Cisco Blogs


Cisco Blog > Data Center

ITD Deployment with Transparent mode security devices

ITD (Intelligent Traffic Director) is getting a lot of interest about transparent (Layer 2) mode device support.

Here is a 10 minute video that shows step by step ITD deployment for Transparent mode security devices, such as Firewalls, IPS, IDS, Web application Firewalls (WAF), ASA, Cisco Sourcefire, etc:

ITD is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 5k/6k/7k/9k series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed.

Solution Guide: ITD with Layer 2 Firewall / IPS / IDS

Here is more information about ITD: www.cisco.com/go/itd

Please send email to nxos-itd@cisco.com if you have any questions.

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Securing the IoE with OpenAppID

We introduced OpenAppID in early 2014 with the goal of empowering customers and the open source community to control application usage in their network environments. Since then, we have increased our coverage from 1,000 OpenAppID detectors to more than 2,600, and have received valuable feedback from the community on ways to improve the product.

The case of having an open, application-focused detection language and processing module for Snort has attracted the attention of the Internet of Everything (IoE) world. There are countless devices out there using the Internet on their own, varying from a remote IP based camera to an industrial based sensor in which may include some security features on them.

With the combination of OpenAppID and Snort we are giving the capability to the open source community to create their own application-based protocols and classifications, which can be used to Read More »

Tags: , , , , , ,

Government, Trust, & Technology Services, Cisco SourceFire, and Contextual Network Awareness: A Proactive Approach to Security

One of the hardest things for a company to do is to embrace new technology and manage it in line with company policy. At most organizations, users are generally told not to access certain company data on certain devices, but they go around security controls because efficiency and convenience outweigh the risk. Rather than preventing new technology from emerging in the environment, embrace it and understand it, but do so prudently. Read More »

Tags: , , , , , ,

Like Chalk and Cheese: Cisco ASA 5506-X with Release 9.4.1 – Policy Based Routing

Cisco ASA 5506-XEarlier this Year, Cisco introduced the Cisco ASA 5506-X with FirePOWER Services. This Model should replace the successful and smallest Security Solution, the ASA 5505. Designed for the Small Business and a new era of threat and advanced malware protection Cisco ASA with FirePOWER Services delivers an integrated threat defense for the entire attack continuum. BEFORE, DURING and AFTER.

As Desktop version, the Cisco ASA 5506-X builds an easy entry for a:

 

Cisco ASA 5506-X 1

  •  Superior Multilayered Protection
    • Site-to-site and remote access VPN
    • Granular Application Visibility and Control (AVC)
    • Highly effective threat prevention and full contextual awareness
    • Reputation- and category-based URL filtering
    • AMP provides industry-leading breach detection effectiveness
  • Unprecedented Network Visbility
  • Reduced Costs and Complexity security Solution

Read More »

Tags: , , , , , , , , , , , ,

Cisco ASA with FirePOWER Services – How to get infected

On October 7, 2013 Cisco completed the acquisition of Sourcefire. At that time, I recognized this via Twitter and checked out the products on their website. I was excited to see the FirePOWER in action together with a Cisco ASA.

I had a good possibility to join the “ASA with FirePower Services” Workshop in Munich directly at Cisco. A big part of this Training was a Hands-on Lab, where the FirePOWER “Virus” infected me. I was thrilled, about the Cisco ASA with FirePOWER Services and the FireSIGHT Management Center.

This intelligent cyber security solution covers gaps in traditional security solutions. The threat-focused next-generation firewall provides next-generation security capabilities:

Application Visibility and Control (AVC)

Over 3000 Application-Layer and Riskbased controls, that works closely with the IPS to optimize the security.

Next-Generation IPS (NGIPS)

Visibility to detect multivector threats to streamline and automate defense response, Superior threat prevention and mitigation for both known and unknown threats

URL Filtering, and Advanced Malware Protection (AMP)

The comprehensive malware-defeating solution can enable malware detection and blocking, continuous analysis, and retrospective alerting.

Cisco ASA1 Read More »

Tags: , , , , , , , , , , , ,