on element. With applications delivered from a combination of the cloud, service provider or hosted data center (the on premise data center at the enterprise or the mobile endpoint), security is pervasive across all domains. Integrating security into the network fabric that is used to deliver key business applications is the only way to offer services at the size and scale of today and tomorrow. How do you approach full integration of security? Let’s break it down. Read More »
Tags: application aware routers, ASA, ASA 1000V, byod, cloud, data center, firewall, integrated security, network integration, secure infrastructure, SecureX, security
It’s only been a few days since we said goodbye to 2012 and we are already seeing what many predicted for 2013: an increase in the creation, enhancement, and usage of numerous exploit kits by cyber criminals. Cyber criminals don’t take long vacations in December. On the contrary, they “work hard” and make lots of money during the holiday season! These criminals are continuously improving their tools to keep up with us (the good guys) and continue enhancing their “money-making machines.” A real-life example is how cyber criminals were able to quickly incorporate the exploits of the recently found Java vulnerability that I described in a post a few days ago.
Exploit kits make it easy for these criminals because they can easily spread malicious software that exploits well-known and new vulnerabilities. New exploit kits are loaded with some of the most dangerous zero-day exploits and other features that allow criminals to increase their profits.
Read More »
Tags: ASA, cloud security, exploit kits, exploits, security, web security
Previously I talked about the growing demands and how the role of IT has to change from a cost center to a business strategic partner. And we also looked at the journey you need to take to deliver IT as a Service. Cloud computing is part of this journey and it is happening – and I mean all types of Clouds – Private, Public and Hybrid. In other words, we are entering the World of Many Clouds. Forrester Research recently published a report that concluded, “Cloud computing is ready for the enterprise… but many enterprises aren’t ready for the cloud.”1 Yet cloud deployments are happening, driven by workload virtualization and changes in application architecture and usage.
Take a look at this short video with Paul Perez (VP/GM of Unified Computing System and CTO of Data Center Group) and me. Paul shares his insights on the trends of how Cloud is changing the way of the IT and the challenges you will be facing.
Guess what? Once again Cisco is here to help you on your journey to the World of Many Clouds. How you ask?
Read More »
Tags: ASA, Cisco, cloud, Cloud Computing, Consolidation, convergence, data center, DCNM, Fabric Path, FCoE, fex, Hybrid Cloud, it-as-a-service, LISP, MDS, nexus, Nexus 1000v, Nexus1010, NX-OS, OTV, private cloud, Public Cloud, switch, Unified Fabric, virtualization