SlideShare a Scribd company logo

Cisco Security Agent - Eric Vanderburg

Download as PPT, PDF
Eric Vanderburg
Eric Vanderburg

Cisco Security Agent (CSA) is a host-based intrusion prevention system that enforces security policies on various hosts. It was originally called StormWatch and was later acquired by Cisco in 2003. CSA monitors hosts for unusual activity and restricts access and applications based on centralized rules. It provides advantages like monitoring, centralized management, firewall capabilities, application control and file protection. CSA agents communicate with a central management console to log events and receive updated policies.

Technology
1 of 20
Cisco Security Agent Eric Vanderburg May 3, 2006 Eric Vanderburg – Cisco Security Agent
Cisco Security Agent (CSA) • Host based Intrusion prevention system • Enforces policies on hosts based on specific rules • Version 5.1 is the newest • Called StormWatch in 1999. Purchased by Cisco in 2003. • A license is required for the management console and for all agents – purchased in bundles from 10-10,000 or individually – Licenses reside on the Management Console machine • Spans a variety of platforms Eric Vanderburg – Cisco Security Agent
Supported Hosts Server Agent Desktop Agent • Windows Server 2003 • Windows 2000 Server • Windows NT 4 Server (SP6) • Solaris 8 SPARC architecture (64-bit) • Solaris 9 SPARC architecture (64-bit) • Red Hat Enterprise Linux 3.0 ES and AS • Windows NT 4 Workstation (SP6) • Windows 2000 Pro • Windows XP Pro • Windows XP Tablet Edition • Red Hat Enterprise Linux 3.0 WS Eric Vanderburg – Cisco Security Agent
System Requirements • Windows – Pentium 200MHz – 128MB RAM – 25MB free hard drive space • Solaris – UltraSPARC 400 MHz – 256MB RAM – 25MB free hard drive space • Linux – 500 MHz or faster x86 processor (32-bit only) – 256MB RAM – 25MB free hard drive space • No support available yet for Macintosh Eric Vanderburg – Cisco Security Agent
Advantages • • • • • • Monitoring Central reaction Distributed Firewall Application Control File Protection Restrict by Posture Eric Vanderburg – Cisco Security Agent
Monitoring • Monitors the following to see whether or not actions should be allowed: – OS kernel usage – Resources – Registry entries (Windows) – COM object access – Inbound and outbound network connections Eric Vanderburg – Cisco Security Agent
Interceptors • Track actions and compare against the rules database for appropriate response – Network Traffic interceptor - Use for SYN flood and port scan protection. – Network Applications interceptor - Limit or allow individual applications to access the network via specific protocols and networks addressing parameters. – File interceptor - Limit an application's ability to read and write to specific files and directories. Eric Vanderburg – Cisco Security Agent
Central reaction • Agents report to a single management console • Events are logged to the management console so that new rules can be dynamically created. – If the management console is unavailable, they are stored until connection is restored Eric Vanderburg – Cisco Security Agent
Distributed firewall • Control which applications can act as a server to remote clients and vice versa • Learning mode: builds a list of allowed applications based on usage – Only adds to the policy. Does not override the central policy from the management console • Disables the Windows firewall when installed Eric Vanderburg – Cisco Security Agent
Application control • Restrict access to certain programs – Restrict by user or system account • Restrict the actions applications can take Eric Vanderburg – Cisco Security Agent
File protection • Files can be flagged as not available to any network connection • Can stop files from being deleted, modified, or created Eric Vanderburg – Cisco Security Agent
Trust • Hosts must be trusted before they will be allowed network access. • Given a posture of quarantined until trusted • Trusted hosts – Virus free & updated – Accessing from an appropriate medium – Adhering to policies – MAC and IP address are on an approved list Eric Vanderburg – Cisco Security Agent
Management Console • • • • Agent Configuration Policy Configuration Centralized reporting Similar interface to other Cisco management tools • Alerts can be integrated with alerts from other Cisco security products via the Cisco Security Monitoring, Analysis, and Response System Eric Vanderburg – Cisco Security Agent
Management Console • Access via web browser (IE and Firefox only) using 128-bit SSL, port 443 • URL: http://<management center system hostname>.<domain> Eric Vanderburg – Cisco Security Agent
Database • Local Database - MSDE (Microsoft Database Engine) is used for setups less than 500 agents and under 2GB (packaged with install) • Remote Database - SQL Server is used for setups with more than 500 agents Eric Vanderburg – Cisco Security Agent
Agent • Installed per host – Admin rights – Through software deployment solution • Messages - shows denied actions since last reboot • User Query Responses - stored answers (Yes, No, Terminate) • System Security - Slide bar for off, low, med, high settings & resume from install mode • Untrusted apps - selected by user after prompt Eric Vanderburg – Cisco Security Agent
Agent • Local Firewall Settings – Learning Mode – Enable / Disable – Firewall permissions • • • • Email network permission HTTP network permission Network client permission Network server permission • File Protection • Solaris agent is not a GUI app. The CLI utility csactl is used. • No queries either Eric Vanderburg – Cisco Security Agent
Communication • PC to MC: SSL TCP 1741 & 1742 • MC to PC: SSL TCP 443 & 5401 – Signed with MC Certificate • Updates retrieved through pull model at specified interval (default 10 minutes) • Push method: Hints Eric Vanderburg – Cisco Security Agent
Cisco Security Agent • Locally enforced, centrally managed • Multiple vendors supported • Settings can run in test mode before implementation • Safeguard nodes, files, attack avenues, and stop virus propagation. Eric Vanderburg – Cisco Security Agent
Questions? • Contact info: evanderburg@gmail.com • Blog: http://spaces.msn.com/professornova Eric Vanderburg – Cisco Security Agent

