2013 - Page 13 of 232

December 3, 2013 Leave a Comment

Securing Critical Internet Infrastructure: an RPKI case study in Ecuador

Securing the Critical Internet Infrastructure is an ongoing challenge for operators that require collaboration across administrative boundaries. A lot of attention has been given in recent years to securing the Domain Name System through a technology called DNSSEC. However, in the last couple of years, the attention has shifted to the security of the Internet routing system and the best practices adopted by network operators around the globe in this area. The main questions these efforts are trying to answer are: is your network authorised to use resources such as IP addresses? Do my packets travel through the advertised path or are diverted on their way? These problem statements may sound too technical for the audience but in reality they can quickly be converted in real business impact. Unauthorised claiming of network resources are proven to cause downtime not only for one web server but to complete networks. Particularly, imagine a phishing attack where the IP address, the domain name and the TLS certificate are legitimate but you just interacting with the wrong network. The hijack of IP addresses is normally due to bad operational practices (basically miss-configurations that leak to the global Internet) but it is also suspicious of playing a role in SPAM and other sensitive areas in security.

The global inter-domain routing infrastructure depends on Continue reading “Securing Critical Internet Infrastructure: an RPKI case study in Ecuador”

Roque Gagliano

Technical Leader

Corporate Technology Group (CTG)

Cisco: Your Strategic Cloud Partner

Joann Starke

Cisco’s cloud software is a hot topic. First Cisco UCS Director was voted the SVC award winner for best virtualization management software. Then Forrester released a new Private Cloud Wave and both Cisco Intelligent Automation for Cloud (IAC) and UCS Director combined garnered Cisco the highest ranking for cloud vision and strategy as well as a top three ranking for currently shipping product. Customer input was behind this success.
Continue reading “Cisco: Your Strategic Cloud Partner”

Joann Starke

No Longer with Cisco

1 Comment

Operational Security Intelligence

Jeff Bollinger

Security intelligence, threat intelligence, cyber threat intelligence, or “intel” for short is a popular topic these days in the Infosec world. It seems everyone has a feed of “bad” IP addresses and hostnames they want to sell you, or share. This is an encouraging trend in that it indicates the security industry is attempting to work together to defend against known and upcoming threats. Many services like Team Cymru, ShadowServer, ThreatExpert, Clean MX, and Malware Domain List offer lists of known command and control servers, dangerous URIs, or lists of hosts in your ASN that have been checking-in with known malicious hosts. This is essentially outsourced or assisted incident detection. You can leverage these feeds to let you know what problems you already have on your network, and to prepare for future incidents. This can be very helpful, especially for organizations with no computer security incident response teams (CSIRT) or an under-resourced security or IT operations group.

There are also commercial feeds which range anywhere from basic notifications to full-blown managed security solution. Government agencies and industry specific organizations also provide feeds targeted towards specific actors and threats. Many security information and event management systems (SIEMs) offer built-in feed subscriptions available only to their platform. The field of threat intelligence services is an ever-growing one, offering options from open source and free, to commercial and classified. Full disclosure: Cisco is also in the threat intelligence business

However the intent of this article is not to convince you that one feed is better than another, or to help you select the right feed for your organization. There are too many factors to consider, and the primary intention of this post is to make you ask yourself, “I have a threat intelligence feed, now what?” Continue reading “Operational Security Intelligence”

Jeff Bollinger

CSIRT Manager

Infosec CSIRT

2 Comments

Where’s Our Grace?

Catherine Pitt

Every year in Scottsdale, Arizona, there’s a unique Information Security conference created by Joyce Brocaglia at ALTA, supported by a who’s who of InfoSec companies like Cisco, RSA, and Symantec, and attended by hundreds of some of the brightest people I’ve ever met. It’s no coincidence that they are all women because this is the Executive Women’s Forum (EWF) and always a highlight of my year.

A special treat for me this year was the presentation by Edna Conway, CISO for Cisco System’s supply chain and, as it turns out, a brilliant and inspiring woman.

A few weeks earlier, after reading that Edna was to be a keynote speaker at the event, I sent her an email just to introduce myself, say “hello,” and let her know that I looked forward to hearing her presentation. Not what I expected, Edna responded with a warm welcome for me to Cisco (yup—I’m a Cisco newbie after almost 30 years with HP!) and said that she was looking forward to getting some help from me on her current focus: securing Cisco’s supply chain. Great! Love to help, let’s keep in touch. However, when she presented to the EWF audience the strategy that she’d already developed and implemented, I was humbled by what an amazingly thorough job she’d done. The other women in the audience recognized the value in her strategy as well, as they lined up to speak with her after her address, and to ask for her help at their own companies. I saw the undeniable admiration in the eyes of these successful women executives—and those aspiring to be successful women executives—and something remarkable occurred to me. Continue reading “Where’s Our Grace?”

Catherine Pitt

Customer Solutions Director

Security

Megatrends: Does the network care about the application?

