Cisco to Buy Cloud Security Company OpenDNS for $635M in Cash

Cisco announced its intent to purchase the cloud security company OpenDNS $ 635 million this morning. There is probably no coincidence that Cisco was one of the investors 2014.The $ 635 million paid in cash and assumed equity awards in one round of $ 35 million May and retention incentives based OpenDNS, according to data supplied by Cisco.

OpenDNS provides Cisco, a network provider that offers protection from the most traditional edge network, software as a service provider that provides a secure transmission on any device, anywhere, anytime. Purchases may be made on the strategy of Cisco to add a layer of security in the cloud is based, according to a blog post by Hilton Romanski, of Business Development at Cisco forwards.

"The acquisition is our ability to provide customers to expand with better visibility and a threat to the protection of entry points provide uncontrolled and potentially unsafe network, and deploy and integrate these skills as part of their defense architecture quickly and efficiently", in his blog Romanski he wrote there.

OpenDNS has raised $ 51.3 million, according to CrunchBase, so the $ 635 million price should investors a good return.David Ulevitch, founder and CEO was early morning and clearly enthusiastic about the matter, but was not prepared to comment on the I History, I, relying on Cisco communications people.

OpenDNS team will join the group of companies Cisco Security. He expects the transaction to close in the first quarter of fiscal 2016.

OpenDNS has more than 10,000 paying customers, more than 50 million users (through its free service). 24 data centers runs and maintains more than 2 percent of the DNS traffic in the world with an amazing 100 percent uptime, was launched last year.The service according to the company provided Originally as consumer services for parents to protect children online, said Ulevitch TechCrunch in an interview last year.

"We have tens of millions of users from the beginning of 2006 had," he said.

The company launched its product business in 2009. It just does block out bad traffic and a good traffic flow and thus act as a protective layer between the user and the Internet, Ulevitch explained at the time.

Cisco has shown that it continues to offer the free version of OpenDNS. "DNS services free OpenDNS will not be affected. Cisco is now committed to providing services for consumers and DNS of OpenDNS '. Sending pass the products to Cisco OpenDNS completion of the acquisition," said a spokesman wrote via email.

640-722 Exam Question

QUESTION NO : 23

Which statement correctly describes the procedure for a lightweight AP to successfully establish a connection to a controller?

A. The AP authenticates the received Cisco WLC certificate as valid. The AP then sends its certificate to the controller.
B. The AP sends its certificate to the controller. The AP then authenticates the received Cisco WLC certificate as valid.
C. The AP sends its certificate to the RADIUS server. The AP then authenticates the controller certificate as valid.
D. The AP sends its certificate to the RADIUS server. The AP then authenticates the RADIUS certificate as valid.
E. The AP authenticates the received RADIUS server certificate as valid. The AP then sends its certificate to the RADIUS server.
F. The AP authenticates the received RADIUS server certificate as valid. The AP then sends its certificate to the controller.

Correct Answer: B

640-722 Exam Question

QUESTION NO : 22

Which two items are needed to discover the IP address of a new Cisco Aironet 1260 autonomous AP that just finished booting? (Choose two.)

A. username = "cisco" and password = "cisco"
B. username = "Admin" and password = "Cisco"
C. username=Cisco and password=Cisco
D. show int vlan1
E. show int bvi1
F. show int gigabitethernet0
G. show int radio0-802.11n
H. show int radio1-802.11n

Correct Answer: C,E

Default SSH Key Found in Many Cisco Security Appliances

Many Cisco security devices contain default SSH authorized keys that can allow an attacker to connect to device and take almost any action you choose. The company said all of its Virtual Appliance Web Security, Email Security Appliances virtual, content management and security virtual appliances are affected by the vulnerability.

This error is almost as bad as they come on business. An attacker who is able to discover the default SSH key would have virtually free reign of vulnerable boxes, which, given Cisco's market share and presence of the company around the world, it is likely that a high number . Apparently the default key inserted in the software support for reasons.

"Vulnerability in Remote Support feature WSAV Cisco, Cisco Esau Software and Cisco AVMS could allow a remote, unauthenticated attacker to connect to the affected system with root privileges," says Cisco advisor.

