Cisco rolls out mobile VPN trifecta

Remote access without borders

It was back in October that Cisco first revealed its latest corporate vision to mush a whole bunch of enterprise Web 2.0-ish concepts into what it calls the new "borderless networks" architecture.

It's something to do with combining in-house network kit and cloud-based technology to deliver services and applications to anyone, anywhere, regardless of the device. Sounds very nice — although that kind of language can really be used to describe basically anything a network firm like Cisco does, from simply updating routers, to launching them into outer space, to buying a web security outfit.

The point is you see Cisco wave the borderless network banner at any given opportunity — so it's no surprise when the RSA Conference in San Francisco rolls around, the network giant has a "Cisco Secure Borderless Network architecture" (note the thoughtful addition for conference relevancy) showing at hand.

Called the Cisco AnyConnect Secure Mobility solution, it's essentially a product bundling and integration of the the company's IronPort S-series web security appliance, ASA firewall appliance, and AnyConnect VPN client. Once combined, Cisco claims it creates a platform to deliver easy always-on remote access, web security, and threat intelligence capabilities to extend corporate security policies and controls to mobile users.

New to AnyConnect version 2.5 is the ability to determine and establish a connection to the most optimal network access point. And it can be configured so that the VPN connection remains established during IP address changes caused by the service interruption or the computer going into standby. The VPN is also optimized for use with IronPort appliances.

Added to an IronPort Web Security Appliance (with a Secure Mobility license), it allows administrators to enforce a firm's security policy to every data transaction independent of whether it's an in-house or SaaS application. So, for example, if a fellow is fired, the administrator can easily and immediately cut his access to the company's SalesForce account while permitting something like corporate Gmail.

Cisco said it has future plans to extend the AnyConnect Secure Mobility bundle to include hybrid on-premise and web enforcement through IronPort S-Series appliances and cloud-based security technology from its recent acquisition of ScanSafe.

The AnyConnect Secure Mobility solution is scheduled to be available in the second quarter of 2010.

In addition, Cisco announced upgrades to its TrustSec security framework to include integrated device profiling and guest access services for 802.1X environments. Cisco is also adding Security Group Tag (SGT) packet tagging and SGT Exchange Protocol (SXP) — which allows non-SGT capable devices to plug into TrustSec architecture — for Cisco Catalyst and Cisco Nexus switches.

The new features for TrustSec are planned for the Q2 2010 as well. ®

Cisco drags Acacia toward court to keep stalled $2.6bn acquisition on track

Smaller biz terminates deal after Chinese watchdogs dither

Optical networking biz Acacia Communications announced today it has pulled out of a $2.6bn merger agreement with Cisco.

Cisco, meanwhile, isn't letting go, and said it will sue to prevent Acacia from walking away from the deal. Both companies appear to be at loggerheads over the matter, judging by their public statements.

“Acacia Communications today announced that it has elected to terminate its merger agreement with Cisco Systems, Inc, effective immediately,” Acacia, headquartered in Maynard, Massachusetts, said.

The decision to withdraw was made after the deal did not receive the approval from the Chinese government in time. Although Acacia is based in the US, it has a big customer base in the Middle Kingdom and so regulatory approval there is crucial.

Continue reading

Spare a thought for techies: Topshop acquisition coincides with deadline for global retail system go-live

Impeccable timing

IT teams at face absorbing massive stock and brand data in the company's £295m acquisition spree while at the same time finishing a global retail e-commerce system project.

The day after the go-live deadline for the online fast-fashion retailer's new Truly Global Retail (TGR), the company announced the acquisition of high-street brands Topshop, Topman, Miss Selfridge, and HIIT from failed retail group Arcadia in a deal worth £295m.

Asos said it will use its existing warehouse and technology infrastructure to absorb the stock – annual revenue at Topshop alone has been around £800-900m in the last few years. In a statement, the online-only retailer said it would be "transforming the digital experience through full integration into the ASOS platform." has not responded to The Register's request for comment, but its 2020 Annual Report [PDF] showed intangible software assets of £443.2m for the year. These mainly relate to the Oracle-based TGR. "The majority of assets under construction are expected to go live by end of January 2021," the report said.

