Security is hot topic on everyone’s mind and for IT it is a constant challenge to stay ahead of the latest threats and vulnerabilities that their organizations face on a daily basis. Take a quick look at the news and it won’t take you long to find an article talking about the latest cyber attack that resulted in the leak of personal data. So what can organizations and more specifically IT teams do to protect themselves from threats and vulnerabilities. Personally I don’t think you can protect yourselves from all threats and vulnerabilities. Cyber threats will continue to exist and cyber criminals will continue to develop increasingly sophisticated attacks to evade even the most robust security barriers. Even if you were to isolate your network from the internet an intruder could overcome your physical security and launch an attack from within your organization.
So what can you do to protect yourself? I view security as a way to reduce your exposure to threats and you should at a minimum make sure you have the appropriate security measures in place to reduce your exposure to threats and vulnerabilities. While you may never be able to stay one step ahead of cyber attacks you should be in a position to detects threats and be able to mitigate them as fast as possible to reduce your exposure.
Read More »
Tags: Advanced Malware Protection, AMP, Cloud web security, CWS, DMVPN, firewall, IDS, IPS, ISR 4000, ISR4k, IWAN, routers, security
Cisco ASA with FirePOWER Services has redefined the next-generation firewall (NGFW) as an adaptive, threat-focused platform, delivering superior, multi-layered protection, unparalleled visibility, and reduced security costs and complexity.
This innovative new solution addresses three strategic imperatives—being visibility-driven, threat focused, and platform-based. In this post, we will examine the necessity of a foundation of full contextual awareness and visibility—to see everything in an environment, detect multi-vector threats and eliminate the visibility gaps in traditional defenses comprised of disparate point technologies that sophisticated attackers exploit.
In an aptly titled recent post from Joseph O’Laughlin, “You Cannot Protect What You Can’t See,” he discusses why visibility (and subsequent control) into only applications and users is no longer enough to protect today’s dynamic environments and outlines how visibility into the network enables better network protection. This core concept of visibility into the network is at the heart of Cisco ASA with FirePOWER Services (and our Next-Generation Intrusion Prevention Systems too) that sets it apart from all other network security competitors. Read More »
Tags: ASA, FirePOWER, firewall, indicators of compromise, next generation firewall, NGFW, security
Cisco is a strong proponent for shifting the mindset regarding the capabilities a Next-Generation Firewall (NGFW) must provide to stay relevant in a world that is dealing with dynamic threats. While nothing is technically wrong with legacy NGFWs, much is wrong with their approach.
To meet current and future needs, a NGFW must now provide full visibility and contextual awareness across applications, hosts, and the network, address dynamic threats, quickly correlate and identify multi-vector threats and deliver the dynamic controls organizations now require to combat advanced threats. It must do all of this while reducing complexity. These capabilities are crucial for enabling continuous protection across the attack continuum—before, during and after an attack.
Read More »
Tags: ASA, elektra, firewall, next generation firewall, NGFW, security
It’s always been important to remote workers to have a solution that provides both secure connectivity to their corporate network and simple user experience.With the recent Summer Blockbuster release of the Cisco Wireless Release 8.0, using the OfficeExtend 600 Series Access Points (OEAP-600) just got better. Here are a few of the enhancements that come to OEAP-600 with Release 8.0:
- Firewall for personal networking – Provides port/application protection for personal network traffic that can be controlled by the end user. While the corporate firewall is protecting your corporate data traffic, you now have the capability to make your personal network traffic more secure also with this feature.
- Split-tunnel for Internet traffic – Enables corporate clients to reach the Internet directly through the WAN instead of tunneling the data traffic through the corporate network. Provides the IT administrator the flexibility to configure the level of split-tunnel capability needed for their network. Together with the existing Split-tunnel for Printer feature the OEAP-600 provides maximum flexibility for printing and managing data traffic between the remote & corporate office.
- QOS Enhancements for Voice traffic – Assigns high priority for voice packets for remote workers using the OEAP-600 and a VOIP solution in their home or remote office to enhance the remote workers voice call experience. Read More »
Tags: access point, admin, administrator, business, call, Cisco, client, connection, corporate, data, employee, End User, enhancement, experience, firewall, flex-work, flexible, internet, ip, IT, Manage, network, office, OfficeExtend, phone, QoS, quality, release 8.0, remote, remote worker, secure, security, services, solution, split-tunnel, telephony, teleworker, traffic, Voice, voice packets, vpn, WAN, wi-fi, wifi, wireless, WLC, workforce
Cisco Live, May 18-24, 2014, is quickly approaching and registration is open. This is the 25th anniversary of Cisco Live and we return to the Bay Area at San Francisco’s Moscone Center. Educational sessions are organized into technology tracks to make it easy to find the topics that most interest you. With network and data security being top of mind, I’d like to highlight the Security technology track’s exciting content lineup. Read More »
Tags: ASA, byod, cisco live, Cisco Live US, Cisco Live! 2014, Cloud Computing, cybersecurity, data security, firewall, IoT, malware, mitigations, network security, Network Threat Defense, psirt, security, security training, training, vpn