Cisco Blogs

Cisco Blog > Security

Continuing Our Legacy: Cisco Leads in Security Effectiveness

Last week we announced the availability of Cisco ASA with FirePOWER Services, which represents the industry’s first threat-focused next-generation firewall (NGFW). This offering addresses threats across the full attack continuum anytime and anywhere a threat may manifest.

Today NSS Labs released the final reports from its 2014 comparative NGFW testing, focusing on security effectiveness, total cost of ownership (TCO), performance and management. Classic FirePOWER appliances, such as the FirePOWER 8350 and the new Cisco ASA with FirePOWER Services, were included and scored equally well in testing, specifically in security efficacy.

If you have been following the Cisco security strategy then our results will not be a huge surprise to you. And, if you haven’t been following, then these results are going to be of great interest. In less than one year after the acquisition closed we have integrated leading next-generation IPS (NGIPS) and Advanced Malware Protection (AMP) into the Cisco ASA product line, and achieved this integration without compromising performance and continuing to innovate and focus on what matters: stopping threats. The below NSS Labs Security Value Map (SVM) visually depicts the results of this testing and includes Cisco ASA with FirePOWER Services and the classic FirePOWER 8350 appliance. All achieve top marks for security – the same position that FirePOWER appliances have always enjoyed.

NSS NGFW SVM Edition 3 Graphic

Since the inception of Sourcefire, the focus has always been on providing the most effective security in the market. Cisco continues this focus on improving coverage, decreasing customer exposure, providing unmatched visibility, and empowering customers to protect your networks and customize that protection to match your infrastructure, applications, and risks. We go further in creating the best management capabilities available and deliver the combination through our purpose-built solutions designed for enterprise networks. We believe the combined platforms provide the best overall flexibility, coverage, value, and reliability there is.

We are proud to have our products lead the SVM for security effectiveness and we’ll continue to commit to maintaining our leadership by providing our customers the best protection possible in as many ways as possible. If you have not seen them already you can download copies of the reports for the Cisco ASA with FirePOWER Services and the FirePOWER 8350.

Tags: , , , ,

Unlock The Value of Big Data with Cisco Unified Computing System

Big Data is not just about gathering tons of data, the digital exhaust from the internet, social media, and customer records.  The real value is in being able to analyze the data to gain a desired business outcome.  

Screen Shot 2014-09-21 at 8.18.12 PMThose of us who follow the Big Data market closely never lack for something new to talk about. There is always a story about how a business is using Big Data in a different way or about some new breakthrough that has been achieved in the expansive big data ecosystem. The good news for all of us is, we have clearly only scratched the surface of the Big Data opportunity!

With the increasing momentum of the Internet of Everything (IoE) market transition, there will be 50 billion devices connected to the Internet by 2020—just five years from now. As billions of new people, processes, and things become connected, each connection will become a source of potentially powerful data to businesses and the public sector.  Organizations who can unlock the intelligence in this data can create new sources of competitive advantage, not just from more data but from better access to better data.

What we haven’t heard about – yet—are examples of enterprises that are applying the power of this data pervasively in their organizations:  giving them a competitive edge in marketing, supply chain, manufacturing, human resources, customer support, and many more departments. The enterprise that can apply the power of Big Data throughout their organization can create multiple and simultaneous sources of ongoing innovation—each one a constantly renewable or perpetual competitive edge. Looking forward, the companies that can accomplish this will be the ones setting the pace for the competition to follow.

Cisco has been working on making this vision of pervasive use of Big Data within enterprises a reality. We’d like to share this vision with you in an upcoming blog series and executive Webcast entitled, ‘Unlock Your Competitive Edge with Cisco Big Data Solutions’, that will air on October 21st at 9:00 AM PT.

Register Now



I have the honor of kicking off the multi-part blog series today. Each blog will focus on a specific Cisco solution our customers can utilize to unlock the power of their big data – enterprise-wide-- to deliver a competitive edge to our customers.  I’m going to start the discussion by highlighting the infrastructure implications for Big Data in the internet of Everything (IoE) era and focus on Cisco Unified Computing System initially.

Enterprises who want to make strategic use of data throughout their organizations will need to take advantage of the power of all types of data. As IoE increasingly takes root, organizations will be able to access data from virtually anywhere in their value chain. No longer restricted to small sets of structured, historical data, they’ll have more comprehensive and even real-time data including video surveillance information,  social media output, and sensor data that allow them to monitor behavior, performance, and preferences. These are just a few examples, but they underscore the fact that not all data is created equally. Real-time data coming in from a sensor may only be valuable for minutes, or even seconds – so it is critical to be able to act on that intelligence as quickly as possible. From an infrastructure standpoint, that means enterprises must be able to connect the computing resource as closely as possible to the many sources and users of data. At the same time, historical data will also continue to be critical to Big Data analytics.

Cisco UCS Common Platform Architecture for Big Data from Cisco Data Center

Cisco encourages our customers to take a long-term view—and select a Big Data infrastructure that is distributed, and designed for high scalability, management automation, outstanding performance, low TCO, and the comprehensive, security approach needed for the IoE era. And that infrastructure must be open—because there is tremendous innovation going on in this industry, and enterprises will want to be able to take full advantage of it.

Cisco UCS for Big DataOne of the foundational elements of our Big Data infrastructure is the Cisco Unified Computing System (UCS).  UCS integrated infrastructure uniquely combines server, network and storage access and has recently claimed the #1, x86 blade server market share position in the Americas. It’s this same innovation that propelled us to the leading blade market share position that we are directly applying to Big Data workloads.  With its highly efficient infrastructure, UCS lets enterprises manage up to 10,000 UCS servers as if they were a single pool of resources, so they can support the largest data clusters.

