有个足球雷竞技app网络世界的艾伦·沃兰德

确保现代移动操作系统

亚伦Woland — 2018年7月31日星期二11:25:00 -0700

The idea for this blog post came to me during a discussion around some recent research performed by Cisco’s Talos threat research group.

The post "Advanced Mobile Malware Campaign in India uses Malicious MDM" authored by Warren Mercer, Paul Rascagneres and Andrew Williams and the follow-up post containing additional research found in Part 2.

In this beautiful piece of research, these guys identified and analyzed an attacker with malicious intent, that used a modified open source Mobile Device Manager (MDM) to control multiple mobile devices; and to install modified versions of well-known apps like WhatsApp and Telegram in order to gain access to what would otherwise be private data.

To read this article in full, please click here

保护iOS免受aLTEr的攻击

亚伦Woland — 2018年7月10日星期二07:24:00 -0700

Researchers from Ruhr-Universität Bochum & New York University Abu Dhabi have uncovered a new attack against devices using the Long-Term Evolution (LTE) network protocol. LTE, which is a form of 4G, is a mobile communications standard used by billions of devices and the largest cellular providers around the world.

In other words, the attack can be used against you.

The research team has named the attack “aLTEr” and it allows the attacker to intercept communications using a man-in-the-middle technique and redirect the victim to malicious websites using DNS spoofing.

To read this article in full, please click here

关于2018年Cisco Live在奥兰多的第一手报道

亚伦Woland — 2018年6月21日星期四04:41:00 -0700

<本文> <节课=“页面”>

我有很多人问我有什么事思科现场是什么样子，我作为一个长期的与会者和名人堂精英的大厅，为扬声器成员的观点。 While my perspective may be a bit different than your average attendee, I thought I’d give it a shot and write it up.

Cisco Live is an amazing event. Some years, I may present at Cisco Live up to 4 times per year, and this was one of those years.

Cancun, Mexico – December 2017
Barcelona, Spain – February 2018
Melbourne, Australia – March 2018
Orlando, Florida, USA – June 2018

When I was a young buck and started attending Cisco Live they were actually called “Networkers” and to me, that still describes the best part of Cisco Live. Not networking in the technology sense, but the human networking that goes on. It’s like a reunion with the people that I get to see year after year; and I get to meet new people every single time.

To read this article in full, please click here

AMP和威胁网格集成到Meraki UTMs

亚伦Woland — 星期二，2017年8月1日06:00:00 -0700

Lately, I have been spending a lot of time on integrating security systems together, and specifically focusing a lot of my energy on Cisco’s Advanced Threat Security product family. (Disclosure: I am employed by Cisco.)

Which is what brings me to Cisco’s Advanced Malware Protection (AMP), which is a solution to enable malware detection, blocking, continuous analysis and retrospective actions and alerting.

In fact, when the Talos cyber-vigilantes parachute into an environment and performs their forensics analysis and active defense against attacks—AMP is one of the primary tools that they use.

To read this article in full, please click here

思科快速威胁遏制快速检测，删除受感染的端点

亚伦Woland — 2017年2月21日星期二09:40:00 -0800

<本文> <节课=“页面”>

很多本博客的读者都知道，自从的思科收购Sourcefire的和网络安全行业的传奇人物，例如马蒂罗斯奇了公司内的领导角色，思科的举措是针对所有安全产品是开放的，并与其他产品进行互操作。

另一个非常大的收购是OpenDNS的，和OpenDNS的首席执行官，现在引出了所有安全业务的思科。文化是所有关于思科产品，以及非思科的产品，更好的协同工作。

+ Also on Network World: Cisco ONE simplifies security purchasing +

For many, it's shocking to think about Cisco as a vendor pushing for openness and standards. I'm not sure why because Cisco has spent its life creating networking protocols and then helping them to become standards available to all. But I digress.

To read this article in full, please click here

故障排除思科的ISE没有TAC

亚伦Woland — 2016年6月7日星期二08:03:00 -0700

<本文> <节课=“页面”>

有一件事我一直很热情正在安全地接入网络部署更容易，其中包括了我们喜欢叫适用性。可维护性是关于制造产品更容易排除故障，更易于部署和更容易使用。最终的目标是始终以客户的成功。

有知名度和任何NAC项目的成功之间存在明显的相关性。如果你是盲目地发生了什么，如果你不能很容易地得到帮助弄清楚什么是错的信息，它可以是非常令人沮丧，也让一个贫穷部署的外观。

我的目标这个帖子是要突出很多服务性项目思科已投入ISE，你可能不知道的。I'll do my best to not only call out the feature or function that was added, but explain why it matters and what version it was added in.

