Cisco Blogs

Cisco Blog > Security

AnyConnect 3.0 for Android Product Announcement

Following up on my last note about BYOD at Cisco, I wanted to update you on the latest numbers here at Cisco. As Sheila Jordan had pointed out here, we have surpassed the 20% tablet penetration among our workforce and mobile devices continue to grow at a rate of 1,000 each month. I highly recommend you doing a quick read on her six steps of approaching device deluge. Meanwhile, the latest IDC report (Aug 8, 2012) reaffirms the 2-horse race in the smartphone world. Android and iOS powered 85% of all smartphones shipped in the second quarter of 2012 (2Q2012).

Maintaining our market leadership in supporting the broadest set of Operating Systems (desktop and mobile) and Web Browsers, Cisco Security is excited to announce the availability of AnyConnect 3.0 for Android (Download here). As in the past, we have worked with the market leading Android device makers along with supporting the Android VPN Framework (AVF) to ensure the latest AnyConnect functionality. These new features are now available on any Android device running on version 4.0 (Ice Cream Sandwich) or higher (including Jelly Bean).


  • Intel Android (IA): The Android VPN Framework (AVF) image is now compatible with x86 Intel Android devices.
  • IPsec IKEv2: AnyConnect users can connect via IPsec IKEv2 connections to their corporate Cisco ASA in addition to SSL (TLS or DTLS). (Requires ASA 9.0+)
  • Suite B Cryptography: AnyConnect users who need NSA’s recommended Suite B Cryptography will be now able to do so from their mobile devices. (Requires ASA 9.0 and AnyConnect Premium Licenses.)
  • Untrusted Certificate Warnings: Reduces Man-in-the-Middle attack risk by rejecting untrusted certificates by default and requiring end-users to acknowledge risks before connecting to a gateway with an untrusted certificate.
  • SCEP Proxy: AnyConnect users can enroll their mobile device with an internal Certificate Authority (CA) Server, using SCEP without opening up the CA Server directly to external threats. (To embed the identity of the mobile endpoint in the certificate request, Mobile Host Scan must be utilized, which is an AnyConnect Premium License feature).
  • FIPS 140-2 Compliant: AnyConnect users now have access to the latest FIPS 140-2 cryptographic compliant module to meet industry compliance/mandates.

Read More »

Tags: , , , , ,

Mobility vs Security – Can You Really Have Both?

From peeking at Brittany Spears medical records to the theft of almost five million medical records from a tape back-up, no healthcare issue garners more adverse publicity, or passion, than violations of patient privacy. While you might expect that since the institution of HIPAA and quarter million dollar fines that this is relatively uncommon now, you would be wrong.  A stunning incidence of nearly 18 million breaches of privacy has occurred over the past two years according to a recent report from ANSI, the American National Standards Institute.  That is equivalent to the population of the states of Florida or New York.

As the world moves towards adoption of Electronic Health Records and Health Information Exchanges, concern for the vulnerability of private health information is escalating as the scale of these data breaches reach epic proportions.  A West Coast health care system experienced the theft of electronic health information for 4 million of its patients.  And another major academic medical center inadvertently disclosed the electronic health records of 20,000 of its patients.  The risks are real and global.  And they leave an organization – any organization – subject to severe legal and financial damage, not to mention the damage to their reputation. None of these organizations were cavalier about their security compliance.  But let’s face it, the workforce is larger and more mobile. The data is more prolific and ubiquitous and takes  on many different forms.   And the thieves are getting more sophisticated.

But so are the solutions. In the past, it was necessary to balance mobility with security-the more mobile, the less secure.  Not anymore.  Cisco’s AnyConnect combines industry-leading Cisco cloud and premises-based web security and next generation remote access technology to deliver the most robust and secure enterprise mobility solution on the market today.


Read More »

Tags: , , , , , , , ,

International Borderless Young Thing

I’m going to date myself here, but when the Berlin Wall came down I was lucky enough to go over to Berlin and trade smokes through holes with the East German guards on the other side. I have a piece of the wall, a chunk of cement with paint on it, somewhere. CNN was disruptive new media, mobile phones cost $1400 and you could talk on them for $1/minute. The Internet was a curiosity for academic and government use; many mail servers were run as open relays and a good dialup modem would get you 14,000 bps. Networks were simpler too, for the most part you were either inside the building and on the network or you were not on the network. Work was both a place and a verb.

The British pop band Jesus Jones captured perfectly the zeitgeist of those days with the song “International Bright Young Thing” which I first heard in a friend’s apartment in Kyoto. The refrain “Right here, right now, there’s no other place I would rather be,” seemed so perfect, so right.

Read More »