Worldwide Locations
166 Results Found
ASA and PIX software version 7.0 introduced the configuration command nat-control which didn’t exist in previous versions of code. Although training course material for both the SNAF (Securing Networks with ASA Fundamentals) and SNAA (Securing Networks with ASA Advan...
There are some common misconceptions on the part of some of my students as to how VPN sessions are established from either a remote location or remote user to the ASA firewall. In particular, a “gray area” seems to be when the attributes from the tunnel group are app...
I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...
The flexibility, reduced cost, and mobility of cloud computing have made the concept a hot topic. Before implementing this method of computing, however, it is important to consider the security of the "cloud." In this white paper, you will learn some of the risks and benefits of cloud computing to be sure it is the right solution for you.
The subject of this week’s post was actually prompted by a question from a former colleague. Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...
Private networks are under constant threat of attack, even when steps have been taken to "secure" them. The large volume of malicious codes, and their ability to evolve and adapt, requires security professionals and common computer/internet users alike to be mindful of their actions and constantly play defense. This white paper focuses on 10 common ways that malicious code can penetrate a network. Knowledge of these methods and the ability to recognize them are the first steps in preventing them from succeeding in harming your network.
Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...
A feature common to IPSec Virtual Private Network implementations throughout the Cisco product line is Perfect Forward Secrecy (PFS). This optional additional component is now a default supplied configuration setting with the Adaptive Security Device Manager (ASDM) I...
As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...
Negotiation is a dialogue intended to resolve disputes, to produce an agreement on courses of action, to bargain for individual or collective advantage, or to craft outcomes to satisfy various interests. It is the primary method of alternative dispute resolution. This white paper focuses primarily on the negotiation process, different negotiation styles, and the various elements of communication that affect the outcome, including: Negotiation Communications, Constructive Questioning, Communication Obstacles (and overcoming those obstacles), Challenging Negotiation Situations and "Traps," and, finally, completing Successful Negotiations, a.k.a. "Getting to Yes"
In this webinar, the first of two based on our Cybersecurity Foundations course, you will examine the following topics: verifying users and what they can access, ways a user can be validated to computer and network resources, how cryptography is used to protect data, symmetric and asymmetric encryption and hashes.
In this webinar, the second of two based on our Cybersecurity Foundations course, you'll build on what you learned in the first of the series, Protecting Your Network with Authentication and Cryptography.
Planning for a cyber disaster makes recovering from one much easier. Still, as important as disaster planning is, it's often overlooked or put off until it is too late. In this webinar, Global Knowledge instructor Debbie Dahlin discusses planning for the unexpected -- whether the unexpected means a simple power outage, a network security breach, or a major natural disaster. She'll discuss risk analysis and risk management techniques and explain the importance and process of creating a business continuity plan. Using a fictional company as an example, Debbie will walk you through the disaster planning process a security professional should use, and she will provide simple tricks to reduce your company's downtime before, during, and after a disaster.
An attacker needs to destroy evidence of his presence and activities for several reasons like being able to maintain access and evade detection (and the resulting punishment). Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process.
In this hour-long webinar, security expert and Global Knowledge instructor Phillip D. Shade will provide insight into the emerging network security science of network forensics analysis, a.k.a. security event analysis and reconstruction. Using case studies, you will examine the role of data retention in network forensics analysis, and you will learn about applying forensics analysis techniques to handle application-based attacks, VoIP call interception, and worms, bots, and viruses.
Your business has been hacked, leaving you with a persistent bot; now what? In this hour-long webinar, security expert David Willson will discuss ways you can eliminate the threat in an act of self-defense or defense of property. As new laws are explored, old ones amended, and solutions sought, you'll take a look at thinking outside the box to give the good guys the advantage-or at least a fighting chance.
IT departments have multiple opportunities and challenges as a result of the Bring Your Own Device (BYOD) invasion. The most common opportunity is to reinforce enterprise network security from both the inside and the outside. Supporting BYOD also offers more monitoring and tracking of activities that provide a more detailed view of network traffic flow. Alternatively, it will be a challenge for some IT departments to give up control over which devices may access their enterprise network. Another challenge will be to have the users doing configurations for network access, which adds human error to a crucial part of the process. The opportunities and challenges BYOD represents are real. Enterprises must make their network infrastructure BYOD ready to meet the onslaught.
