Cisco Blogs

Cisco Blog > Threat Research

Microsoft Patch Tuesday – June 2015

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 8 bulletins being released which address 45 CVE. Two of the bulletins are listed as Critical and address vulnerabilities in Internet Explorer and Windows Media Player. The remaining six bulletins are marked as Important and address vulnerabilities in Microsoft Office, Windows Kernel, Active Directory, Microsoft Exchange Server, and Microsoft Common Controls.

Read More »

Tags: , , , ,

Security Everywhere Helps Partners Create New Conversations and Revenue Streams

It’s impossible to turn on a TV or read a newspaper without hearing about cybersecurity breaches. Security is top of mind for everyone, and it’s definitely a top priority for Cisco.

Yesterday, at Cisco Live 2015 in San Diego, CA, we announced “Security Everywhere.” The Internet of Everything has generated new business models, better work environments, and consumer experiences. It has also opened more opportunities for hackers. Our new portfolio embeds security across the extended network, from the data center to endpoints, branch offices, and the cloud. This provides threat visibility and control. By integrating “Security Everywhere,” you can deliver the security requirements demanded by today’s dynamic threat landscape, and capture emerging business opportunities.

I’d like to highlight some of the solutions that will help you. Read More »

Tags: , , ,

Why I Love Big Data Partner Series 5: Cisco and Splunk: The Weapons of a Security Warrior

In this 5th why I love big data blog series, I am joined by Jeff Aboud from Splunk to outline why big data security analytics is essential to today’s security challenges.

Untitled SplunkJeff Aboud, Sr. Solutions Marketing Manager, Security Markets, Splunk Jeff Aboud has more than a dozen years in various areas of the security industry, spanning from the desktop to the cloud, including desktop AV, gateway hardware and software, encryption technologies, and how to securely embrace the Internet of Things. His primary focus today is to help business and security professionals understand how to visualize, analyze, and alert across a broad range of data sources in real time to maximize their security posture.



It’s no secret that advanced threats and malicious insiders present increasing security challenges to organizations of all sizes. Security professionals know that it’s not matter a question of if, but when an attack will successfully breach their network. Visibility is often what makes the difference between a breach and a major security incident, and enables proactive security posture throughout the attack continuum – before, during, and after the attack. It’s also essential to understand that the fingerprints of an advanced threat are often located in the “non-security” data, so the effective detection and investigation of these threats, before your data is stolen, requires security and non-security data.

So what does all this really mean, and how can you use it do dramatically improve your security posture?

You need to integrate and correlate the data from your firewalls, intrusion prevention, anti-malware, and other security-specific solutions along with your “non-security” data such as the logs and packet information from your servers, switches, and routers. This is no easy task with the large number of different security solutions present in most enterprise networks. But having all your data at your fingertips will help you improve your detection capabilities and automate the remediation of advanced threats.

But how can you do this, since Security Information and Event Management (SIEM) systems only look at traditional security sources? The partnership between Splunk and Cisco is the answer. Splunk is integrated across Cisco security platforms, as well as other places throughout the network including various Cisco switches, routers and Cisco Unified Computing Systems (UCS) to deliver broad visibility across your environment.

Together, Splunk and Cisco provide security and incident response teams the tools they need to quickly identify advanced threats, visualize them in real-time across potentially thousands of data sources, and take automated remediation action on Cisco firewalls and intrusion prevention systems. Read More »

Tags: , , , , , ,

Threat-Centric Security for Service Providers

Security has never been more critical for service providers. As Sanjeev Mervana said in his recent blog: Security has become a service provider imperative. it is a key enabler for open and programmable networks that enhances business agility and profitability. With secure networks, emerging video, wireless mobility, Internet of Everything (IoE) and cloud services can more reliably drive new revenue opportunities and business outcomes. Unfortunately, cyber adversaries exploit the growing attack surface that these services expose by launching more sophisticated attacks that impact both the service provider and their customers.

Until now, the only viable approach for service providers to protect their networks has been to Read More »

Tags: , , , , , , , , ,

“Security Everywhere” – Enterprise Branch Security for Direct Internet Access

Two weeks ago, a leading global medical device manufacturer came to Cisco for advice. In an effort to streamline IT operations and reduce operating costs, the customer had recently migrated from their internal Microsoft Exchange 2010 environment to Office365, Microsoft’s hosted online service.

The migration was initially done for the headquarter users and the feedback was more positive than they expected. However, when they migrated their branch and remote office users, the WAN bandwidth usage almost immediately spiked and user experience suffered as a result.

This customer is certainly not the only company looking to embrace Cloud applications for greater agility, reduced costs and complexity, and increased productivity. Or has had to deal with BYOD issues and the increasing impact of video has on their bandwidth. However, what our customer and those other companies have found is that the current method of backhauling the traffic to the data center is no longer a viable way to handle the increased consumption when faced with a flat or even a declining IT budget. Therefore, many of today’s distributed enterprises are looking to use direct Internet access pathways in an effort to improve the user experience while reducing IT costs.

However, enabling direct Internet access (DIA) at branch offices also forfeits the inherent threat protection that traffic routed through the data center provides. The enterprise-level risks that branch offices face with BYOD issues, compliance requirements, and advanced persistent threats require enterprise-level security. According to Gartner’s “Bring Branch Office Network Security Up to the Enterprise Standard”, “By 2016, 30% of advanced targeted threats — up from less than 5% today — will specifically target branch offices as an entry point.”

Cisco FirePOWER Threat Defense for ISR addresses these issues by extending their industry-leading FirePOWER threat protection beyond its traditional network edge and data center deployments out to individual Cisco ISR routers. Read More »

Tags: , , , , , ,