security

My two favorite days for a Vegas conference: arriving and leaving. Everything in between is a foot numbing, sleepless blur. But we had a great time! It was cool to be on stage hanging with our Cisco friends and getting to re-unite with old competitors, many of which are former peers. We did not have…

Over the last few weeks, we’ve started to unpack some of the focus-group discussions we’ve recently had with hundreds of IT professionals.  The goal of these focus groups was to help as Cisco continues to ensure we’re meeting our customers’ needs.  We’ve discussed some…

Cisco published earlier this week the 2013 Cisco Global IT Impact Survey, exploring the relationship between IT and the business goals of the companies they support.  Among other things, 42 percent of those interviewed responded that they know about the Internet of Things, “as well as I know E…

This introductory post explains how one of Cisco’s security research groups established a network data collection capability for large amounts of network traffic. This capability was necessary to support research into selected aspects of the Domain Name Service (DNS), but it can be adapted for other…

Mobile Device Management or MDM is ideal for addressing many challenges inherent to our ‘Bring your own Device’ culture. MDM can help enforce policy for mobile devices but when you look closer, you begin to realize it does not solve everything. The challenge is when we ask our MDM technology to make…

My friends at Cisco’s TechWiseTV have taken MDM to heart and have offered some keen insight from a geek’s POV (point of view) into MDM. Starting with a primer on MDM, Networking 101: MDM, Jimmy Ray answers the questions on what is MDM and what can it do for my organization in his entertaining and ed…

This is the second and final part of my series about security logging in an enterprise. We first logged IDS, some syslog from some UNIX hosts, and firewall logs (circa 1999). We went from there to dropping firewall logging as it introduced some overhead and we didn’t have any really good uses for it…

Update 2 5/9/2013: Microsoft has released a “Microsoft fix it” as a temporary mitigation for this issue on systems which require IE8. At this time, multiple sites have been observed hosting pages which exploit this vulnerability. Users of IE8 who cannot update to IE9+ are urged to apply…

Logging is probably both one of the most useful and least used of all security forensic capabilities. In large enterprises many security teams rely on their IT counterparts to do the logging and then turn to the IT logging infra when they need log information. That in itself isn’t bad; however, the…