The Importance of an Information Security Strategy in Mergers and Acquisitions

Organizations have many options when it comes to growing. Many grow by hiring additional staff when it comes time to expand. Others grow through mergers and acquisitions with related companies, or companies that represent an entryway into a desired new vertical or territory. Organizations that engage in M&A should include an information security strategy as part of the process.

Headlines in 2018 include several data breaches where the acquired company led to an incident for the acquirer. A large travel site reported a data breach of information on 880,000 payment cards  in March of 2018. The attack was believed to compromise systems months earlier. The investigation determined that the incident was potentially linked to legacy IT systems from an acquired company. Failure to update or integrate these systems left the parent company potentially vulnerable.

A Baltimore-based apparel manufacturer reported a data breach affecting customers who leverage the company’s sports tracking app. 150 million customer records associated with the app were compromised. The app creator was acquired by the parent company in 2015. Compromised data includes usernames, passwords and email addresses.

Companies with an acquisition strategy need to include information security in the M&A process. Many security tools can be leveraged to provide visibility into an organization’s network, users and information. These visibility tools should be used to determine the accessibility of information to both appropriate personnel and unauthorized parties. Understanding the vulnerabilities, network segmentation, access to assets and information, and asset lifecycle management are important negotiation metrics.

The acquiring company should be able to run visibility or vulnerability assessments of the target company as part of the negotiation. Vulnerability scanners help gather risk data. NetFlow and network traffic metadata tools provide visibility into the scope and nature of an organization’s traffic. This can help an organization identify and inventory assets. Visibility into web traffic, DNS queries, and applications in use all contribute to a view of an organization.

Vulnerable software report from AMP for Endpoints

These tools can help to establish where the target company is in terms of risk mitigation and security posture. It can tell the acquiring company how many man hours will need to go to get the target company to the appropriate levels of risk. An intelligent organization’s leadership understands that security is essential to all parts of the network. Proactive planning for growth and development must also be part of that security strategy.

Incident Response teams often use security tools to provide visibility into an organization following a data breach. These same tools can provide visibility into a target company’s information systems and networks. Use of these tools in advance of an acquisition can provide insight into the projects, security awareness training and even culture change necessary to understand the role of security in modern IT. Implementation of non-disclosure agreements can protect both the acquiring company and the target from leaks due to any gaps in the organization’s security posture.

Legacy systems have led to organizations appearing in the headlines. The brand damage, class action lawsuit payouts, data breach notifications and payment for services such as identity theft are all avoidable. Introducing and executing on a strong information security strategy as part of the M&A process is one way for organizations to minimize risk exposure and to understand the challenges and steps to achieving their desired security posture.

Leaders in organizations are accountable for the risk and exposure of users, information and networks. Visibility into these facets of an organization are key to ongoing security and to informed expansion, including mergers and acquisitions. The call to action for these organizational leaders focuses on that visibility. Research visibility, traffic profiling, application discovery and vulnerability tools. Speak with the organization’s trusted advisors, both internal and external, about the tools available and their recommendations. Regularly speak with the organization’s business leaders about emerging markets and potential mergers. Create and maintain an open dialogue about the potential risks and exposures that come with M&A. Many business leaders understand the importance of security in day-to-day operations. Including potential future business expansion in that conversation will help to craft a strategic information security policy.

Continue reading

How Cloud Native and Container Platforms Change the Way We Think about Networking

Networking has been a foundational component of our economy since the Internet days. In the early days, defining protocols and standards for how to connect, route, and interoperate local, metro, and wide area networks was critical to the businesses strategy. The computer networking exports with their TCP/IP computer centric view of the stack went head to head with the telecommunications giants and their more traditional telephony driven model of switching, FCAPS (Fault, Configurations, Accounting, Performance, and Security management), and OSI Model. As is often the case in these debates, both sides have good architecture and design principles and in the end, while TCP/IP one the war, very important concepts were adopted into the network model to account for Quality of Service (QoS), traffic engineering, segmentation of network traffic for control and data plane, and hierarchy of the network Simply stated, a flat network with no segmentation or hierarchy from the network stack on the computer though the Internet would cause fault, configuration performance, and security issues. This was understood largely by all in the industry and IT.

TCP/IP Model Versus OSI Model

In the past several years as the need to agility and driving time to market down, there has been a major mind shift that I have noticed in the largest of companies. Networking, with all its complexity in configuration, routing and segmentation, was causing major delays in delivering the true speed and agility required by the business. There have been several attempts to address these using technologies like VPN, NAT, and predefined network blocks per deployment region. These solutions are static in nature and the speed at which technologies mature and innovation happens, these solutions were very limiting. In the industry, we have looked at automating and orchestrating the network parameters with an API and called this Software Defined Networking.  SDN is definitely a step in the right direction; however it geared towards Network Administrators and not business owners or developers. Wikipedia has a good explanation of SDN and this simple diagram:

SDN Overview

While SDN is a great step forward – programmable APIs to the network, this is way too complex for the business owner or developer to program against (not in developer language and not written in a developer model) and most importantly, it does not solve the issues of complexity and ease of configuration in a rapidly changing and software centric world.

