Group items tagged

In the previous installment of our series of IPv6 security posts, we covered some of the ways addressing has changed in IPv6 compared to IPv4. In this post, we'll talk about some of the things to consider when securing IPv6 compared to IPv4. Before digging into this topic, however, it is important to remember that while IPv6 may have different security concerns than IPv4, it is not necessarily any more secure than IPv4. Furthermore, the post will focus on those aspects that are different or unique to IPv6, since many of the common best practices for IPv4 networks also apply to IPv6 networks.

Recently, a security analyst blogged about Cisco's security efforts and questioned Cisco's commitment to the market. As you know, I am not only a Cisco Press author, but I also work as a security consulting systems engineer for the company. From my point of view, Cisco is most definitely not taking its eye off the ball in the security market. But the post did make me think about the kind of questions that readers might have. Is Cisco committed to creating best of breed products or would it rather create security systems? Why should customers get excited about Cisco Security?

As the network engineer for your company you are responsible for all network-related tasks. One day your security officer comes to you and asks is you can further enhance the network security. He wants you to implement an IOS Firewall feature to protect incoming traffic

In the past few years, VPN services have hit the big time-especially among BitTorrent users. These days more and more internet users see running a privacy enhancing service as a requirement rather than just a luxury. They're not always perfect, though. Here are a few tips and tricks that can enhance the security of any VPN.

Takeaway: Fighting the malware battle really hurts when you're spending a good deal of your IT budget (if you even have an IT budget) on software to protect machines from attacks. Here's how to do it for free. Malicious software (be they viruses, rootkits, trojans, worms, or malware) are so prevalent it seems one of the primary jobs for IT is the protecting, cleaning, and removing of said software. It seems no matter how hard you try, or how much you pay for the software you use to protect your desktops, it always seems like a losing battle. Fighting that losing battle really hurts when you are spending a good deal of your IT budget (if you even have an IT budget) on software to protect machines from attacks. It doesn't have to be that way. I have found plenty of tools that can help in the quest to have a virus/malware-free environment. These tools can be either installed on your machines or used as a toolkit to carry with you to fight the good fight. You won't find enterprise-grade tools here. What you will find are tools I have found to do the best job at keeping my systems clean. Combofix Combofix is my first line of defense tool when I suspect something has taken over a machine. But you shouldn't just run this powerful tool without a few considerations. First, and foremost, what will Combofix fix? After a successful run of Combofix, you should have cleaned (if applicable): Malware, Rootkits, Trojans, Worms, and Viruses. What you need to know about Combofix, prior to running is quite important. The single most important issue with Combofix is that you can not run it with an antivirus tool enabled. With some antivirus solutions you can simple disable the tool (Symantec Endpoint Protection is a perfect example). One particular antivirus solution, AVG, I have found to require complete removal before running Combofix. And to be on the safe side, I prefer to run Combofix with the computer in safe mode. One other note: Never download Combofix from any oth

Some screen captures so L2 security (DHCP snooping, ARP inspection etc..)

One of the issues facing network and security engineers is defending the network against dynamic threats. This means traffic that cannot easily be identified by regular means, such as an application that changes layer 4 ports or tunnels within an existing protocol. Because of this, a solution is needed to match and filter based on specific information within the packet that is unique to the application you want to block.

Security Webcasts

Cisco Learning network videos on SSL VPNS