Welcome to this Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and any ask questions about how to secure your network using tools such as ZBFW, Snort IPS, CWS, FirePower & TrustSec and how to deploy and manage security policies using Cisco Prime and FireSight
Ask questions from Tuesday March 22 to Friday April 1st, 2016
The branch network is key to service delivery and success of many enterprises. After all, most staff don’t work (or shop!) at the data center—they are out in the branches. With the recent massive breaches on the news, security is top of mind concern for many enterprise customers, especially those looking to offload Internet access from their branches directly. Threat landscape has evolved and attackers have become sophisticated at taking advantage of gaps in security to hide and conceal malicious activity. Traditionally, branch users Internet access was provided through Data Center where sophisticated security tools and policies were in place to protect the users. With the direct Internet breakout, the branch network must provide a good experience with robust security to any user as a part of any new initiative. This session provides an overview of threat landscape, risks and integrated security tools and techniques available on ISR branch routers to prevent/protect/mitigate these threats.
Kureli Sankar started with Cisco in Aug, 2006 as a TAC engineer in the firewall team in Research Triangle Park, North Carolina. As a TAC engineer she supported Cisco's security products. Since, May 6th 2013, she has taken up a new role as Technical Marketing Engineer, Enterprise Infrastructure and Solutions Group responsible for security features on Cisco's IOS and XE products. She has presented at Cisco Live US in 2013, 2014 and Cisco Live Berlin 2016. She has also done quite a few Live Web Casts and ATE (Ask The Expert) events for our forum. Prior to joining Cisco, Sankar worked for John Morrell Co., Cincinnati, Ohio where she was the network administrator in charge of the company's enterprise network covering 27 locations in the United States. She also was an adjunct professor at the University of Cincinnati, teaching undergraduate level networking courses. Sankar holds an engineering degree in Electrical and Electronics Engineering from Regional Engineering College, Trichirappalli, India, CCSP and CCIE Security #35505 certifications. While working full time, she volunteers at various organizations like Citizen School, Durham Performance Learning Center, NC First Robotics, Girl Scouts - Carolina, Raleigh Rescue Mission and gives back to the community.
Kural Arangasamy has over 20 years of experience in the networking field and has been with Cisco since 2005. He, is a Technical Marketing Engineer in the Enterprise Infrastructure and Solutions Group. He is responsible for SNORT IPS on ISRs/CSRs and MACSec security features. Kural lives in San Jose, California with his wife and son.
Kureli and Kural might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Other Security SubjectsCommunity
Hi All, I'm configuring SMS Passcode on AnyConnect using ASA. I'm challenged by the fact that after a successful secondary Auth via SMS, AnyConnect prompts for username and password again in a loop. I've traced the RADIUS traffic, and the R...
I am working with our Infosec team. They need syslog for a SIEM and are requesting the use of port 300xx. This is an old 3560G core switch (Yes, it needs to be replaced) and it would not let me add a port to the logging host command. Com...
Hi all,I have failover configured on 2 cisco 4331 vpn routers, the primary router and the secondary router are configured with different internet circuits. When testing the fail over, the secondary router takes over with no problem and everything can be a...
Hi, anyone here experience to access their ASA firewall (ASDM/SSH) from the inside interface but the user is coming from outside interface of the ASA? I see some use cases using management-access but it uses VPN tunnel, can it be done without using a tunn...
Hello all. We have a customer who upgraded the FMC upgraded from 6.6.0 to 6.6.1 successfully.Ithen to upgrade the FTDs from 6.4.0 to 6.6.0 but hit an error which states Update to install failed. we are both new to FTD, whereabouts can we see more detailed...