Cisco Blogs


Cisco Blog > Security

Block a country with my Cisco Router or Firewall

Problem:

We are often asked by customers about how they can prevent traffic from a certain country (let’s say country X) from entering their network. The motivations for doing this could vary. Sometimes a company does not do business with all countries in the world; therefore, the company doesn’t need to be accessible from all countries. Other times it is an issue of trust and security, where an administrator may not want to allow country X to enter their infrastructure. Finally, there are cases where country X has often been incriminated with malicious activity, so an administrator may want to block country X when there is no need for the organization to interact with this country. In this document I present a methodology on how to write a tool that provides the configuration lines to block country X, using your IOS router or ASA/ASASM firewall.
Read More »

Tags: , , , , , ,

Fundamentals of High End Firewalls

November 29, 2011 at 4:25 pm PST

We had fun turning out a few new security oriented fundamentals that we always hope you enjoy.  This one firewall animation is very complimentary to a full TechWiseTV show we recently released..you can see it embedded just after the jump.  Nothing in networking is ever really an apples to apples comparison but it seems like firewall vendors are more full of hot air than anyone.   Read More »

Tags: , , , , , , , ,

Cisco ASA 1000V: The Cloud Ready Firewall

November 28, 2011 at 11:57 am PST

Juniper Reality

In this show, we cover the new ASA 1000V and how this security family represents the oldest yet most future ready security platform.

What is the relevance of a Firewall in today’s modern world where security must encompass every part of increasingly distributed operations? What is really meant by a Cloud Ready Firewall?  What the heck is this new ‘virtual ASA’…didn’t we already have the Virtual Security Gateway?  Perhaps its all just marketing hype…

Or not.

In my estimation, the cloud is overhyped in the short run, but underestimated in the long run.  Every enterprise is now exploring some aspect of a cloud based service model – whether this represents you now or in the future, the notion of a flexible security solution remains important.  Incredible advances for data center infrastructure with the flexibility and speed enabled by the virtualized tools we are all now using – MUST be accompanied by equally capable security tools.

The original maxim still rings true: Security must be addressed at every layer.

Questions we must answer:

Read More »

Tags: , , , , , , , ,

Duct Tape and Chewing Gum Isn’t Enough: Cloud and Virtual Environments Require Specialized Security

October 26, 2011 at 12:12 pm PST

By now, just about everybody who works in any area of IT knows that moving multiple workloads into one physical server optimizes server usage, minimizes procurement and operational costs, and increases overall efficiency of the network. As a result, virtualization technology remains one of the hottest topics in IT today, due to its overwhelming benefits to organizations of all sizes. Read More »

Tags: , , , , , ,

UNS Fundamentals from TechWise TV

October 4, 2011 at 5:38 pm PST

Unified Network Services (UNS) is one of the three architectural pillars of Cisco’s Data Center Fabric, along with Unified Fabric and Unified Computing Services (UCS). UNS represents our portfolio of Layer 4-7 application services, including security, WAN optimization, application controllers, network monitoring and orchestration.  This TechWise TV episode is a great overview to the vision behind UNS and the benefits of pulling this all together, especially for virualized and cloud environments.

Tags: , , , , ,