Year: 2015

March 9, 2015 2 Comments
Avatar

Mitigations Available for the DRAM Row Hammer Vulnerability

This blog post was authored by Troy Fridley and Omar Santos of Cisco PSIRT.

On Mar 9 2015, the Project Zero team at Google revealed findings from new research related to the known issue in the DDR3 Memory specification referred to as “Row Hammer”. Row Hammer is an industry-wide issue that has been discussed publicly since (at least) 2012.

The new research by Google shows that these types of errors can be introduced in a predictable manner. A proof-of-concept (POC) exploit that runs on the Linux operating system has been released. Successful exploitation leverages the predictability of these Row Hammer errors to modify memory of an affected device. An authenticated, local attacker with the ability to execute code on the affected system could elevate their privileges to that of a super user or “root” account. This is also known as Ring 0. Programs that run in Ring 0 can modify anything on the affected system. Continue reading “Mitigations Available for the DRAM Row Hammer Vulnerability”

Authors

Avatar

Omar Santos

Distinguished Engineer

Cisco Product Security Incident Response Team (PSIRT) Security Research and Operations

1 Comment
Avatar

OpenStack Podcast #22: Sirish Raghuram

This week the OpenStack Podcast’s guest rockstar was Sirish Raghuram. He’s the co-founder and CEO of Platform9 (www.platform9.com), and he’s also a former long-term VMware employee. From that unique vantage point, he was able to contribute terrific insights about why enterprises haven’t fully embraced the cloud yet and why VMware Integrated OpenStack is probably a net win for the OpenStack community. He also spoke about:

  • Why he founded Platform9
  • What Platform9 provides
  • How containers may change the meaning of PaaS
  • Why 2015 & 2016 will be the turning point for enterprise cloud adoption
  • Why his team uses Ansible for configuration management
  • Who he thinks has done mind-blowing work in the tech world
  • What the current monthly Amazon spending break point is, and how we might bring it down

https://www.youtube.com/watch?v=1yc2-ErDCVo

For a full transcript of the  interview, click read more below.

Continue reading “OpenStack Podcast #22: Sirish Raghuram”

Authors

Avatar

Niki Acosta

OpenStack Evangelist

Leave a Comment
Avatar

eHealth: Bridging the Divide

I’m proud to announce that Cisco and our partners have been awarded the ‘Best Application of Frameworx’ award by TM Forum, through our participation in last year’s Catalyst Program. Demonstrations were held during the TM Forum Live! Digital Disruption 2014 event in San Jose.

For those of you not familiar with this program, it is where service providers, technology suppliers and global enterprises come together to create innovative solutions to common real world problems. Solutions are based on proven TM Forum’s business governance framework referred to as ‘Frameworx’ which employs best practices and standards to enable reliable and scalable service deployments.

The Catalyst program serves as an opportunity not only for collaboration and exchange of ideas among industry leaders and experts, Continue reading “eHealth: Bridging the Divide”

Authors

Avatar

JL Valente

Vice President, Product Management, Enterprise Routing and SD-WAN

Networking Experiences Team

3 Comments
Avatar

State of the Cloud: A Case Study of One Company’s Journey

People often ask me: “Is cloud computing really being adopted?”

Over the years, I’ve talked to large and small companies to find out the state of the art in their particular businesses.  There is much more in both the recently released Cloud Computing: Operation Efficiency  and Cloud Computing: Transformation books, but I’ll give you one example here.

Based in Silicon Valley, this company’s revenue in 2014 was approximately $300 million.

Cloud Example

In 2008, I spoke to this company’s CIO and he shared with me that the cloud services in use were predominately application cloud services, in particular: Oracle On-demand, RightNow (later purchased by Oracle), ADP, and Trovix. In addition, the company was using an operations management cloud service Postini for spam filtering security management.

