Security
NAC Survey
The NAC (Network Admission Control) Business Unit is conducting a survey to get information from customers. I would greatly appreciate it if you could take part in this survey, the survey will not take more than 15 minutes to complete.
Click here to access the customer survey: NAC Customer Survey
Any customer that takes the survey will [...]
James Bond: Quantum of Solace - US Only
Ironport invites all US based customers (or any customer that happens to be in the US at the time) to a thrilling discussion of the latest email and Web security threats and how to stop them on Friday November 14, followed by the James Bond, Quantum of Solace premier screening.
Agenda
9 a.m. Arrival
9:30 a.m. IronPort Presentation
10:30 [...]
WPA Wi-Fi encryption is cracked
Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.
The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will show how he was able [...]
Excellent Security Demo’s
Chris Durkin has put together some very nice demo’s focused on many of Cisco’s security portfolio products over at his newest website. These demo’s are very well done and give you a thorough explanation of the products capabilities and interfaces. I would like to personally thank Chris for actually getting around to doing what I [...]
3Nov2008 | Joe Harris | 0 comments | ContinuedASA SNMP OID’s
Ever have a need to find a specific SNMP Object ID on your ASA? Well you could use the Cisco SNMP Object Navigator for the ASA/PIX to locate the information or you could simply enter a command into the CLI. What command are you talking about you might say? I don’t see a command that [...]
23Oct2008 | Joe Harris | 4 comments | ContinuedTool: FirePlotter
FirePlotter shows you the traffic that is flowing through your internet connection - in real-time. FirePlotter is a real-time session monitor or connection monitor for your Cisco ASA firewall. Click to see a 3 minute FirePlotter Demonstration.
FirePlotter provides tabular listings and summary of sessions by Service (HTTP, FTP etc), Destination IP, Source IP and [...]
IPSec pass through Inspection Engine
Instead of permitting ESP and AH through the ASA via the interface ACL, you can permit just ISAKMP (UDP/500) and apply the ipsec-pass-thru inspection to permit the corresponding ESP or AH flow. The IPSec Pass Through application inspection provides convenient traversal of ESP (IP protocol 50) and/or AH (IP protocol 51) traffic associated with an [...]
18Oct2008 | Joe Harris | 3 comments | ContinuedStateful Failover Support of WebVPN Sessions
To ensure that WebVPN and SVC connections reconnect quickly in the event of a failover, enable the security appliance to respond to incoming client TCP packets with the service resetoutside command from global configuration mode:
[no] service resetoutside
This will cause a TCP Reset to be sent from the security appliance that takes over the existing WebVPN [...]
Looking for firewall features for ASA
Have you ever thought of a great feature on the ASA and wanted a way to tell Cisco about that feature but did not feel as though you had any avenue to provide that communication directly to the ASA Business Unit? Well now you do, I am looking for input on compelling firewall features that [...]
16Oct2008 | Joe Harris | 9 comments | ContinuedCisco Response to Microsoft Security Bulletin Release - October
Microsoft published its monthly security bulletin release on October 14, 2008. Eleven bulletins were released that address twenty individual vulnerabilities. Microsoft has rated four bulletins as Critical, six as Important, and one as Moderate. The advisories that address Critical vulnerabilities cover remote code execution flaws in Active Directory, Host Integration Server, Internet Explorer, and Microsoft [...]
15Oct2008 | Joe Harris | 0 comments | ContinuedTool: Cisco VPN Client GUI Error Lookup Tool
The Cisco VPN Client GUI Error Lookup tool is used to list and describe the errors and warning messages that can be produced by the Cisco VPN Client for use by Cisco Technical Support and Engineering Support.
The information provided by this tool enables the Cisco Technical Support engineer to resolve your problem faster and more [...]
Cisco Virtual Office: Cisco on Cisco Case Study
At any given time, one-third or more of Cisco’s global workforce is connected to the corporate network by remote access. Like many enterprises, Cisco gains significant productivity and cost benefits from providing employees with secure, anytime access to the corporate network and other resources.
This security case study describes Cisco IT’s internal deployment of the [...]
Cisco IOS Zone Based Firewall: CME/CUE/GW Single Site or Branch Office with SIP Trunk to CCM at HQ
We have published a new IOS ZBF document on CCO. This document describes design and configuration considerations for firewall security aspects of specific Cisco ISR-based data and voice application scenarios. The configurations for voice services and the firewall are provided for each application scenario. Each scenario describes the VoIP and security configurations separately, followed by [...]
