Cisco Blogs


Cisco Blog > Security

New Cisco AnyConnect Network Visibility Module App for Splunk

Users on the network are an important layer of an organization’s security strategy – and a particularly vulnerable one. In fact, a recent IBM cybersecurity report found that human error was a contributing factor in 95% of all security incidents! It is critical to know what users are doing on the network, especially since some potential high-risk behaviors like data disclosure and shadow IT may not trigger current security layers (e.g. malware protection).

Cisco AnyConnect Network Visibility Module (NVM) empowers organizations to see endpoint and user behavior on their network. Cisco AnyConnect NVM collects flows from endpoints (e.g., laptops) both on and off-premise along with additional context like users, applications, devices, locations and destinations.  Now, IT administrators can use Splunk Enterprise to analyze and correlate this rich data with the new  Cisco AnyConnect Network Visibility (NVM) App for Splunk, which  provides collection and reporting of flows generated by the Cisco AnyConnect NVM endpoint sensor technology.

Read More »

Tags: , , , , ,

#CiscoChampion Radio, S2|Ep. 43. SAFE Simplifies Security

#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking about SAFE Simplifies Security with Cisco Security Solution Architect, Christian Janoff.

Get the PodcastCiscoChampionBadge
Listen to this episode
Download this episode (right-click on the episode’s download button)
View this episode in iTunes

Cisco SME
Christian Janoff, Security Solution Architect

Cisco Champion Guest Hosts
Jake Gillen (@jakegillen & @ITSEC_jakeg), Senior Security
Brad Haynes (@GK_bradhaynes), Client Solutions Specialist
Ed Walsh (@vEddieW), CTO Evangelist

Moderator
Brian Remmel (@bremmel) Read More »

Tags: , , , , ,

An introduction to the new Cisco Network Visibility Flow Protocol (nvzFlow)

As recently announced, Cisco AnyConnect 4.2 extends visibility to the endpoint with the Network Visibility Module (NVM).  Users are one of the most vulnerable parts of any security strategy, with 78% of organizations saying in a recent survey that a malicious or negligent employee had been the cause of a breach.  However, until now, IT Administrators had been blind to user behavior on their devices.  NVM allows you to monitor and analyze this rich data to help you defend against potential security threats like data exfiltration and shadow IT, as well as address network operations challenges like application capacity planning and troubleshooting.

AnyConnect NVM supports the Cisco Network Visibility Flow protocol or nvzFlow for short
(pronounced: en-vizzy-flow).  The protocol is designed to provide greater network visibility of endpoints in a lightweight manner by extending standard IPFIX with a small set of high-value endpoint context data.  Leading IPFIX vendors have begun implementing the new protocol to provide customers with an unprecedented level of visibility.

Read More »

Tags: , , , , , , , , , , , ,

Expanding Security Everywhere and Creating New Opportunities for Partners

As you remember, we launched Security Everywhere last June during Cisco Live, San Diego.  Since that time we have received tremendous response from our mutual customers and you, our partners.

To further decrease the risk of security threats, on November 3rd, we announced additional investments and enhancements to our Security Everywhere portfolio and strategy.

We have expanded our security solutions to reach further into the cloud, network and endpoints. In addition, we launched a new threat awareness service for businesses of all sizes. The new solutions provide value to our mutual customers as well as, provide you with additional revenue opportunities that will increase your profitability.

Here are a few of the solutions I’d like to highlight.

Cisco Cloud Access Security (CAS) provides visibility and data security for cloud-based applications. The exciting news for you is that with CAS you can assist your customers address the sprawl of Shadow IT.  It is reported that 90 percent of organizations are not “fully aware” of devices accessing their network.  There are 5-10 times MORE cloud services being used in enterprises than are known by IT.

New additions to CAS offering allow organizations to address this complexity as well as increase visibility and control over data in cloud applications. Four new applications – Audit, Detect, Protect and Investigate – are designed to assess and act on non-sanctioned cloud applications, aimed at preventing cloud data loss.

Partnering with Elastica, CAS delivers increased visibility into “hidden” applications, those that employees might bring onto the network; detection of malicious behavior; and the ability to set security policies that tailor application usage and user behavior to align with corporate policies. To protect cloud-based applications, such as Dropbox and Salesforce.com, CAS prevents the uploading of sensitive information and inappropriate sharing of data in the applications, to limit data exposure breaches.

New Identity Services Engine (ISE) enhancements extend visibility and control for network and endpoints with new hyper-location access controls. Cisco ISE 2.0 extends security further into the network with new capabilities that help you see and control what’s on your network like never before and accelerate threat mitigation. Now you can deploy ISE services such as Profiling, Posture, Guest, and BYOD with 802.1x Network Access Devices (NADs) manufactured by Cisco Ecosystem partners.

You also have a simplified AAA device management and administration capabilities with the new work center for TACACS+ protocol support. Lastly, ISE 2.0 enhances the user experience for ISE administrators by leveraging workflow-focused work centers for centralized management and administration.

Read More »

Tags: , , , , , , ,

Happy National Cyber Security Awareness Month!

Did you know that October is National Cyber Security Awareness Month? Here at Cisco, we understand how important cybersecurity is in today’s interconnected world. Because the Internet touches an increasingly large part of our lives, it’s necessary to engage and educate the public about how to stay protected. While we highlight the importance of cybersecurity in October, at Cisco we have initiatives and programs in place to make sure the education continues throughout the rest of the year as well.

We start from the inside out, making sure that our own employees are fully educated and trained in the latest in cybersecurity. Our Cisco Security Ninja Program, which challenges participants to reach for higher degrees of competency and proficiency in product security, has been a huge success. Employees can earn four distinct belts– white, green, blue, brown and black – that represent their advancing cybersecurity knowledge. Additionally, we offer a program in conjunction with San Jose State University that enables Cisco employees to earn their Master’s degree in Software Engineering with an emphasis in Cybersecurity. Plus, every year we have an internal conference on security – SecCon – that brings together hundreds of engineers from Cisco offices around the globe to share their knowledge and increase the overall security posture of Cisco products. All of these programs help ensure that our own employees are experts at the latest in cyber protection.

Beyond ensuring that our own employees are well-educated, we’re committed to spreading awareness about cybersecurity to the general public as well. One of the programs we’re most proud of is our Cisco Network Academy. Cisco Networking Academy helps one million people each year develop technical skills and prepare for ICT careers. The curriculum – which includes courses on cybersecurity – is offered by more than 9,000 institutions in more than 170 countries. After all, in a world that is increasingly connected, cybersecurity is a global issue, not just a local one. Read More »

Tags: , , ,