UCS Mini

Because enterprises will ultimately need to be able to capture intelligence from both data at rest in the data center and data at the edge of the network, Cisco’s broad portfolio of UCS systems gives our customers the flexibility to process data where it makes the most sense. For instance, our UCS 240 rack system has been extremely popular for Hadoop-based Big Data deployments at the data center core. And Cisco’s recently introduced UCS Mini is designed to process data at the edge of the network.

Because the entire UCS portfolio utilizes the same unified architecture, enterprises can choose the right compute configuration for the workload, with the advantage of being able to use the same powerful management and orchestration tools to speed deployment, maximize availability, and significantly lower your operating expenses.  Being able to leverage UCS Manager and Service Profiles, Unified Fabric and SingleConnect Technology, our Virtual interface card technology, and industry leading performance really set Cisco apart from our competition.

So, please consider this just an introduction to the first component of Cisco’s “bigger”, big data story. To hear more, please make plans to attend our upcoming webcast entitled,  ‘Unlock Your Competitive Edge With Cisco Big Data Solutions’ on October 21st.  

Register Now

Every Tuesday and Thursday from now until October 21st, we’ll post another blog in the series to provide you with additional details of Cisco’s full line of products, solutions and services.

View additional blogs in the series:

     9/25:    Unlock Big Data with Breakthroughs in Management Automation

     9/30:    Turbocharging New Hadoop Workloads with Application Centric Infrastructure

     10/2:    Enable Automated Big Data Workloads with Cisco Tidal Enterprise Scheduler

     10/7:    To Succeed with Big Data, Enterprises Must Drop an IT-Centric Mindset: Securing IoT Networks Requires New Thinking

     10/9:    Aligning Solutions to meet our Customers’ Data Challenges

    10/14:   Analytics for an IoE World

Please let me know if you have any comments or questions, or via Twitter at @CicconeScott.







Tags: , , , , , , , , , , , , , , , , , , , ,

Part 1: Why Is Enabling Only Authorized Users So Complex?

In the past, a critical component of preventing threats was understanding and controlling network access and access to network resources based on role, while also denying access for unauthorized users and devices.

However, assuring this secure network access has been increasingly difficult due to:

  • Complexity in understanding more than just who, but how, by what, when and from where users and devices attempt to access network resources
  • Complexity in connecting authorized users to needed services with the explosion of both on premise and remote devices used by a single user
  • Complexity in evolving network architectures where networks have become more “flat” and difficult to manage from a security standpoint
  • Complexity in unifying the number of disparate security systems that need to be configured, managed and visualized

These various aspects of security complexity challenge security practitioners with delivering the right services and purchasing the right solutions to not just handle the complexity, but also reduce it. However, when we take a look at IT security spending, where does the majority of investment go and where do most vendors siphon their money to and why?

If you look across the entire attack continuum, there are three phases that people need to focus on when dealing with threats and attacks: before an attack happens, during the time it is in progress, and even after the damage is done. To properly protect against threats in all stages, organizations need to reinvestigate their security to gain visibility and control across these three phases in order to truly reduce risk.

Read More »

Tags: , ,

Cloudburst: iOS 8 Generates 50% Increase in Network Traffic

Many network engineers recall the iOS7 update on September 18, 2013 as one of the most historic download days of their network’s history. All the more reason for us in the wireless world who anxiously anticipated the September 17 release of iOS8.

We asked a few of our customers to monitor the effect of the software release on their networks and the results for the first two days are in. Those in the education and healthcare space in particular are filled with early adopters of WiFi technology and devices, and eager to get their hands on the latest updates.

Joe Rogers, Associate Network Director at the University of South Florida shared this picture with us from 1pm September 17th, showing 1 Gbps more traffic than he would normally see at this time of day:


Another customer, Greg Sawyer, Manager of Infrastructure Services, shared this picture of the iOS8 effect on his network at the UNSW Australia.


He noted that his experience handling the release this year felt smoother than last year, despite the new peak internet download of 4.65 Gbps and 21Tb downloaded for the day! Not too surprising when considering that there were 27,000 concurrent connections on the wireless network and approximately 60% of those being Apple devices.

How should organizations be considering and handling these network spikes? I sat down with Cisco technical leaders Matt MacPherson and Chris Spain (@Spain_Chris) to get some insight on the effect of big updates like iOS8 on the wireless network. Here are some of the highlights of what we discussed:

The World We Live In

The truth is, more and more services are being moved to the cloud—a cloud that will push updates to millions & in the future billions of users and devices on our networks. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected

This post was authored by Armin Pelkmann.

On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like,,, and 70 other domains. As it turns out, this was just the tip of the iceberg. Ongoing research now reveals the real size of the attackers’ network is 9 times larger than reported in our first blog. For more details, read the Kyle and Stan Blog.

The infographic below illustrates how much more of the malvertisement network was uncovered in comparison to our first assessment. We have now isolated 6491 domains sharing the same infrastructure. This is over 9 times the previously mentioned 703 domains.  We have observed and analyzed 31151 connections made to these domains. This equals over 3 times the amount of connections previously observed. The increase in connections is most likely not proportional to the domains due to the fact that a long time that has passed since the initial attacks.


The discovery difference from the previous blog to this one in raw numbers. With more than 3-times the now observed connections and over 9-times the revealed malicious domains, this malvertising network is of unusually massive proportions.

Read More »

Tags: , , , , , , , , , , , , , , , , , ,