The Lippis Report

July 27th, 2010

By Cisco Systems

Spanning-Tree Protocol (STP) can be easily compromised by eavesdropping in a switched corporate environment, but this vulnerability can be mitigated using L2 security features that are available on the Cisco® Catalyst® 6500. STP Man in The Middle (MiTM) attack compromises the STP “Root Bridge” election process and allows a hacker to use their PC to masquerade as a “Root Bridge,” thus controlling the flow of L2 traffic. To understand the attack, the reader must have a basic understanding of the “Root Bridge” Election process and the initial STP operations that build the loop free topology. This paper provides an overview of the STP Root Bridge Election Process, STP MiTM Attack Guide and Mitigation Techniques for STP attacks.

Find out how by downloading this white paper

April 5th, 2010

Many IT leaders are striving to understand who is on their network and what they are doing. These are two simple questions and yet, in many cases, IT business leaders do not have a good way to answer them. And once IT leaders are able to obtain this information the question then becomes what else I can do with the data: obtain a history report, perform statistics for analysis and planning, generate compliance reports and much more. To tightly link business processes with networked applications, IT leaders need to wrap policy, identity and security around users and IT assets.

Read the rest of this entry »

March 17th, 2010

In addition to desktop connectivity wiring closet switches now connect wireless access points, laptops, kiosks, netbooks, IP phones, printers, video desktop systems and more while also managing electrical power of the devices they connect. New PoE Plus standard 802.3at allow 30W per port to be delivered which has driven a change in wiring closet power management. I talk with Berna Devrim, Sr. Manager, Access Switching Marketing at Cisco Systems about the dynamics forcing a change in wiring closet switching and the new Cisco X and S series of edge switching products which represent progressive thinking in this space. Enjoy, Nick.

March 17th, 2010

By Cisco Systems

The traditional network and physical perimeter is no longer the only borderline to defend information security. Collaboration, IT consumerization, mobility, and new computing technologies are driving productivity gains while presenting renewed security requirements. There is greater pressure on IT to meet the demands of a dynamic workforce, both in terms of service delivery and security challenges. New solutions are needed to protect borderless networks and to help further improve business efficiencies in the mean time. Cisco® TrustSec is such a solution.

To find out how to protect your network with TrustSec download this white paper now

March 17th, 2010

Cisco’s TrustSec is architecture with its implementation spread across client software, infrastructure (Catalyst & Nexus) and policy (Access Control System and NAC appliance). Cisco has expanded TrustSec to incorporate 802.1x clients allowing IT leaders to mix and match NAC and 802.1x endpoints. TrustSec organizes and simplifies authentication and policy schema allowing administrators to configure and maintain identity-based access to IT resources while identifying and applying policy based on a user roles in the organization. TrustSec also provides encrypted links at the switch port level. Steven Song Security Business Manager in the Network Systems & Security group at Cisco Systems joins me to discuss TrustSec and how Cisco is expanding its services and importance for IT business leaders.