Tag Archives: security

BRKSEC-2010: Emerging Threats – The State of Cyber Security

Presenter: Craig Williams (@security_craig) – Sr Technical Leader / Security Outreach Manager, Cisco TALOS

I’m from Talos. We love to stop bad guys.

 
Talos by the numbers:

  • 1.1 million incoming malware samples per day
  • 1.5 billion Sender Base reputation queries per day

Talos has a serious amount of data. For serious.
Continue reading BRKSEC-2010: Emerging Threats – The State of Cyber Security

Role Based Access Control in IOS

I don’t believe this is well known: Cisco IOS has Role Based Access Control (RBAC) which can be used to create and assign different levels of privileged access to the device. Without RBAC there are two access levels in IOS: a read-only mode with limited access to commands and no ability to modify the running config (also called privilege level 1) and enable mode with full administrative access. There is no middle ground; it’s all or nothing. RBAC allows creation of access levels somewhere between nothing and everything. A common use case is creating a role for the first line NOC analyst which might allow them to view the running config, configure interfaces, and configure named access-lists. Continue reading Role Based Access Control in IOS

Who? What? When? Wired? Wireless? With Cisco ISE

Cisco’s Identity Services Engine (ISE) is a powerful rule-based engine for enabling policy-based network access to users and devices. ISE allows policy enforcement around the Who?, What?, and When? of network access.

  • Who is this user? A guest? An internal user? A member of the Finance department?
  • What device is the user bringing onto the network? A corporate PC? A Mac? A mobile device?
  • When are they connecting? Are they connecting to the secure network during regular business hours or at 02:00 in the morning?

These questions can all be answered easily within ISE and are all standard policy conditions that are relatively easy to implement. In the post below I’m going to focus on the How? — How is the user or device connecting to the network? Asked another way, the question is Wired? or Wireless? Continue reading Who? What? When? Wired? Wireless? With Cisco ISE

VPN Host Checker vs. AD Group Policy

This post is for anyone who administers a Juniper SSL VPN. I saw an issue in our environment recently that was created by an unexpected interaction between two different systems that were working to enforce our computer security policy. Because the way the systems were configured is pretty common and because the issue is not specifically warned against by Juniper, I’m going to share it here.

Continue reading VPN Host Checker vs. AD Group Policy