Researchers from Ruhr-Universität Bochum & New York University Abu Dhabi have uncovered a new attack against devices using the Long-Term Evolution (LTE) network protocol. LTE, which is a form of 4G, is a mobile communications standard used by billions of devices and the largest cellular providers around the world. In other words, the attack can … Continue reading Protecting iOS against the aLTEr attacks
Author: Loxx
Aaron Woland, CCIE No. 20113, is a Distinguished Engineer in Cisco’s Security group and works with Cisco’s Largest Customers all over the world. His primary job responsibilities include security design, solution enhancements, standards development, advanced threat solution design, endpoint security and futures.
Aaron joined Cisco in 2005 and is currently a member of numerous security advisory boards, and standards body working groups. Prior to joining Cisco, Aaron spent 12 years as a Consultant and Technical Trainer.
Aaron is the author of: both editions of the Cisco ISE for BYOD and Secure Unified Access book; the All-in-one Cisco ASA Firepower Services, NGIPS and AMP book; the CCNP Security SISAS 300-208 Official Cert Guide; the CCNA Security 210-260 Complete Video Course; and many published white papers and design guides.
Aaron is one of only five inaugural members of the Hall of Fame Elite for Distinguished Speakers at Cisco Live, and is a security columnist for Network World where he blogs on all things related to Security. His other certifications include: GIAC x8, Certified Ethical Hacker, MCSE, VCP, CCSP, CCNP, CCDP and many other industry certifications.
You can follow Aaron on Twitter: @aaronwoland
My experience at Cisco Live 2018 in Orlando
I have had many people ask me about what Cisco Live is like, from my perspective as a long-time attendee and a member of the Hall of Fame Elite for speakers. While my perspective may be a bit different than your average attendee, I thought I’d give it a shot and write it up. Cisco … Continue reading My experience at Cisco Live 2018 in Orlando
Workaround to restore a non-supervised iOS backup onto a supervised iOS phone
The date was June 26th 2017. Cisco’s CEO, Chuck Robbins, was delivering his keynote at Cisco Live US in Las Vegas. Out comes a very special guest, Apple’s CEO, Tim Cook, who sat on a stool next to Chuck & they announced a few things to the world that were coming out of the Apple|Cisco … Continue reading Workaround to restore a non-supervised iOS backup onto a supervised iOS phone
The Journey Begins
Thanks for joining me! I am creating this as a location to blog without filter and without restriction. This is a work in progress, but I will be bringing my previous blog posts into this site and adding FULL blog entries instead of the limited ones my previous blog was restricted to. So much time … Continue reading The Journey Begins
Cisco ISE API for Certificate Provisioning
When we added a certificate authority (CA) to Cisco's ISE in version 1.3, there was a tremendous interest level from the field. Companies were looking for this functionality to make BYOD and secure network access from endpoints more secure and there was a LOT of buzz about this functionality. As the guy who flew all … Continue reading Cisco ISE API for Certificate Provisioning
Give me my Attribute mapping back for Sponsor Groups
In ISE 1.0 Cisco introduced an integrated Guest solution with a next-generation RADIUS-based policy server. That policy server was game-changing, certainly. Other companies responded to this market changing model by making some very strategic moves with their chess pieces to be similarly positioned. Figure 1 shows an example of the ISE 1.2.x (and below) Sponsor … Continue reading Give me my Attribute mapping back for Sponsor Groups
Standards for Secure-Network-Access
I'm amused at how often I hear negative comments about proprietary enhancements from Cisco. I am one of many (many, many, many) employees of Cisco who is actively involved in standards body organizations, including the IETF. Many of today's networking standards have started out as proprietary solutions that are available years prior to the standard being complete. … Continue reading Standards for Secure-Network-Access
MAB with Non-Cisco Devices
I'm sure Cisco would love to be the only network device that its customer have, and to be honest, there are many companies where that is true. However, it is just not the reality of 100% of companies that deploy Cisco ISE or ACS. One item in particular that I am asked about frequently is … Continue reading MAB with Non-Cisco Devices
Simply Put: How Does Certificate-Based Authentication Work?
I find a few universal truths when mentioning certificates to people. Most people I speak with consider them to be a very secure concept almost without fail. However upon mentioning that I want to talk about certificates: that person's face turns a slightly lighter shade, their eyes get a bit wider, and they have this … Continue reading Simply Put: How Does Certificate-Based Authentication Work?
Realm Stripping
I am often asked about support for “Realm Stripping”, albeit mostly by those in the University Space. It’s an interesting concept, certainly. The idea is that someone will issue an identity that includes some “routing” information within the identity. For example, a user may issue a username of: johndoe@somedomain.com. From that username, the RADIUS server … Continue reading Realm Stripping
Security of Everything 
You must be logged in to post a comment.