9Oct2008 | Joe Harris | 0 comments | ContinuedIntelliShield Cyber Risk Report
The IntelliShield Cyber Risk Report is a strategic intelligence product that highlights current security activity and mid- to long-range perspectives. The report addresses seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical. The Cyber Risk Reports are a result of collaborative efforts, information sharing, and collective security expertise of senior analysts [...]
2Oct2008 | Joe Harris | 0 comments | ContinuedControl Plane ACL Limiting
I knew it was only a matter of time but for a while I have been pushing to get rid of the ‘to-the-box’ access controls on the ASA with individual commands and replace them with a control-plane interface just like IOS routers have and in 8.0 you can do just that. Basically what you do [...]
12Sep2008 | Joe Harris | 0 comments | ContinuedIPSec 64-bit VPN Client
You may have noticed that the Cisco IPSec VPN Client does not currently support 64-bit Operating Systems nor will it. If you have a need for an IPSec Client that does have 64-bit OS support, NCP Secure Communications has a Universal VPN Client that is 64 Bit compatible and will even import/convert your existing .pcf [...]
12Sep2008 | Joe Harris | 0 comments | ContinuedIntelliShield Event Response: Microsoft Security Bulletin for September 2008
Microsoft announced four security bulletins that contain eight vulnerabilities as part of the monthly security bulletin release on Sept 9, 2008. A summary of these bulletins is on the Microsoft website at http://www.microsoft.com/technet/security/bulletin/ms08-sep.mspx. This document highlights the vulnerabilities that can be effectively identified and/or mitigated using Cisco network devices.
The vulnerabilities that have a client software [...]
The Security Deep Dive Portal
This site was put together by some security guys inside Cisco with the aim of giving a short but in-depth discussion on how to use and install Cisco Security Products. The average attendance of the original events were around 150-200 attendees. After these sessions, the team received countless email requests about these sessions. So [...]
31Aug2008 | Joe Harris | 0 comments | ContinuedThe SSL Trap
Current HTTPS encryption methodologies for web users create a false sense of security. In order to enforce corporate acceptable use and security policies, an enterprise must employ a Web security gateway that has the ability to inspect HTTPS traffic. See how IronPort can help your overall bottom line by performing HTTPS inspection even on HTTPS [...]
31Aug2008 | Joe Harris | 0 comments | ContinuedIronPort Encryption Technology
Want to experience the simplicity of IronPort PXE technology firsthand? Send yourself an encrypted message right now, just by filling out this form.
addthis_url = ‘http%3A%2F%2F6200networks.com%2F2008%2F08%2F31%2Fironport-encryption-technology%2F’;
addthis_title = ‘IronPort+Encryption+Technology’;
addthis_pub = ”;
An out of this world virus
A virus designed to swipe passwords from online gamers has inexplicably popped up in some laptop computers aboard the international space station.
The low-risk virus was detected on July 25, but did not infect the space station’s command and control computers and poses no threat to the orbiting laboratory, NASA officials said.
Continue reading the story here: [...]
ASA temporary license
You may or may not be aware but the ASA does allow for temporary licenses for certain feature sets in order for you to test these features for an extended period of time (like 30 days). However I’ve received quite a few emails regarding what happens to the ASA after the temporary license for a [...]
25Aug2008 | Joe Harris | 0 comments | ContinuedIntelliShield Cyber Risk Report
The IntelliShield Cyber Risk Report is a strategic intelligence product that highlights current security activity and mid- to long-range perspectives. The report addresses seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical. The Cyber Risk Reports are a result of collaborative efforts, information sharing, and collective security expertise of senior analysts [...]
25Aug2008 | Joe Harris | 0 comments | ContinuedSecurity Monthly Newsletter
The sixth issue of Cisco’s Security Monthly Newsletter went out last Wednesday, August 20 to customers who have subscribed to receive this information. If you are not familiar with it, the Security Monthly Newsletter highlights Cisco’s recent product info, white papers, podcasts, programs, webcasts, web sites, events, threat info and much more. If you [...]
25Aug2008 | Joe Harris | 0 comments | ContinuedCisco IPS Auto-Upgrade
If you have a Cisco IPS Appliance and/or Network Module and assuming you have purchased Cisco Services for IPS and would like configure your appliance to perform auto-upgrades to the latest signatures or software, you can use the sample configuration below as a starting place to accomplish this task. After implementing this configuration on your [...]