Eric Marin

With several key applications moving to the clouds, how do our customers ensure application performance? What if they deploy for instance Public or Private Hosted solutions or hybrid WAN, how do they ensure application experience?

Today, we all see more and more new delivery models such as Private Cloud, Hybrid Cloud or Public Cloud, new Hybrid WAN deployment replacing or complementing MPLS by internet link to reduce cost and enhancing application delivery, Audio and Video applications deployed in enterprise, applications going HTTP or HTTPS making them more complex to detect.

How does the network play a critical role in the application experience that enterprises need to provide today to their users? How can you rely on the network to provide enough agility, flexibility and control with so much new applications, deployment models and delivery methods.

Enterprise today need to be able to rely on the network as well to handle all those new challenges. IT organizations need the ability to identify, monitor applications running on the network, define policies and better control and classify those applications, to provide the best end user experience, and keep up with new request growth but without having to replace all the actual infrastructure. Continue reading “Megatrends: Does the network care about the application?”

Eric Marin

CTO

Borderless Network Architecture, EMEAR

8 Comments

“Feliz Natal” – Bank Theft by Proxy.

Martin Lee

Proxy auto-config or PAC files are commonly used by IT departments to update browser settings so that internet traffic passes through the corporate web gateway. The ability to redirect web traffic to malicious proxy servers is particularly attractive for malicious actors since it gives them a method of intercepting and modifying traffic to and from websites from which they can gain financially.

Malicious PAC files have been described since 2005 [1], but this obfuscated example contains a timely festive message. The Portuguese phrase for “Happy Christmas”, “Feliz Natal” is used to encode the IP address of the malicious proxy, 199.188.72.87.
Continue reading ““Feliz Natal” – Bank Theft by Proxy.”

Martin Lee

EMEA Lead, Strategic Planning & Communications

Cisco Talos

SecCon 2013: Global and Local

Chris Romeo

SecCon is our internal security conference, which for the past five years has taken place live in San Jose. Many industry recognized experts over the years have graced the stage, and the security community at Cisco looks forward to each December where we gather together to network and learn about the new threats that face our products. In past years, remote sites around the globe were linked into San Jose, sharing part of the speaker line-up and also giving local security people at remote sites the ability to speak to a local audience. In 2013, for the first time ever, SecCon events were hosted in remote locations.

The goal of these events is twofold: first, to provide high-quality, topical security education to those people responsible for building our products, and second, to growthe security community amongst our engineering population. We believe that security must be part of everyone’s job description at Cisco. We are all part of the security solution, and we use these SecCon events to band together. Continue reading “SecCon 2013: Global and Local”

Chris Romeo

Chief Security Advocate

Cisco Secure Development Lifecycle (CSDL) program

November 29, 2013 1 Comment

Cisco expands the SAP Competency Center in Walldorf in a big way

Jim McHugh

The Cisco SAP Competency Center expanded its presence at the SAP Partner Port in Walldorf Germany on November 11, 2013.

Watch the video of Padmasree Warrior, Senior Vice President and Chief Technology Officer for Cisco and Vishal Sikka, CTO and Executive Board Member for SAP as they welcome those that attended the opening of the Competency Center and talk about the Cisco/SAP relationship as is matures and about the exciting solutions we have already established together and about the upcoming solutions that we are engineering.

The expanded Competency Center will house Cisco pre-sales, benchmark and performance testing and certification engineers. The performance and certification tests are all running on the Cisco Unified Computing System (UCS) server platform using the Intel x86 Xeon chip set. These tests are integrated with the latest storage solution vendors such as EMC and NetApp.

Cisco specialists in the Center are connected with their SAP counterparts to provide the optimal service, support, and solutions to joint customers. In addition this Competency Center is equipped with hardware and software so that customers may bring their data into the Cisco Competency Center and test their data in a Proof of Concept setting.

Our Competency Center covers a very wide list of solutions including SAP HANA, HANA Enterprise Cloud, Suite on HANA, SAP on Vblock, SAP on FlexPod, Precision Marketing, and Sybase ASE.

The Cisco SAP Competency Center will also be used for specific customer briefings as required.

Cisco continues to find additional way to service SAP customers whether on premise or cloud. The expansion of this Competency Center is another way to show customers that Cisco is investing in providing quality solutions to those customers who have made the decision to select the Cisco UCS platform for SAP.

For more information on the Cisco SAP partnership and solutions visit our website
http://www.cisco.com/go/sap

Authors

Technical Leader

Corporate Technology Group (CTG)

Authors

No Longer with Cisco

Authors

CSIRT Manager

Infosec CSIRT

Authors

Chief Technology & Strategy Officer

Authors

Customer Solutions Director

Security

Authors

CTO

Borderless Network Architecture, EMEAR

Authors

EMEA Lead, Strategic Planning & Communications

Cisco Talos

Authors

Chief Security Advocate

Cisco Secure Development Lifecycle (CSDL) program

Authors

Vice President, Product and Solutions Marketing

Unified Computing Systems

CONNECT WITH US