Protecting data, resources, and assets, including audio-video (A/V) content and communications no matter where it resides or travels on Cisco-powered networks can be a daunting undertaking to say the least. People ultimately are responsible for making this happen. With this thought in mind, here are a few questions that frequently challenge someone with this type of responsibility:
How can one ensure that the confidentiality, integrity, and availability of the core network keeps pace with the introduction of new technologies, while managing the continuous stream of disclosures on existing product vulnerabilities and emerging threats?
What preemptive or corrective actions can one take to mitigate or remediate known or potential weaknesses in your network operations?
What trusted informational resources are available that we can apply in the design, operation and optimization of a secure network, and where can this information be found?
This article provides personal insight into a specialized role residing within Cisco’s Applied Intelligence team, a team which was highlighted in the Network World feature article (page 3), “Inside Cisco Security Intelligence Operations.” The role is that of the Security Intelligence Engineer (SIE), a role which focuses on researching and producing actionable intelligence, vulnerability analysis, and threat validation that typically leads to providing answers and solutions to the challenges posed by these questions.
The 2012 Cisco Global Cloud Networking Survey, which includes participants from more than 1,300 IT decision makers in 13 countries, was commissioned to measure the adoption of cloud services by IT professionals globally, while examining potential challenges to their cloud migrations. Below, we take a deeper look at some of the positive, negative, and strange aspects to come out of the survey.
On the positive side, 73% of respondents felt they have enough information to begin their private or public cloud deployments. This leaves 27% who claim to feel more knowledgeable about how to play Angry Birds than the steps needed to migrate their company to the cloud. While Angry Birds is a fun game to play, this wan’t the strangest result from this research. Read More »
Looking for technology inspiration? Imagining the IT possibilities? Look no further. Interop 2012 is finally here this week! Showcasing the latest innovations in technology in networking, security, cloud computing, virtualization, mobility portfolios plus much more, it is bound spark new ideas for IT initiatives. With several demonstrations, speakers in 12 panel discussions, three products as finalists for Best of Interop, many of us from Cisco will be there, asking you: “what can we help you build?”
To help get the most out of what is happening at Interop, check out, ‘Insiders Guide to Optimization at Interop’ . It gives a great suggestion for an itinerary with the highlights of Interop 2012. Personally, I am especially looking forward to the keynote “Cisco Innovation. In it to Win It.” by Cisco CTO and head of engineering, Padmasree Warrior. With advancements happening so quickly in business technology, there will be many panels and educational sessions that Cisco will have to assist customers in migrating to the cloud, managing and maintaining BYOD policies, and increasing collaboration and productivity and learning about IPv6.
Not able to get to Interop but still have questions? Don’t worry, the fun geeks you can trust of Cisco’s TechWise TV will also be in Las Vegas bringing content to those there and at home:
With so many speakers and panels, don’t forget to stop by booth #1127 to say hi, get answers to questions, get a tour, check out the in-booth theater, and view the many products that will be demonstrated throughout the week. Safe travels and I look forward to seeing you there!
As part of CSIRT’s mobile monitoring offering for special events, we undertook monitoring of the corporate and customer traffic of the Cisco House at the London 2012 Olympics. This engagement presents us with an excellent opportunity to showcase Cisco technology, while keeping a close watch on potential network security threats. CSIRT monitoring for this event will be active for the entire life-span of the Cisco House, from two months before the Olympics, until two months after.
For the London 2012 engagement, we shipped our gear in a 14RU military-grade rack that is containerized: made for shipping. Inside the mobile monitoring rack we have an assortment of Cisco kit and third-party kit that mirrors the monitoring we do internally:
Catalyst 3750 to fan out traffic to all the other devices
FireEye for advanced malware detection
Two Cisco IronPort WSA devices for web traffic filtering based on reputation
Cisco UCS box where we run multiple VMs
Lancope StealthWatch collector for NetFlow data
and a Cisco 4255 IDS for intrusion detection
We mirror the signatures that we have deployed internally at Cisco out to these remote locations. Depending on the environment where the mobile monitoring rack is deployed, we may also do some custom tuning. The kit in the mobile monitoring rack can do intrusion detection, advanced malware detection, and collect and parse NetFlow and log data for investigation purposes. The Cisco UCS rack server also helps us have several VMs, allowing us to run multiple tools that complement the other devices in the rack. For example, we run a Splunk instance on a VM to collect the logs generated by all the services. The data from the gear in the mobile monitoring rack is analyzed by our team of analysts and investigators, to eliminate false positives, conduct mitigation and remediation, and finally produce an incident report if required.