Cisco Blogs


Cisco Blog > Security

Distributed Denial of Service Attacks on Financial Institutions: A Cisco Security Intelligence Operations Perspective

The past few weeks have had many on heightened alert from the initial threats to the ongoing attacks surrounding U.S.-based financial institutions; to say folks have been busy would be quite the understatement.

These events spawned a collaborative effort throughout the Cisco Security Intelligence Operations (Cisco SIO) organization, as depicted in the diagram below.

 

* Note: As Cisco products have not been found to be vulnerable to these attacks the Cisco PSIRT (Product Security Incident Response Team) provides feedback and peer-review, hence the reason that no Cisco Security Advisory (SA) is present for this activity.

Read More »

Tags: , , , , , , , , ,

DHCPv6 in the Cloud – DHCP Performance Testing and Results

As service providers move to cloud-based services, their IP addressing management system must operate efficiently in the virtualized environment of the cloud.  And within the cloud environment, these systems for DHCP, DNS and IP address management must also be fast. For example, many organizations have expressed a concern that poor DHCP performance could be the weak link when thousands of customers come back online after a failure event.  If DHCP address requests are handled in a slow or scattered manner, servers will not be able to service all requests in a timely fashion.

Another requirement for IP address management systems is support for IPv6, as the depletion of IPv4 addresses has led to many organizations finding themselves facing a rather accelerated and mandatory migration to IPv6 (read: yesterday’s World IPv6 Launch). While one of IPv6’s promises was the elimination of the need for DHCP, the reality is that centralized network management has made DHCPv6 a necessity.  DHCP allows network devices to Read More »

Tags: , , , , , , , , , , , , , , , , , ,

Networking 101: DNS Revealed

June 1, 2012 at 5:49 am PST

Two great new ‘Networking 101’ videos now available.  This series is great for anyone needing a quick refresh or touch up on the basics and these two both focus on DNS.

DNS is key to making the Internet accessible to us humans. It’s how we can connect to techwisetv.com without needing to know anything complex from anywhere in the world. How does it know how to do this? DNS can be a complicated topic but understanding the basics does not have to be.

Taking it a step further, DNSSEC is a suite of IETF specifications designed to guarantee the authenticity of data obtained from the domain name system (DNS). Although not designed for confidentiality of the data, this protocol is a great answer for many of the ills that threaten the simplicity of the Internet. Chief Geek Jimmy Ray Purser arms you with how it works and why deployment is not growing as fast as it should be.

Read More »

Tags: , , , ,

Launching a New Internet Protocol

In January 2011, Internet companies around the globe announced they would come together to perform the largest test of IPv6 deployment the world had ever seen. Cisco was among the first to proudly announce its official participation in World IPv6 Day, and after several months of preparation and an intense 24 hours in June, it was clear that we had witnessed a watershed moment in the move towards global deployment of IPv6.

So what next after this? As reports came in and logs were analyzed over the days and weeks after, it became increasingly clear that we didn’t need just another global test. Instead, we needed to enable IPv6 once and for all. So, on June 6, 2012, the industry will again unite but not just for single day. This time, we turn it on and leave it on. We’re calling this World IPv6 Launch, and it is now the largest commitment to full-scale production IPv6 deployment the world has ever seen.

For websites, the commitment is similar to last year in that reachability via IPv6 will be advertised within the global Domain Name System (DNS). This time, however, the DNS entry will remain indefinitely rather than disappear after a single day. In addition to websites, the Internet Society has setup requirements for participation by residential Internet Service Providers (ISPs) and makers of home networking equipment. The rationale for expanding to these two specific areas is that while IPv6 has been available in some models of consumer-grade networking equipment and from some ISPs for a number of years, it was very rarely enabled by default and as such very rarely in use despite the majority of internet devices being capable of IPv6.

In order to tackle these remaining barriers to deployment, new Internet subscriptions and consumer-grade home routers will begin to appear with IPv6 enabled by default as the normal course of doing business. Specifically, participating home networking equipment makers are committing to include IPv6 enabled by default through a wide range of their products (both “low end” and “high end” home routers) by June 6. For ISPs, websites will be measuring what percentage of users have IPv6 enabled, with a target of no less than 1% before the World IPv6 Launch deadline. The 1% is a “running start”, such that after June 6 we’ll be on a path of sustained growth in IPv6 deployment going forward.

Cisco is again pleased to announce its full participation and support, both by enabling IPv6 on www.cisco.com indefinitely and by enabling IPv6 by default in our new line of E-series home routers. In addition, we will be working with our customers, Cisco Services and development teams to ensure that as many companies as possible can participate and those that do are successful.

June 6, 2012. This is the year we Launch a new Internet Protocol.

Tags: , , , , , , ,

IBBS Successfully Deploys Cisco Network Registrar, Providing Cloud-based DHCP and DNS Services to over 250 Cable Operators

Integrated Broadband Services (IBBS) is one of the largest cable operators in North and South America? Company name doesn’t ring a bell? You are not alone. According to company executives, “IBBS is the biggest cable company you’ve never heard of.” Here’s why – they’re behind the scenes, working with small and medium-sized local cable operators. IBBS offers hosted or cloud-based services to over 250 cable operators to help them provide data services and voice services to their subscribers – connecting more than one million cable modems across North and South America.

In the late 1990s, small and medium-sized cable television companies across North and South America recognized that to stay competitive with larger players and upstart “triple-threat” providers, they needed to offer high-speed data services to their customers. They faced a significant challenge, however, when it came to provisioning all the new IP-based devices and services they needed to deploy. Writing their own software was a daunting task, but purchasing new solutions was beyond the constrained budgets that most of these companies faced. Read More »

Tags: , , , , , , , , ,