Cisco Network Admission Control and Microsoft Network Access Protection Interoperability Architecture

Get the White Paper

July 28th, 2008

By Cisco Systems and Microsoft Corporation

Cisco Systems, Inc. and Microsoft Corporation have developed an interoperability architecture that allows customers to deploy both the Network Admission Control (NAC) platform available from Cisco and the Network Access Protection (NAP) platform developed for Microsoft Windows Vista© and Windows Server. The result is a set of components that interoperate, allowing customers to enforce health requirements for network access using a combination of components from Cisco and Microsoft. This white paper describes the set of characteristics that will support the interoperability architecture and how the interoperability architecture works. This paper was written in 2006 and thus much progress has been made in Cisco NAC/Microsoft NAP interoperability since its publication. Yet it still offers an excellent framework which will prepare architects for a major update during 2008.

Boosting Business Development with Citywide Wireless Access

Get the White Paper

July 28th, 2008

By Cisco Systems and The City of Dublin, Ohio

The city of Dublin, Ohio is home to more than 3,000 businesses, and continually strives to create an attractive economic environment. Information technology plays an important role in Dublin's efforts to bring the best and most promising businesses to the city, and it was important to provide access anytime, anywhere. "œA major emphasis has always been enhancing economic development and establishing a significant tax base that will take us into the future," says Mayor Marilee Chinnici-Zuercher. "œAccess to technology is a key element of our strategy, because we have a lot of small businesses that are global in their missions and purposes." Adds Jane Brautigam, City Manager, "œWe believe that providing better access to the Internet, via our network infrastructure, will bring companies to the city, and encourage them to grow their business here."

Utility Overhauls Network Defenses to Boost Control and Visibility

Get the White Paper

July 28th, 2008

By Cisco Systems and Jones-Onslow Electric Membership Corporation

Jones-Onslow Electric Membership Corporation (JOEMC) is a member-owned electric utility cooperative with a vital technology infrastructure. The cooperative's network supports a variety of critical applications, including an IP contact center, customer support and financial applications, and an outage management system that alerts JOEMC employees to service problems. All of these systems are essential to providing the electric service on which 60,000 JOEMC customers depend every day, and those customers demand the utmost reliability and security. However, one of the biggest challenges for JOEMC is supporting all applications and customers with just a four-person IT staff.

"œBecause we are a small department, we are always looking for solutions that can keep the network secure, but that do not require extensive support from our team," says Carrie Peters, Vice-President of IT/IS, JOEMC. To meet these requirements, JOEMC works with a variety of third-party vendors who provide technology, financial, and business services vital to the daily operation of the co-op. All vendors require access to the JOEMC network, ranging from periodic on-site visits to VPN links supporting managed services that must remain open at all times. Despite the number of outside parties that require access to the network, JOEMC lacked sophisticated tools to monitor and control vendor access. The safeguards that were in place (such as checking vendor PCs for viruses and malware before allowing them to connect to the co-op's network) were also labor intensive and time consuming.

Food Manufacturer Extends Its Workplace with Secure Remote Access

Get the White Paper

July 28th, 2008

By Cisco Systems and Del Monte Foods

Del Monte Foods is one of the largest, most well-known producers and distributors of premium food products in the United States. Founded in San Francisco in 1916, the company's net sales were US $3.4 billion in 2007. With a powerful portfolio of brands, Del Monte products are found in nine out of ten U.S. households. Like most leading companies, Del Monte depends on its network to support its key business operations, from enterprise resource planning (ERP) to data warehouse and customer relationship management (CRM) applications. Employees need frequent access to these systems, regardless of their location. However, Del Monte has a dynamic workforce. "œAbout 70 percent of our computers are laptops, and enabling our users to work remotely is a growing priority," says Dennis Tokarski, Manager of Telecommunications and Network Operations at Del Monte. "œWe have approximately 500 users who work out of the home office, a remote sales office, or a combination of both."

