What is Zero Trust? Zero Trust is a framework and attitude towards IT security that centers on the idea that we in the IT field cannot trust anyone or any device on our network. Many systems administrators are well versed in this model. Every employee is assigned a domain joined laptop that is locked down via Group Policy. Those employees are tracked via a user identity using their AD profile that, through security groups, either allow or restrict access to various IT assets (servers, printers, wireless, and/or client VPN). Accounting is enabled to track what the users are accessing and used in the event of a malicious attack to see where the attack originated and who preformed the attack.
Last week was the long-awaited Cisco Live 2019! And two of our wonderful engineers wrote up their thoughts on the week. For a quick recap check out Dominic Zeni's overview of the week below and if you want a more in-depth recap check out Trevor Butler's deep dive into the Cisco Live 2019 World.
For the Short Attention Span Readers:
Another year, another Live! Building Bridges was one of the themes of this years’ Cisco Live and you can see it ringing true across the portfolio. Take Cisco Umbrella for example. It is no longer just a DNS layer security tool. Using the cloud-native Umbrella application, Cisco has built integrations to CloudLock, SDWAN, and soon ThreatGrid. With just the click of a button from your vManage, you can build tunnels (bridges??) from your SDWAN to your Umbrella and begin leveraging the full featured Umbrella Secure Internet Gateway. Or how about Cognitive Collaboration, building bridges to well…everywhere! Taking in contextual information from the Internet in all forms, Cognitive Collaboration promises to make us more prepared, more productive, and more successful in the meetings we attend. The new SVP of Collab, Amy Chang, came to Cisco through an acquisition of Accompany (the technology at the heart of Cognitive Collab). I’m very excited for the things to come from Amy’s team and Cognitive Collaboration. At the heart of all of these technological bridges are API’s. So, where’s the bridge for me as a traditional systems or network engineer that takes me from the CLI or the GUI to the API? Enter the new DevNet certifications announced at Cisco Live. A path (bridge??) for learning is very helpful when approaching an ocean of new technology and I’m excited to see what it’s all about! - Dominic Zeni
For The Insatiable Readers:
This year Cisco Live was held in sunny San Diego. Between the breakout sessions, the walk-in labs, and an amazing performance by Weezer and the Foo Fighters, Cisco announced some new products and new certifications.
Two years ago Cisco introduced the Catalyst 9000 series switches as the next generation of campus switches. Every Catalyst switch family had an equivalent 9K to replace it; the 3800s were replaced with the 9300, the 4500s were replaced with the 9500, and the long standing 6500 chassis switches were replaced with the 9400. Cisco was consolidating all Catalyst switches into the 9000 series, well all but one. It seemed, at the time, that the wildly successful Catalyst 2000 series switch was spared from the chopping block as there was no comparable 9K. Enter the 9200!
When we think of security the image of firewalls, anti-malware protection, and the latest and greatest in network access control pops in our head. With Cisco ISE servers providing NAC services, ASAs providing firewalling on our network edge, and AMP for Endpoints providing malware protection on our laptops we think we are secure. But are we? Have we forgotten the very first line of security?
This year’s AWS re:Invent has come and gone. This year 45,000 people from around the world descended on Las Vegas for one week. Participants were treated to a myriad of breakout sessions, labs, certification exams, and parties (it is Vegas after all). For the first time re:Invent spanned multiple convention centers. The Sands Convention Center was the main center with the Mirage, Aria, and MGM acting as secondary centers.
On Monday Mathy Vanhoef and Frank Piessens, from the University of Leuven, published a paper disclosing a series of vulnerabilities that affect the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols. These vulnerabilities described a set of scenarios where a malicious user can perform a man-in-the-middle replay attack on wireless users connected to the network using the WPA and WPA2 wireless protocols. By spoofing the address of an access point and replaying the authentication 4-way handshake the malicious user can force the supplicant end device to reinstall an old key-pair, which is why it is being referred to as “KRACK” (Key Reinstallation AttaCK).
You have been working as a network administrator for your company for a few years now. In that time you have been asked to complete a handful of network projects; a new office turn up here, replace some switches or a router there. The whole time you work from old templates or, in the case of replacement gear, just copy and paste the old config. Have you ever really stepped back and looked at the network as a whole, or more importantly do you have time?
Recently I deployed Cisco’s AMP for Endpoints for a 50-user organization. For the uninitiated, AMP for Endpoints is Cisco’s cloud based, enterprise grade, advanced malware protection software that is deployed to each end device in the network. Each endpoint reports back to the central cloud controller and is managed by the controller. Cisco integrated AMP for Endpoints with Cisco’s ThreatGRID to provide deep threat analytics; analyzing millions of files and correlating them against hundreds of millions of malware samples. The controller can then push these new signatures to each endpoint automatically, protecting the device.
For many AWS customers, their workloads are located in one region, and in many cases their applications are utilizing only one availability zone within a region. To use the S3 outage as an example, the Simple Storage Service (S3) outage was localized to only the US East Region. Had customers replicated their S3 data to an additional region and utilized Amazons failover platform the outage would have gone unnoticed to all but the operators at AWS.
By now I am sure most of us have heard of Amazon’s AWS, or Amazon Web Services, but how many of us know of its full potential. The biggest myth around AWS is that it is a cloud service for developers and doesn’t have a place for the enterprise environment however, while AWS offers a lot of platform services aimed at the developer, at its core, it offers a set of rich infrastructure services. Let’s look at these core services and how they relate to the enterprise customer.
Subscribe to the informative Newsletter to be Notified Updates in the Technology world.