The advent of social networking, BYOD implementations, and web interactions has transcended the Internet traffic flows of yesterday. Adversely, the security risks and threat landscape have not only evolved, but become an ever increasing factor in protecting today’s information systems. This continued movement has led to the introduction of a new security topic for the upcoming Cisco Live 2012 conference. This topic and subsequent lab session, “Firewall Network Threat Defense, Countermeasures, and Controls” is part of the “Cyber Aikido” security suite of sessions being offered at Cisco Live 2012, and has been developed around threat defense solutions applicable to Cisco Firewalls. The course is largely based on the upcoming “Cisco Firewall Best Practices Guide“.
The “Firewall Network Threat Defense, Countermeasures, and Controls” instructor-led lab will provide administrators and engineers of Cisco Firewalls the knowledge and understanding to protect their networks against threats and attacks leveraging industry standard and Cisco Firewall Best Practices. This includes understanding control plane, management plane, and data plane architectures, and applying security features and constructs to secure the traffic traversing and interfacing with your devices or hosts.
In an effort to reduce costs and improve operational efficiency, organizations of all sizes have begun compressing their firewall and other security services into smaller form factors and fewer physical units. Many small and midsized companies have opted for UTMs to run all of their security on a single box. Unfortunately, UTMs have failed to deliver on their promise to deliver true multi-service security. Most UTMs do one or two things really well, but add all the other services as “checkbox” items just to say they have it. Read More »
I have a confession: I’m a technology late-adopter. On Rogers’ Innovation Adoption bell curve, I probably fall somewhere in the ‘late majority’ — I like the tried and true.
But with a few years and many advances, I’m back on Facebook (my short experience with it left me with privacy paranoia), and if you can believe it, I’m now an iPhone user. I appreciate not lugging around my iPod, and having a camera ready whenever I need it, but it’s not only the extra bells on the integrated device that has impressed me -- it’s the realization that I don’t have to compromise functionality to have it all.
We are often asked by customers about how they can prevent traffic from a certain country (let’s say country X) from entering their network. The motivations for doing this could vary. Sometimes a company does not do business with all countries in the world; therefore, the company doesn’t need to be accessible from all countries. Other times it is an issue of trust and security, where an administrator may not want to allow country X to enter their infrastructure. Finally, there are cases where country X has often been incriminated with malicious activity, so an administrator may want to block country X when there is no need for the organization to interact with this country. In this document I present a methodology on how to write a tool that provides the configuration lines to block country X, using your IOS router or ASA/ASASM firewall. Read More »
We had fun turning out a few new security oriented fundamentals that we always hope you enjoy. This one firewall animation is very complimentary to a full TechWiseTV show we recently released..you can see it embedded just after the jump. Nothing in networking is ever really an apples to apples comparison but it seems like firewall vendors are more full of hot air than anyone. Read More »