To read this article in full, please click here

触发NetFlow -一个交易技巧

亚伦Woland — 2016年6月01日星期三10:34:00 -0700

Triggered NetFlow: A Woland-Santuka Pro-Tip

Vivek Santuka, CCIE #17621, is a consulting systems engineer at Cisco Systems who focuses on ISE for Cisco’s largest customers around the world. He and I devised, tested and deployed the methodology discussed in this blog entry, which we like to call “Triggered NetFlow.”

NetFlow is an incredibly useful and under-valued security tool. Essentially, it is similar to a phone bill. A phone bill does not include recordings of all the conversations you have had in their entirety; it is a summary record of all calls sent and received.

Cisco routers and switches support NetFlow, sending a “record” of each packet that has been routed, including the ports and other very usable information.

To read this article in full, please click here

如何使用Anycast为RADIUS服务器提供高可用性

亚伦Woland — 2016年5月25日星期三09:58:00 -0700

After months of issues, they have finally restored my access to my blog! After such a hiatus, it is my pleasure to bring this particular post. I'm certain many will find it at the very least cool in an "I'm a network geek" kind of a way, or even better: you will find it very educational and even leverage it in your own world.

This is a solution I have been wanting to write about for a long time now, and let's be clear—it is not mine. This entire post is owed to a long-time personal friend of mine who is also one of the most talented and gifted technologists roaming the earth today. His name is Epaminondas Peter Karelis, CCIE #8068 (Pete).

Pete designed this particular high-availability solution for a small ISE deployment that had two data centers, as is crudely illustrated by me in the below figure.

To read this article in full, please click here

使用Cisco WLC进行设备管理

亚伦Woland — 2015年12月15日星期二06:16:00 -0800

<本文> <节课=“页面”>

我最近不得不下潜很深与思科无线局域网控制器和Sourcefire的/思科火力Manager软件做设备管理AAA。考虑到其他人表现出的兴趣，我决定写这篇博客，分享我的经验。

设备管理AAA是如何工作的思科WLC
与Cisco Catalyst交换机设备管理能够命令级授权。随着WLC，但是，它是基于菜单系统的部分。它不会阻止进入GUI的那些部分，而是阻止时被保存未授权的菜单部分的内部变化。
Figure 1 shows the different menus in the orange box, with three of the individual menus highlighted with a yellow box.
To read this article in full, please click here

关于ISE 2.0的10件很酷的事情

亚伦Woland — 2015年11月03日星期二04:00:00 -0800

Sitting in my hotel room, after an evening of Sake' and war stories with the guys - what better thing to do then write a blog entry for you all to read and hopefully enjoy?

At the time of this writing, Cisco's ISE 2.0 has been in BETA is soon to be released to the public. This may be the single most anticipated release ever, so why not go through some of the cool things that are in it? Here's my top 10 list. Some are big items, and some are just small little gems that I think everyone will love:

1. TACACS+ support for Device Administration AAA

It's no secret that I have been publicly vocal against adding device administration AAA to a product that is designed to be a Network Access AAA solution. If you had any doubts, just check out my RADIUS vs. TACACS blog entry from last year!

To read this article in full, please click here

AnyConnect天0支持Windows 10和OSX El Capitan

亚伦Woland — 2015年7月29日星期三04:48:00 -0700

There is this sort of living legend at Cisco whose name is Pete Davis. Everyone who deals with security knows who he is because, frankly, he's awesome! The guy has forgotten more about remote-access VPN than most of us will ever know, and he's a total geek - which is the ultimate compliment from a guy like me.

Pete came to Cisco via the acquisition of Altiga, Cisco's former VPN 3000 series concentrator, the EZ VPN technology, and the classic Cisco IPSEC VPN client. He is also one of the original guys to come up with the AnyConnect concept for a light-weight client, using SSL VPN, being modular, pulling configurations from the policy server (ASA / ISE), etc.

To read this article in full, please click here

机器身份验证和用户身份验证

亚伦Woland — 2015年7月18日星期六04:30:00 -0700

"My organization wants to authenticate the machine AND the user."

That quote is something that I am hearing all the time from customers and implementers all over the world!

Sometimes it gets quite funny. In June of 2015 I was presenting at the Cisco Live conference and one of the session attendees asks me "when is Cisco going to provide EAP Chaining for MAC OS"! My response was designed to elicit participation & garner more attention from audience members, which was to scream at the participant "Cisco doesn't write MAC OS!!!!" I immediately apologized for using him as a guinea pig & explained that I was just trying to make an entertaining point. He laughed right along with the rest of the room & I got away without offending him :)

To read this article in full, please click here