Cisco Blogs


Cisco Blog > Security

Endpoint Visibility is Key to Combatting Attacks

As an IT security practitioner, you have a lot on your plate. Malware attacks are ever present. Hackers are smarter than ever and have the resources and persistence to compromise your organization. The malware being created today is more sophisticated. And the number and types of devices being used in the workplace are expanding, which is increasing the attack surface for malware delivery. With all of these new endpoints being used in the workplace, it’s no surprise that more than 70% of respondents in the 2014 State of Endpoint Risk study by Ponemon say that endpoint security risk is more difficult than ever to manage. Without visibility into potential malicious activity on the endpoints, how are you expected to effectively defend against an attack launched from an endpoint?

Let’s face it: endpoints are everywhere now. The definition of an endpoint has expanded vastly from its first iteration as a tethered desktop computer. We have Windows and Mac laptops; tablets and smartphones; virtual environments; and now even smart watches. We rely on these devices every day. Furthermore, with the advent of the Internet of Everything (IoE), the number and variety of connected devices are set to explode. Cisco estimates that as many as 50 billion devices will be connected to the network by the end of the decade.[1]

The number of attacks targeting these devices is on the rise. In the same Ponemon study, 68% of respondents reported that their mobile endpoints have been the target of malware in the last 12 months. Examples are plentiful. A user with a personal Android phone that has been infected with malware plugs the phone into the office computer to charge it and the malware infiltrates the corporate network. An employee connects their work laptop to their home wi-fi connection and malware lying dormant seizes the opportunity to launch an attack through the back door. Someone surfing the web visits a legitimate website and clicks on an ad that is actually infected. Third-party applications downloaded from seemingly reputable sites can also introduce security risks.

Attackers understand how to exploit these gaps in protection that a proliferation of endpoints can create and work relentlessly to drive their attacks home. Their attacks are dynamic and multidimensional and require continuous scrutiny. As an IT security practitioner, you can’t protect what you can’t see. You need security solutions on the endpoint that couple continuous visibility and control so that you can not only see what’s happening on all of the endpoints on your extended network, but have the power to stop an outbreak quickly if an attack gets through.

Cisco Advanced Malware Protection (AMP) for Endpoints gives you unmatched visibility and control on endpoints, including PCs, Macs, mobile devices, and virtual environments. AMP is continuously monitoring activity on your endpoints, recording everything that it sees, which gives you the ability to roll back time on would-be attackers. When a file starts behaving badly, AMP is there to catch it, and gives you detailed information on how the malware got there in the first place, where it has gone, what other systems have been affected, and what exactly the malware is doing. With this information on root cause and point-of-entry, the complete ancestry and lifecycle of the file, and detailed analysis on the malware’s activity, you can surgically remediate malware from all of the affected areas on your endpoints and extended network. Whether you’re dealing with endpoints connected to a protected network or roaming on public or personal in-home wi-fi, AMP provides you with continuous and integrated detection, response, and remediation capabilities. Download this whitepaper to learn more about a new model to protect the endpoint.

To learn more about AMP for Endpoints, visit www.cisco.com/go/amp

[1] Cisco Internet of Things: http://www.cisco.com/web/solutions/trends/iot/indepth.html

Tags: , ,

It Is Never Too Early To Build A Mobility Strategy

It’s only October, but the holiday season is already kicking into high gear. If the retail stores are any indication, it’s time to start planning for the holidays, regardless of which one you celebrate. Much like holiday planning, it’s never too early to start building your organization’s mobility strategy.

It doesn’t matter whether we’re talking about employees at your organization or customers at your venue.

Everyone is bringing their own device.

Everyone is bringing their own device.

The influx of smartphones and tablets into the workplace is serious business. Apple, Samsung, and Google are duking it out for our affections these days. But it’s not just about reacting to “Bring your own device” (BYOD) trends in the office, or providing free Wi-Fi for your customers. Your employees and customers expect more robust mobile experiences, so you need a clear mobility strategy to stay ahead of their demands.

Read More »

Tags: , , , , , ,

A Cisco Customer Solutions Architecture (CSA) Use Case in How to Manage Threat Defense

This is part 4 of the “Your Business Powered By Cisco Customer Solutions Architecture (CSA)” blog series.

Enabling & Delivering Cloud-based Security Services -- Managed Threat Defense

Many enterprises (30%) have been leveraging cloud services cautiously or only in an internal (private) cloud manner. The reasons for this vary but these are the most common:

  • IT applications (~80%) are not cloud enabled i.e. traditional client server apps or non-x86 apps
  • Perceived security and performance concerns
  • Perceived lack of control and loss of IT governance and policy

While these reasons are valid, the evolution of cloud services and the ability to transform traditional IT services, governance, and policy controls mean this Cisco CSA can now address these reasons.

This use case example focuses on Security because it is a major consideration for most customers.  The market growth for security is driven by increased demand for security applications such as network security and “confidentiality” of services.  Security services are seen as an emerging market and are expected to grow to $40B by 2017.  Managed Threat Defense is projected to be $3.7B of that $40B. Read More »

Tags: , , , , , , , ,

“The Internet of Things is More Than Just “Things” – Five Technology Pillars to Pay Attention To

It has been 15 years since Kevin Ashton popularized the term the Internet of Things. How could we have known then what that would come to mean and the huge impact that it would have on our lives? Cisco projects that 50 Billion things (or devices) will be connected to the Internet by 2020; or, the equivalent of 6 devices for every person on the planet. This exponential growth of connected devices is fundamentally impacting both society and the economy—changing our lives forever.

IoT 10.15

However, with all of our focus and media attention on the Internet of Things, we are really missing the fundamental technology revolutions that are reshaping our world. Radical advances in processing, storage, wireless technologies and new ways of delivering technology are reshaping our world -- all at a much faster speed and drastically reduced price.

In my view, the Internet of Things is really a short-hand for the five technology pillars that are shaping a revolutionary new, connected world. Read More »

Tags: , , , , , , , , , , , , , ,

New Security White Paper: Unified Computing System (UCS) Hardening Guide

Check out the new Cisco UCS Hardening Guide white paper which is now released  and available on the Cisco Security Portal. The paper outlines and highlights security best practices for Cisco UCS.

This paper provides information to help users secure Cisco Unified Computing System (Cisco UCS) platform and provides guidance on how to harden Cisco UCS Software features.  The paper provides references to lots of related documentation.

Please access it using the following URL: http://www.cisco.com/web/about/security/intelligence/ucs_hardening.html

Tags: , ,