Cisco Blogs


Cisco Blog > Security

The .KID Top Level Domain

As a new father and a security professional, it terrifies me to think of my daughter roaming freely around the Internet. However, I feel like restricting her completely will cut off a valuable avenue for education.

Recently, it seems in the media there has been a push to move websites that contain adult content into the .xxx sponsored top level domain (sTLD) in order to easily classify them. While I understand the reasoning for this, there is definitely a large spectrum of additional content which, in my opinion, is unsuitable for children and disallowing access to this sTLD would not provide an adequately restricted environment.

Read More »

Tags: , ,

The Importance of Security in Switches

Smart and managed switches can help secure your network from the inside out

Managing who can hop on to your network from the inside has become more important than ever, now that almost everyone who enters your building is carrying a laptop with an Ethernet port, a Wi-Fi-enabled smartphone, or a tablet computer configured to locate the nearest wireless network. Likewise, you may want to give visiting partners or other guests an Internet connection without giving them access to all your network resources. Bottom line: you need to secure your network on the inside. A switch with built-in security features adds another layer of defense for your network, protecting the devices on your LAN from internal threats.

Switches are the foundation of your network, connecting computers, servers, printers, and other peripheral devices. There are three types of switches—unmanaged, smart, and managed. Smart and managed switches both include security features, but managed switches give you the most control over network traffic with more advanced security and features.

Read More »

Tags: , , ,

Social Engineering: Did you Capture the Flag (CTF)?

The Cyber Risk Report for November 7 through 13 covered the second consecutive Social Engineering Capture the Flag event that was organized by Defcon 19 (a prominent industry “underground” security conference). The event proposes a challenge to competitors with the focus of leveraging social engineering tactics to successfully obtain key company information from a list of prospective companies, with the ultimate goal (based on the past two years) of raising awareness of the threat impact social engineering has on organizations. Furthermore, the competition highlights the common tactics and aspects that social engineers employ. As this year’s competition drew to a close, the Social Engineering CTF Results Report (which provides a debrief of the event, outcomes, and lessons learned) puts an emphasis on the techniques utilized, and the reasons why the respective techniques ultimately succeeded or failed.

Read More »

Tags: ,

Don’t Let Home Networks Compromise Your Business Network

Follow this basic checklist to ensure employees are safely connecting to your company LAN

When you combine almost ubiquitous high-speed Internet connections with affordable wireless networking gear and mobile devices such as laptops and smartphones, many of your employees will create home networks that allow them to work remotely. However, many people don’t have security on their personal networks. Before you allow your employees to access your business network remotely, you need to be sure their home networks are secured.

This isn’t as tricky as it seems. Many of the security measures you’re currently using on the local network can be applied to employees’ personal networks, such as requiring strong passwords on laptops, mobile phones, and home routers. Even if employees are using their own equipment to work remotely, you can enforce specific rules for accessing company resources. For instance, you can require that everyone use an encrypted virtual private network (VPN) to connect to your business network. Also stipulate that every computer, including smartphones and tablets, that accesses business data has antivirus and antimalware software installed and is working with the latest threat updates.

Read More »

Tags: , , , ,

Remotely Triggered Black Hole filtering for IPv6

Black holes, from a network security perspective, are placed in the network where traffic is forwarded and dropped. When an attack has been detected, black-holing can be used to drop all attack traffic at the edge of an Internet service provider (ISP) network, based on either destination or source IP addresses. Remotely triggered black hole (RTBH) filtering is a technique that uses routing protocol updates to manipulate route tables at the network edge or anywhere else in the network to specifically drop undesirable traffic before it enters the service provider network.

Read More »

Tags: , ,