We were excited to read the Infonetics Data Center Security Strategies and Vendor Leadership: North American Enterprise Survey, which was released yesterday. It revealed Cisco’s continued leadership in a market that spans a multitude of vendors – application/database, client, data center integration and network. The report indicates that leaders need to offer the right mix of products across the data center security and cloud arenas as well as demonstrate security efficacy and integration into adjacent markets. Cisco has continued to execute on a unified security portfolio spanning firewalls, Intrusion Prevention System (IPS), gateways, and integrated threat intelligence further complemented by strategic partnerships. Seamless integration and shared security intelligence with routing and switching (Nexus and Catalyst) and converged infrastructure (Cisco UCS) enables our customers to benefit from optimized traffic links, the highest levels of security resilience, increased availability and scalability as well as lower costs of ownership. Per the report, “to say you’re the leader in the data center/cloud security is to say you are an innovator who can tackle the biggest problems in IT security for the biggest and most demanding customers.”
We’d like to highlight two areas that Cisco has continued to demonstrate an outright lead over other vendors. In the area of perception as the top data center security supplier, Cisco leads with 47 percent of votes compared to IBM with 38 percent and McAfee with 28 percent, who ranked second and third. Cisco scored between 40 to 60 percent of respondents’ votes (covering 10 criteria) for being the leading data center security supplier with McAfee scoring 15 points below Cisco, HP received around 20 percent of votes, and Juniper and Trend with 15 percent. Read More »
Tags: catalyst, Cisco UCS, data center security, firewalls, gateways, IPS, nexus, unified security portfolio
A few months ago we published a technical white paper explaining how we measure the performance of Cisco IPS sensors. The idea was to give Cisco IPS customers insight into the work that goes into producing the performance numbers that are recorded in a data sheet, with the ultimate goal of helping customers deploy the correct IPS appliance for their environment. We have now followed up the performance work with a paper describing how we test the effectiveness of our IPS product line.
This new paper titled, “Testing the Efficacy of Cisco IPS”, explains how Cisco IPS fits into the Cisco Security portfolio and how the IPS product team measures efficacy. Read More »
Tags: global correlation, IPS, IPS efficacy, IPS performance, security
We invite you to join us for a webinar scheduled for 20 November 2012 where we’ll discuss how to protect Industrial Control Systems using Cisco Intrusion Prevention Systems (IPS).
Industrial control systems is the term used to identify several types of control systems, including supervisory control and data acquisition (SCADA) systems, process control systems (PCSs), and other smaller control system types, such as programmable logic controllers (PLCs), used in critical infrastructure such as power plants, oil and gas pipelines, electrical power distribution, and manufacturing facilities.
Historically these control systems were kept separate from the corporate network. Because of this isolation they were traditionally difficult to break into because of their separation for health and safety reasons.
More recently, control systems may be running Windows or Linux, using the Internet Protocol (IP) to communicate, giving direct access to SCADA networks via the Internet. Wireless and Bluetooth capabilities allow remote management and diagnosis. These connections to the outside create a massive challenge from a security perspective for the following reasons:
Read More »
Tags: Industrial Control Systems, Intrusion Detection System, Intrusion Prevention System, IPS
I pulled some workshop hosting duty trying to fill Jimmy Ray’s big orange shoes this morning. The subject is a great one -- Intrusion Prevention in the Data Center with an incredibly sharp engineer, Stijn Vanveerdeghem. Stijn is one of those crazy smart security guys down in Austin, TX as he works with a bunch of old friends from the team of IDS experts we have there.
So much emphasis on the data center these days for obvious reasons and it makes sense that anytime we consolidate something valuable -- there is going to be an increase in creativity for how to get to it when your not supposed to.
We do these workshops as part of our TechWiseTV shows for their interactivity and the difference in the depth we can achieve. A number of references were made as to other resources, shows we have done as well as published papers and studies. I have included all the links we brought up below.
If you missed Stijn’s presentation or would like to go back and take better notes -- you can get to it at the same link you used to originally register OR I also highly recommend you bookmark ciscoworkshops.com
TechWiseTV Episodes referenced:
TWTV120 -- Defending the Data Center
Couple of notable segments within this show worth looking at here:
Clustering Technology with the 5585X
IPS 4500 Series
Episode 15, Firewall Reinvention with the ASA CX, is a good show throughout -- only one segment I will call out as a favorite however, a Master Class Jimmy Ray did on ‘Forensic Analysis.’ The differences between network device versus traditional computer forensics and network forensics best practices, why routers and firewalls aren’t the smoking gun, and how the Cisco Router Analysis Tool can help with your networking.
Fundamentals of IPS
Fundamentals of High End Firewalls
Couple of good pointers Scott Simkin lays out in his support of our workshop today -- thank you Scott.
The 2012 Verizon Data Breach Report (pdf)
Performance of the Cisco IPS 4300 and 4500 (Whitepaper, .PDF)
Global Correlation on Cisco IPS Sensors (Whitepaper, PDF)
IPS Tech Tips – Protecting Industrial Environments:
Cisco IPS Go page: http://cisco.com/go/ips
Thanks for watching!
Tags: data center, IPS, security, TechWiseTV
Data sheet performance numbers are often used to make purchasing and deployment decisions for network devices. This is true for Intrusion Prevention Systems (IPS) as well. However, the nature of IPS is such that performance can vary greatly based on multiple factors, including the traffic mix seen at the IPS, signature tuning, and the software version in use. As a result, basing an IPS deployment purely on data sheet numbers is difficult. Cisco has demystified data sheet performance metrics for its IPS 4500 and IPS 4300 products via a detailed technical paper that walks the reader through each performance number.
Read More »
Tags: IPS, IPS performance, security