I pulled some workshop hosting duty trying to fill Jimmy Ray’s big orange shoes this morning. The subject is a great one -- Intrusion Prevention in the Data Center with an incredibly sharp engineer, Stijn Vanveerdeghem. Stijn is one of those crazy smart security guys down in Austin, TX as he works with a bunch of old friends from the team of IDS experts we have there.
So much emphasis on the data center these days for obvious reasons and it makes sense that anytime we consolidate something valuable -- there is going to be an increase in creativity for how to get to it when your not supposed to.
We do these workshops as part of our TechWiseTV shows for their interactivity and the difference in the depth we can achieve. A number of references were made as to other resources, shows we have done as well as published papers and studies. I have included all the links we brought up below.
If you missed Stijn’s presentation or would like to go back and take better notes -- you can get to it at the same link you used to originally register OR I also highly recommend you bookmark ciscoworkshops.com
TechWiseTV Episodes referenced:
Couple of notable segments within this show worth looking at here:
Episode 15, Firewall Reinvention with the ASA CX, is a good show throughout -- only one segment I will call out as a favorite however, a Master Class Jimmy Ray did on ‘Forensic Analysis.’ The differences between network device versus traditional computer forensics and network forensics best practices, why routers and firewalls aren’t the smoking gun, and how the Cisco Router Analysis Tool can help with your networking.
Couple of good pointers Scott Simkin lays out in his support of our workshop today -- thank you Scott.
Performance of the Cisco IPS 4300 and 4500 (Whitepaper, .PDF)
Global Correlation on Cisco IPS Sensors (Whitepaper, PDF)
IPS Tech Tips – Protecting Industrial Environments:
Cisco IPS Go page: http://cisco.com/go/ips
Thanks for watching!
Data Centers are going through a rapid evolution due to industry trends of virtualization, cloud computing and bring your own device (BYOD) initiatives, putting an even greater strain on IT resources to secure the data, applications and access critical to the success of the business. Today’s data center must be secure and resilient to keep the enterprise running at maximum productivity; protecting its profitability and reputation.
The modern enterprise runs a wide array of commercial and customized applications, and the data within those applications is exactly what attackers are targeting. Those critical applications and servers within the data center continue to be the subject of targeted attacks and sophisticated malware. The 2012 Verizon Data Breach Report highlights that attacks against servers accounted for 94% of all data compromised last year. Strong security controls and visibility measures must be implemented to protect the integrity of the enterprise data center.
Some of the best conversations happen in private exchanges and I often wish we could all benefit more broadly. This most recent conversation was instructive in and of itself but it also pointed out a level of transparency both Jimmy Ray and I prefer. So hopefully it goes to say -- we welcome your input! We certainly don’t get it right all the time!
Episode 119 featured Next Generation encryption and we mistakenly attributed Great Britain with breaking Enigma. One of our Cisco fans from Warsaw, Bartlomiej (Bartek) Michalowski, sent us a note.