For several years, most news articles about a computer, network, or Internet-based compromise have mentioned the phrase "zero day exploit" or "zero day attack," but rarely do these articles define what this is. A zero day exploit is any attack that was previously unknown to the target or security experts in general. Many believe that the term refers to attacks that were just released into the wild or developed by hackers in the current calendar day. This is generally not the case. The "zero day" component of the term refers to the lack of prior knowledge about the attack, highlighting the idea that the victim has zero day's notice of an attack. The main feature of a zero day attack is that since it is an unknown attack, there are no specific defenses or filters for it. Thus, a wide number of targets are vulnerable to the exploit.
Self-awareness is a very powerful tool for leaders in every type of business or organization. The more leaders can maximize their self awareness the greater the impact on business performance, employee engagement and leadership and development initiatives. Self-awareness is the central component of personal development and emotional intelligence. For most leaders today it is still underdeveloped and frequently underemployed. Better understanding of this important leadership trait is critical for leadership and organizational success.
Risk is something we deal with on a daily basis. Living in New Jersey and having the occasional storm, I’ve recently performed my own risk assessment determining the value of certain assets and activities and made a decision on what I was willing to spend to reduce risk to what I perceived as an acceptable level. My management of risk was a rather simple case. Sure, in my revised business continuity plan for my home, I’ll make sure that I have more D cell batteries, have my garage door adjusted so it opens manually again, more food I can heat on a stove and that doesn’t rely on refrigeration, and finally I’ll consider a whole house gas generator that uses natural gas, which has always been available to power critical systems like the sump pump in my basement. What if, however, I was a really large business? One with lots of components and interdependencies that require a tight integration in order to succeed? How and where can a large volume of information necessary to management, business continuity, and disaster recovery be correlated and communicated to those individuals who, because of their roles and responsibilities, need to make the critical decisions regarding the management of risk?
Rather than looking back over the past year, organizations and individuals need to start assessing cybersecurity threats that lie ahead in the New Year. While there is always the chance for a new threat or risk to be unearthed this year, often the risks of the New Year are predicable from the trends of attacks from the previous year. However, other factors need to be considered as well, including new technologies, new software and applications, mobility, etc. Here are my predictions of the areas to watch for new security threats. When it comes to cybersecurity, we have a lot to look out for, take precautions against and be paranoid about.
Course director Jim Thomas explains how our custom labs, which utilize external hosts, ISR routers, and DMZ, provide a real-world environment for students.
Business complexity, technology innovation and a new understanding of how we learn at work are causing the learning profession to re-think how they develop and sustain human performance and behaviour change. As a result new methods and approaches are emerging that promise to change the landscape of learning and development meeting in the coming years. This session will provide an opportunity to learn about the following trends and their application.
While the last few years have brought about many great advances in IT and network technology security and risk management have a critical point. There is a host of new concerns the IT security manager must be concerned with, including social networking, mobile, cloud, and information sharing. This has unleashed a new wave of change and potential risk. Risk management is required to deal with these emerging technologies and should provide the rationale for all information security activities within the organization. You can think of risk management as the process of ensuring that the impact of threats and exploited vulnerabilities is within acceptable limits at an acceptable cost. Risk management requires the use of countermeasures. Countermeasures can include any process that serves to reduce threats or vulnerabilities.
Global Knowledge instructor Doug Notini discusses the benefits of our FIREWALL 2.0 - Deploying Cisco ASA Firewall Solutions course.
Dell SonicWALL's CSSA (Certified SonicWALL Security Administrator) exam is an open book, online certification exam that certifies a student’s understanding of the SonicOS Unified Threat Management (UTM) operating system. The exam tests a student’s network security knowledge, and their ability to use the GUI menu structure for configuration of standard network security scenarios.
Constant change in the technology landscape has been mirrored by the steady evolution of information security. The current information system environment is increasingly complex, comprising storage, servers, LANs/WANs, workstations, Unified Communications, Intranet, and Internet connections.
How can leaders and Human Resources professionals use effective, simple and research-based talent management practices to contribute to their organization's success? Too many leadership development theories provide complex and confusing answers. Join Jocelyn Bérard as he shares the core practices introduced in his new book, Accelerating Leadership Development, which reflects his extensive research and years of experience in making leadership development uncomplicated and practical.
