I have added Fortinet Visio Stencils. Fortinet is a company of great interest. (more…)
About admin
Website:
admin has written 37 articles so far, you can find them below.
Added Cisco Visio Icons and Stencils
I have added Cisco Visio Icons. This includes most of the Cisco products and not just the security related icons. There are several .vss files as well as a PowerPoint document with lots of icons. Enjoy!
Upcoming Sourcefire Webcast
Sourcefire is hosting a webcast on IPS tuning. I think this is a critical step that is unfortunately overlooked in many organizations.
NSS Labs, the world’s leading independent information security research and testing organization. recently put seven leading Network IPS vendors through a rigorous test that included 1,159 validated exploits. 
One of the findings from the test was that a “tuned” IPS blocks considerably more threats than an IPS configured with a default policy alone..
To learn more about the NSS Labs Network IPS test results and some of the industry best practices for IPS tuning, please join us on March 10th for a free and insightful live webcast.
Speakers: Rick Moy, President of NSS Labs &
Matt Watchinski, Sr. Director of Sourcefire’s Vulnerability Research Team™ (VRT)
Date: Wednesday, March 10th at 11:00 a.m. Eastern (EST)
End of an era.
IBM has announced it is dropping the IBM Intenet Security Systems name and all the security divisions will now be under IBM Security Services (I guess they didn’t want to get rid of the ISS acronym) . X-Force will apparently be moved under IBM research and ISS will be moved under the same group as the Tivioli products. This is the offical end of an era. ISS was one of the first security companies and developed many innovative products and the X-Force was the top research group in the field.
IBM has continued the majority of the product lines and has maintained X-Force but it is not what it once was. This the trend was have seen over the years with the smaller innovative security companies being acquired by the larger players. We saw this with RSA and EMC, IBM and ISS, 3Com and TippingPoint now HP. It seems the only ones not acquired were Symantec and Mcafee who have been the acquirerers.
For IBM this change makes sense and most new it would come. Now all security products and services are now under a single organization. This will allow them th likely reduce cost and better cross sell their products.
Good bye ISS!
Cabling an IPS
One of the most confusing aspect of setting up an IPS can be the cabling. Different vendors have different cabling requirements and in many organizations different teams control the different devices that may be connected to the IPS. Some vendors recommend using cross-over cables when connecting devices such as firewalls and routers. This is not usually needed if you are configuring the interfaces to Auto/Auto. Most vendors support auto-mdix and auto-mdix automatically detects the cable type and configures the connection appropriately. The works as long as the interfaces speed and duplex are set to auto/auto.
Problems can arise though when you use straight cables and then change the interfaces to a hard set speed and duplex. What worked with Auto/Auto now does not work and the interfaces do not connect resulting in down time. I have seen this happen in a production network and the result was not good.
Some ways to prevent this is to use the cabling requirements as if the interfaces were hard set to a speed and duplex even if they are left in auto/auto. If the interfaces are changed later then you should not have to change the cabling. Make sure if using aut0/auto that the switch ports are configured to use port fast. This ensure the ports reactivate quicker if they become connected. This will ensure any bypass units activate quicker and downtime is reduced.
Intrusion Prevention Summit
There is a Intrusion Prevention Summit being hosted by BrightTalk beginning on January 12th. You can register at the below link. There are several interesting topics including, “The Value of IDS/IPS virtualization in Managed Services”, and several other IPS related talks.
http://www.brighttalk.com/summit/intrusionprevention
