Cisco Blogs


Cisco Blog > Security

Cisco ScanSafe: Now Cloudy in Canada

One of the most enjoyable parts of my job as a product manager is launching a new product. Typically this is a shiny new widget or a great piece of software. But for a cloud-based service like Cisco’s ScanSafe Web Security solution, the infrastructure is a big part of the product.

For those not familiar with the product, ScanSafe offers web security solutions to organizations ranging from global enterprises to small businesses. The service provides multiple layers of malware protection and acceptable use controls to block users from specific websites and categories. It does this by redirecting end-user web traffic directly to the cloud where every web request is analyzed using artificial intelligence-based “scanlets” to determine the associated security risk. With such heavy processing and computation, the nature of the cloud is as important as the service in the cloud.

That is why today, I am pleased to welcome Canada to ScanSafe’s cloud with the addition of two datacenters—the first in Vancouver and the second in Toronto. Canada has been an early adopter of SaaS-based technologies, and our newest datacenters will help us serve our customers in the region. In addition, companies with branch offices in these locations will now benefit from a local internet breakout.

Read More »

Tags: , ,

Intrusion Prevention – The Fundamentals

November 22, 2011 at 10:55 am PST


One of the greatest things about having an interest in security…is the fact that it never stops changing. Understanding how threats have evolved over time and getting a strong baseline introduction to this can really help you appreciate the unique combination of hardware, software and most importantly, services that Cisco brings to customers.  Cisco’s Security Intelligence Operations is, in my opinion, is a very under-marketed differentiator for us.  Network World did a fantastic feature on this: Inside Cisco Global Security Operations that is well worth the read. But to prep you for it…I must more strongly recommend 5 minutes of your time…

Read More »

Tags: , , , ,

Steam Forum Compromise is the Latest Effort in Possible Credential Aggregation

Either someone is doing some serious academic work in researching password strengths, or someone is building a really great hashed password dictionary. The Steam community forum compromise, in which attackers gained access to a database containing usernames, encrypted passwords, and e-mail addresses, is just the latest in a series of compromises targeting a subset of the online community: gamers.

It’s difficult to say whether these attacks are increasing in frequency or whether media reporting and voluntary disclosure has created the illusion of a growing trend. In either case, our activities are continually moving online, often protected only by a username and password, instead of staying safe and warm in hard disks on our home desktop computers. The attack surface is increasing as more web services require more usernames and passwords and the opportunity for password reuse increases.
Read More »

Tags: , ,

The 5940 ESR has been awarded FIPS validation #1639 and is complete!

November 21, 2011 at 10:51 am PST

The 5940 ESR has been awarded FIPS validation #1639

The Cisco 5900 Series Embedded Services Routers (ESR) are optimized for mobile and embedded networks that require IP routing and services. They can operate reliably in harsh environments, such as those subject to power surges and extreme weather conditions.

These routers are complemented by Cisco IOS Software and Cisco Mobile Ready Net capabilities. With this technology, they provide highly secure data, voice, and video communications to stationary and mobile network nodes across wired and wireless links.

FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.  The NIST website contains details on the Cryptographic Module Validation Program (CMVP).

For further information on Global Government Certifications, please visit here: http://www.cisco.com/web/strategy/government/sec_cert.html

Tags: , , , , , , , , , ,

Cius: The Inside Story

November 18, 2011 at 8:31 am PST

I have to be honest and tell you that we did not approach this particular show with an attitude of ‘Yeah!  CIsco has a tablet.’  But I am still being honest when I say…that all changed.  This is that story.

Read More »

Tags: , , , , , , , , , , , ,