We are in the middle of several major market trends and transitions, including mobility, cloud and virtualization. Security is at the center of these massive transitions, and our customers tell us that they want simplicity and seamlessly integrated solutions for their network architectures. These industry disruptions require new thinking to create innovative technological solutions that will solve our customers’ biggest problems.
Enter Bret Hartman.
Bret has joined Cisco as the new Chief Technology Officer (CTO) for the Security Technology Group, which encompasses all of Cisco’s core security products. For Cisco, Bret will define our overall security technology strategy, particularly as it relates to how security technology integrates across the network infrastructure. Ensuring that our strategy transitions into value-added customer solutions will be critical as we move to an integrated security architecture that leverages the network.
Read More »
Tags: bret hartman, chief technology officer, Chris Young, cloud, cto, EMC, RSA, security, virtualization
Data sheet performance numbers are often used to make purchasing and deployment decisions for network devices. This is true for Intrusion Prevention Systems (IPS) as well. However, the nature of IPS is such that performance can vary greatly based on multiple factors, including the traffic mix seen at the IPS, signature tuning, and the software version in use. As a result, basing an IPS deployment purely on data sheet numbers is difficult. Cisco has demystified data sheet performance metrics for its IPS 4500 and IPS 4300 products via a detailed technical paper that walks the reader through each performance number.
Read More »
Tags: IPS, IPS performance, security
In the spirit of National Cyber Security Awareness Month (NCSAM) I offer up a recent tale of intrigue and mystery from an ongoing Cisco Security Research project…
One of Cisco Security Research and Operation’s ongoing projects is to oversee a massive infrastructure of several high-volume Internet POPs that send large amounts of network traffic into one of our research labs. We are collecting NetFlow and packet dumps from a geographically distributed sensor network. These pcap files each contain several million packets, but due to a configuration error in the packet capture process, there was some amount of packet duplication. This short blog article will talk about why the duplication happened, how we prevented it from reoccurring, and a unique solution that was employed to remove the duplicate packets from all of the affected pcap files. Read More »
Tags: cyber-security-month-2012, data telemetry, security
The past few weeks have had many on heightened alert from the initial threats to the ongoing attacks surrounding U.S.-based financial institutions; to say folks have been busy would be quite the understatement.
These events spawned a collaborative effort throughout the Cisco Security Intelligence Operations (Cisco SIO) organization, as depicted in the diagram below.
* Note: As Cisco products have not been found to be vulnerable to these attacks the Cisco PSIRT (Product Security Incident Response Team) provides feedback and peer-review, hence the reason that no Cisco Security Advisory (SA) is present for this activity.
Read More »
Tags: Attack, Cisco Security, DDoS, dns, DNS Server, intellishield, IPS, security, Security Intelligence Operations (SIO), targeted attacks
The security community at Cisco is very diverse. It extends beyond the typical researcher or analyst roles to include customer-facing engineers and marketing, public relations, and legal teams. The community is comprised of individuals with greatly varied backgrounds, skill sets, and charters and contains a wealth of knowledge on just about any topic. This diversity allows Cisco Security Intelligence Operations to understand and react appropriately to today’s threats as well as those that we may face in the future.
If we think about security intelligence—which I define as raw information enhanced through correlation, processing or perspective—having an established variety of inputs is key. Our people are certainly one of those inputs.
The trick, however, is utilizing that diversity in such a way that you can create consistent and predictable outputs that can be easily absorbed and acted on.
Read More »
Tags: cyber security month, cyber-security-month-2012, National Cyper Security Awareness Month, security