The Lippis Report

July 27th, 2010

By Cisco Systems

Spanning-Tree Protocol (STP) can be easily compromised by eavesdropping in a switched corporate environment, but this vulnerability can be mitigated using L2 security features that are available on the Cisco® Catalyst® 6500. STP Man in The Middle (MiTM) attack compromises the STP “Root Bridge” election process and allows a hacker to use their PC to masquerade as a “Root Bridge,” thus controlling the flow of L2 traffic. To understand the attack, the reader must have a basic understanding of the “Root Bridge” Election process and the initial STP operations that build the loop free topology. This paper provides an overview of the STP Root Bridge Election Process, STP MiTM Attack Guide and Mitigation Techniques for STP attacks.

Find out how by downloading this white paper

June 14th, 2010

By Cisco Systems

This paper provides a brief introduction to common security threats on IPv6 campus access networks and will explain the value of using First Hop Security (FHS) technology in mitigating these threats. An overview of the operational principle of FHS is provided together with some examples on how to enable FHS on Catalyst® 6500, 4500, and 3750 Series Switches. The target audience for this paper are network architects and network operation engineers.

Find out about FHS by downloading this Cisco whitepaper.

April 5th, 2010

Many IT leaders are striving to understand who is on their network and what they are doing. These are two simple questions and yet, in many cases, IT business leaders do not have a good way to answer them. And once IT leaders are able to obtain this information the question then becomes what else I can do with the data: obtain a history report, perform statistics for analysis and planning, generate compliance reports and much more. To tightly link business processes with networked applications, IT leaders need to wrap policy, identity and security around users and IT assets.

Read the rest of this entry »

March 22nd, 2010

With all the investment in IT security over the years, one would think that threats would have subsided; but they have only increased and largely increased with exploits and iframes (redirection on a reputable website to infect its visitors) up nearly by a factor of 2000 over the past two years. This has resulted in an increase in data theft Trojans over the same period by a factor of 6000, according to the 2009 ScanSafe Global Threat Report, enriching hackers and cybercriminals. What’s driving this exploit growth is that hackers and cybercriminals are automating successful techniques for mass website infection. In addition, hackers increasingly collaborate, sharing best practices to infect websites for personal gain. In short, IT and business leaders are not confronting individual hackers, but a community of cybercriminals working together to steal corporate data that is increasingly organized as a traditional business with suppliers, resellers and end users. And this community’s opportunities to attack individuals and corporations have only increased with the huge growth in mobile access and deep corporate reliance of web-based applications to automate business processes.

Read the rest of this entry »

March 17th, 2010

The Web Malware Pandemic

Just as the Internet, the Web, and the information age have revolutionized our businesses and our lives, these developments have also radically changed the face of crime. Computer and Internet crime are no exception. Today, computers factor in nearly every form of crime – from crimes facilitated by computers (credit card theft, for example), to crimes, which are specifically computer-to-computer (malware, for example), and to crimes in which computers play an incidental supporting role (i.e. an illegal gambling bookie that keeps computerized records). This paper addresses one single facet of cybercrime – the manipulation of Web content and Web technologies for criminal and/or for illicit gains

Find out how to defend Web traffic from cybercrime by downloading this paper

March 17th, 2010

THE WORLD’S LARGEST SECURITY ANALYSIS OF REAL-WORLD WEB TRAFFIC
By Cisco Systems

The ScanSafe Global Threat Report is an analysis of more than a trillion Web requests processed in 2009 by the ScanSafe Threat Center on behalf of the company’s corporate clients in over 80 countries across five continents. Our leading position of providing security in-the-cloud provides unparalleled insight in the real-world Web threats faced by the today’s enterprise; this report represents the world’s largest security analysis of real- world Web traffic.

Download it now here.

March 17th, 2010

By Cisco Systems

The traditional network and physical perimeter is no longer the only borderline to defend information security. Collaboration, IT consumerization, mobility, and new computing technologies are driving productivity gains while presenting renewed security requirements. There is greater pressure on IT to meet the demands of a dynamic workforce, both in terms of service delivery and security challenges. New solutions are needed to protect borderless networks and to help further improve business efficiencies in the mean time. Cisco® TrustSec is such a solution.

