Cisco has recently advised that some of its products have WannaCry vulnerabilities. Paul Calatayud, CTO at FireMon commented below.
Paul Calatayud, CTO at FireMon:
“When systems on your network are potentially exploitable to vulnerabilities that cannot be patched, mitigating controls are necessary. The most common and first place to start is network control mitigation. WannaCry needs to exploit a system by accessing the network on internet protocols. For those systems that cannot be patched, place behind a firewall or activate specific policies that prevent those systems from communicating with the internet thus eliminating this particular threat. The challenge is complex networks, so figuring out which firewalls and what specific policies need to be modified. To address this, network security policy management strategies are absolutely essential in both identification and validation of proper policy enforcement. Technologies that automate and assist in this are available.”