Continue reading “State of the Cloud: A Case Study of One Company’s Journey”

Authors

Avatar

Timothy Chou

Lecturer at Stanford University

Leave a Comment
Avatar

Partner Voices: Be a Leading Player and Tell Your Customer Story

Welcome back to my “Tell Your Customer Story” series. I hope you enjoyed my previous blog on how Core BTS, a Cisco partner, created a powerful solution for their customer.  The second in this series spotlights Cerium Networks and how they brought a customer’s vision to life.

Innovating for Success

When “it becomes crystal clear that we cannot keep doing things the same way,” what level of technology expertise does it take to help a county overhaul the way it’s been operating for 30 years? According to a county official, that was the problem facing Benton County, Washington. They needed to serve their constituents with a shrinking operating budget.

So Benton County turned to Cerium Networks, a Master Collaboration and Master Security Specialized Partner. The county worked with several vendors over the years, leading to a complex technology environment. Cerium helped streamline their operations. They made sure that the county’s business ran smoothly during the process.

The implementation required a number of Cisco technologies, including a high-speed switching backbone, data center virtualization, unified communications, and Cisco TelePresence. Cerium had the knowledge and experience to handle the project. Continue reading “Partner Voices: Be a Leading Player and Tell Your Customer Story”

Authors

Avatar

Smita Dave

Sr Marketing Manager

Collaboration Solutions Marketing

10 Comments
Avatar

Championing the Case for Contact Center Analytics!

Contact centers have always been awash in data and data crunchers. But based on progress in data science, there is a renewed focus on analytics and how you can use it to differentiate your customer engagement strategy. When competitors offer similar products and use comparable technologies, your customer service strategy can offer meaningful advantage to your brand.

Using analytics appropriately, forward-looking companies can wring every last drop of value from their contact center processes.

Traditionally contact centers have used metrics like Average Hold Time (AHT), First Call Resolution (FCR), Abandon Rate, Occupancy, Adherence to manage the operation.

However, now they want to leverage additional data; what are the upsell opportunity, how much customers will pay; how many items each will buy in a lifetime; and what triggers will make people buy more.

Many contact centers now want to use additional data to answer more strategic questions, such as:  Continue reading “Championing the Case for Contact Center Analytics!”

Authors

Avatar

Ibrahim Malick

No Longer with Cisco

Leave a Comment
Avatar

AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime

Recognizing the critical need for state and local law enforcement agencies to have state-of-the art technologies to effectively fight digital crime, Cisco is creating the AMP Threat Grid for Law Enforcement Program. The program is designed to empower those working to protect our communities from cybercriminals with its dynamic malware analysis and threat intelligence platform.

Computers are central to modern criminal investigations, whether as instruments to commit the crime, as is the case for phishing, hacking, fraud or child exploitation; or as a storage repository for evidence of the crime, which is the case for virtually any crime. In addition, those using computers for criminal activity continue to become more sophisticated, and state and local law enforcement agencies struggle to keep up with their internal computer forensics / digital investigation capabilities. Malware analysis is also a critical part of digital investigations: to prove or disprove a “Trojan Defense” for suspects, wherein the accused rightly or falsely claims a malicious software program conducted the criminal activity and not the user; and to investigate unknown software and suspicious files on the computers of the victims of cybercriminal activity for evidence of the crime.

Continue reading “AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime”

Authors

Avatar

Jessica (Bair) Oppenheimer

Director, Security Operations

Threat Detection & Response

March 6, 2015 Leave a Comment
Avatar

A Farewell to LAM/MPI

LAM/MPI logoWith a little sadness, I note that LAM/MPI was officially retired recently.

LAM/MPI’s hosting provider, Indiana University, made the decision not to renew the lam-mpi.org domain any more.  As of a few weeks ago, LAM/MPI’s web site is no more, and its domain is in the process of expiring.

LAM/MPI was a highly popular implementation of the MPI standard that was initially developed at the Ohio Supercomputing Center, eventually transferred to the University of Notre Dame, and then later finally moved to Indiana University.

Continue reading “A Farewell to LAM/MPI”

Authors

Avatar

Jeff Squyres

The MPI Guy

UCS Platform Software