Public Key Infrastructure (PKI) is a set of technologies and standards using public key cryptography to issue and revoke digital certificates. A PKI consists of servers called Certification Authorities (CA), digital certificates, policies and procedures. At its core PKI provide three main services which provides authentication, integrity and confidentiality. Having a PKI environment enables you to use it in a range of different applications to provide security and simplified logins.
Would you like your IPS to use over half a million sensors instead of just the ones you deploy? Cisco IPS 7.0 introduced Global Correlation which uses information from SensorBase to help you determine if incoming traffic is from a known hostile host or from a legitimate source. But let’s not get ahead of ourselves.
People at Cisco have told me that the staff who do internal IT at Cisco says that Cisco Security Agent is the product which has done the most to improve their overall security. Now I’m hearing that the product is being dropped. If you’re not familiar with the product, Cisco Security Agent is a host IPS product or HIPS. Unlike Cisco’s network IPS products, CSA protects workstations and servers by intercepting operating system calls which it can deny or allow. The goal of the product is to stop threats by learning the normal behavior of the applications running on a machine, and stopping activities not in line with the expected behaviour. This way security isn’t enforced by relying on updated signatures. As an example we can control which applications can write to certain directories and files on the client such as system files.