Recently, Cisco issued a vulnerability notification for the specific IOS (Internetwork Operating System) version of some switches. That is, Cisco found that when a specific version of IOS, when a user starts FTP or Telnet action, as long as the authentication action is combined at the same time, an abnormal situation of remote data buffer overflow may occur. Therefore, it is recommended that users can solve the problem by updating the IOS software version, or to enable authentication settings simultaneously when FTP and Telnet are turned off, which can also avoid the occurrence of this network vulnerability. However, if the user initiates the authentication action through HTTP or HTTPS, there will be no problem.
In fact, the Internet security vulnerability in IOS is not an unexpected problem, because Cisco has quite a lot of IOS functions and is integrated with network-related connection methods. If problems occur, it is very difficult to be honest. Since IOS mainly uses L2/L3 Switch as its main application market, and most of these architectures are based on the company's internal basic network, unless there are specific people in the company deliberately attacking existing network devices, there is little chance that the company will have a basic network architecture crash due to IOS vulnerabilities.
Even though firewalls have become basic equipment for corporate networks, firewalls can effectively separate public networks from internal networks, network attacks are becoming more and more diverse, and there are even viruses or spy software. They can poison internal computers through browser vulnerabilities and even launch attacks within the company. Therefore, many IDP and IPS manufacturers have proposed to let IDP and IPS defend the security of IOS network equipment in the enterprise. In addition to effectively preventing the possible problems caused by IOS vulnerabilities, they can also increase defense and coping capabilities for enterprise security.
However, this IOS network vulnerability will not cause problems in the new version of IOS XR architecture. It is understood that the XR version of IOS has tried to prevent possible network vulnerabilities in advance. In addition to effectively ensuring the functionality of XR, it can also increase the security of network operations. Therefore, some business personnel said that when Cisco announced the launch of the IOS XR version of the product, since XR can effectively improve the security of existing IOS, many customers purchased it in advance long before the official product was launched, hoping to use the XR version to enhance the basic network security of the enterprise. Article entry: csh Editor in charge: csh
In fact, the Internet security vulnerability in IOS is not an unexpected problem, because Cisco has quite a lot of IOS functions and is integrated with network-related connection methods. If problems occur, it is very difficult to be honest. Since IOS mainly uses L2/L3 Switch as its main application market, and most of these architectures are based on the company's internal basic network, unless there are specific people in the company deliberately attacking existing network devices, there is little chance that the company will have a basic network architecture crash due to IOS vulnerabilities.
Even though firewalls have become basic equipment for corporate networks, firewalls can effectively separate public networks from internal networks, network attacks are becoming more and more diverse, and there are even viruses or spy software. They can poison internal computers through browser vulnerabilities and even launch attacks within the company. Therefore, many IDP and IPS manufacturers have proposed to let IDP and IPS defend the security of IOS network equipment in the enterprise. In addition to effectively preventing the possible problems caused by IOS vulnerabilities, they can also increase defense and coping capabilities for enterprise security.
However, this IOS network vulnerability will not cause problems in the new version of IOS XR architecture. It is understood that the XR version of IOS has tried to prevent possible network vulnerabilities in advance. In addition to effectively ensuring the functionality of XR, it can also increase the security of network operations. Therefore, some business personnel said that when Cisco announced the launch of the IOS XR version of the product, since XR can effectively improve the security of existing IOS, many customers purchased it in advance long before the official product was launched, hoping to use the XR version to enhance the basic network security of the enterprise. Article entry: csh Editor in charge: csh