You have spent money on software and hardware, implemented best practices, and believe you are secure, right? You may have overlooked the weakest link: your employee. Many breaches occur as a result of an employee mistakenly clicking on a link or visiting a site that allows a virus to be unknowingly downloaded, giving hackers access to your network. Today, a well-trained workforce is a necessity and may even be your most important cybersecurity tool. In this webinar, security expert David Willson will discuss how many breaches have occurred and are occurring, the tools and techniques hackers use to trick employees into clicking on links or opening attachments, and how to prevent such behavior.
Business is changing rapidly and Information Technology is at the centre of the trends: mobile, social, cloud and big data,. Forward thinking IT functions must develop and manage the skills of their most critical asset-- their employees. Effective professional development can guard against the pace of change, leading IT units to re-define job roles to include both technical and non-technical competencies and to establish business processes to help their staff develop and maintain these skills. This session will present the components of a holistic process to support learning and development in any IT organization.
Organizations are moving strongly toward Bring Your Own Device (BYOD) access, bringing outsourced activities back in-house, and finding ways to make use of the growing amounts of data flowing in from many new sources such as social media. These factors create an increasing shift in required and desired skills showing up in IT departments. Hiring and salary surveys, such as the 2014 IT Skills and Salary Survey from Global Knowledge and Windows IP Pro, TEKsystems' 2014 Annual IT Forecast, Foote Research Group's 2014 IT Skills and Certifications Pay Index, Computerworld's annual Forecast survey, Robert Half Technology Survey, and information from the US Bureau of Labor Statistics, Futurestep, Mondo, GovLoop, and Dice have presented a developing picture of the IT skills that will be in demand in 2014. Here, in survey order, are the top 10 major skills and why they made the list.
Global Knowledge Senior Business Skills instructor Samuel Brown covers tips for preparing and practicing for the PMP exam.
Global Knowledge Senior Business Skills instructor Samuel Brown covers tips for preparing and practicing for the PMP exam.
A shift is occurring in the way we view leadership today. If you want to get things done, you need influence, not authority. This means that IT Professionals, Project Managers, Business Analysts, business-line Managers and individual contributors must focus on demonstrating personal leadership. Getting results through others by building relationships and using influence skills rather than relying on positional power is key.
According to Cisco marketing, Dynamic Multipoint VPN (DMVPN) “will lower capital and operation expenses, simplifies branch communications, reduces deployment complexity, and improves business resiliency.” Okay. But what is it, really, and why should we care?
Does your company have a risk management program? In this hour-long webinar, cybersecurity expert and Global Knowledge instructor David Willson will explain why you should. In light of recent breaches at Target, Nieman Marcus, Michaels, Yahoo, and a growing list of others, we're learning that FBI Director Mueller was right when he said getting breached is not a matter of if, but when. While having a risk management program may not prevent a breach, it can certainly lower the risk of one, ensure compliance, and reduce or even eliminate your liability if a breach does occur, enabling you to recover quickly and to protect your reputation. Beyond explaining the importance of a risk management program, David will tell you how to implement one, including conducting a basic risk assessment, policies you'll need, and training your workforce.
As an IT professional you deal day in and day out with securing operating systems, patching software, installing and configuring firewall and routers But what about the physical infrastructure? Do you understand how simple techniques can allow theft of your company resources? In this session we will discuss how to reduce the possibility of loss of data and equipment. Physical security may not be part of your job but you should be aware and having discussions with the personnel who are responsible. Or does Physical Security become one of your job responsibilities? Come to this session and learn about one of the most important and yet least thought about areas of security by IT professionals.
Securing corporate information can be a challenge, considering the numerous technologies and platforms that need to be protected. One technology that definitely helps achieve secure data is public key infrastructure (PKI), which enhances the security of data by using advanced access methods and making sure the authenticity of the data flow is preserved.
This power session is an introduction to Managing Stakeholder relations. It offers new ways of managing and dealing with projects, which focus more on communications, understanding stakeholders' needs and managing their expectations, as well as learning about organizational politics and culture, and performing value-add activities. It provides a practical approach to managing issues that matter most for project success - communication, stakeholder expectations, risk, change and quality; so that the scope, schedule and cost end up on target, achieving the desired outcomes for the organization.
Problem Solving - Root Cause Analysis using Kepner Tregoe