Continue reading

It's 2021 and you can hijack a Cisco SD-WAN deployment with malicious IP traffic and a buffer overflow. Patch now

And also fix up these other holes that can be exploited via HTTP requests, SQL injection, etc

Cisco this week emitted patches for four sets of critical-severity security holes in its products along with other fixes.

The worst of the bugs can be exploited by sending specially crafted IP packets to a vulnerable installation, and overflowing a memory buffer to ultimately execute code as root on the machine, allowing the box to be completely commandeered. Another set of flaws can be abused by sending HTTP requests that trigger arbitrary command execution to again hijack the machine. You should install updates to address these vulnerabilities as soon as possible.

Here's a quick list:

Cisco SD-WAN Buffer Overflow Vulnerabilities (CVE-2021-1300, CVE-2021-1301): Systems running the Cisco SD-WAN software – such as SD-WAN vEdge Routers – can be exploited "by sending crafted IP traffic through an affected device, which may cause a buffer overflow when the traffic is processed." A successful attack can result in the execution of arbitrary code on the underlying operating system with root privileges, which means you basically hand over the gear to a stranger. No authentication is needed; you just have to be able to send traffic to the software.

Continue reading

Rogue ex-Cisco employee who crippled WebEx conferences and cost Cisco millions gets two years in US prison

And the week's other security news

In brief A former Cisco employee who went medieval on his former employer and cost the company millions, has been sentenced to two years in prison and a $15,000 fine.

Sudhish Kasaba Ramesh was employed by Switchzilla for less than two years but left in April 2018. Five months later he used access credentials to get back into Cisco's systems and deleted virtual machines on Webex - borking more than 16,000 WebEx Teams accounts for two weeks in some cases and costing Cisco $2.4m in refunds and repair work.

Northern California District Judge Lucy Koh, sentenced Ramesh to 24 months in prison after he pleaded guilty to one count of Intentionally Accessing a Protected Computer Without Authorization and Recklessly Causing Damage. Ramesh had been trying for a green card at the time of his crimes, and it's safe to say this won't look good on his application.

Continue reading

Cred-stealing trojan harvests logins from Chromium browsers, Outlook and more, warns Cisco Talos

Masslogger evolution rears its ugly head, $30 gets you three month license to cause carnage

Cisco Talos has uncovered a credential-stealing trojan that lifts your login details from the Chrome browser, Microsoft's Outlook and instant messengers.

Delivered through phishing emails, the Masslogger trojan’s latest variant is contained within a multi-volume RAR archive using the .chm file format and .r00 extensions, said Switchzilla’s security research arm.

“CHM is a compiled HTML file that contains an embedded HTML file with JavaScript code to start the active infection process. Every stage of the infection is obfuscated to avoid detection using simple signatures,” it said.

Opening the “help” file deploys the malware onto the target system.

Continue reading

Cisco penta-gone from Pentagon as Aruba rolls in a new net

3,000 Wi-Fi access points and 150,000 wired ethernet ports

The Pentagon, the colossal office that serves as the headquarters of the United States’ Department of Defence, plans to install 3,000 new Wi-Fi access points and 150,00-plus wired ethernet ports after turfing out old Cisco kit.

Aruba is both the source of news that Cisco’s been given its marching orders, and the supplier of the new kit. But the biz has not scooped the entire pool: its canned statement says it was asked to supply “software-defined networking capabilities in a solution that could interoperate with other vendors and systems.”

The company is chuffed nonetheless, as it’s been trusted to build a rig that can handle classified and everyday traffic without requiring two sets of physical infrastructure. Which is probably why the DoD has acquired plenty of Aruba ClearPass Policy Manager, the vendor’s role-based-access tool.

