March 5, 2010

Threat Control and Containment

New Strategies for a Changed Threat Landscape
Cisco Systems

Please note that this paper has been superseded by the paper, "Threat Defense for Borderless Networks."

However, the rather extensive discussion remains below.

Go to Comments/Discussion

Network security threats have the potential to significantly impede productivity, disrupt business and operations, and result in loss of information - which can lead to financial losses and potential non-compliance. Hackers continue to develop new techniques to gain access to information, for their own financial gain.

The evolution and complexity of threats must be addressed with proactive IT security strategies that maintain business continuity, provide infrastructure wide threat visibility and protection, and simplify day-to-day network management. The entire security infrastructure - network, systems, and management - must work in concert to proactively defend against a wide array of threats, and reduce the mean time to respond and mitigate during an event. Threat control solutions from Cisco deliver comprehensive and proactive network defense, streamlined policy and system management, and business continuity.

Follow @webtorials

9 Comments

Steven Taylor | March 5, 2010 12:22 PM

This is a great update on the range of threats that are encountered in today's networks and IT in general. And, unfortunately, the number of and types of threats are expanding exponentially.

I really like the fact that this paper not only details myriad threats in a number of categories, but it also suggests methods for mitigating those threats.

Not surprisingly, since the paper is by Cisco, most of the recommendations involved Cisco's solution set. Nevertheless, it sets a great benchmark regardless of your exact choice of equipment supplier.

Nancy Leonard, Webtorials | March 5, 2010 12:48 PM

So, I have a question for Cisco (and others).

The paper presents an almost overwhelming number of potential threats.

What do you, from your experience, see as the two or three "low hanging fruit" places that the networks and IT shops can be made more secure? By "low hanging fruit," I mean the most significant and common vulnerabilities that can be easily secured.

It would be great to know for both the network as a whole and the branch office in particular.

Thanks!

Sarah Schultz, Cisco | March 5, 2010 3:15 PM

Interesting question - the trends change quite rapidly, but we've seen increasing threat activity over the web (uncategorized/new websites that contain malicious code), social media scams that lead "friends" to malicious code (videos, websites, etc), and targeted banking scams.

You should check out our Annual Security Report if you haven't already: www.cisco.com/go/securityreport, and our Security Intelligence Operations portal lists the latest top vulnerabilities and threats: www.cisco.com/go/sio.

Nancy Leonard, Webtorials replied to comment from Sarah Schultz, Cisco | March 5, 2010 4:23 PM

Hi Sarah -

Thanks so much for the reply. May I ask you to be a bit more specific?

For instance, when you mention social media sites, what do you see as some "best practices" for a corporate network?

For instance, you mention social media scams. Yet almost all web sites - even Cisco's site and Webtorials - now have a social component. What can/should a corporate IT shop do in order to be "with it" while still being appropriately cautious? Same with banking scams?

Or are there more fundamental levels that the enterprise should be concerned about and should these be left to "safe surfing" education?

Sarah Schultz, Cisco replied to comment from Nancy Leonard, Webtorials | March 5, 2010 5:41 PM

Yes, it's a tough issue...what we find is that social media users are placing too much trust in the safety and privacy of their networks, responding to messages, supposedly from their connections, with malware-laden links. Linking directly to tiny URLs from a social media site, for example, could be a way to get infected, so users should be wary when they see an advertisement from a 'friend.'

Also, by disclosing information, such as birth dates and hometowns, social media users make it far too easy for criminals to break into private accounts and gain control by resetting passwords. Corporate users are not immune to this trend, frequently using Twitter to discuss business projects.

In a nutshell, we'd recommend for you to be cautious - when you see odd messages like "Hey, check out these pictures!" with a link, don't automatically go to it. And be careful when posting personal information - there may be someone watching you. Also, take Security 101 seriously: stay up to date with your AV, create strong passwords, make sure your system is patched to the latest level - you know the drill!

Steven Taylor replied to comment from Nancy Leonard, Webtorials | March 5, 2010 6:14 PM

Excellent points! Two quick items that I would also point out that the casual user might forget about so the corporate folks should send semi-constant reminders about...

1) It looks really cool in an .html formatted email to be able to click on a link. However, even thought the link says it's going to www.webtorials.com, it might actually go to Cisco. (Using two very safe sites as an example only.)