As cloud computing use increased in the public cloud, the abstraction of the underlying network became an important driver in adoption. No longer is defining or understanding the network important. As the industry moves to containers, the desire to simply and flatten the network is rapidly becoming the new standard for cloud native and container networking, orchestration, and microservices architecture.

While this may appear to be the right direction to take the least path of resistance, the network matters more today than it ever has before. Why you ask, let’s look at the tradition application architecture.

N-Tiered Application Model

In this model, you have the following build in networking parameters:

◈ Presentation – On Isolated Network with NAT/PAT, firewall, and Logical separation of traffic onto a VLAN that is for just web traffic. The control (routing) traffic is on a separate network from the web (data) traffic

◈ Logic – On a separated network isolated behind a firewall on a separate VLAN than the web traffic. The control (routing) traffic is on a separate network from the application logic (data) traffic

◈ Database – On a separate isolated network behind a firewall on a separate VLAN than the web and application logic traffic. The control (routing) traffic is on a separate network from the database (data) traffic

Now let’s compare this to the cloud native architecture:

Cloud Native Application Model

In this new architecture, all traffic is on a common network with no isolation, no segmentation of control and data traffic, and leveraging the Linux kernel networking stack – which is another blog on why that is a very bad idea if you care about performance and scale. With the move to APIs and Rest interface, there is an added level of very chatty API traffic running over the very same network. All the complexity of the application architecture is handled by the network which makes the network more critical today than ever before.

Now, I’m not saying, it’s all about the network. As with all things in life, balance and focusing on what matters most is the best path to take (although it’s the path less traveled)  What I propose is that the intelligence can be built into the network. I like the analogy that everyone uses for cloud native with Pets versus Cattle. My network analogy is that cattle need isolation, direction, and fences! How can we as an industry move to more agile cloud native architecture and still corral the cattle? The answer comes from looking at this from 2 separate but equally important perspectives.

From a top down (application developer) perspective, the network requirements need to be represented as business intent with constraints that the business understands like latency, priority, security, and performance. If we enable a simple definition that is focused on the application’s business objectives, that will make it easy for the business to define what they care about.

From a bottom up (network administrator) perspective, the network administrators understand how to address business objectives and can easily programmatically define network and network security policies to meet the requirements. This will requires extending SDN capabilities to understand application policy and network specification to be created to support cloud native architectures, but these patterns are well known in the networking world today. The next step will be to use data generated by the application, services, and components to enable analytics to address performance, security, reliability, and latency issues in real or almost real time.

Continue reading

What is the difference between Cisco ASA 5505 and 5510 series firewalls?

There are many differences between the ASA 5505 and the 5510. 5505 is suitable for small offices and home networks while the 5510 is more suitable for bigger networks.

For guys interested in Cisco study materials “Practice Exams, Syllabus Details, Sample Questions,… etc” I recommend  www.nwexam.com/cisco

Continue reading

Cisco ACI and NetBrain: Delivering Application-Centric Network Operations

Introduction

We launched Cisco ACI – NetBrain joint solution that extends NetBrain core capabilities to Cisco ACI. This blog is meant to raise awareness on how this solution and its key features benefit customers to transition to an Application-Centric Datacenter and further optimize Day-2 data center network operations.

NetBrain is renowned for its network automation and troubleshooting capabilities and has regularly featured in Gartner’s Market guide for Network automation. NetBrain also boasts a strong 2000+ Enterprise customer base to complement its numerous awards and innovation recognition.

Cisco ACI is a market leading, SDN based networking technology that keeps applications as the focal point of data center infrastructure and enables the creation of an agile, open and secure architecture.

Challenge

Transitioning to an Application Centric data center and getting used to the new network operation model is a gradual process. To ensure a smooth transition, it is important to have tools to manage this heterogeneous network environment, where modern SDN based, open networking technologies are deployed alongside legacy networks. In such a scenario customers struggle to get deep visibility, effectively monitor and troubleshoot security and change management issues without impacting SLA.

Solution

The NetBrain solution for Cisco ACI provides a single consistent view containing both network-centric and application-centric contexts of data centers, aiding enterprises to seamlessly transition to an application-centric, intent-based network enabled by Cisco ACI. The integration creates a scalable, versatile automation platform to provide network visualizations and automation for “Day 2” operation workflows, giving network operations teams deeper network visibility and enhanced workflow management for operational tasks.

