New TC7.3 is out

New features:
• Bring SX80, MX700/800 up to parity of C-Series in terms of features for easy adaptation
• Web snapshots: Warn user when snapshots are being taken
• SX80: Dual presentation outside call
• Faster software upgrade from web
• SX20 new OSD for passive mode (when using Touch)
• SpeakerTrack 60: Snap to whiteboard.
• Historical log bundles will include (anonymized) call history by default.
Bug fixes

• Fix for the POODLE Vulnerability (CSCur23723)
• Touch 8 may drop the endpoint network pairing (CSCup89614)
• Need command to disable CDP (CSCub26258)

Please read the release notes and download it her.

Project Squared and UC Manager Integration Demo | Collaboration Summit 2014 Keynote

DX80 demo

Jabber Demo

SX10 demo

WebRTC demo

Project Squared extends from your existing UC solution to complement it. This proof of concept demo shows that when someone calls you, the Cisco Collaboration Cloud finds exactly where you are.

Learn more about Cisco Collaboration Cloud: http://cs.co/9007QnAP.

Catalyst Switched Port Analyzer (SPAN) Configuration Example

Introduction

This link describes the recent features of the Switched Port Analyzer (SPAN) that have been implemented. The SPAN feature, which is sometimes called port mirroring or port monitoring, selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe device or other Remote Monitoring (RMON) probe. Previously, SPAN was a relatively basic feature on the Cisco Catalyst Series switches. However, the latest releases of the Catalyst OS (CatOS) introduced great enhancements and many new possibilities that are now available to the user. This link is not intended to be an alternate configuration guide for the SPAN feature. This link answers the most common questions about SPAN, such as:

  • What is SPAN and how do you configure it?
  • What are the different features available (especially multiple, simultaneous SPAN sessions), and what software level is necessary in order to run them?
  • Does SPAN affect switch performance?

See this link

 http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/10570-41.html

Using a Wireshark Hosts File for Quicker Analysis

Written by Chris Sanders

It’s no secret that I’m a big fan of Wireshark. While it isn’t always the best tool for every job, it is the best graphical packet analysis application you will find, and is a must have for NSM analysis. I wanted to share a quick tip that I use nearly every time I’m using Wireshark for analysis.

Most people know that Wireshark will do host name resolution. As a matter of fact, I generally recommend people disable this feature so that your analysis is not causing the generation of additional traffic on the wire when the machine you are running Wireshark from starts generating DNS queries for the hosts in your capture file. However, what a lot of people don’t know is that you can actually create a host file just for use by Wireshark so that you can easily identify certain IP addresses.

To do this, let’s start with a basic capture file. In Figure 1, there is some traffic being transmitted between a few different hosts.

WS-HostFile-Figure1

Figure 1: Traffic Between A Lot of Hosts

It’s pretty common in analysis to be required to examine packet captures that contain traffic from multiple hosts. When this happens, it can be confusing remembering which IP address is what. In this case, let’s say that we know that 192.168.3.35 is our friendly host, and 188.124.5.107 is the hostile host we are concerned about. Since there is a lot of other traffic to be found here, it would be nice if we could easily identify these hosts without committing these IP addresses to memory. I don’t know about you, but I’m horrible at remembering IP addresses. Especially when I’m having to juggle what may be multiple compromised systems or track down a web of systems involved in a compromise.

Let’s remedy this by creating a Wireshark host file. First, we need to tell Wireshark to perform name resolution for IP addresses from a host file. To do this, open Wireshark’s preference window (Edit -> Preferences on Windows or Wireshark -> Preferences on OS X). Then make sure that “Resolve network (IP) addresses” and “Only use the profile “hosts” file” are enabled. Also, disable “Use an external name resolver.” This is shown on an OS X system (running the latest dev version of Wireshark) in Figure 2.

WS-Hostname-Figure2

Figure 2: Enabling Host File Name Resolution

Now we need to create a host file. This file takes the same form as a Windows or Linux hosts file. In our case, we will create the following hosts file:

192.168.3.35     FRIENDLY
188.124.5.107    HOSTILE

The file should be saved in the following location depending on your architecture:

  • Windows: %USERPROFILE%\Application Data\Wireshark\hosts
  • OS X: /Users/username/.wireshark/hosts
  • Linux: /home/username/.wireshark/hosts

Now, all we have to do is relaunch Wireshark and our capture file is appropriately populated with names for the devices we are examining. This is shown in Figure 3.

WS-Hostname-Figure3

Figure 3: Our Traffic is Easier to Identify

There are a number of strategies you can use for labeling hosts. For instance, you can label hosts by whether they are internal or external to the network as we did here, or you can label them by role (web server 1, dns server 2, known botnet C&C, etc).

This is a pretty simple trick, but it saves me a lot of time and frustration. It also helps the accuracy of my analysis, because I’m less likely to confuse IP addresses this way. You can even create large hosts files that can be used to automatically label known entities on your network.

Collaboration Beyond the Boardroom

 

See the most sophisticated collaboration experience in action with the Cisco TelePresence IX5000.

Bring People Closer with Video

See telepresence and desktop collaboration solutions for your midsize business in action.

New TC 7.2.1 software is released

This is a bug fix version of TC7.2.1

•    Fix for ShellShock
•    Fix for Precision 60 camera reboot issue

Please read the release notes and download it her.

Conductor Shellshock Fixed versions are released

A maintenance release for Conductor release 2.3 (XC2.3.1) and Conductor release 2.4 (XC2.4.1) has been released and is available for download on cisco.com.

These release includes fixes for the Shellshock Bash vulnerabilities.

Get the update versions her.

TMSPE 1.3 software

These releases of TelePresence Management Suite  Provisioning Extension software supports TelePresence Server cascading in the CMR user portal among other features.

Further details can be found in the release notes.

The software and release notes are available for download from cisco.com.

Conductor XC2.4

New Conductor XC2.4 Software is ready now, get it here

And see release notes here