Cisco Extends Security Openness with McAfee Interoperability and New Technology Partners

June 26, 2017

by Andrew Peters

Vendor “openness” drives better outcomes for the state of information security.  That’s why Cisco has invested and committed so heavily to our Cisco Security Technical Alliances (CSTA) program in recent years.  CSTA now has over 130 technology partners…a six-fold increase from where we started nearly four years ago.  It is a use-case driven technology partner program with certified platform-to-platform collaborations that better safeguard networks and data.  Today we are announcing several extensions and expansions to the CSTA partner program with McAfee, Algosec, cPacket, CSPi, Tufin and Verodin.

The Email Threat Vector and Cisco Email Security Interoperability with McAfee

Zero-day email threats are real, and so is the risk to today’s businesses. Spear phishing and ransomware threats via email are out of control, and as cyber criminals become more sophisticated in creating threats that evade typical defenses, it becomes an imperative for McAfee customers to enhance their threat detection with strong Email protections.

To see how bad guys use email for ransomware attacks, check out this video Ransomware, Anatomy of an Attack (it’s shocking to say the least).

With this in mind, we are proud to announce

interoperability of Cisco Email Security with the McAfee® Advanced Threat Defense (ATD) solution.  This presents a great opportunity for McAfee customers to review their current email defense strategy, and investigate how deploying Cisco’s Email Security Appliance (ESA) with McAfee’s ATD can deliver better protections for this dangerous threat vector.  This gives our joint customers a closed-loop email security solution that quickly picks-off unsafe attachments before they get to the end-user.

Here’s how it works…Cisco ESA receives an email attachment that’s actually a zero-day threat. It notifies McAfee ATD that it’s sending the file over for inspection.  Then, McAfee ATD executes the file in its sandbox while also conducting a static code analysis to determine a severity level that it sends to Cisco ESA for appropriate action, such as sanitizing the file.  To see a video demo go here.  To see a ‘How to” installation guide go here.

This complements Cisco’s integration of Cisco Advanced Malware Protection (AMP) with the Cisco ESA, which provides network-wide advanced email-based malware detection and sandboxing, enabling a defense-in-depth solution for existing McAfee ATD customers.

According to a study published by Radicati Group, Inc, the number of worldwide email users will grow from over 3.7 billion in 2017 to over 4.1 billion by 2021.  With a significant amount of data exchanged through organizations’ email infrastructure—including critical financial reports, strategic customer and partner information and even employee performance and personal details.  No wonder that email is today’s #1 threat vector and will likely continue to be so in the future. Cisco Email Security provides McAfee customers the most advanced protection against ransomware, business email compromise, spoofing, and phishing. It uses Cisco Talos advanced threat intelligence and a multilayered approach to protect inbound messages and sensitive outbound data.  With a choice of physical appliance, virtual, cloud-based or hybrid deployment, Cisco Email Security helps customers to stay one step ahead of threats, keep inbox highly secure and protect vital business assets. This couples nicely with McAfee® ATD which enables organizations to detect advanced targeted attacks and convert threat information into immediate action and protection.

Posture Modeling, Forensics and Firewall Configuration Consistency – Keys to Prevention and Mitigation

Cisco is also pleased to announce some new and some newly enhanced integrations with Algosec, cPacket, CSPi, Tufin and Verodin.  Each of these partners provides a key piece in the threat prevention and mitigation puzzle; we are pleased to work with them in creating a complete threat defense picture.

Firewall Policy Management Integration with Algosec and Tufin
Algosec and Tufin are long-time firewall platform management partners. Later this summer, these partners will be updating their integration with Cisco Firepower Management Center by supporting the latest Firepower REST API with policy “read” and “write” capabilities. This enables management of Firepower firewall configuration from these 3rd party management tools, which simplifies management of diverse firewall deployment environments and achieve audit and compliance goals.

Packet Capture Integration with cPacket and CSPi for Detailed Security Forensics
It’s one thing to have security event data.  Most networks have plenty of that. Making it actionable is the key.  cPacket and CSPi leverage Firepower intrusion event data to automatically export and store PCAPs from their full packet capture and storage solution.  Full packet capture technology helps intrusion event analysts by extending visibility into the offending traffic beyond the PCAP collected by Firepower’s Snort based IDS/IPS engine.  Pivoting from specific intrusion events, users can view a vast time window of captured traffic in the partner’s console or download large PCAPs for analysis in a decoding tool of their choice. This helps incident response analysts move from “suspicion” about a security event to “conviction” about the appropriate response.

Get Ahead of Threats: Verodin Integration Across the Cisco Security Portfolio
Verodin’s goal is to measure, manage and improve cybersecurity effectiveness with quantifiable, evidence-based data. Verodin enables security teams to observe and adjust real responses to real attacks without ever putting production systems in danger.  With broad integration across the Cisco Security portfolio—including Firepower, Stealthwatch, Umbrella, and Advanced Malware Prevention for Endpoints—Verodin is helping our joint customers get ahead of threats.  By enabling security teams to see the impact of their modeled threats, as well as security analysts response (or lack thereof) to those threats, they ultimately drive better prevention via stronger network security posture.

