Cisco Blogs


Cisco Blog > Security

Firewall Network Threat Defense, Countermeasures, and Controls @ Cisco Live 2012 – San Diego!

The advent of social networking, BYOD implementations, and web interactions has transcended the Internet traffic flows of yesterday. Adversely, the security risks and threat landscape have not only evolved, but become an ever increasing factor in protecting today’s information systems. This continued movement has led to the introduction of a new security topic for the upcoming Cisco Live 2012 conference. This topic and subsequent lab session, “Firewall Network Threat Defense, Countermeasures, and Controls” is part of the “Cyber Aikido” security suite of sessions being offered at Cisco Live 2012, and has been developed around threat defense solutions applicable to Cisco Firewalls. The course is largely based on the upcoming “Cisco Firewall Best Practices Guide“.

The “Firewall Network Threat Defense, Countermeasures, and Controls” instructor-led lab will provide administrators and engineers of Cisco Firewalls the knowledge and understanding to protect their networks against threats and attacks leveraging industry standard and Cisco Firewall Best Practices. This includes understanding control plane, management plane, and data plane architectures, and applying security features and constructs to secure the traffic traversing and interfacing with your devices or hosts.

Read More »

Tags: , , , , , , , , , ,

IPv6 Security Lab @ Cisco Live 2012 in San Diego

With the proliferation of IPv6, its adoption and deployment, there are new security concerns that apply only to IPv6. Some of these security concerns rely on protocol differences between IPv4 and IPv6 and others exploit the diversification that the two technologies offer. The result could allow malicious users the ability to deploy attacks or evade network threat defense, countermeasures, and controls.

Join us, this Monday (June 11, 2012) afternoon, at Cisco Live, San Diego 4-hour lab session LTRSEC-3033 -- Cyber Aikidō (合気道) Academy: IPv6 Network Threat Defense, Countermeasures, and Controls, to become more knowledgeable about basic inherent IPv6 security features and techniques on Cisco IOS Software and the Cisco ASA 5500 Series Adaptive Security Appliance (ASA). The students will acquire hands-on experience by configuring and testing these security features and techniques in simulated real world scenarios. The threats and protections that are presented apply to Local Area, Enterprise, and Service Provider networks. Students must correctly identify, classify, and deter or prevent the nefarious IPv6-specific behaviors by configuring network threat defense, countermeasures, and controls that will be implemented and deployed on infrastructure devices and validate their effectiveness.

At the conclusion of these labs, students will be more prepared to effectively implement and deploy basic inherent security features and techniques for identifying, classifying, deterring, and detecting attacks, threats, and nefarious behaviors specific to IPv6.

Tags: , , , ,

Cloud Myopia (Pitfall 3: I Can See the Data Center Clearly, but Users Look Blurry )

cloud infrastructure considerations vs. cloud data center considerationsSince my previous posts on cloud anomalies, Cisco did a worldwide survey of 1000+ IT professionals across 13 countries regarding their cloud deployments. The results reinforced challenges with performance and security and confirmed my inklings. However, one statistic was quite surprising. You would think data center is the lynchpin of cloud. However, when asked about the most critical infrastructure for cloud, 37% went for the network vs. 28% for virtualized data center. Well if cloud is all about data center consolidation, virtualization, and elasticity, then what’s the fuss about the network?  Read More »

Tags: , ,