Chapter 1 Introduction
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
From this site, you can perform these tasks:
Report security vulnerabilities in Cisco products.
Obtain assistance with security incidents that involve Cisco products.
Register to receive security information from Cisco.
A current list of security advisories and notices for Cisco products is available at this URL:
http://www.cisco.com/go/psirt
If you prefer to see advisories and notices as they are updated in real time, you can access a
Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this
URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally before we
release them, and we strive to correct all vulnerabilities quickly. If you think that you might have
identified a vulnerability in a Cisco product, contact PSIRT:
Emergencies—security-alert@cisco.com
Nonemergencies—psirt@cisco.com
We encourage you to use Pretty Good Privacy (PGP) or a compatible product to encrypt any
Tip
sensitive information that you send to Cisco. PSIRT can work from encrypted information that is
compatible with PGP versions 2.x through 8.x. Never use a revoked or an expired encryption key.
The correct public key to use in your correspondence with PSIRT is the one that has the most
recent creation date in this public key server list:
http://pgp.mit.edu:11371/pks/lookup?search=psirt%40cisco.com&op=index&ex
In an emergency, you can also reach PSIRT by telephone:
1 877 228-7302
•
1 408 525-6532
•
1-10 CallConnector Operator
act=on