Recommended

Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Eric Vanderburg
 
Developers Focus on Security-Minded Tooling - Quintis Venter
Developers Focus on Security-Minded Tooling - Quintis Venter �Developers Focus on Security-Minded Tooling - Quintis Venter �
Developers Focus on Security-Minded Tooling - Quintis Venter Thoughtworks
 
Abdulkarim 1 and 2
Abdulkarim 1 and 2Abdulkarim 1 and 2
Abdulkarim 1 and 2
عبودي خلف
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewali raza
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
Precisely
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i Security
Precisely
 
System Hardening Recommendations_FINAL
System Hardening Recommendations_FINALSystem Hardening Recommendations_FINAL
System Hardening Recommendations_FINALMartin Evans
 
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Amazon Web Services
 

Recommended

Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Network Implementation and Support Lesson 14 Security Features - Eric Vande...
Eric Vanderburg
 
Developers Focus on Security-Minded Tooling - Quintis Venter
Developers Focus on Security-Minded Tooling - Quintis Venter �Developers Focus on Security-Minded Tooling - Quintis Venter �
Developers Focus on Security-Minded Tooling - Quintis Venter Thoughtworks
 
Abdulkarim 1 and 2
Abdulkarim 1 and 2Abdulkarim 1 and 2
Abdulkarim 1 and 2
عبودي خلف
 
Chapter 1 overview
Chapter 1 overviewChapter 1 overview
Chapter 1 overviewali raza
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
Precisely
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i Security
Precisely
 
System Hardening Recommendations_FINAL
System Hardening Recommendations_FINALSystem Hardening Recommendations_FINAL
System Hardening Recommendations_FINALMartin Evans
 
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Amazon Web Services
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Chicago
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Digital Bond
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
NCCOMMS
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
Sam Bowne
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
Luigi Perrone
 
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installationMastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
networkershome
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
NCCOMMS
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Netgear Italia
 
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksCh 11: Hacking Wireless Networks
Ch 11: Hacking Wireless Networks
Sam Bowne
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part IITimothy Chen
 
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Netgear Italia
 
CSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami LaihoCSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami Laiho
NCCOMMS
 
W982 05092004
W982 05092004W982 05092004
W982 05092004
Sumit Tambe
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
Frank Avila Zapata
 
Ccna sec
Ccna secCcna sec
Ccna sec
shg4916
 
CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoCSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
NCCOMMS
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
Jim Gilsinn
 
Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015Michael Jones, CCIE, CISSP, PMP
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
Cisco DevNet
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Eric Vanderburg
 
Chapter08
Chapter08Chapter08
Chapter08
Muhammad Ahad
 

More Related Content

What's hot

AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Chicago
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Digital Bond
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
NCCOMMS
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
Sam Bowne
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
Luigi Perrone
 
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installationMastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
networkershome
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
NCCOMMS
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Netgear Italia
 
