This tidbit is a refresher on looking at Cisco Firepower Intrusion Event logs and daily reports. Specifically, I wanted to review for all of you again the meaning of two key columns, the Impact and Inline Result columns The Firepower Impact scale is designed to help the recipient understand where to focus scarce resources first.

Weekly Tech Tidbit – Cisco Firepower IPS Intrusion Event refresher

Weekly Tech Tidbit – Secure your DNS
Keeping up with my theme on DNS related posts, this week I will again reprise a post from over a year ago on the importance of implementing proper control of DNS as part of your malware protection program. It remains as valuable part of your overall all network and security management policies.

CSI Tech Talk Webinar – China Hacking Update – Recording Availabile
The US-CERT (Computer Emergency Response Team) recently gave a presentation on what China has been doing to hack anything they can hack with the goal of stealing intellectual property, money and personally identifiable information. While most public sector schools and government agencies are generally not vast repositories of intellectual property, they do manage and transfer […]

Weekly Tech Tidbit – It Happened Again. The Dark Side of Third Party Vendor Equipment On Your Network
We constantly harp on all of you segregating third-party vendor equipment on to vendor VLANs. The purpose of that is to keep third-party vendor equipment completely away from your internal network. Ideally, we don’t want these vendors to see, touch, or ask your internal network anything.

Weekly Tech Tidbit – DNS infrastructure under attack….again…
Last month on January 22nd the US Dept of Homeland Security took the unusual step of issuing Emergency Directive 19-01 to all Federal Agencies. The directive issued steps that had to be taken by those agencies to mitigate potential DNS infrastructure tampering.

Weekly Tech Tidbit – The growing importance of logging in your network security plan
This tech tidbit is a reprise of a tidbit we sent out back in June of 2018. You may have missed this post back then as it was the end of the school year and preparing for summer was upon all of us. But, I wanted to bring it to all your attention again.

Weekly Tech Tidbit – The FBI Came To Visit…
The FBI came to visit us last week. No it wasn’t an investigation. It was for CSI’s 3rd annual Security Event. I have talked about the topic of Cyber Threats in person and on-line, but our Supervisory Special Agent had a few interesting things to say beyond the topics Bob and I have been discussing […]

Weekly Tech Tidbit – Make Sure All Internet Facing Devices Use Commercial SSLs
This week’s Tech Tidbit is short and sweet. If you have a server or device that is internet facing, make sure you have a real, commercial SSL certificate on it. Do not use a self-signed certificate. I don’t really care that it is just for “internal” use and you are smart enough to bypass the […]

Weekly Tech Tidbit – Where oh where is my data really going?????
One of the key features of the newest firewalls and intrusion protection systems (IPS) has been the addition of something called GeoBlocking. This feature allows the administrator to shut down traffic to or from specific countries or regions of the world and your local network regardless of any other firewall permissions in place.

Weekly Tech Tidbit – While You Were Sleeping – The Importance of a Security Operations Center
Trend Micro has stated many times that you have approximately 4 minutes between when a threat enters your network and the infection breaks out. But who can respond that quickly? I have often said if we leave questions on the computer up to our end users, we have failed.