Christian Janoff, Security Solution Architect
As recently announced, Cisco AnyConnect 4.2 extends visibility to the endpoint with the Network Visibility Module (NVM). Users are one of the most vulnerable parts of any security strategy, with 78% of organizations saying in a recent survey that a malicious or negligent employee had been the cause of a breach. However, until now, IT Administrators had been blind to user behavior on their devices. NVM allows you to monitor and analyze this rich data to help you defend against potential security threats like data exfiltration and shadow IT, as well as address network operations challenges like application capacity planning and troubleshooting.
AnyConnect NVM supports the Cisco Network Visibility Flow protocol or nvzFlow for short
(pronounced: en-vizzy-flow). The protocol is designed to provide greater network visibility of endpoints in a lightweight manner by extending standard IPFIX with a small set of high-value endpoint context data. Leading IPFIX vendors have begun implementing the new protocol to provide customers with an unprecedented level of visibility.
Tags: Advanced Machine Learning Algorithms, Big Data, Cisco AnyConnect Secure Mobility Client, Cisco Network Visibility Flow Protocol, Cisco Security, cisco technology, ipfix, machine learning, netflow, nvzFlow, security, security research, Standarization
As you remember, we launched Security Everywhere last June during Cisco Live, San Diego. Since that time we have received tremendous response from our mutual customers and you, our partners.
To further decrease the risk of security threats, on November 3rd, we announced additional investments and enhancements to our Security Everywhere portfolio and strategy.
We have expanded our security solutions to reach further into the cloud, network and endpoints. In addition, we launched a new threat awareness service for businesses of all sizes. The new solutions provide value to our mutual customers as well as, provide you with additional revenue opportunities that will increase your profitability.
Here are a few of the solutions I’d like to highlight.
Cisco Cloud Access Security (CAS) provides visibility and data security for cloud-based applications. The exciting news for you is that with CAS you can assist your customers address the sprawl of Shadow IT. It is reported that 90 percent of organizations are not “fully aware” of devices accessing their network. There are 5-10 times MORE cloud services being used in enterprises than are known by IT.
New additions to CAS offering allow organizations to address this complexity as well as increase visibility and control over data in cloud applications. Four new applications – Audit, Detect, Protect and Investigate – are designed to assess and act on non-sanctioned cloud applications, aimed at preventing cloud data loss.
Partnering with Elastica, CAS delivers increased visibility into “hidden” applications, those that employees might bring onto the network; detection of malicious behavior; and the ability to set security policies that tailor application usage and user behavior to align with corporate policies. To protect cloud-based applications, such as Dropbox and Salesforce.com, CAS prevents the uploading of sensitive information and inappropriate sharing of data in the applications, to limit data exposure breaches.
New Identity Services Engine (ISE) enhancements extend visibility and control for network and endpoints with new hyper-location access controls. Cisco ISE 2.0 extends security further into the network with new capabilities that help you see and control what’s on your network like never before and accelerate threat mitigation. Now you can deploy ISE services such as Profiling, Posture, Guest, and BYOD with 802.1x Network Access Devices (NADs) manufactured by Cisco Ecosystem partners.
You also have a simplified AAA device management and administration capabilities with the new work center for TACACS+ protocol support. Lastly, ISE 2.0 enhances the user experience for ISE administrators by leveraging workflow-focused work centers for centralized management and administration.
Did you know that October is National Cyber Security Awareness Month? Here at Cisco, we understand how important cybersecurity is in today’s interconnected world. Because the Internet touches an increasingly large part of our lives, it’s necessary to engage and educate the public about how to stay protected. While we highlight the importance of cybersecurity in October, at Cisco we have initiatives and programs in place to make sure the education continues throughout the rest of the year as well.
We start from the inside out, making sure that our own employees are fully educated and trained in the latest in cybersecurity. Our Cisco Security Ninja Program, which challenges participants to reach for higher degrees of competency and proficiency in product security, has been a huge success. Employees can earn four distinct belts– white, green, blue, brown and black – that represent their advancing cybersecurity knowledge. Additionally, we offer a program in conjunction with San Jose State University that enables Cisco employees to earn their Master’s degree in Software Engineering with an emphasis in Cybersecurity. Plus, every year we have an internal conference on security – SecCon – that brings together hundreds of engineers from Cisco offices around the globe to share their knowledge and increase the overall security posture of Cisco products. All of these programs help ensure that our own employees are experts at the latest in cyber protection.
Beyond ensuring that our own employees are well-educated, we’re committed to spreading awareness about cybersecurity to the general public as well. One of the programs we’re most proud of is our Cisco Network Academy. Cisco Networking Academy helps one million people each year develop technical skills and prepare for ICT careers. The curriculum – which includes courses on cybersecurity – is offered by more than 9,000 institutions in more than 170 countries. After all, in a world that is increasingly connected, cybersecurity is a global issue, not just a local one. Read More »
If you had a million airline miles, where would you travel?
Kyle Lovett, a security penetration tester with the Advanced Services Security Team is asking himself that very question right now. That’s because his United Airlines mile bank is overflowing, thanks to a security bug he found through a bug bounty United Airlines was offering.
Bug bounties are nothing new, they’ve been around for a while, usually offered by big tech companies. It’s an opportunity for white-hat “hackers” (those using their powers only for good) to find security vulnerabilities for rewards. United is the first airline to offer a bug bounty.
Kyle lives and breathes security. He says he’s been “breaking things” since he was a kid. It’s a part of his day-job, but also something he enjoys in his free time. Normally, he doesn’t participate in bug-bounties, but in the case of United, he was intrigued.
“Sometimes, a company will recognize the work with a good reward,” Kyle says. “What caught my eye [with the United bug bounty] is that they were giving away miles. But they were significant miles. So I sat down one Saturday morning and got to work.”
Kyle got to work for sure. In a few hours, he’d made several different submissions. One of those submissions was significant enough to get United’s almost immediate attention. He’s under agreement not to say what the bug was, but it was big enough to earn the largest prize in the bug bounty – he’s now in the million mile club.
“United reached out to me with questions and clarifications,” he explains. “We went back and forth over the course of a week, and they had it fixed in a few days. Then they said ‘Congratulations! Here are a million miles.’ They were genuinely concerned about the bug and very professional.”
He opened his United app, and saw the seven-figure number. A million miles means approximately 40 domestic round-trip flights, 20 round-trip flights to Europe, or eight first-class trips. Here’s the kicker. He still has additional submissions that might earn him MORE miles.
How will Kyle put them to use? He’s already bringing his mom and brother out from Virginia to visit him in California. His job gives him a lot travel opportunities as well, so he’s a little stumped right now.
“I’ve always wanted to go to East Asia or the Southern Pacific. Not for the scenery (although that’s nice). I’m more intrigued to see the culture,” he says. “But I would like to give at least one ticket away for someone who might really need it, maybe for medical treatment or they can’t afford to get home.”
How’d Cisco get so lucky to have such a great security tester on the team?
“The Internet of Everything is near and dear to my heart, especially the security around it,” Kyle says. “There is such a large wealth of people to reach out to in all different areas. And the culture and atmosphere here is genuine. I’ve not met one person who works here that doesn’t enjoy what they do!”
Want to join Kyle and the Cisco Security team? See open security jobs here.