TLS Fingerprinting in the Real World

• 
• 

PrevNext

To protect your data, you must understand the traffic on your network.  This task has become even more challenging with widespread use of the Transport Layer Security (TLS) protocol, which inhibits traditional network security monitoring techniques.  The good news is that TLS fingerprinting can help you understand your...

Continue reading

Keys to a Successful Automation Project

We just finished working with the analyst firm Analysys Mason on a white paper exploring the factors behind successful automation projects. They talked to a number of tier 1 operators to capture lessons learned from the rollouts of their respective automation projects.  The white paper is more focused...

Continue reading

How to Find Relief for Your Network Infrastructure in the Age of Apps

• 
• 

PrevNext

If you’re like most IT people, never does a day go by that you’re not working on multiple tasks at once: ensuring on prem data centers and public cloud networks are running smoothly; monitoring the consistency of network security policies; and making sure all of it meets compliance...

Continue reading

The New Network as a Sensor

• 
• 

PrevNext

Before we get into this, we need to talk about what the network as a sensor was before it was new. Conceptually, instead of having to install a bunch of sensors to generate telemetry, the network itself (routers, switches, wireless devices, etc.) would deliver the necessary and sufficient...

Continue reading

A Required Cloud Native Security Mindset Shift

• 
• 

PrevNext

There has been a significant shift in the public cloud infrastructure offerings landscape in the last 3-5 years. With that shift we as Information Security practitioners must also fundamentally shift our tactics and view of how these new services can be leveraged as a whole new landscape of...

Continue reading

Connected Car – What is Your Vehicle Reporting?

• 
• 
• 

PrevNext

We looked at In-Vehicle Infotainment, focusing on streamed media and navigation services. In this blog, we’ll look at Connected vehicle services and telemetry. What is this and what data volume does it represent? Vehicle services Some vehicle manufacturers such as Jaguar, provide additional information services to the vehicle...

Continue reading

Security that works together: Signal Sciences and Cisco Threat Response

• 
• 
• 
• 

PrevNext

Bring real time web application attack data into Threat Response Signal Sciences is a leading web application security company, with a next-gen web application firewall (WAF) and runtime application self-protection (RASP) solution. Signal Sciences protects over 10,000 applications, with over a trillion production requests per month. Signal Sciences’...

Continue reading

Trust in IOS XR

• 
• 

PrevNext

I looked at the hardware Trust Anchor module (TAm) that enhances the security of Cisco Service Provider products and provides visibility into the authenticity and integrity of the platforms. In this blog I will go over the software functionalities in IOS XR that enhance the security posture of...

Continue reading

Change is the only constant – vPC with Fabric Peering for VXLAN EVPN

• 
• 
• 
• 
• 
• 

PrevNext

Optimize Usage of Available Interfaces, Bandwidth, Connectivity Dual-homing for endpoints is a common requirement, and many Multi-Chassis Link Aggregation (MC-LAG) solutions were built to address this need. Within the Cisco Nexus portfolio, the virtual Port-Channel (vPC) architecture addressed this need from the very early days of NX-OS. With...

Continue reading

Using Tetration for Application Security and Policy Enforcement

• 
• 
• 
• 
• 

PrevNext

Protecting assets requires a Defense in Depth approach Protecting assets within the enterprise requires the network manager to adopt automated methods of implementing policy on endpoints. A defense in depth approach, applying a consistent policy to the traditional firewall as well as policy enforcement on the host, takes...

Continue reading