Cisco welcomes all these new and expanding technology partners to our CSTA ecosystem.  Deploying these solutions together enables “openness” that solves customer security issues.  Cisco Security…“Simple, Open, Automated.”

For more detail visit:

www.cisco.com/go/CSTA

https://www.mcafee.com/us/partners/security-innovation-alliance/index.aspx

www.algosec.com

www.cpacket.com

www.cspi.com

www.tufin.com

www.verodin.com

Source:  https://blogs.cisco.com/security/cisco-extends-security-openness-with-mcafee-interoperability-and-new-technology-partners

Cisco Routers Backdoors #Talpiot

Chuck Robbins, CEO of San Jose, California-based networking hardware and telecommunication company Cisco Systems, will arrive on a 36-hour visit to Israel on March 5, Cisco said in a statement on Wednesday. Mr. Robbins will participate in the launch of Cisco’s country digitization acceleration (CDA) program, Cisco’s social initiative to digitize Israel’s peripheral communities and connect them with the country’s economic and technological center in Tel Aviv.

During his visit, Mr. Robbins will meet with Israeli President Reuven Rivlin, visit local Cisco research and development centers, and meet Israeli tech executives, entrepreneurs, and startups.

Read more:  Cisco Routers Backdoors #Talpiot

Cisco ‘Knowingly’ Sold Hackable Video Surveillance System to U.S. Government

August 1, 2019

by Mohit Kumar

Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies.

It’s believed to be the first payout on a ‘False Claims Act‘ case over failure to meet cybersecurity standards.

The lawsuit began eight years ago, in the year 2011, when Cisco subcontractor turned whistleblower, James Glenn, accused Cisco of continue selling a video surveillance technology to federal agencies even after knowing that the software was vulnerable to multiple security flaws.

According to the court documents seen by The Hacker News, Glenn and one of his colleagues discovered multiple vulnerabilities in Cisco Video Surveillance Manager (VSM) suite in September 2008 and tried to report them to the company in October 2008.

Cisco Video Surveillance Manager (VSM) suite allows customers to manage multiple video cameras at different physical locations through a centralized server, which in turn, can be accessed remotely.

The vulnerabilities could have reportedly enabled remote hackers to gain unauthorized access to the video surveillance system permanently, eventually allowing them to gain access to all video feeds, all stored data on the system, modify or delete video feeds, and bypass security measures.

Apparently, Net Design, the Cisco contractor where Glenn was working at that time, fired him shortly after he reported Cisco’s security violations, which the company officially described as a cost-cutting measure.

However, in 2010, when Glenn realized that Cisco never fixed those issues neither notified its customers, he informed the U.S. federal agency, who then launched a lawsuit claiming Cisco had defrauded U.S. federal, state and local governments who purchased the product.

Cisco, directly and indirectly, sold its VSM software suit to police departments, schools, courts, municipal offices and airports as we as to many government agencies including the U.S. Department of Homeland Security, the Secret Service, the Navy, the Army, the Air Force, the Marine Corps and the Federal Emergency Management Agency (FEMA).

“Cisco has known of these critical security flaws for at least two and a half years; it has failed to notify the government entities that have purchased and continue to use VSM of the vulnerability,” the lawsuit states.

“Thus, for example, an unauthorized user could effectively shut down an entire airport by taking control of all security cameras and turning them off. Alternately, such a hacker could access the video archives of a large entity to obscure or eliminate video evidence of theft or espionage.”

After the lawsuit was filed, the company acknowledged the vulnerabilities (CVE-2013-3429, CVE-2013-3430, CVE-2013-3431) and released an updated version of its VSM software suit.

As part of the lawsuit, Cisco has finally agreed to pay $8.6 million in the settlement—of which Glenn and his lawyers will receive $1.6 million and the rest $7 million going to the federal government and the 16 states that purchased the affected product.

In response to the latest settlement, Cisco issued an official statement Wednesday saying it was “pleased to have resolved” the 2011 dispute and that “there was no allegation or evidence that any unauthorized access to customers’ video occurred” as a result of its VSM suit’s architecture.

However, the company added that video feeds could “theoretically have been subject to hacking,” though the lawsuit has not claimed that anyone had exploited the vulnerabilities discovered by Glenn.

Source:  https://thehackernews.com/2019/08/cisco-surveillance-technology.html

____________________________

To learn more about the theft of American data and technology by Israel/Russia’s Talpiot and Unit 8200 program:

Israel: The Greatest Spy Machine of All Time

Operation Talpiot: articles and videos

 

Be the first to comment

Leave a Reply

Your email address will not be published.


*