Cyber Sanbower

Background In today's organizations, attacks come from everywhere. As cliche as it sounds, networks are borderless and because of this organizations face more sophisticated threats. As networks evolve, many organizations struggle to have intrusion prevention or other security architecture evolve at the same pace. Visibility is everything: you must be able to detect and respond to threats before they cause significant damage. The following entry is all about how to gain visibility at the different areas of the network. IPS Overview Wikipedia defines Intusion Prevention Systems as a "network security appliance that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about said activity, attempt to block/stop activity, and report activity." By deploying IPS, organizations are able to identify, classify, and stop malicious traffic, including worms, spyware ...

Background Access Control is on the rise. A recent Gartner survey indicates that 50% of enterprises plan to implement 802.1X in their wired networks by 2011. Gartner believes that momentum will increase strongly, and that actual enterprise adoption will reach 70% by 2011. With that said, we have a lot of organizations evaluating the differences between Cisco NAC and Cisco 802.1X. Before we dive into the details of either solution, I thought it would be appropriate to compare the two. Cisco NAC Overview Cisco NAC Appliance (formerly Cisco Clean Access) was designed to use your organization's network infrastructure to enforce security policy compliance on all devices that attempt to gain access. You can use the Cisco NAC Appliance to authenticate, authorize, evaluate, and remediate wired, wireless, and remote users before they can access the network. Features Recognize users, their devices, and their roles in the network Evaluate whether machines are compliant with security policie...

One popular request is a list of features that come along with the different versions out. Below is a comparison of all the major code revisions of Cisco NAC Appliance. 4.8 (LATEST) * Support for Cisco NME-NAC Platforms * Administrator Access Restriction * Out-of-Band Logoff * In-Band and Out-of-Band Filter Behavior Enhancements * Fast-OPSWAT * RADIUS Session Timeout * Passive Re-assessment * Reporting Enhancements * Agent Customization * Agent Authorizes CAS * Field-Replaceable FIPS Card for HP-Based Cisco NAC Appliances * Cisco NAC Windows Agent Version 4.8.0.32 * Mac OS X Agent Version 4.8.0.569 * Cisco NAC Web Agent Version 4.8.0.4 * Features Optimized/Removed in Release 4.8 * Supported AV/AS Product List Enhancements (Windows Version 83, Mac OS X Version 7) 4.7 * FIPS 140-2 Compliance * New Hardware Platform Support * Cisco NAC Appliance WAN Deployment Enhancements * AD SSO Requirements for Windows 7 * Windows 7 Support on Cisco NAC Agent 4.6 * Posture Assessment Support for 64-Bi...

Today, organizations use IT to support their mission and business objectives. With the evolution of business through technology, organizations have proven that it can be an accelerator for growth, competitive differentiator, productivity enhancer and even strengthen employee satisfaction. The challenge organizations face is how to obtain these returns from the technology that they have invested in? This blog hopes to help unlock some of the secrets of deploying or using technology in a way to obtain return on your investment: get the most out of the features; optimize your environment to save cost; secure your IT infrastructure; Some of the core topics that you can count on from this Cisco Security Blog: Deployment Best Practices Upgrade Announcements & Procedures Gotchas & Workarounds Troubleshooting Tips Operationalizing Products Unlike the Cisco NAC blog, CAYSEC will expand to covering Cisco ASA, IPS, SIEM, 802.1X, IronPort S-Series and C-Series(Web and Email), and router/sw...