Silicon Shecky

Infosec Practitioner

Connect

Cisco gets its head in the cloud

By Leave a Comment

Some day I am personally going ot make it to one of these big industry conferences and then we shall all be in trouble. Unfortunately all I can do is keep my eyes on @rsaconference through twitter, and watch the news sites for the interesting information from the RSA Conference going on now.

RSA Conference, being one of the big security conferences, has some big players there. You already saw my earlier post about Symantec, well now its Cisco rearing its head with its upcoming initiatives.

1) Cisco Security Cloud Services, which ties the cloud and the local network together to secure collaborative discussions, allowing companies to deliver security from multiple networks and apps.

This is one of the more interesting announcements in my mind. The question is how is it going to ties the two together. It seems to me to have application and collaborative security pointed down from the cloud could open up a whole new world of security holes. Think about it, if you are a SMB, you have something like Sharepoint as a collaborative solution. Now even if you have multiple locations, if you get set up on an MPLS solution, everyone is still inside a more secure network, unless what Cisco is really talking about is getting into the MPLS workspace. Guess we will have to keep our eyes open on this one.

2) Software that allows threat data – obtained and captured from a variety of sources – into dynamic updates, pushing intelligence such as “reputation scores” to the network’s security backbone to ward off threats faster.

This to me is a good idea, as long as they prevent poisoning of the databases holding the reputation scores. We already see the AV companies each determining a Threat Risk on their own. Makes more sense if there was a single rating system overall.

3) New software offerings, including Botnet traffic filters for Cisco appliances to more accurately identify infected clients and VPN enhancements

Now this one is big if Cisco can really pull it off. Think of it, Cisco appliances (Routers, ASA Firewalls, etc..) able to shut down Botnet Nodes. Still reactive as the infected machines would have to be taken care of, but at least all that spam traffic and DDoS traffic could be mitigated.

4) Cisco SAFE, a security blueprint that helps organizations plan, design and deploy networked security services, including remote offices and data centers.

This is another nice idea, but we all know that it will be proprietary Cisco based, so you will have to find a way to rethink a similar plan for other vendors equipment.

Honestly, there are going to be more announcements from other companies and people in the security field at this conference, and I’ll keep talking about all of this but the security field, like so many other IT fields, has a huge stumbling block.

Most people do not understand most of it, and don’t think any of it really affects them. I really would love to see a conference or papers written about security aimed at the SMB owner who makes the decisions and honestly is the most succeptable to security issues.

Botnets, Viruses, Hackers, DDoS attacks, don’t care if it is the largest company in the world or the youngest individual, they just want the control they get. True security comes from educating the masses, and to do that you have to be able to explain things to them in their own terms.