"The vulnerability is due to the presence of an authorized default SSH key that is shared by all institutions WSAV, Esau and AVMS. An attacker could exploit the vulnerability by getting the private SSH key and use it to connect any WSAV Esau or AVMS. An exploit could allow the attacker to access the system with root privileges. "

Security researchers say the Cisco failure is unfortunately not unique, and that is an example of a larger problem in the industry."Like most providers recognize that the administration telnet firmware base distance is a bad idea, management consoles Secure Shell (SSH) based increasingly common.

Unfortunately, sometimes these sellers sent by mistake SSH default keyboard across a full range of products.Much better than telnet, everything you need for an attacker to compromise these devices is to get hold of one of them (or Internet firmware mirror), remove the key, and then go to town, "said Tod Beardsley, the Rapid7 security engineering director.

"As we move through these devices, it is recommended that providers place a procedure for 'first start' that dynamically generates a unique SSH key to the device. In this way, the keys are different by the client and not shared among all clients and the one who gets the rest awaiting the key. Note that usually, these devices have no open ports to the administration of the Internet, so that perpetrators usually need to be on the network Local (physical or over a VPN that also has access to Cisco gear in question).

"There are several Metasploit modules available for vulnerabilities like from a variety of suppliers, because once you have the key, the Metasploit module is dead easy to write."
Beardsley said Rapid7 is building a key store SSH known bad and expect to see key Cisco there soon.THE VULNERABILITY An attacker would essentially undetected access to a target system and operate Cisco said the error is simple, especially if an attacker has a man-in-the-middle position in a destination network.

"Exploitation of this vulnerability in Cisco AVMS is possible in all cases where AVMS is used to manage safely the contents of the device. Successful exploitation of this vulnerability in Cisco AVMS it allows an attacker to decrypt communication AVMS, AVMS usurp the identity, and send the modified data to a configured device content. An attacker can exploit this vulnerability on a communication link for any content security apparatus never administered any AVMS "says the notice.

Cisco says there is no solution for the vulnerability, but has published patches for all affected versions of software. The company said the vulnerability has been discovered during testing of internal security. Vulnerable devices offer a variety of safety features, including content, e-mail and Web security.

640-722 Exam Question

QUESTION NO : 21

Which two factors must be considered when evaluating an RF interferer for severity? (Choose two.)

A. distance from the AP
B. dBm
C. the type of security crack being used
D. duty cycle
E. number of interfering IP stations in the cell
F. duplicate SSID

Correct Answer: B,D

Ex-Cisco CTO Padmasree Warrior Uses Haiku and Painting to Find Balance in Work, Life

Former Cisco CTO Padmasree Warrior is a painter and a poet haiku and one of the leading women executives in the world of technology.

For her, art and technology are related. Create art and stressed that this is an amateur artist some of the same challenges of communication and innovation through the creation of new high-tech products, he said.

She also talked about how art helped her weekly "digital detox" and get some perspective on your work if necessary, at a time when he was working seven days a week without interruption. In this way, by what art it is like exercise or other recreational activities: You may not feel you have time to do, but it really helps.

"If you take that time off and come back, you move efficiently," Guerrero said. "What you can not think about work - art, running, unstructured time makes you a better person," he said Guerrero spoke on stage at the conference Tech Bloomberg today. in a speech entitled "The Art and Science of the Code."

Guerrero has been at Cisco since 2008. In recent years has been working in procurement, and distinguished Cisco acquires Meraki and stresses in particular that Sourcefire.

"It's time for the industry to do something different," he said. "For me, I want to go do something very different."

Some of his haiku, which often publishes his Twitter account:

When thoughts come to rest
Each site of a memory
Blessed with defects Home

Rumble ocean
You traces gone, not forgotten
Even arena, a new path

Guerrero took a seat on the Board of Directors Box in March. She resigned as chief technology officer of Cisco, on June 2, but remains as a strategic advisor to the business.

640-722 Exam Question

QUESTION NO : 20


Which statement about an infrastructure basic service set is true according to IEEE 802.11 specifications?

A. The set also is called an ad hoc network.
B. The BSSID is generated from the first wireless client that starts up in the IBSS.
C. The set enables the use of ESS.
D. No signals are relayed from one client to another client.

Correct Answer: C