NetBrain utilizes ACI open REST API framework to collect network data which feeds into its modeling engine. The resulting data model is used to dynamically create visualizations and serve as the foundation for automation and troubleshooting.

Key Use Cases and Benefits

◈ Enhanced visibility across heterogeneous infrastructures

The solution provides numerous forms of visualizations that allow users to visualize ACI network alongside legacy networks, trace application path end-to-end among other visualizations capabilities thereby providing a deep understanding of different design aspects in a heterogeneous environment.

◈ Real-time insights

With the solution, the user can superimpose different data sets from ACI as well as from other management systems in a single consistent view getting powerful change management, correlation, and troubleshooting capabilities.

◈ Cross-organization collaboration and Knowledge management

Using the integration, users can code best practices and solutions to known problems in the form of a Runbook automation routine and share across the organization. This fosters not only better cross-organization collaboration but also helps enterprise move towards standardizing their troubleshooting workflows.

◈ Reduced resolution time

Leveraging executable Runbook monitor the solution can monitor incidents and trigger a “Level-0” troubleshooting diagnosis as the first course of action. This utility can be further integrated with any ticketing and monitoring solution for expedited incident management.

Continue reading

What is the CCNA course?

What is CCNA?

- CCNA (Cisco Certified Network Associate) is an IT certification from Cisco.

What is CISCO?

- Cisco is multinational technology conglomerate headquartered in San José, California, that develops, manufactures, and sells networking hardware, telecommunications equipment, and other high-technology services and products.

Why so many people invest a lot of time and money studying and certifying Cisco? 

- Cisco considered the major player in the networking world.

How hard is the CCNA exam?

- well... It’s obvious to say it’s not easy. Some people with strong networking basics understanding (CompTIA N+) level can get ready in a month. Others could take more than 6 months. It depends on how much time and energy you are willing to invest and your previous experience and understanding of computers and networking.

Is it worth it?

- My opinion is Definitely If you love networks.

How much it cost to take the exam?

- about $300 depends on where you live.

How much the studying material coast? 

- Few hundred $ to buy the official certificate guide and the video course.

What is the best way to learn Cisco certificates and pass the exam?

- I believe NWExam.com is the best choice right now.

Continue reading

Which website is best for Cisco CCNA Exam preparation?

As far back as I can remember in my data networking career, Cisco has had a certification program. Back in the late 90s, it wasn’t hard to figure out what to study or where to begin. Fast forward to today and getting started in the world of Cisco and data networking can be quite a daunting task. Whether you’re trying to build the right skills to succeed on the job or need to guide your staff to the certs they need to succeed, you must first understand what areas of certification Cisco offers.

There are four major Cisco certification paths:

1. Career Certifications

2. Specialist Certifications

3. Technician Certifications

Each of these areas has a specific purpose in the Cisco ecosystem, so it’s important to consider the skills required in each path and how they relate to your team or the job you’re fulfilling. In this post, we’ll look at each of these four areas and discuss where they are most appropriate. We’ll give special attention to the Cisco Career Certifications and the multiple tracks within this path, as these are the most popular certifications that candidates pursue today.

Technician Certifications (CCT)

The Cisco Certified Technician (CCT) is one of Cisco’s newest. A CCT is qualified to diagnose, restore, repair and replace critical Cisco networking and system devices at customer sites. Cisco has a Technical Assistance Center (TAC) and CCTs work closely with TAC engineers to help resolve support incidents. In these situations, the CCT is the person in the field and the TAC assumes the senior position, providing instructions and direction from Cisco.

There are three focal areas of the CCT certification:

1. Data Center

2. Routing and Switching

This program is ideal for entry-level network admins and those starting out with Cisco because it’s a cross between some of the skills covered in the Cisco Career Certification program and some of the hands-on skills developed during field experience and on-the-job training. This path is also great for individuals working in desktop support who want to cross over into network support roles. I recommend the CCT Data Center, as it’s an area that’s in high demand for employers and holds increasing value in IT organizations.

Specialist Certifications

Many companies partner with Cisco and build their entire business on offering Cisco products along with the value-add of network integration and support. These organizations are part of the Cisco Partner Program. Within this program, Cisco defines a number of certifications and specialization categories that a partner can achieve.

