Cisco Blogs

Cisco Blog > Security

Vectoring to a New Mission

A couple of weeks ago, I announced a new name and a new mission for the group I lead at Cisco. I’ll do my best to minimize reader exposure to boring administrative details, but the long and the short of it is that the former Cisco Global Government Solutions Group (GGSG) has become the Cisco Threat Response, Intelligence, and Development (TRIAD) organization.

Any organizational name change is only a label placed on more fundamental transformations in missions, strategies, and desired outcomes. While the new organization will continue to serve government customers, the time has come to mobilize the expertise we have built up over the years to help critical infrastructure and enterprise customers strengthen their abilities to deliver IT-based services and value with minimal disturbance from unauthorized sources.

Vectoring the organization’s mission to threat is the key to understanding what TRIAD is all about. Through our work with Cisco customers, observation and analysis of phenomena visible in Cisco and customer networks, and application of innovative thinking about security practices and processes, we see enormous potential for developing and delivering threat-focused approaches to cyber security into products, services, and solutions. Read More »

Tags: , , , , , , ,

Compliance versus Security

Rogue access points and unauthorized access, DDoS or penetration attacks, evil twin attacks – all mobile security issues that can keep you awake at night. But do you know the difference between compliance and enterprise security? Being compliant is not synonymous with being secure, that’s why our webcast on April 16, is focused on how to bridge the gap between PCI compliance and security to minimize the impact of an attack.

Read More »

Tags: , , , , , , , , , , , , , , , , , , , ,

Tips and Tricks: Nmap is still relevant

Anecdotally, it would take about a week for a single machine to ping sweep the Internet. That would be approximately 4 billion IP addresses, essentially the whole Internet. In theory, this includes every single military address, every single ISP, every home user, and every mobile device. Such a port sweep does not include all options, UDP, and Nmap Scripts, as that would take too long. But what if I want to run the same scan to my home IPv6 range? It will have a /64 allocated to it, or about 18 quintillion addresses. Let’s compare a sweep of the entire Internet with my home IPv6 range:

  • The Internet: 2^32 = 4,294,967,296 [1]
  • The home range from my ISP: 2^64 = 18,446,744,073,709,551,616 [2]

A stark difference! So, how will I scan this? Is that just one network? I am Moses Hernandez, and this is one of my tips and tricks in this series. This post is about the venerable Nmap. Read More »

Tags: , , ,

Cisco ASA Family receives FIPS 140-2 Certification!

The Global Certification Team is proud to announce the FIPS 140-2 crypto certification of the Cisco Adaptive Security Appliance (ASA) family.  This certification covered the following models: Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances.  The ASA’s were evaluated at level 2 and earned FIPS certificate #1932 on software version

The Cisco ASA 5500 Series helps organizations to balance security with productivity. It combines the industry’s most deployed stateful inspection firewall with comprehensive next-generation network security services.  More information on the Cisco ASA family can be found on!

Get up to the minute updates on Cisco product certifications from the official Cisco Global Certification Team twitter, @CiscoCertTeam!

FIPS-140 is a US and Canadian government standard that specifies security requirements for cryptographic modules. A cryptographic module is defined as “the set of hardware, software, and/or firmware that implements approved security functions (including cryptographic algorithms and key generation) and is contained within the cryptographic boundary.” The cryptographic module is what is being validated.

Tags: , , , , , , , , , , , , , , ,

Listen Up! Spotlight on NSA Show & Cisco Podcast Series

As some of you already know, we’ve teamed up with the popular wireless networking podcast “No Strings Attached” to release a mobility podcast series. We’ve recorded 6 podcasts, and counting!

Stay tuned for future podcasts!

Any Cisco wireless technologies you want to learn more about? Let us know on our community.

Tags: , , , , , , , , , , , , , , , , , , , ,