Cisco Blogs


Cisco Blog > Security

A Bundle is Born

Today, we released the first Cisco IOS Software Security Advisory Bundled Publication of 2014. Six years ago, Cisco committed to disclosing IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year) in direct response to your feedback. We know this timeline allows your organization to plan ahead and ensure resources are available to analyze, test, and remediate vulnerabilities in your environments.

Today’s edition of the Cisco IOS Software Security Advisory Bundled Publication includes six advisories that affect the following technologies:

  • Session Initiation Protocol
  • Network Address Translation
  • Internet Key Exchange Version 2
  • IPv6
  • SSL VPN
  • Cisco 7600 RSP720 with 10GE Uplinks

Read More »

Tags: , , , ,

It’s Back – It’s Cisco IOS Software Security Advisory Bundle Time Again

Today, we released the final Cisco IOS Software Security Advisory Bundled Publication of 2013. We committed to these predictable disclosures back in 2008 because your feedback was clear—they allow you to plan ahead and ensure resources are available to analyze, test, and remediate vulnerabilities in your environments. (For more information on the history of this evolution, take a look at my colleague John Stuppi’s post this past March.) If you haven’t had the opportunity to review my earlier posts on preparing for bundled disclosures or leveraging the Cisco IOS Software Checker tool, I’d encourage you to do so now. Hopefully, the guidance will help lessen the impact of evaluating the recently published Cisco Security Advisories. Read More »

Tags: , , , ,

Offline Analysis of IOS Image Integrity

Forensic analysis of IOS images can be a tricky science, due in part to the diversity in IOS image versions and branches. Between IOS 11 and IOS 12.4, over five thousand different images were built, a quarter of which belong to the 12.2 train. Some IOS trains are in more widespread use than others, just as some hardware platforms are more popular than others, but even when narrowing down by feature-set or hardware, there is a large diversity of images. There are however, some steps that can be taken, both while the IOS device is running, as well as offline, that can help determine the integrity of an IOS image.

Read More »

Tags: , ,

Cisco EnergyWise Combining with JouleX Technology Simplifies Energy Management Deployments

Increasing energy demands as well as rising energy costs have driven organizations to investigate ways to reduce energy consumption.  To be effective in energy management, the solution must be simple and easy to deploy. Cisco EnergyWise combining with JouleX technology offers such a solution.

A little bit of background about Cisco EnergyWise. Introduced in January of 2009, Cisco EnergyWise uses the network to collect power information of IP-network-connected devices. Through the intelligence unique to the network and the reach of Cisco networks, Cisco has helped many customers to monitor, report and reduce energy consumption, and ultimately cut energy and operational costs.  Most importantly, EnergyWise is free to Cisco Catalyst switching and access routing customers, as it is integrated into the Cisco IOS software.

Realizing that customers may have their own preferences in management applications, Cisco provides the options of its own Cisco LMS, as well as collaborating with leading energy management app vendors such as JouleX in providing choices of management platforms. 

Read More »

Tags: , , , ,