University of Pisa develops trail-blazing approach for cost effective compliance and protection of large city campus networks

Get the White Paper

July 28th, 2008

by Cisco Systems and the University of Pisa

At today’s colleges and universities, a growing number of research, communications and basic educational functions are supported and enhanced by the campus network. But with thousands of users, end-points and applications active at any one time, campus networks are becoming more difficult to protect. Propagation times are also shrinking, as is the window for responding to an attack before it causes widespread damage.

A survey conducted by Gartner and The Chronicle of Higher Education revealed that nearly all respondents had experienced virus and worm attacks in the past year, with 73 per cent saying that those attacks are accelerating. Not only that, but attacks are becoming more malicious. Some 53 percent reported that attackers had tried to cripple campus networks and 41 per cent confirmed that hackers had succeeded in penetrating their systems.

Special Edition Lippis Report on Network Security, Issue 2: Security Best Practices for PCI Compliance

June 16th, 2008

In this Lippis Report we offer industry best practices for Payment Card Industry Compliance (PCI) for the mid-market commercial corporation. We'll explain PCI benefits, the severe consequences of non-compliance enforced by the largest banks through fines plus increased transaction fees and how to avoid them. PCI is a big issue for all corporations that transact business with credit cards. According to industry sources, "œthe average corporation under budgets PCI by 40%." Who needs to worry about PCI? Any corporation that processes credit card information in any of these three ways: 1) processes credit card information; 2) transmits and/or; 3) stores credit card information. If your corporation does any one of the three or all three you need to be PCI compliant. Penalties for non-compliance are severe and are enforced by banks such as Visa, MasterCard, American Express and others through fees plus increases in transaction cost. For the mid-market, a doubling of the transaction fee charged by banks for non-compliance will have a large negative impact on profit.

Terry Quinn-AndryMid-Market Commercial Firms: Are You PCI Compliant?

Listen to the Podcast

Read the rest of this entry »

PCI Solution for Retail Architecture

View the Presentation

June 16th, 2008

By Cisco and RSA

No single device can be PCI compliant. Cisco, RSA and the other partners secure sensitive data throughout the transaction flow and provide the audit trail for central management and policy control. Other PCI solutions cover only part of the overall steps needed for compliance. The PCI Solution for Retail includes a set of configured and audited architectures that incorporate technology from Cisco and RSA to help retailers meet the requirements of the Payment Card Industry (PCI) Data Security Standard. Since RSA and Cisco are top technology providers to retailers, both are focused on providing PCI Solutions to customers. Cisco is the network provider to more than 90% of the top 25 global retailers while RSA is the leading provider of technology solutions that enable companies to secure their most critical business assets.

PCI Currents: Staying Afloat

View the Presentation

June 16th, 2008

By Darrik Cupps, Securestate

The PCI Currents: Staying Afloat presentation provides information on the need for PCI, case studies, PCI defined, PCI best practices and strategies for compliance. It's a presentation that gets one up to speed on PCI, the threats it mitigates and how to get into compliance.

Payment Card Industry Compliance

Get the White Paper

June 16th, 2008

By Securestate

Securestate is an information security assessment firm that specializes in the Payment Card Industry's Data Security Standards. As a Qualified Security Assessor, QSA Securestate has performed assessments and audits for PCI merchants and service providers of all levels. Securestate does not sell or implement products, therefore maintaining ethical independence and segregation of duties. In this overview, Securestate provides a process and check to ensure PCI compliance.

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

Get the White Paper

June 16th, 2008

By Cisco, HEIT Consulting and DriveSavers Data Recovery

With HEIT Consulting, DriveSavers deployed a Cisco Self-Defending Network to better protect network assets, employee end-points, and customer data. When Michael Hall says of his company, DriveSavers Data Recovery, "œWe regularly, literally save businesses," he is not exaggerating. DriveSavers is one of the premier data recovery companies in the world"”with a track record of rescuing data from hard drives that have been through warehouse fires, bus crashes, and even several days at the bottom of the Amazon River. Given the nature of DriveSavers' business, the company must worry not only about the security of its own applications, but also the rescued customer data that resides on its network, much of which is highly sensitive. Many customers now require any company handling their data to comply with SAS 70 security audits, detailed internal examinations of a company's security processes and systems. However, DriveSavers traditionally relied on security solutions from a variety of vendors, making auditing difficult. To meet customer requests, DriveSavers' engineers frequently had to take time away from their regular duties to retrieve and manually compile information from dozens of different sources in the network.

