Foreword

Previous page
Table of content
Next page
 < Day Day Up > 

I encountered computer and network security very early in my career. My first job out of college in the early 1980s was with the National Security Agency, and two things immediately became clear. First, the government and especially the Defense Department were about the only people who were remotely interested in computer security. Second, there were a lot of ways that security could go wrong.

Some things have changed dramatically since then. Everyone is aware of computer security issues to some degree now, even if this awareness is only about viruses and spyware. It is both gratifying and concerning to now be able to explain my job to my mother in 10 seconds ("You know the hackers? We re trying to stop them").

However, some things have not changed much, if at all there are still a lot of ways that security can go wrong. We ve tried many approaches to stopping attacks, but most of these have struggled to keep up with the rate of change in technology. When we block ports, applications use port 80 (web). When we inspect the packets, the applications use SSL. The rate of change is accelerating, and since attacks can fit themselves into any of these nooks and crannies, it remains easy to miss something.

This was why the Okena Stormwatch agent (now the Cisco Security Agent [CSA]) is such a shock to people who have been involved in security for a long time. In many ways, it seems to violate everything that we ve learned about how to protect your systems. No, you don t need to update it to get the latest protection. Yes, your applications very well may be vulnerable, but CSA will keep them from being exploited. Yes, it will indeed stop an attack that it s never seen before. In a sense, one of the hardest things about CSA is the mental shift from what we have been used to.

However, once that shift happens, the current hustle and bustle of our lives getting the update, testing the update, looking at the new exploit becomes much simpler. While there are still a lot of ways that security can go wrong, CSA provides a defense even when something is wrong. I remember the e-mail that came around from our system administrator that said, "There s something attacking our web server. We re not sure what it is, but Stormwatch is blocking it." That was the Nimda worm the first of a long line of attacks stopped by CSA.

This book provides great detail on how to use CSA, but also provides background on how CSA works. Anyone interested in CSA, and especially anyone who uses it day to day, will find this book to be indispensable.

Ted Doty
Product Manage
Security Technology Group
Cisco Systems, Inc.
May 2005

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Cisco Security Agent
    Cisco Security Agent
    ISBN: 1587052059
    EAN: 2147483647
    Year: 2005
    Pages: 145
    Authors: Chad Sullivan
    BUY ON AMAZON
    Absolute Beginner[ap]s Guide to Project Management
    Oracle Developer Forms Techniques
    PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
    GO! with Microsoft Office 2003 Brief (2nd Edition)
    Microsoft VBScript Professional Projects
    The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy