Cisco Security updates

It’s been an eventful few weeks on the Cisco security end of things.

First, we resolved an issue with our new BotNet Filter, allowing us to shun traffic from known “bad”sources.

Second, I implemented some new IPS policies that allow us to track new types of information.  I’m still working on correlating them together …  I might actually try using the BlackStratus appliance for that–

Third, our FW had a delay in it that we’ve been working through and my TAC engineer was able to duplicate it in his lab environment.  I should hear back next week about a solution to this annoying little problem 🙂

I’m also expecting a visit from Gary Halleen in the next few weeks to continue a conversation about our failed ISE installation – and the new 1.2 features.
While he’s here we’re also going to talk about VACL capture – in an effort to limit the traffic sent to our IPS.

Leave a Reply