News Stay informed about the latest enterprise technology news and product updates.

Networking giant sets site on security intelligence

In search of security information that minimizes network disruptions and optimizes product threat mitigation? Cisco may have a site for sore eyes.

Cisco shops hunting down vulnerabilities or seeking to mitigate threats may now have help with their aim.

MySDN, a security intelligence Web site maintained by Cisco Systems Inc., identifies, collects and analyzes security threats pertinent to Cisco products.

The SDN moniker stands for self-defending networks, which is Cisco's ongoing initiative to build security functions into its core networking gear. Essentially, the MySDN site provides the following features:

  • Valid and actionable information related to security threats.
  • Best practices for using Cisco devices to secure a network.
  • Intelligence for Cisco Intrusion Prevention products and subscriptions.

    To analyze security threats, the free Web resource uses the Common Vulnerability Scoring System, an emerging industry standard for gauging the severity of security vulnerabilities.

    Catherine Nelson, security analyst with Cisco's Security Intelligence team, which manages the site, said Cisco is helping to pioneer this vendor-neutral standard for rating security threats.

    "We feel like it helps to streamline security information across the board to our customers -- across products and across platforms," Nelson said.

    Nelson said the site is continuously updated by a team of Cisco security analysts who monitor the threat landscape for threats to thousands of products, gleaning information from numerous public and private sources.

    She said the analysts evaluate threat sources, perform in-depth analysis on each potential vulnerability and then publish the information. According to Nelson, each report includes a comprehensive overview of the issue, along with the potential business impact, appropriate mitigation strategies and the affected products.

    The information is timely, too. Nelson predicted it typically takes between 60 and 90 minutes to go from threat identification to posted alert on the site.

    This team has a diverse security background, Nelson said, as some analysts have 20 years of experience in risk assessment, law enforcement or international government.

    Nelson said MySDN is in its initial phase, existing currently as a static site. But Cisco has big plans for the site, she said, as visitors will eventually be able to customize it for their own use and sign up for e-mail alerts.

    Lisa Bickford, president of Stockton, Calif.-based ISP InReach Internet LLC and board member of the California ISP Association, runs a Cisco shop and said word of MySDN is music to her ears.

    Bickford is relieved Cisco is providing the information versus a less trusted source.

    If Cisco doesn't publish the information, she said, malicious sources will eventually publish it to exploit holes and flaws through hacker space while IT administrators don't hear about it until it's too late.

    For more information

    Learn how Cisco's self-defending network strategy is progressing.

    Check out our white paper on Cisco's self-defending network.

    "The big task is to make sure that we are keeping ahead of those trying to maliciously derail the Internet," she said. "Cisco has a responsibility to help its customers do that."

    The MySDN effort comes amid the controversy Cisco recently faced regarding the disclosure of sensitive vulnerability information. At the recent Black Hat Security Conference in Las Vegas, a researcher revealed how a flaw in Cisco's Internetwork Operating Software (IOS) could be exploited in a matter of seconds, using a specifically crafted IPv6 packet, to potentially take down unpatched corporate networks worldwide, or even worse, the entire Internet.

    Cisco filed suit against the researcher and Black Hat in order to prevent further dissemination of the information, but quickly agreed to a legal settlement. However, Cisco's reputation has suffered in the security community, as some hackers believe it is their responsibility to exploit the vulnerabilities as punishment for attempting to prevent the researcher's information from being made public.

  • Dig Deeper on Networking Tutorials and Technical Guides

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.