bitstop was honored to have attended the Cisco Threat and containment seminar held at Sheraton Towers in Singapore. The seminar basically provided a bird's eye view of security and the latest trends and statistics of hacker activity and threats (FBI Sans 2006). It also introduced the Cisco ASA 5500 series of firewall cum IPS (Intrusion protection system). The devices allows for the early detection of known and unknown activities and automatically works with the edge routers to block them. (Cool!)
The Cisco ASA 5500 series are supposed to be the upgrade to the cisco pix firewalls. They also introduced the mysdn.com site that provides an essentail security bulletin board system for current threats. The speakers also talked about the 5Ps of hackers: Probe, Penetration, Persistence, Propagation and Paralyzation. Some interesting abilities of the Cisco ASA 5500 series is its ability to sense that a unit has both wired and wireless connection to the corporate network, and based on policies that you set, it could disable either one of these connections. This effectively prevents data from being leaked out via wifi.
Also, it can detect if a unit has been booted up with a CD (knoppix perhaps?) that a hacker may use to gain entry into the corporate networks. Policies can be set so that computer units in the corporate network can only connect to the corporate network, if it boots up from the primary (regular) hard disk! Photo shows one of the three speakers for the event.
