Cisco Blogs


Cisco Blog > Security

7-Day Forecast: Bundle Up!

It’s that time of year again—consider this post your friendly T-7 notice to start preparing for the final Cisco IOS Software Security Advisory Bundled Publication of 2013! As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.  Cisco security publications that disclose vulnerabilities scoring lower than 7.0 are described in our Cisco Security Vulnerability Policy. Read More »

Tags: , , , , ,

Get Your Network Ready For iOS7

September 13, 2013 at 5:30 pm PST

In their highly anticipated announcement this week, Apple introduced two new phones, the iPhone 5C and iPhone 5S, and confirmed that iOS 7 would be released on September 18th. Techies like myself took note that iOS 7 will include quite a number of new features. We at Cisco want to help you understand what iOS 7 means for your network, so here’s a quick blog to sum it up:

How does iOS 7 impact your wireless networks?

Soon your employees and guests will be upgrading to IOS 7. Did you know up to 20% of traffic to mobile devices is software upgrades, application updates and synchronizing your devices via the cloud? Cisco’s Application Visibility and Control technology can help you identify and tame these applications and is available on the routers, Wireless LAN and visible via Prime Infrastructure. In addition, Cisco’s ISR can cache these updates to reserve valuable and expensive WAN bandwidth. More details about protecting the WAN is available in another blog.

If you leverage a Captive Portal, you will experience a change in behavior. Apple has enhanced the Captive Network Assistant (CNA) functionality iOS 7 making it more robust. Cisco has proactively developed and tested a new version of wireless LAN controller code to interoperate with Apple’s new implementation while ensuring a seamless experience for all other clients.

Finally iOS 7 also has significant security and manageability enhancements to improve productivity for the enterprise.

What do you need to do in order to optimize for iOS 7? Read More »

Tags: , , , , , , , , , , , ,

Cisco’s onePK Part 1: Introduction

Exordium

Cisco’s One Platform Kit (onePK) is a fantastic toolkit for building custom applications that interact with your Cisco routers and switches. Using onePK, you can build automation directly into the network and extend all sorts of functionality using Cisco devices. The first in a three-part blog series, this article will introduce onePK to the reader, explain what it is, how it can be useful, and will show how to configure onePK on a router. The second and third installments will walk the reader through a simple security-relevant application using the C API. Important to note is that we’ll be covering the 0.6.0 version of onePK features and service sets. At the time of this writing, the toolkit is still in Controlled Availability and as such, is still in active development, and the API could change before it is released into General Availability. However, even in the face of API evolutionism, this article will provide you with a solid jumping-off point for your plunge into the wondrous world of onePK.

OK, Just What is onePK?

OnePK is a Cisco IOS Software feature and a set of programming libraries enabling an application programmer to build powerful applications that tightly integrate and interact with Cisco devices. onePK is available to you via a well-documented and unified API, currently offered in C and Java with Python in active development. It is currently in pre-release and is available only on request. Details on how to obtain onePK are provided below. Read More »

Tags: , , , , , , , ,

Today’s the Day: Announcing the Cisco IOS Software Security Advisory Bundle

Today, Cisco is celebrating a milestone in its commitment to helping you act on security intelligence—our 10th bundle of Cisco IOS Software Security Advisories. We’re proud of our commitment to these predictable disclosures (on the fourth Wednesday of March and September annually) because they originated as a direct response to your feedback. Bundled publications allow you to plan ahead and ensure resources are available to analyze, test, and remediate vulnerabilities in your environments. In an upcoming post, my colleague John Stuppi will share how the Cisco Product Security Incident Response Team (PSIRT) drove the evolution from a traditional disclosure model to the current semiannual bundled publication. John’s post will also provide another vehicle to share feedback with PSIRT, the organization that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks.

Make sure you take a look at the Cisco Event Response—our “go to” document that correlates the full array of Cisco Security Intelligence Operations (SIO) resources for this bundle (including links to the advisories, mitigations, Cisco IntelliShield Alerts, CVSS scores, and OVAL content). Remember, this collateral is not unique to Cisco IOS Software Security Advisories but is part of Cisco SIO’s response to current security events.

Today’s edition of the Cisco IOS Software Security Advisory Bundled Publication includes seven advisories that affect the following technologies:

  • Network Address Translation
  • Resource Reservation Protocol
  • Internet Key Exchange
  • Zone-Based Firewall Session Initiation Protocol Inspection
  • Smart Install
  • Protocol Translation
  • IP Service Level Agreement  Read More »

Tags: , , , , , ,

March 2013 Cisco IOS Software Security Advisories: T-7 and Counting!

It’s that time of year again, folks. On Wednesday of next week, the Cisco Product Security Incident Response Team (PSIRT) will release the first Cisco IOS Software Security Advisory Bundled Publication of 2013. As a reminder, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our security advisories, vulnerabilities scheduled for disclosure in the upcoming bundle will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.

Read More »

Tags: , , , , ,