The Global Certification Team is proud to announce the FIPS 140-2 crypto certification of the Cisco Adaptive Security Appliance (ASA) family. This certification covered the following models: Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances. The ASA’s were evaluated at level 2 and earned FIPS certificate #1932 on software version 126.96.36.199.
The Cisco ASA 5500 Series helps organizations to balance security with productivity. It combines the industry’s most deployed stateful inspection firewall with comprehensive next-generation network security services. More information on the Cisco ASA family can be found on Cisco.com!
Get up to the minute updates on Cisco product certifications from the official Cisco Global Certification Team twitter, @CiscoCertTeam!
FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.
Tags: 5500, 5505, 5510, 5520, 5540, 5550, 5580, 5585, adaptive, appliance, ASA, security, SSP-10, SSP-20, SSP-40, SSP-60
I recently interviewed Mike Geller, a 15-year Cisco veteran and a security architect, who focuses on securing infrastructure, devices, and services delivered by service and cloud providers to governments, enterprises, and end users. I asked Mike to discuss three key feature sets that firewalls should have today to enable users to securely access the applications in the data center. This topic is very timely as application control is quite the “in vogue” topic.
#1: Network Integration
Mike takes the position that security is an attribute of the network versus a siloed, bolt-on element. With applications delivered from a combination of the cloud, service provider or hosted data center (the on premise data center at the enterprise or the mobile endpoint), security is pervasive across all domains. Integrating security into the network fabric that is used to deliver key business applications is the only way to offer services at the size and scale of today and tomorrow. How do you approach full integration of security? Let’s break it down. Read More »
Tags: application aware routers, ASA, ASA 1000V, byod, cloud, data center, firewall, integrated security, network integration, secure infrastructure, SecureX, security
It’s only been a few days since we said goodbye to 2012 and we are already seeing what many predicted for 2013: an increase in the creation, enhancement, and usage of numerous exploit kits by cyber criminals. Cyber criminals don’t take long vacations in December. On the contrary, they “work hard” and make lots of money during the holiday season! These criminals are continuously improving their tools to keep up with us (the good guys) and continue enhancing their “money-making machines.” A real-life example is how cyber criminals were able to quickly incorporate the exploits of the recently found Java vulnerability that I described in a post a few days ago.
Exploit kits make it easy for these criminals because they can easily spread malicious software that exploits well-known and new vulnerabilities. New exploit kits are loaded with some of the most dangerous zero-day exploits and other features that allow criminals to increase their profits.
Read More »
Tags: ASA, cloud security, exploit kits, exploits, security, web security
Previously I talked about the growing demands and how the role of IT has to change from a cost center to a business strategic partner. And we also looked at the journey you need to take to deliver IT as a Service. Cloud computing is part of this journey and it is happening – and I mean all types of Clouds – Private, Public and Hybrid. In other words, we are entering the World of Many Clouds. Forrester Research recently published a report that concluded, “Cloud computing is ready for the enterprise… but many enterprises aren’t ready for the cloud.”1 Yet cloud deployments are happening, driven by workload virtualization and changes in application architecture and usage.
Take a look at this short video with Paul Perez (VP/GM of Unified Computing System and CTO of Data Center Group) and me. Paul shares his insights on the trends of how Cloud is changing the way of the IT and the challenges you will be facing.
Guess what? Once again Cisco is here to help you on your journey to the World of Many Clouds. How you ask?
Read More »
Tags: ASA, Cisco, cloud, Cloud Computing, Consolidation, convergence, data center, DCNM, Fabric Path, FCoE, fex, Hybrid Cloud, it-as-a-service, LISP, MDS, nexus, Nexus 1000v, Nexus1010, NX-OS, OTV, private cloud, Public Cloud, switch, Unified Fabric, virtualization
Previously I talked about the growing demands and how the role of IT has to change from a cost center to a business strategic partner. It’s important to acknowledge that getting an organization to the point where it can implement IT as a Service isn’t easy, nor does it take place all at once. Every customer has their own journey and different customers will take different journeys. For some, it’s all about doing what they do now, only more efficiently or perhaps adding new capabilities. For others, it’s about making that full-blown transformation to service-driven IT.
So how do you get there? Each phase expands into a series of key initiatives…
It all starts with moving into more of a unified architecture of network fabric and corresponding operations.
Read More »
Tags: ASA, Cisco, cloud, Cloud Computing, Consolidation, convergence, data center, DCNM, Fabric Path, FCoE, fex, it-as-a-service, LISP, MDS, nexus, Nexus 1000v, Nexus1010, NX-OS, OTV, switch, Unified Fabric, virtualization