ITD (Intelligent Traffic Director) is getting a lot of interest about transparent (Layer 2) mode device support.
Here is a 10 minute video that shows step by step ITD deployment for Transparent mode security devices, such as Firewalls, IPS, IDS, Web application Firewalls (WAF), ASA, Cisco Sourcefire, etc:
ITD is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 5k/6k/7k/9k series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed.
Solution Guide: ITD with Layer 2 Firewall / IPS / IDS
Here is more information about ITD: www.cisco.com/go/itd
Please send email to firstname.lastname@example.org if you have any questions.
Tags: #BestofInterop, #CiscoITD, #CiscoLive2015, #CLUS, ACI, ASA, best of interop, Best of Interop 2015, Best of Interop Finalist, Big Data, Cisco, Cisco Nexus, Cisco Nexus 5600, Cisco Nexus 7000, Cisco Nexus 9000, Cisco Nexus Switches, ciscolive, cloud, Cloud Computing, data center, innovation, interop, IPS, ITD, load balancer, nexus, Nexus 7000, NFV, SDN, security, server load balancer, Service Provider, Sourcefire, video
Earlier this Year, Cisco introduced the Cisco ASA 5506-X with FirePOWER Services. This Model should replace the successful and smallest Security Solution, the ASA 5505. Designed for the Small Business and a new era of threat and advanced malware protection Cisco ASA with FirePOWER Services delivers an integrated threat defense for the entire attack continuum. BEFORE, DURING and AFTER.
As Desktop version, the Cisco ASA 5506-X builds an easy entry for a:
- Superior Multilayered Protection
- Site-to-site and remote access VPN
- Granular Application Visibility and Control (AVC)
- Highly effective threat prevention and full contextual awareness
- Reputation- and category-based URL filtering
- AMP provides industry-leading breach detection effectiveness
- Unprecedented Network Visbility
- Reduced Costs and Complexity security Solution
Read More »
Tags: AMP, ASA, AVC, Cisco FirePOWER, cisco ips, cloud, FireSIGHT, lab, NGIPS, PBR, policy based control, Snort, Sourcefire
We are very excited to announce the availability of Cisco’s best-selling Cisco Adaptive Security Virtual Appliance (ASAv) for the Amazon Web Services (AWS) cloud platform.
Our customers can now use Cisco ASAv to protect their on-demand AWS workloads and achieve consistency across hybrid cloud environments. The Cisco Adaptive Security Virtual Appliance (ASAv) runs the same software as physical Cisco ASAs to deliver proven security functionality in a virtual form factor.
Cisco ASAv on the AWS Marketplace offers: Read More »
Tags: amazon, ASA, cloud, CLUS15
The routine goes something like this. First a breach of security occurs somewhere in the enterprise, it could be something as small as a single computer getting infected or it could be a massive data loss. It seems like that’s a wide range of events, but often the reaction in an enterprise is the same. The IT executives have a meeting to determine fault and then the analysts and engineers are given the task of making sure that that particular incident never happens again. The analysts and engineers then reply with budget requests for new software and hardware from their favorite vendors. Unfortunately the end result is generally that money is spent and security is only moderately improved, if at all.
In the midst of reacting, everyone forgets that technology doesn’t configure itself and that the weakest link are the people. Instead of ramming in the latest and greatest in technology, we should be leading our company to review, create (if necessary) and rewrite our security policies. Without a policy, security tools are like unguided missiles that we hope hit their target. Read More »
Tags: #ciscochampion, ASA, Cisco ASA with FirePOWER Services, Cisco Security
Cisco PSIRT is aware of public exploitation of the Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability identified by Cisco bug ID CSCup36829 (registered customers only) and CVE ID CVE-2014-3393. This vulnerability was disclosed on the 8th of October 2014 in the Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software.
All customers that have customizations applied to their Clientless SSL VPN portal and regardless of the Cisco ASA Software release in use should review the security advisory and this blog post for additional remediation actions.
NOTE: The Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software should be used as the Single Source of Truth (SSoT) for all details of this vulnerability and for any revisions of information going forward. Read More »
Tags: ASA, psirt, security, SSL VPN, vulnerability