News agencies like ABC News, CNN, and others have run stories on the FBI sting operation against more than 100 hackers who were involved in using and/or distributing the Blackshades RAT (articles in the hyperlinks for reference). For a mere US$40, a novice computer user can become a hacker and gain access to anyone’s computer, including gaining control over their video camera. If this novice hacker in the making needs help operating the RAT, many video instructions can be found on YouTube. This would be a form of free technical support. With over an estimated 500,000 computers infected, that leaves behind a serious footprint of compromised devices. As Marty Roesch, Cisco VP, Security Architect would say, “If you knew you were going to be compromised, would you do security differently?”
With over a half a million computers compromised from a single remote access toolkit, it is reasonable to think that a high percentage of those compromised computers would unknowingly be brought back to work and connected to the corporate network. Although inexpensive, the Blackshades RAT has an extensive set of capabilities such as keystroke logger, web cam control, full file access, etc. More than enough for the cyber attacker to assume the full identity of the owner of the compromised computer to allow them easy access to the business critical servers inside the data center as depicted in the diagram.
Read More »
Tags: #CLUS14, Blackshades, cisco live, cybersecurity, data center, malware, RAT
Security has emerged as a leading pain point for CIOs, executives, and even in the boardroom due to changing business models and growing attack surfaces, a threat landscape that is more dynamic by the day and the increasing complexity of IT environments.
With these challenges as a backdrop, attendees of our 25th annual Cisco Live! event last week in San Francisco absorbed over 170 hours of security-focused material, including hands-on labs, seminars, technical breakouts, panel discussions, and keynotes. This overwhelming amount of time and effort is a testament to Cisco’s commitment to protecting our customers against the latest threats across the full attack continuum—before, during, and after an attack.
In case you could not attend or make a session, particular highlights from the week included Chris Young and Bryan Palma’s keynote (must create Cisco Live account to view) examining the security challenges brought about by the Internet of Everything. Chief architect Martin Roesch also led a session exploring threat-centric security, examining the modern threat landscape, and how threat-centric security increases the effectiveness of threat prevention.
From a product perspective, momentum continued as we announced major updates and new products during Cisco Live! to help our customers address their security needs across the attack continuum with protection from the network to the data center to the endpoint to the cloud.
Tags: #CLUS14, Advanced Malware Protection, AMP, ASA, cisco live, cloud, cybersecurity, data center, ThreatGRID
EMC World was wonderful. It was gratifying to meet industry professionals, listen in on great presentations and watch the demos for key business enabling technologies that Cisco, EMC and others have brought to fruition. Its fascinating to see the transition of DC from cost center to a strategic business driver . The same repeated all over again at Cisco Live. More than 25000 attendees, hundreds of demos and sessions. Lot of interesting customer meetings and MDS continues to resonate. We are excited about the MDS hardware that was on the display on show floor and interesting Multiprotocol demo and a lot of interesting SAN sessions.
Outside these we recently did a webinar on how Cisco MDS 9710 is enabling High Performance DC design with customer case studies. You can listen to that here.
So let’s continue our discussion. There is no doubt when it comes to High Performance SAN switches there is no comparable to Cisco MDS 9710. Another component that is paramount to a good data center design is high availability. Massive virtualization, DC consolidation and ability to deploy more and more applications on powerful multi core CPUs has increased the risk profile within DC. These DC trends requires renewed focus on availability. MDS 9710 is leading the innovation there again. Hardware design and architecture has to guarantee high availability. At the same time, it’s not just about hardware but it’s a holistic approach with hardware, software, management and right architecture. Let me give you some just few examples of the first three pillars for high reliability and availability.
MDS 9710 is the only director in the industry that provides Hardware Redundancy on all critical components of the switch, including fabric cards. Cisco Director Switches provide not only CRC checks but ability to drop corrupted frames. Without that ability network infrastructure exposes the end devices to the corrupted frames. Having ability to drop the CRC frames and quickly isolate the failing links outside as well as inside of the director provides Data Integrity and fault resiliency. VSAN allows fault isolation, Port Channel provides smaller failure domains, DCNM provides rich feature set for higher availability and redundancy. All of these are but a subset of examples which provides high resiliency and reliability.
We are proud of the 9500 family and strong foundation for reliability and availability that we stand on. We have taken that to a completely new level with 9710. For any design within Data center high availability has to go hand in hand with consistent performance. One without the other doesn’t make sense. Right design and architecture with DC as is important as components that power the connectivity. As an example Cisco recommend customers to distribute the ISL ports of an Port Channel across multiple line cards and multiple ASICs. This spreads the failure domain such that any ASIC or even line card failures will not impact the port channel connectivity between switches and no need to reinitiate all the hosts logins. You can see white paper on Next generation Cisco MDS here. At part of writing this white paper ESG tested the Fabric Card redundancy (Page 9) in addition to other features of the platform. Remember that a chain is only as strong as its weakest link.
The most important aspect for all of this is for customer is to be educated.
Ask the right questions. Have in depth discussions to achieve higher availability and consistent performance. Most importantly selecting the right equipment, right architecture and best practices means no surprises.
We will continue our discussion for the Flexibility aspect of MDS 9710.
-We are what we repeatedly do. Excellence, then, is not an act, but a habit (Aristotle)
Tags: 16 Gigabit, 16Gb, 16Gb Fibre Channel, 9710, architecture, availability, best practices, Cisco, cloud, Cloud Computing, Consolidation, convergence, data center, Data Mobility Manager, DCNM, design, Director, dmm, FCIP, FCoE, Fibre Channel, Fibre Channel over Ethernet, IO accelerator, it-as-a-service, MDS, MDS design, nexus, NX-OS, reliability, SAN, Storage, storage area networks, switch, switching, Unified Data Center, Unified Fabric, virtualization
What a difference a networking cable can make in a data center’s infrastructure requirements and costs…especially when that cable uses Fiber Channel over Ethernet (FCoE) technology. An industry-standard, FCoE carries Fibre Channel over Ethernet links, which reduces the number of I/O adapters, cables, and switches in the data center.
Read More »
Tags: blog, cabling, Cisco IT, cisco on cisco, cloud, coc-data-center, data center, FCoE, infrastructure, IT, it content, virtualization
Organizations are quickly discovering that a “one size fits all” approach to security across the network falls short of addressing the unique trends in the Data Center. So what’s really that unique about the Data Center (DC)? This is a multi-part blog to highlight various trends related to securing the DC, with Part One focusing on traffic trends.
Tags: #CLUS14, cisco live, data center, security, threats, trends