Accor North America

Get the White Paper

June 16th, 2008

By RSA

When consumers think about hotel security, they often think about door locks and safes. In general, consumers don't think about how crucial it is for hotel operators to protect the credit card information they're given. As a critical security requirement for hotel operators, Accor North America selected RSA® Key Manager with Application Encryption which is designed to centralize the provisioning and lifecycle management of encryption keys and enable end-to-end encryption. According to Harvey Ewing, Senior Director of Information Technology Security, "œOne of my primary responsibilities is to make sure Accor North America complies with Payment Card Industry (PCI) requirements for protecting consumer information".

Mid-Market Commercial Firms: Are You PCI Compliant?

Listen to the Podcast

June 16th, 2008

Terry Quinn-AndryAccording to industry sources, "œthe average corporation under budgets PCI (Payment Card Industry Compliance) by 40%". Any company, from mom and pop shops to Fortune 50 corporations that processes credit card information needs to be PCI compliant. Penalties for non-compliance are severe and are enforced by banks such as Visa, MasterCard, American Express and others through fees plus increases in transaction cost. For the mid-market, a doubling of the transaction fee charge will have a much larger impact on its cost to productivity. Terry Quinn-Andry, Compliance Solutions Manager for Cisco Systems joins me to discuss PCI requirements for mid-market corporation. We'll explain PCI benefits, exposure of non-compliance and how to avoid penalties.

Special Edition Lippis Report on Network Security, Issue 1: Network Security 2.0: A Systems Approach to Threat Mitigation Emerges

May 27th, 2008

The conventional wisdom in IT threat mitigation is to build a layered "œdefense in-depth" approach with security technology such as firewalls, IPS, network access control, anti-x client software, alarm aggregation and event correlation, etc. And while the layered approach to defense is a useful threat mitigation strategy, the threat landscape has changed, forcing conventional wisdom to shift toward a systems approach to protecting corporate assets.

Fred KostNetwork Security 2.0: Layered Security or Systems Approach?

Listen to the Podcast

Read the rest of this entry »

Internet Content Provider Safeguards Customer Networks and Services

Get the White Paper

May 27th, 2008

By Cisco and Synacor

Synacor used Cisco network infrastructure and security solutions to enhance network protection and streamline compliance. Fast-growing Internet businesses cannot afford network failures or security breaches. This is especially true for Synacor, a leading technology company that advances the delivery of meaningful content and technology solutions for multiple system operators (MSOs), telecommunication companies, and Internet service providers (ISPs) around the globe. Through Synacor's private label portals, subscribers can access a broad range of published and premium content, including entertainment, education, and family-oriented offerings from their homepages.

Today, through its service providers, Synacor's products and services reach more than 20 million broadband subscribers worldwide. With Synacor's business built around Internet products and services, network security is essential. The company must meet strict service uptime agreements and cannot afford to have its back-office assets or production networks disabled by a network attack. Additionally, as the company's business evolves, its security exposure has evolved as well.

"œAs we move to higher band-width media, movies, and especially gaming services, we are opening ourselves up to more threats," says Adam Howell, Director of Network Engineering and Systems Operations for Synacor. "œOne of our new accounts launching in 2007 will support more than one million subscribers right out of the gate and host a million e-mail accounts at our headquarters. We need to help ensure that there is no disruption or service degradation because of an attack on our network."

Synacor has heightened internal compliance standards. The company continues to be indirectly and directly involved in content sales, and with this enhanced activity maintains the protection of credit card information and complies with the Payment Card Industry (PCI) data security standard. As the company and systems grow and develop, Synacor's IT team is committed to making the technical infrastructure compliant with the U.S. Sarbanes-Oxley Act governing financial and accounting disclosure.