The various certifications and specializations come with certain requirements. For example, Gold Partner status requires an organization to have a minimum of 12 unique certified full-time employees, four of them being CCIE certified, and at least one Business Value Practitioner. In addition to these requirements, a Gold partner must specialize in four areas, two of which (Advanced Enterprise Networks Architecture Specialization and Advanced Security Architecture Specialization) are required. There are seven specializations in total:

◈ Collaboration
◈ Data Center
◈ Internet of Things
◈ Network Programmability
◈ Operating System Software
◈ Security
◈ SP

I wouldn’t recommend pursuing these certifications until your organization becomes a Cisco Partner and defines the requirements most beneficial to your department.

Career Certifications

The Cisco Career Certification Programs is one of the most well-known certification programs in the industry. Of the career certifications, the most popular is likely the Cisco Certified Network Associate (CCNA). The following diagram is a commonly used graphic that depicts the Cisco Career Certifications from a very high level.

At the base are entry-level certifications, which cover the broadest scope of information. Next would be the associate level certification, followed by the professional, expert and architect levels. As you move up the pyramid, the number of certified professionals decreases and the focus tightens.

If you split out these certifications, you’ll see that within these five layers there are actually nine unique certification tracks to pursue. Some tracks have overlapping exams, making it appealing to achieve more than one certification.

The various certification tracks include:

1. Cloud
2. Collaboration
3. Data Center
4. Design
5. Industrial/ IoT
6. Routing & Switching
7. Security
8. Service Provider
9. Wireless

Not all tracks cover the same levels. For Design, Routing & Switching, Security and Wireless, individuals start the program by passing the Cisco Certified Entry Networking Technician (CCENT) exam. The other programs start out directly with an associate level exam. All tracks have an associate level certification, but the Industrial and Internet of Things (IoT) tracks lack a professional level certification. At the professional level, applicants typically need to pass three to five separate exams related to a specific job role, product, or technology focus. For example, the CCNP Security requires passing four exams:

1. SENSS
2. SITCS
3. SISAS
4. SIMOS

Each exam focuses on a specific task that would be performed in the network. SISAS covers the implementation of Cisco Secure Access Solutions in a network, whereas SENSS focuses on implementing Cisco Edge Network Security Solutions such as the ASA Firewall.

The Cisco Certified Internetwork Expert (CCIE) is one of the most coveted certifications in the industry. The CCIE is about hands-on ability, so individuals must complete a written qualification exam and then pass an eight-hour lab.

Beyond the CCIE is a rather new certification known as the Cisco Certified Architect (CCAr). This is a board examination with a heavy price tag. An initial fee of US$3,750 is paid to review the candidate’s qualifications and conduct the initial interview. Once a candidate is approved, they must submit a final fee of US $11,250.00 to receive the architecture challenge documentation and schedule a live Board Review. This certification is not for everyone. It requires significant time in the industry and is only valuable to certain organizations.

So, where should you start?

If you’re looking to start a career in IT or want to skill-up greener members of your IT staff, I recommend the CCENT certification. This certification is beneficial because it builds on IT fundamentals that will be applicable moving forward.

Continue reading

Which is the best certificate for a fresher to get a job in the current scenario RHCE or CCNA?

Short answer:

CCNA

Detailed answer:

Let’s start by defining each of these two certs:

What is CCNA?

CCNA exam tests a candidate's knowledge and skills required to install, operate, and troubleshoot a small to medium size enterprise branch network. The topics include connecting to a WAN; implementing network security; network types; network media; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; extending switched networks with VLANs; determining IP routes; managing IP traffic with access lists; establishing point-to-point connections; and establishing Frame Relay connections.

There are 10 different CCNA certifications “Security, Wireless, Cyber Ops, …etc”. The most popular one in the CCNA Routing and Switching which is considered the core certification. So whenever someone say CCNA, almost always he/she means CCNA Routing and Switching.

What is RHCSA?

An IT professional who has earned the Red Hat Certified System Administrator (RHCSA) is able to perform the core system administration skills required in Red Hat Enterprise Linux environments. The credential is earned after successfully passing the Red Hat Certified System Administrator (RHCSA) Exam (EX200).

A Red Hat Certified System Administrator (RHCSA) is able to perform the following tasks:

◈ Understand and use essential tools for handling files, directories, command-line environments, and documentation
◈ Operate running systems, including booting into different run levels, identifying processes, starting and stopping virtual machines, and controlling services
◈ Configure local storage using partitions and logical volumes
◈ Create and configure file systems and file system attributes, such as permissions, encryption, access control lists, and network file systems
◈ Deploy, configure, and maintain systems, including software installation, update, and core services
◈ Manage users and groups, including use of a centralized directory for authentication
◈ Manage security, including basic firewall and SELinux configuration

Which cert will probably get you a job fast?

CCNA. Although Red Hat is popular it’s not as popular as networks by any mean. Almost everywhere in the world right now is connected through complex networks. So I believe CCNA give you a much higher probability to find your self a job.

Continue reading