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksCh 11: Hacking Wireless Networks
Ch 11: Hacking Wireless Networks
Sam Bowne
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part IITimothy Chen
 
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Netgear Italia
 
CSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami LaihoCSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami Laiho
NCCOMMS
 
W982 05092004
W982 05092004W982 05092004
W982 05092004
Sumit Tambe
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
Frank Avila Zapata
 
Ccna sec
Ccna secCcna sec
Ccna sec
shg4916
 
CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoCSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
NCCOMMS
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
Jim Gilsinn
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOV
Eric Vanderburg
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
Cisco DevNet
 

What's hot (20)

AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
 
CSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
 
z/OS Authorized Code Scanner
z/OS Authorized Code Scannerz/OS Authorized Code Scanner
z/OS Authorized Code Scanner
 
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installationMastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
 
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksCh 11: Hacking Wireless Networks
Ch 11: Hacking Wireless Networks
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II
 
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
Webinar NETGEAR - Acronis e Netgear una panoramicadelle soluzioni per la prot...
 
CSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami LaihoCSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami Laiho
 
W982 05092004
W982 05092004W982 05092004
W982 05092004
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 
Ccna sec
Ccna secCcna sec
Ccna sec
 
CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoCSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
 
Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOV
 
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
 

Similar to Cisco Security Agent - Eric Vanderburg

Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
Eric Vanderburg
 
Chapter08
Chapter08Chapter08
Chapter08
Muhammad Ahad
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
gameaxt
 
Coud discovery chap 5
Coud discovery chap 5Coud discovery chap 5
Coud discovery chap 5
Alain Charpentier
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and AuthenticationFirewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Gopal Sakarkar
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
Waqas Ahmed Nawaz
 
1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx
nguyenthanhdatpl403
 
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data501 ch 5 securing hosts and data
501 ch 5 securing hosts and data
gocybersec
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
ThangDang53
 
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
Vincent Giersch
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgNetworking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Eric Vanderburg
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Eric Vanderburg
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
Divya Jyoti
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
Inductive Automation
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
Yokogawa1
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
Inductive Automation
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
Sophos Benelux
 

Similar to Cisco Security Agent - Eric Vanderburg (20)

Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
 
Chapter08
Chapter08Chapter08
Chapter08
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12Microsoft Offical Course 20410C_12
Microsoft Offical Course 20410C_12
 
Ensuring your plant is secure
Ensuring your plant is secureEnsuring your plant is secure
Ensuring your plant is secure
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewall
 
Coud discovery chap 5
Coud discovery chap 5Coud discovery chap 5
Coud discovery chap 5
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and AuthenticationFirewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx
 
501 ch 5 securing hosts and data
501 ch 5 securing hosts and data501 ch 5 securing hosts and data
501 ch 5 securing hosts and data
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgNetworking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
 
Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...Network Implementation and Support Lesson 10 Server Administration - Eric V...
Network Implementation and Support Lesson 10 Server Administration - Eric V...
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
Eric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Eric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Eric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
Eric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
Eric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Eric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
Eric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
Eric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
Eric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Eric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
 

