Cisco Blogs


Cisco Blog > Security

New Cisco AnyConnect Network Visibility Module App for Splunk

Users on the network are an important layer of an organization’s security strategy – and a particularly vulnerable one. In fact, a recent IBM cybersecurity report found that human error was a contributing factor in 95% of all security incidents! It is critical to know what users are doing on the network, especially since some potential high-risk behaviors like data disclosure and shadow IT may not trigger current security layers (e.g. malware protection).

Cisco AnyConnect Network Visibility Module (NVM) empowers organizations to see endpoint and user behavior on their network. Cisco AnyConnect NVM collects flows from endpoints (e.g., laptops) both on and off-premise along with additional context like users, applications, devices, locations and destinations.  Now, IT administrators can use Splunk Enterprise to analyze and correlate this rich data with the new  Cisco AnyConnect Network Visibility (NVM) App for Splunk, which  provides collection and reporting of flows generated by the Cisco AnyConnect NVM endpoint sensor technology.

Read More »

Tags: , , , , ,

An introduction to the new Cisco Network Visibility Flow Protocol (nvzFlow)

As recently announced, Cisco AnyConnect 4.2 extends visibility to the endpoint with the Network Visibility Module (NVM).  Users are one of the most vulnerable parts of any security strategy, with 78% of organizations saying in a recent survey that a malicious or negligent employee had been the cause of a breach.  However, until now, IT Administrators had been blind to user behavior on their devices.  NVM allows you to monitor and analyze this rich data to help you defend against potential security threats like data exfiltration and shadow IT, as well as address network operations challenges like application capacity planning and troubleshooting.

AnyConnect NVM supports the Cisco Network Visibility Flow protocol or nvzFlow for short
(pronounced: en-vizzy-flow).  The protocol is designed to provide greater network visibility of endpoints in a lightweight manner by extending standard IPFIX with a small set of high-value endpoint context data.  Leading IPFIX vendors have begun implementing the new protocol to provide customers with an unprecedented level of visibility.

Read More »

Tags: , , , , , , , , , , , ,

Deliver Stronger Secure Mobility with Cisco and Samsung

The growing use of mobility is a new threat vector in the extended network. It’s particularly complex to secure and manage when tablets and smartphones are used for both personal and business needs. The Ponemon 2014 Security Impact of Mobile Device Use by Employees study notes that 66 percent of users download mobile apps without their company’s permission. This downloading behavior increases the attack surface by introducing unapproved or personal mobile applications.

As highlighted in the Cisco Annual Security Report for 2015, mobile applications are a new threat vector that could include malware. The potential for this user-appropriated malware to access corporate resources introduces a lot of new risks that need to be addressed by IT security personnel. At Cisco, we’ve just completed a new integration with Samsung to enable workers to be productive while locking down this expanded attack surface.

Read More »

Tags: , , , , ,

Cisco Identity Services Engine (ISE) 1.3 and Cisco AnyConnect 4.0 Are Now Available!

Cisco customers, partners, and field have been eagerly awaiting the release of the latest version of the Identity Services Engine and the AnyConnect Secure Mobility Client. Well, the wait is now over! After another highly successful limited availability program, Cisco ISE 1.3 and Cisco AnyConnect 4.0 are now available for full orderability as of Friday, November 7, 2014.

With a focus on simplifying user experiences, the latest release of Cisco ISE accelerates enterprises’ capabilities to deploy secure network access easily in just hours. For administrators deploying Guest Access or Enterprise Mobility (a.k.a. “BYOD”) or for end-users onboarding their devices, these processes are now more streamlined than ever before. Expanding secure access across the entire network is also easy with Cisoc ISE by utilizing Cisco TrustSec to enable Software-Defined Segmentation (SDS) that creates contextual segmenation policies aligned with business usage. Flexible, tiered licensing allows customers to right-size their deployments for the features they need and want. Overall, secure access policy and control is centralized and simplified in order to securely and consistently deliver vital business services, enhance infrastructure security, enforce compliance, and streamline service operations. Read More »

Tags: , , , ,

Cisco Identity Services Engine (ISE) Further Expands Technology Partner Ecosystem

It’s the 25th anniversary of the film Field of Dreams, the movie about an Iowa farmer who hears a whisper that says, “If you build it, he will come.” Given the need for control with context for secure access initiatives, we did build it–and they have come.

After its introduction last year, momentum has continued for the Cisco Identity Services Engine (ISE) partner ecosystem, enabled by Cisco pxGrid, our robust context-sharing platform.

The Cisco ISE partner ecosystem began with an idea to create a group of best-in-class IT infrastructure partners who use the deeper level of contextual data collected by ISE, our security policy management platform for access control and security compliance, enabling IT organizations to have a consistent method of making their IT platforms identity, device and network aware. This enables deeper, broader network and security insight, makes network and security events more actionable and allows for consistent, cross-platform user and device visibility and control. Read More »

Tags: , ,