What an incredible time to be in Information Technology! Look at what has been transforming right before our very eyes in just the past two years. Exciting? Yes! Humbling? Yes! Scary? Absolutely…
While we are engrossed in watching these new technologies slowly become part of our everyday environment, we are constantly reminded that there is a dark side to all of this that, at times, we often brush aside as we intone, “It can’t happen here, not to us!”
Read More »
Tags: cyber-security-month-2012, security
No software is immune to security vulnerabilities. The time between the discovery and disclosure of security vulnerabilities and the availability of an exploit is getting shorter. This imposes pressures on network security professionals and information technology (IT) managers to quickly respond to security vulnerabilities or apply mitigation in their network. Many organizations are struggling to keep up-to-date with the constant release of new vulnerabilities and software fixes. At the same time, they are under pressure to provide near 100% availability of key business services and systems.
Note: Cisco has a very robust vulnerability management process. This process is described in detail at Cisco’s Security Vulnerability Policy. The Cisco Product Security Incident Response Team (PSIRT) manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks.
As an example, every time Cisco discloses a security vulnerability for Cisco IOS Software (or any given product), network security administrators have to identify affected devices and (in numerous cases) upgrade such devices. These activities can take hours, days, or even weeks depending on the size of the organization. For instance large enterprises and organizations may have thousands of routers and switches that need to be assessed for the impact of any given vulnerability.
Read More »
Tags: automation, OVAL, psirt, security
Recently I was working on reverse engineering a 16-bit MS-DOS binary to better understand a network transport protocol used for modem communication in some software I was looking at. I was using the IDA Pro tool for this purpose.
However, to my dismay, after looking at the string table and finding a string that seemed relevant to the particular section of code which I was interested in, I noticed that none of the strings in the string table contained cross reference information, and I was therefore unable to easily jump to the instructions in which it was used.
Upon further analysis, I determined that the reason the cross reference information for the strings in the table was not populated is because the strings resided in the data segment and referenced using the ds segment register.
Read More »
As a quick reminder , to participate to this 6 weeks challenge and have a chance to win every week a new iPAD , you want to visit our Facebook page. The questions are submitted on Sunday midnight PST, and answers have to be provided not later than Friday 12:00PM PST. Participation is easy and fun and allow you to collect points to compete for the highest IQ score. This best Unified Data Center “brain” will be the winner of the Grand Prize (valued US $2000). Every week-end (Friday noon to Sunday) you can answer bonus questions, which give you additional points to catch up for the Grand Prize.
The winner of week 2 (questions about Cisco Open Networking Environment
) was Mohamed Fawzy Saleh
who won a new iPAD. Mohamed is a student, very passionate by network technologies . Congratulations Mohamed!
From my point of view , one of the best quality of the high tech population is the thirst to keep learning in a fast changing and demanding environment . One of the intention of this challenge (game?) is to suggest every week questions to stimulate your curiosity.
My ask this week for you as we are moving to the next bonus questions for this weekend (Security -- See below) and week 4 (Virtualization) of the challenge is to tell us what you think about the set of questions. Did you learn? Did you find the questions interesting ? Just as a reminder, and for the new participants, here are the topics we covered so far.
Read More »
Tags: Cisco, data center, security, Unified Data Center, Unified iQ, unified management, virtualization
Early this week, there was much buzz and speculation about how Cisco and Citrix will be doing business differently. The news was finally unveiled at Mark Templeton’s keynote, when he introduced Cisco CTO, Padmasree Warrior, and they jointly announced the expansion to the two companies’ current partnership on three strategic areas: cloud networking, cloud orchestration and mobile workstyles. Details are outlined in this press release.
Read More »
Tags: Application Visibility and Control, ASA V9, AVC, Cisco, citrix, Citrix Synergy, cloud, enterprise networks, NetScaler, security, VXI Smart Solution, waas, WAN Optimization, xendesktop