Cisco Blogs


Cisco Blog > Security

Offline Analysis of IOS Image Integrity

Forensic analysis of IOS images can be a tricky science, due in part to the diversity in IOS image versions and branches. Between IOS 11 and IOS 12.4, over five thousand different images were built, a quarter of which belong to the 12.2 train. Some IOS trains are in more widespread use than others, just as some hardware platforms are more popular than others, but even when narrowing down by feature-set or hardware, there is a large diversity of images. There are however, some steps that can be taken, both while the IOS device is running, as well as offline, that can help determine the integrity of an IOS image.

Read More »

Tags: , ,

Block a country with my Cisco Router or Firewall

Problem:

We are often asked by customers about how they can prevent traffic from a certain country (let’s say country X) from entering their network. The motivations for doing this could vary. Sometimes a company does not do business with all countries in the world; therefore, the company doesn’t need to be accessible from all countries. Other times it is an issue of trust and security, where an administrator may not want to allow country X to enter their infrastructure. Finally, there are cases where country X has often been incriminated with malicious activity, so an administrator may want to block country X when there is no need for the organization to interact with this country. In this document I present a methodology on how to write a tool that provides the configuration lines to block country X, using your IOS router or ASA/ASASM firewall.
Read More »

Tags: , , , , , ,

Cisco 5940 Embedded Services Routers are now FIPS certified!

December 6, 2011 at 6:28 am PST

GCT is proud to announce the FIPS Certification of the Cisco 5940 Embedded Services Routers (ESR), certificate # 1639.  More information can be found at http://goo.gl/rcB83

The Cisco 5940 is a high-performance, ruggedized router. With onboard hardware encryption, the Cisco 5940 offloads encryption processing from the router to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks. The Cisco 5940 Embedded Services Routers provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 1 requirements. The Cisco 5940 Router Card uses industrial-grade components and is optimized for harsh environments that require Cisco IOS Software routing technology.

Tags: , , , , , , , ,

Cisco IOS Security Advisory Bundle – It’s That Time Again

September 28, 2011 at 9:15 am PST

Once again it’s time for Cisco’s semi-annual Cisco IOS Software Security Advisory Bundled Publication. Today’s edition of the bundle contains a total of nine IOS-related advisories and one non-IOS advisory for the Cisco Unified Communications Manager (CUCM) family of products. Included in the 10 Security Advisories are a total of 19 Cisco Bug IDs, each one representing an individual vulnerability.

Read More »

Tags: , , ,

News@Cisco Week in Review and Look Ahead: June 13-17

It’s Friday! What’s everyone’s plans for the weekend? Here are some of our top news stories of the week that include an interview with one of Cisco’s first employees, a feature on how email’s days are numbered and a webcast on how customers are investing in the network as an innovation engine.

1.) Network Trailblazers: A Conversation with Kirk Lougheed

Check out Network Trailblazers, a new series that highlights the creators and visionaries of the Internet network. Our first trailblazer is Kirk Lougheed, the company’s first engineer and also a Cisco Fellow. Learn more as Kirk discusses how IOS developed and the future of the network.

Read More »

Tags: , , , , , ,