This past week I was fortunate enough to attend Cisco Live 2009 in San Francisco California. I wanted to share with you my experiences this week in case you weren't able to be there. If you have never been to a Cisco Live event I highly recommend that you make your plans to attend the 2010 event in Las Vegas. Read more
If you are considering a network design that has a ring topology and you desire to use Ethernet then you should first be aware of the issues of using Ethernet with a ring architecture. Ethernet is traditionally thought of a as a bus or star topology. With the pervasiveness of Ethernet technology you may find yourself contemplating using Ethernet with a ring architecture. These new extensions to spanning tree allow for fast convergence of Ethernet ring topologies. Read more
VLAN Membership Policy Server (VMPS) was a technology that, at a point in time, provided a way for organizations to control access to their networks. A few organizations embraced it and after a few years they found it to be an albatross around their neck. However, getting away from VMPS was not so easy and the longer they delay, the harder the breakup becomes. Read more
The criticality of networks is constantly increasing as the applications that utilize the infrastructure grow in importance. Instead of striving for five-9s of reliability (99.999%) why not just aim for 100% availability because that is what the requirements dictate. That begs the question, how would you design a data network if the goal was to achieve 100% availability? Read more
Recently, Cisco released their latest version of Adaptive Security Appliance (ASA) 5500 software release 8.2. This new version has some new features that I wanted to share with you so that you will know what to expect when you upgrade your ASA firewall. These features include IPv6 support for ASDM and transparent firewall, Botnet Traffic Filter, SNMPv3, IPv6 IPS 6.2 support, among others. Read more
This week I attended the 2009 Future-Net-Expo conference in Boston. This event is a service-provider-focused event that has historically focused on MPLS, Metro Ethernet, and next-generation network technologies. I wanted to share with you what I experienced at the event and some of the great information presented. Read more
The Internet security threat landscape continues to evolve and we must keep up on the current trends. There are places to look for authoritative guidance on the rapidly-changing security technology evolution. One thing we can look at is the numerous annual security reports that organizations publish. In this blog entry I share with you some of the key industry analysis on security trends to help you stay ahead of the wave. Read more
This week the 2nd annual 2009 Rocky Mountain IPv6 Summit was held in Denver Colorado. This event is put on by the Rocky Mountain IPv6 Task Force and the University of Denver. The IPv6 Summit is a 2-day IPv6 educational event that is FREE to attend. While well over 400 people registered for the event, the event attracted 300 people over the two days. Read more
Is it just me or are organizations placing continuously higher expectations on the availability of their networks. The past few weeks I have been helping an organization prepare for a network change window that was only going to be two hours long. I had 60-some pages of changes that all needed to happen in a short period of time without any mistakes. There is a definite trend for organizations to reduce the number and duration of change windows as a way to increase network availability. Read more
Just this last week several customers have ironically all asked me the exact same question. “Can we use an Ethernet switch instead of a router for our Internet EBGP peering to our ISP(s)?” While switches have gained more routing capabilities in recent years there are some caveats you should be aware of when making this decision. Read more
This week I was fortunate enough to attend the Google IPv6 Implementors Conference. This event was a gathering of the top technical experts working on furthering IPv6 deployment around the world. Since this event was a small gathering I wanted to take this opportunity to share with you what was covered and why this was a significant event. Read more
If your company is like many others these days they may have cut the training budget. However, you owe it to yourself to take ownership of your own professional development. Therefore you may need to be creative about inexpensive or Free sources of education to keep your skills sharp and continue to develop new skills as technology continues to evolve. Read more
Just about everywhere you look these days you are sure to see companies looking to make the IT industry “Green”. While the focus tends to be on reducing consumption of power as a way to offset your carbon footprint, recycling is still an important component of any comprehensive green IT strategy. Read more
Many organizations are contemplating upgrading their core networks to 10Gbps links while some organizations have already implemented a 10Gbps core infrastructure. When you upgrade the core then other networking functions become candidates for upgrade. It is important to determine if your security systems must also be able to function at 10Gbps speeds. Read more
In Cisco LAN switch environments the native VLAN is typically untagged on 802.1Q trunk ports. This can lead to a security vulnerability in your network environment. It is a best practice to explicitly tag the native VLAN in order to prevent against crafted 802.1Q double-tagged packets from traversing VLANs. Read more
The Firewall Services Module (FWSM) in a Cisco 6500 switch has been the system of choice for those seeking to achieve over 5 Gbps of stateful firewall forwarding performance with over 100K connections/second and over 1 million active connections. On February 9th, 2009 Cisco released Firewall Services Module (FWSM) software version 4.0.4 which has some important new features. Simply by upgraded the software to this version several features are added that can increase the performance of your FWSMs. Read more
I am amazed by the number of networks that I encounter that do not have optimal spanning tree configurations. I first read Radia Perlman’s book “Interconnections” back in 1994. I am amazed that 15 years later we are still dealing with spanning tree protocol (STP) issues in networks. Read more
I knew the topic of IPv6 Security was likely to see many changes in the years to come because it is such a dynamically evolving technology area. One of the topics that didn’t make it into our book on IPv6 Security was Cisco’s Intrusion Prevention System (IPS) 6.2. Read more
The more some things change the more they same the same. That is certainly true for the IPv6 support in Windows 7. Even though Windows 7 is the latest Microsoft desktop operating system, its IPv6 support is very similar to the features inside Vista and Server 2008. Read more
The vulnerabilities in the Border Gateway Protocol (BGP) have been widely known for many years now. The threats range from attacking the TCP port 179 connections between peers, injecting false information into the global routing database, trying to create a Denial of Service (DoS) condition, or reroute traffic to perform a Man-in-the-Middle (MITM) attack. Read more
Advertisement: |
The Leader in Network Knowledge
