Cisco Blogs


Cisco Blog > Security

Cisco’s onePK Part 1: Introduction

Exordium

Cisco’s One Platform Kit (onePK) is a fantastic toolkit for building custom applications that interact with your Cisco routers and switches. Using onePK, you can build automation directly into the network and extend all sorts of functionality using Cisco devices. The first in a three-part blog series, this article will introduce onePK to the reader, explain what it is, how it can be useful, and will show how to configure onePK on a router. The second and third installments will walk the reader through a simple security-relevant application using the C API. Important to note is that we’ll be covering the 0.6.0 version of onePK features and service sets. At the time of this writing, the toolkit is still in Controlled Availability and as such, is still in active development, and the API could change before it is released into General Availability. However, even in the face of API evolutionism, this article will provide you with a solid jumping-off point for your plunge into the wondrous world of onePK.

OK, Just What is onePK?

OnePK is a Cisco IOS Software feature and a set of programming libraries enabling an application programmer to build powerful applications that tightly integrate and interact with Cisco devices. onePK is available to you via a well-documented and unified API, currently offered in C and Java with Python in active development. It is currently in pre-release and is available only on request. Details on how to obtain onePK are provided below. Read More »

Tags: , , , , , , , ,

Paradise Just Got a Little Better

When you think of the Caribbean, you may think vacation. But for Curaçao Technology Exchange (CTEX), business thrives in paradise.

Curaçao is growing in importance in the international finance and commerce industry, which is why the island needed the ability to support booming business. Built in a carefully planned location, CTEX chose the island of Curaçao to house the Caribbean’s first—and only—tier IV data center.

The lack of technology in the area has been a hindrance to business. Building this new, top-of-the-line data center will enable world-class collocation, security management, archival, disaster recovery, and managed services—allowing customers to rely on CTEX for high-end IT services in ways previously unattainable in the region.

“The location, connectivity, and laws make Curaçao one of the safest locations in the world to house critical information assets.”

 – Anthony DeLima, Chairman and CEO, CTEX

 Learn more about how Cisco is help CTEX provide bigger and better IT services from the article featured in Unleashing IT: World-class technology services in paradise.

 

Tags: , , , , ,

With the Right Security Policy, BYOD Doesn’t Have to Be a Scary Thing

According the recent report by Cisco’s IBSG Group, the Financial Impact of BYOD, letting employees bring their own devices saves companies money and helps them become more productive. 53 percent of survey participants have raised work productivity through innovative work practices—powered by their devices. Nearly half of all participants preferred BYOD over corporate devices.

The freedom and productivity gains of BYOD are great for employees, but it also creates new priorities for IT—especially for security.  According to the BYOD and Mobility Security Report, security was a top concern for 70 percent of companies surveyed.

Just because employees are working on different devices doesn’t mean IT has to sacrifice security. The first step is in looking beyond the devices and putting together a mobility strategy. Cisco’s own mobility strategy is built around the network, not individual devices. It’s about viewing security as a way to allow individuals to work their way. Read More »

Tags: , , , , , ,

Plesk 0-Day Targets Web Servers

June 5, 2013 at 1:24 pm PST

Update 6/6/2013:

We’re seeing reports of exploitation of this vulnerability. We can confirm Global Correlation - Network Participation telemetry is seeing multiple exploitation attempts across many customers. Customers who participate in Global Correlation -- Inspection have a higher chance of this signature blocking in the default configuration since the sensor will take the reputation of an attacker into account during the risk rating evaluation. One of the reports mentioned the use of an IRC-based botnet as a payload for a large number of compromised machines. Since this report is similar to one I previously blogged about, I examined the IRC payloads in depth. Many of the variable names and functions are identical, with the new bot’s source code indicating that it is a later revision of the one we saw previously. Additional features have been added in this revision, which can allow the bots to transfer files directly to other bots via the command and control channel. Given the nature of this vulnerability and the ease of exploitation, it is very likely that unpatched machines will continue to be compromised if not remediated.

A 0-day vulnerability has been publicly posted which affects older versions of the Parallels Plesk software. The author of the exploit included an informational text file, which appears to indicate public servers have already been exploited. This vulnerability does not affect the latest major version of the software; nevertheless we expect to see widespread exploitation, due to the age of the affected versions — sites still running these versions of Plesk, which should enter End of Life of June 9, are unlikely to be regularly maintained.

plesk_2_1  Read More »

Tags: , , , ,

Why I love working trade shows like Microsoft TechEd for Cisco

June 5, 2013 at 7:19 am PST

I have lost count of the number of trade shows I’ve worked over my career. But working trade shows for Cisco over the past 14 months has been a uniquely positive experience. Microsoft TechEd North America 2013 makes my 5th show evangelizing Cisco UCS and our solutions.

I have been able to have long (sometimes up to 45 minutes) conversations with potential customers who have heard about UCS and want to learn more. Their reactions on how Cisco does it differently from others in the industry is an eye-opener for them – whether it the technology or the economics of the solution. They all walk away saying they are going to have to dig deeper into our solutions and contact their account team / partner.

It has become almost embarrassing the amount of praise our current customers heap on us when they come by the booth. Embarrassing because I’m just a very small part of what makes UCS successful; Cisco has a very strong team behind UCS and I wish they all could hear the great things the customers are saying about their experiences.

There are still two days left to stop by the Cisco booth and learn about:

  • UCS
  • UCS Solutions FlexPod, VSPEX, Exchange, SQL Server
  • UCS Manager
  • Nexus 1000V
  • VM FEX
  • Cisco Email Security

CiscoUCS_MSTechEd_Small

Tags: , , , , , , , , ,