 |
 |
|
Cisco Network Security Solutions - PBM IT - Call (888) 233-6471
Cisco Network Security Solutions Frequently Asked Questions (FAQ)Small and medium-sized businesses use the Internet and networked applications to reach new customers and serve their existing ones more effectively. At the same time, new security threats and legislation puts increased pressure on business networks to be reliable and secure. Cisco delivers comprehensive, affordable, integrated security solutions tailored for small and medium-sized businesses that help ensure business continuity, maintain customer privacy, and reduce operating costs. Businesses can confidently spend more time growing their business, and less time focusing on network security issues. Cisco IronPort Security Management Appliances (1) Simplifiy security management across Cisco IronPort email and web security products, (2) Deliver centralized reporting, message tracking, and spam quarantine for the email security appliances, (3) Provide centralized web policy management for web security appliances, and (4) Allow for delegated administration of web access policies and custom URL categories. netForensics solutions provide all the essential elements of an effective SIEM and log management strategy, including (1) Ongoing data collection from a broad array of network and security devices, (2) The capability to aggregate, correlate and store diverse security log data, (3) Complete visibility into security-related activities, so you always know your security and compliance posture, (4) Real-time identification of threats and patterns of suspicious activity, (5) Rapid, best-practice response guidance for security incidents, (6) Tools and reports to effectively meet your compliance requirements, and (7) Scalable architectures that ensure a low cost of ownership as you grow. nFX Cinxi One offers you a new, cost-effective approach to security and compliance. Cinxi combines complete log management capabilities with powerful correlation technology, real-time monitoring, and an integrated incident response system, all on one appliance. Cinxi offers organizations of all sizes: (1) In-depth, real-time visibility into your security and compliance posture, (2) Unparalleled speed and performance, (3) Prioritized threat identification, alerting, and remediation guidance, (4) Comprehensive, automated log management reporting for compliance and audit, (4) Extensive on-board log storage with fast access to your event logs, and (5) A simple-to-deploy and easy-to-use solution, all at a fraction of the cost of other products. An active attack is one in which an unauthorized change of the system is attempted. This could include, for example, the modification of transmitted or stored data, or the creation of new data streams. Sub-categories are (1) masquerade or fabrication, (2) message replay, (3) message modification and (4) denial of service or interruption of availability. Ensure that security policy accurately reflects the organization needs. The policy must be used as a baseline for comparison with testing results. Without appropriate policy, the usefulness of testing is drastically limited. For example, discovering that a firewall permits the flow of certain types of traffic may be irrelevant if there is no policy that states what type of traffic or what type of network activity is permitted. When there is a policy, testing results can be used to improve the policy. The Internet has brought about many changes in the way organizations and individuals conduct business, and it would be difficult to operate effectively without the added efficiency and communications brought about by the Internet. At the same time, the Internet has brought about problems as the result of intruder attacks, both manual and automated, which can cost many organizations excessive amounts of money in damages and lost efficiency. Thus, organizations need to find methods for achieving their mission goals in using the Internet and at the same time keeping their Internet sites secure from attack. One form of attack on computing systems connected to the Internet is eavesdropping on network connections to obtain login ids and passwords of legitimate users [RFC 1704]. Bellcore's S/KEY(TM) one-time password system was designed to counter this type of attack, called a replay attack [RFC 1760]. Several one-time password implementations compatible with Bellcore's S/KEY (TM) system exist. These implementations are increasingly widely deployed in the Internet to protect against passive attacks. Stop security attacks before they affect business continuity. Cisco ASA 5500 Series Adaptive Security Appliances provide intelligent threat defense and highly secure communications services. These solutions help organizations lower their deployment and operational costs while delivering comprehensive network security for networks of all sizes. Network administrators can run the grep command against configuration files pulled from routers and firewalls and stored in local directory of their workstation (UNIX or Windows), or use grep statement build into Cisco IOS or ASA. For example, suppose the auditor wants to check the configuration for all telnet statements. The network administrator can run show running-config grep telnet and look through each entry (or without grep, just using include sh run i telnet), filter out addresses and send output to auditor. |
