Cisco Blogs


Cisco Blog > Security

Custom Signature Writing Guide for Cisco IPS

A collaboration of four senior members of the Cisco IPS signature team recently culminated in the public release of a guide on writing custom signatures for Cisco IPS, the #1 IPS platform of the Internet. The idea behind this move is to give our customers an easier way to develop their own signatures, allowing them to more easily discover and block unwanted traffic in their networks. At the same time it helps in understanding existing signatures written by members of the IPS signature team.

Read More »

Tags: , , , ,

5 Configuration Changes to Fortify Your WLAN Security

You can protect your small business wireless network from intruders with a few simple tweaks

A wireless network makes sense for small businesses.  It enables you to connect wired and wireless devices, allowing you to expand your network operations and keep employees productive.  Also, a wireless LAN (WLAN) is easier and less expensive to set up than a wired network, and gives employees and guest users quick, convenient access to the Internet from anywhere in your office.

Deploying a wireless network is easy in part because the networking equipment, including wireless routers and wireless access points, ships with important configuration settings preconfigured. However, these preset passwords, along with other improperly set configurations, can lead to catastrophic breaches in network security. To ensure your wireless network is secure, the devices must be configured to block intruders and protect users.

Here are five changes you can make to your WLAN configuration settings to lock down your wireless network and provide business-class security:

Read More »

Tags: , ,

Are smart cards heading the way of video recorders?

I read an article recently discussing the advantages and disadvantages of smartcards. I know that there have been quite a few distributed, but it seems to me that the adoption rate and the length of time they have been available are a bit out of sync. I would have thought that we would have many more smartcards, used in more places, being as they werer actually invented in 1968, and were widely used in French pay phones starting in 1983.

Read More »

Tags: , , , , , , ,

Security Today – Magic or just a throwback to a 1960′s episode of Star Trek?

Stealing a quote from Arthur C. Clarke: “Any technology, sufficiently developed, is indistinguishable from magic”. Some people would certainly consider security these days as magic. Okay, so much for that reference, but what does Star Trek have to do with government and security, my typical topics. Star Trek, although mostly about exploration sure seemed to have a bit of a “Space Military” characteristic to it. Isn’t that what the Star Fleet was all about? (no offense intended, Capt. Kirk.)

Lately, I’ve been doing some research for a paper on the integration of physical and logical security (I did an initial paper that you can see here: Click on “The Necessity of Security”) and it dawned on me how very similar the technology of today is to the science fiction of the 1960’s, or in Mr. Clarke’s case, magic. So here is a synopsis of some of my observations. I’m sure there are more; please feel free to reply with what I’ve missed or your own favorites.

Read More »

Tags: , , , , , , , , , ,

Top of Mind: Best Practices and Security Updates

With the Black Hat and DEF CON security conferences last week in Las Vegas, two topics are top of mind for me and those in my organization: best practices for securing the network and the importance of applying software security updates. An event like Black Hat or DEF CON certainly raises awareness, but what’s really important is to take that awareness and embed it into daily management of the network. For the most part, those practices are followed on end points and applications. Unfortunately, our data indicates that patching in the infrastructure is much less consistent. This is usually based on complexity and the demands of uptime placed on the network. Events like Black Hat give my teams an opportunity to deliver training on implementing network-based mitigations and defenses. In many cases, participants in these events are simply unaware of what is available in newer versions of our products.

Read More »

Tags: , ,