To find out how to protect your network with TrustSec download this white paper now

March 17th, 2010

Cisco’s TrustSec is architecture with its implementation spread across client software, infrastructure (Catalyst & Nexus) and policy (Access Control System and NAC appliance). Cisco has expanded TrustSec to incorporate 802.1x clients allowing IT leaders to mix and match NAC and 802.1x endpoints. TrustSec organizes and simplifies authentication and policy schema allowing administrators to configure and maintain identity-based access to IT resources while identifying and applying policy based on a user roles in the organization. TrustSec also provides encrypted links at the switch port level. Steven Song Security Business Manager in the Network Systems & Security group at Cisco Systems joins me to discuss TrustSec and how Cisco is expanding its services and importance for IT business leaders.

March 16th, 2010

By Cisco

As the Internet transforms from a static resource to a utility platform enabling two-way communications, malicious threats have increased in volume and shifted their focus toward the Web. Hackers are exploiting the vulnerabilities of an open and dynamic Web to distribute their malware rather than creating their own malicious websites. Web malware infection from reputable websites that have been compromised is now not only a reality, but is now the preferred route to infect victims. This change has made traditional methods of control such as anti-virus less effective and requires an alternative approach to security. This alternative approach is Cloud Web Security.

To understand Cloud Web Security download this white paper

March 16th, 2010

The Web is increasingly being used as the threat vector of choice by hackers and cybercriminals to distribute malware and perpetuate identity theft, financial fraud, and corporate espionage. Is exploit sophistication and complexity evolving beyond traditional end-point anti-virus mitigation? Is a network centric model a faster and more accurate approach to zero day threat defense where massive cloud computing resources are put to work identifying and mitigating complex, polymorphic threats designed to evade anti-virus software and are mitigated before they reach desktop or mobile end-points? Mark Guntrip, Product Manager at Cisco Systems joins me to discuss Cisco ScanSafe, a Cloud Web Security Offering and debate client- versus network-based zero day threat defense.

March 9th, 2010

No matter where you look today the structure of IT is fundamentally changing. Applications are increasingly being accessed from mobile devices along with traditional laptop, desktop and even kiosk machines. SaaS has taken off and is far more prevalent than most executives realize as they are acquired by line of business and divisional budgets, leaving many IT leaders blind-sided and out of control with their relevance coming into question. As a result corporate application portfolios are shifting in their mix under IT leaders from one of total control to partial control to none. In short, IT leaders are finding that the largest application growth in their corporation is coming from outside of their traditional perimeter and with no control knobs. In essence applications and networks are becoming borderless.

Read the rest of this entry »

March 9th, 2010

IT leaders are not comfortable with mobile computing security. And they do have a lot to be concerned about as securing a plethora of different devices accessing both corporate and SaaS applications from a vast array of locations and network access methods is a challenge. Traditional VPN methods are too cumbersome for users and don’t factor the huge growth in SaaS application use. A new model for securing remote and mobile access is needed and Cisco has delivered one. Cisco just launched AnyConnect Secure Mobility Client that offers a simple use model for mobile workers that leverages Cisco’s ASA, IronPort Web Security Appliance, ScanSafe, and SIO to wrap a corporate perimeter around its mobile workforce. Kevin Kennedy, Product Marketing Manager at Cisco Systems discusses a new approach to securing mobile computing.

January 25th, 2010

No matter where you look today the structure of IT is fundamentally changing. Applications are being increasingly accessed from mobile devices along with traditional laptop, desktop and even kiosk machines. Applications are downloaded for free or a few dollars on mobile devices, while cloud computing and anything as a service offers a new approach to application delivery. As a result corporate application portfolios are shifting in their mix under IT leaders from one of total control to partial to none. In short, IT leaders are finding that the largest application growth in their corporation is coming from outside of their traditional perimeter and with no control knobs. In essence applications and networks are becoming borderless.

While borderless networks offer productivity improvements allowing work to follow individuals, IT leaders are concerned about its security implications, that being how do I secure corporate assets when applications are being accessed and used within and outside of corporate perimeters? Can IT leaders deliver the ease of use afforded by borderless networks securely? In this Lippis Report Research Note we offer an approach to securing networks without borders.

Read the rest of this entry »

January 25th, 2010

Garter has moved Cisco up to the Leaders Quadrant in its Magic Quadrant for 2009 Secure Web Gateways. Gartner reflected in their analysis that Cisco’s long-term focus on innovation and quality has resulted in market leadership. Garter identifies the following Cisco strengths.

On-Premise
* On-box malware prevention
* Performance & scalability
* DLP
* Real-time categorization

Cloud
* Simple management interface
* Reporting
* Ease-of-deployment
* Real-time categorization