2) One should be extremely wary of any links that go to a numeric IP address. For instance, this link to Cisco might actually go somewhere else.

Unless you REALLY trust the site or mailer, it's a great idea to check. But this is pretty easy in most cases. With rare exceptions, if you hold the cursor over the hyperlink in the email or on a web page, the actuall address will show up - usually in the lower left-hand corner of the window.

Also, be very wary of links that have long strings of characters attached to them. At a minimum, it probably means that you're being tracked somehow.

Try it with the links above...

Steven Taylor replied to comment from Sarah Schultz, Cisco | March 5, 2010 4:28 PM

Sarah,

Thanks for mentioning the Annual Security Report. I hope a lot of our community are already familiar with it since it's posted here. As mentioned at the time, it's a great resource.

Steven Taylor | March 5, 2010 4:31 PM

I'd like to start a kinda parallel thread. What do you see as specific steps that can be taken to protect the network and IT resources in light of the rapid proliferation of mobile devices such as iPhones, iPod Touches, etc.?

Sarah Schultz, Cisco replied to comment from Steven Taylor | March 12, 2010 5:53 PM

One thing in the security world hasn't changed...you still need a layered security strategy, there is no single bullet to solve all security issues. A layered approach including firewalls, IPS systems, integrated switch/router security, content security, endpoint security, etc, is still needed. Many organizations are preferring some of these aspects of security in cloud-based services...but that's another conversation...

To the mobile device issue, agreed, organizations are now challenged with how to secure and apply appropriate policies on the plethera of devices coming into the network.

To solve this particular problem, Cisco just announced a new AnyConnect Secure Mobility Solution that enables organizations to gain control of managed and unmanaged remote workers using laptops and mobile devices. Organizations can decide which users access which resources - securely - with a system that includes the 'always-on' AnyConnect client on mobile devices, the Cisco ASA firewall, and the Cisco IronPort Web Security Appliance that applies context-aware policies. http://www.cisco.com/en/US/netsol/ns1049/index.html

Another important step in mobility is making sure the devices coming into the network are up to the latest security posture...organizations should really be looking at some type of Network Admission Control to apply policy/access rights to devices coming onto the network.

These are just a couple of components...Cisco has recommended security architectures posted on www.cisco.com/go/safe - blueprints in how to deploy end to end security.

If you would like to see the other articles in the blog post of the "Top Ten VoIP Articles of All Ti... Steven Taylor, Webtorials on "Is VoIP Secure? YOU Make the Call":
Great job I followed since the begining thanks... Eduardo Pérez Telesystems SpA on "The 2018 Guide to WAN Architecture and Design - Executive Summary":
Thanks to Marjorie at RingCentral for reminding me that this paper existed. Looking forward to your... Steven Taylor, Webtorials on "Is VoIP Secure? YOU Make the Call":
looking at WAN re-engineering projects... Sunny on "The 2018 Guide to WAN Architecture and Design - Part 2: Key Considerations when Choosing new WAN and Branch Office Solutions":
Hi Richard. We appreciate your feedback. Jim Metzler always provides excellent analysis on the ever-... Nancy Leonard, Webtorials on "The 2017 State-of-the-WAN Report":
Interesting reading... Richard Fausey, Plow, LLC on "The 2017 State-of-the-WAN Report":
I needed this document. Thank you.... AO NII Mashtab on "The 2017 Guide to WAN Architecture and Design - Executive Summary":
I look forward to reviewing more info on this topic. ... trevor evans - fox group on "2017 Workplace Productivity and Communications Technology Report":
I would like access to your "2017 Workplace Productivity and Communications Technology Report" Than... Paul Zielie, Harman Professional Solutions on "2017 Workplace Productivity and Communications Technology Report":
I'm Telecommunications Engineer at PETROBRAS S.A. and i have overall interest about WAN. ... JOSE CEREZO, PETROBRAS S.A. on "The 2017 Guide to WAN Architecture and Design - Part 1: State of the WAN":

See more discussions...

Threat Control and Containment

9 Comments

Search Webtorials

Get E-News and Notices via Email

Trending Discussions

Featured Sponsor Microsites

Archives

Notices