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 

Cisco Security Agent - Eric Vanderburg

  • 1. Cisco Security Agent Eric Vanderburg May 3, 2006 Eric Vanderburg – Cisco Security Agent
  • 2. Cisco Security Agent (CSA) • Host based Intrusion prevention system • Enforces policies on hosts based on specific rules • Version 5.1 is the newest • Called StormWatch in 1999. Purchased by Cisco in 2003. • A license is required for the management console and for all agents – purchased in bundles from 10-10,000 or individually – Licenses reside on the Management Console machine • Spans a variety of platforms Eric Vanderburg – Cisco Security Agent
  • 3. Supported Hosts Server Agent Desktop Agent • Windows Server 2003 • Windows 2000 Server • Windows NT 4 Server (SP6) • Solaris 8 SPARC architecture (64-bit) • Solaris 9 SPARC architecture (64-bit) • Red Hat Enterprise Linux 3.0 ES and AS • Windows NT 4 Workstation (SP6) • Windows 2000 Pro • Windows XP Pro • Windows XP Tablet Edition • Red Hat Enterprise Linux 3.0 WS Eric Vanderburg – Cisco Security Agent
  • 4. System Requirements • Windows – Pentium 200MHz – 128MB RAM – 25MB free hard drive space • Solaris – UltraSPARC 400 MHz – 256MB RAM – 25MB free hard drive space • Linux – 500 MHz or faster x86 processor (32-bit only) – 256MB RAM – 25MB free hard drive space • No support available yet for Macintosh Eric Vanderburg – Cisco Security Agent
  • 5. Advantages • • • • • • Monitoring Central reaction Distributed Firewall Application Control File Protection Restrict by Posture Eric Vanderburg – Cisco Security Agent
  • 6. Monitoring • Monitors the following to see whether or not actions should be allowed: – OS kernel usage – Resources – Registry entries (Windows) – COM object access – Inbound and outbound network connections Eric Vanderburg – Cisco Security Agent
  • 7. Interceptors • Track actions and compare against the rules database for appropriate response – Network Traffic interceptor - Use for SYN flood and port scan protection. – Network Applications interceptor - Limit or allow individual applications to access the network via specific protocols and networks addressing parameters. – File interceptor - Limit an application's ability to read and write to specific files and directories. Eric Vanderburg – Cisco Security Agent
  • 8. Central reaction • Agents report to a single management console • Events are logged to the management console so that new rules can be dynamically created. – If the management console is unavailable, they are stored until connection is restored Eric Vanderburg – Cisco Security Agent
  • 9. Distributed firewall • Control which applications can act as a server to remote clients and vice versa • Learning mode: builds a list of allowed applications based on usage – Only adds to the policy. Does not override the central policy from the management console • Disables the Windows firewall when installed Eric Vanderburg – Cisco Security Agent
  • 10. Application control • Restrict access to certain programs – Restrict by user or system account • Restrict the actions applications can take Eric Vanderburg – Cisco Security Agent
  • 11. File protection • Files can be flagged as not available to any network connection • Can stop files from being deleted, modified, or created Eric Vanderburg – Cisco Security Agent
  • 12. Trust • Hosts must be trusted before they will be allowed network access. • Given a posture of quarantined until trusted • Trusted hosts – Virus free & updated – Accessing from an appropriate medium – Adhering to policies – MAC and IP address are on an approved list Eric Vanderburg – Cisco Security Agent
  • 13. Management Console • • • • Agent Configuration Policy Configuration Centralized reporting Similar interface to other Cisco management tools • Alerts can be integrated with alerts from other Cisco security products via the Cisco Security Monitoring, Analysis, and Response System Eric Vanderburg – Cisco Security Agent
  • 14. Management Console • Access via web browser (IE and Firefox only) using 128-bit SSL, port 443 • URL: http://<management center system hostname>.<domain> Eric Vanderburg – Cisco Security Agent
  • 15. Database • Local Database - MSDE (Microsoft Database Engine) is used for setups less than 500 agents and under 2GB (packaged with install) • Remote Database - SQL Server is used for setups with more than 500 agents Eric Vanderburg – Cisco Security Agent
  • 16. Agent • Installed per host – Admin rights – Through software deployment solution • Messages - shows denied actions since last reboot • User Query Responses - stored answers (Yes, No, Terminate) • System Security - Slide bar for off, low, med, high settings & resume from install mode • Untrusted apps - selected by user after prompt Eric Vanderburg – Cisco Security Agent
  • 17. Agent • Local Firewall Settings – Learning Mode – Enable / Disable – Firewall permissions • • • • Email network permission HTTP network permission Network client permission Network server permission • File Protection • Solaris agent is not a GUI app. The CLI utility csactl is used. • No queries either Eric Vanderburg – Cisco Security Agent
  • 18. Communication • PC to MC: SSL TCP 1741 & 1742 • MC to PC: SSL TCP 443 & 5401 – Signed with MC Certificate • Updates retrieved through pull model at specified interval (default 10 minutes) • Push method: Hints Eric Vanderburg – Cisco Security Agent
  • 19. Cisco Security Agent • Locally enforced, centrally managed • Multiple vendors supported • Settings can run in test mode before implementation • Safeguard nodes, files, attack avenues, and stop virus propagation. Eric Vanderburg – Cisco Security Agent
  • 20. Questions? • Contact info: evanderburg@gmail.com • Blog: http://spaces.msn.com/professornova Eric Vanderburg – Cisco Security Agent