“In the future, the Pentagon will consider using ClearPass to unify access control for wired and wireless access across all network classifications,” said Aruba’s announcement of its win

Continue reading

Cisco uncrates Kubernetes for Intersight, debuts a dashing dashboard

Switchzilla cloud glue lashes IT systems together

Cisco on Wednesday augmented its Intersight systems management platform with container juggling code and introduced a dashboard for overseeing data center networks.

In conjunction with its Cisco Partner Digital Summit, the networking biz announced Intersight Kubernetes Services, a tool for managing software containers across private and public clouds, and Nexus Dashboard, an interface to unify other management applications.

In a phone interview with The Register, Prashanth Shenoy, VP of marketing at Cisco, said that the COVID-19 crisis has accelerated the pace of change in IT organizations, which are attempting to implement digital transformation projects in days or weeks rather than months or years.

"Every CIO we talk to is rethinking operational models," said Shenoy. Cisco, he said, is trying to meet customer needs by making IT operations more nimble and by providing simpler, more compelling tools.

Continue reading

Cisco and Pure shove mini AI in FlashStack converged systems

Entry-level AIRI equivalent

Pure Storage and Cisco have linked arms to build a converged FlashStack system for AI, a kind of AIRI microMINI but one that will run at half the speed.

FlashStack is a line of reference architecture converged systems using Pure Storage all-flash arrays, Cisco UCS servers and Nexus switches. It has typically competed with the NetApp-Cisco FlexPod.

AIRI is a Pure Storage and Nvidia system combining a FlashBlade unstructured data all-flash array (with 15 blades), two Arista 100Gbit switches, and 4 Nvidia DGX-1 GPU servers, each with 8 Tesla V100 GPUs. The thing puts out up to four petaFLOPS.

The later AIRI Mini system puts out 2 petaFLOPS, and has a smaller FlashBlade array (7 blades), two DGX-1s and two Cisco Nexus 100Gbit switches.

Continue reading

Engineer admits he wiped 456 Cisco WebEx VMs from AWS after leaving the biz, derailed 16,000 Teams accounts

Switchzilla's cloud infrastructure trashed. And his new employer doesn't want to fire him

Updated A former Cisco employee pleaded guilty in a San Jose federal court on Wednesday to unlawfully accessing Switchzilla's Amazon Web Services infrastructure and damaging the networking giant's cloud computing resources.

Sudhish Kasaba Ramesh, who worked at Cisco from July 2016 to April 2018, admitted in a plea agreement with prosecutors that he had deliberately connected to Cisco's AWS-hosted systems without authorization in September 2018 – five months after leaving the manufacturer. He then proceeded to delete virtual machines powering Cisco's WebEx video-conferencing service.

"During his unauthorized access, Ramesh admitted that he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco’s WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools," the US Attorney's Office for the Northern District of California said in a statement.

According to prosecutors, Ramesh's actions resulted in the shutdown of more than 16,000 WebEx Teams accounts for up to two weeks, which cost Cisco roughly $1.4m in employee time for remediation and over $1m in customer refunds.

Continue reading

Talk about ill-gotten gains: Coronavirus KOs Xerox's $30bn months-long hostile takeover bid of HP Inc

Turmoil in the financial markets fells ambitious acquisition plan

Xerox said on Tuesday that it is ending its hostile bid to acquire printer-and-PC maker HP due to financial complications arising from the ongoing COVID-19 coronavirus pandemic.

"The current global health crisis and resulting macroeconomic and market turmoil caused by COVID-19 have created an environment that is not conducive to Xerox continuing to pursue an acquisition of HP Inc," the company said in a statement.

"Accordingly, we are withdrawing our tender offer to acquire HP and will no longer seek to nominate our slate of highly qualified candidates to HP’s Board of Directors."

The copier company expressed disappointment that the deal will not be consummated but said the health and welfare of employees, customers, partners, and other stakeholders takes precedence.

Continue reading

Biting the hand that feeds IT © 1998–2021