Archive

Category Archives for "Networking"

16 Blockchain Disruptions

I am more than happy to publish the new infographic "16 Blockchain Disruptions" with the help of my friends from bitfortune.net.  As we know, blockchain enables decentralized transactions across a P2P network. The infographic lists 16 different industries that benefits from using the blockchain technology. Enjoy reading.

 

16 Blockchain Disruptions

I am more than happy to publish the new infographic "16 Blockchain Disruptions" with the help of my friends from bitfortune.net.  As we know, blockchain enables decentralized transactions across a P2P network. The infographic lists 16 different industries that benefits from using the blockchain technology. Enjoy reading.

 

Getting grounded in IoT networking and security

download Getting grounded in IoT networking and security The internet of things already consists of nearly triple the number of devices as there are people in the world, and as more and more of these devices creep into enterprise networks it’s important to understand their requirements and how they differ from other IT gear.To read this article in full, please click here

Getting grounded in IoT networking and security

download Getting grounded in IoT networking and security The internet of things already consists of nearly triple the number of devices as there are people in the world, and as more and more of these devices creep into enterprise networks it’s important to understand their requirements and how they differ from other IT gear.To read this article in full, please click here

Getting grounded in IoT networking and security

download Getting grounded in IoT networking and security The internet of things already consists of nearly triple the number of devices as there are people in the world, and as more and more of these devices creep into enterprise networks it’s important to understand their requirements and how they differ from other IT gear.To read this article in full, please click here

Please don’t register to South Africa/Johannesburg CCDE Class, it is full !

Hi Everyone,   I would like to inform you that Instructor Led CCDE Class in South Africa/Johannesburg Training is full. So please don’t register for it.   Having more people will reduce the time required for discussions. Those who attended any of my earlier class know that we have already very packed agenda, approximately 2000 […]

The post Please don’t register to South Africa/Johannesburg CCDE Class, it is full ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Please don’t register to South Africa/Johannesburg CCDE Class, it is full !

Hi Everyone,   I would like to inform you that Instructor Led CCDE Class in South Africa/Johannesburg Training is full. So please don’t register for it.   Having more people will reduce the time required for discussions. Those who attended any of my earlier class know that we have already very packed agenda, approximately 2000 …

The post Please don’t register to South Africa/Johannesburg CCDE Class, it is full ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Please don’t register to South Africa/Johannesburg CCDE Class, it is full !

Hi Everyone,   I would like to inform you that Instructor Led CCDE Class in South Africa/Johannesburg Training is full. So please don’t register for it.   Having more people will reduce the time required for discussions. Those who attended any of my earlier class know that we have already very packed agenda, approximately 2000 …

The post Please don’t register to South Africa/Johannesburg CCDE Class, it is full ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Different IGP and BGP Methodologies of Multi National Service Providers

Different IGP and BGP Methodologies of Multi National Service Providers. I mentioned two different IGP and BGP design approaches for two different Multi National Service Providers in my last CCDE course   Both are these operators in Africa and one of them has an operation in 4 and another has an operation in 5 countries.   […]

The post Different IGP and BGP Methodologies of Multi National Service Providers appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Different IGP and BGP Methodologies of Multi National Service Providers

Different IGP and BGP Methodologies of Multi National Service Providers. I mentioned two different IGP and BGP design approaches for two different Multi National Service Providers in my last CCDE course   Both are these operators in Africa and one of them has an operation in 4 and another has an operation in 5 countries.   …

The post Different IGP and BGP Methodologies of Multi National Service Providers appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Different IGP and BGP Methodologies of Multi National Service Providers

Different IGP and BGP Methodologies of Multi National Service Providers. I mentioned two different IGP and BGP design approaches for two different Multi National Service Providers in my last CCDE course   Both are these operators in Africa and one of them has an operation in 4 and another has an operation in 5 countries.   …

The post Different IGP and BGP Methodologies of Multi National Service Providers appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Validating SGT Inline with Netflow and Embedded Packet Capture

In the last article, Learning TrustSec, An Introduction to Inline Tagging, we took a quick look at manual configuration of SGT Inline Tagging in a manual configuration. We also performed some validation with show commands and proved the operation by enabling enforcement.

In today’s article, we will perform slightly deeper validation of the inline imposition itself. For this process, we will use Netflow and Embedded Packet Capture. I happen to know that there is already EIGRP traversing the link that will help produce some output. Let’s just jump right in with a very basic Netflow configuration.

Netflow Configuration

//you could additionally configure and exporter
//if there is a proper netflow collector

flow record my_record_output
 match flow cts source group-tag
 match flow cts destination group-tag
 match ipv4 source address
 match ipv4 destination address
 match ipv4 protocol
 match transport source-port
 match transport destination-port
flow monitor my_monitor_output
 record my_record_output
!
interface GigabitEthernet1/0/1
 description trunk to c9kSW2
 switchport mode trunk
 ip flow monitor my_monitor_output output
 cts manual
  policy static sgt 100 trusted

Verification Using Netflow

c9kSW1#show flow monitor my_monitor_output cache
  Cache type:                               Normal (Platform cache)
  Cache size:                                10000
  Current entries:                               1

  Flows added:                                   9
  Flows aged:                                    8
    - Active timeout      (  1800 secs)          2
    -  Continue reading

Validating SGT Inline with Netflow and Embedded Packet Capture

In the last article, Learning TrustSec, An Introduction to Inline Tagging, we took a quick look at manual configuration of SGT Inline Tagging in a manual configuration. We also performed some validation with show commands and proved the operation by enabling enforcement.

In today’s article, we will perform slightly deeper validation of the inline imposition itself. For this process, we will use Netflow and Embedded Packet Capture. I happen to know that there is already EIGRP traversing the link that will help produce some output. Let’s just jump right in with a very basic Netflow configuration.

Netflow Configuration

//you could additionally configure and exporter
//if there is a proper netflow collector

flow record my_record_output
 match flow cts source group-tag
 match flow cts destination group-tag
 match ipv4 source address
 match ipv4 destination address
 match ipv4 protocol
 match transport source-port
 match transport destination-port
flow monitor my_monitor_output
 record my_record_output
!
interface GigabitEthernet1/0/1
 description trunk to c9kSW2
 switchport mode trunk
 ip flow monitor my_monitor_output output
 cts manual
  policy static sgt 100 trusted

Verification Using Netflow

c9kSW1#show flow monitor my_monitor_output cache
  Cache type:                               Normal (Platform cache)
  Cache size:                                10000
  Current entries:                               1

  Flows added:                                   9
  Flows aged:                                    8
    - Active timeout      (  1800 secs)          2
    -  Continue reading

Validating SGT Inline with Netflow and Embedded Packet Capture

In the last article, Learning TrustSec, An Introduction to Inline Tagging, we took a quick look at manual configuration of SGT Inline Tagging in a manual configuration. We also performed some validation with show commands and proved the operation by enabling enforcement.

In today’s article, we will perform slightly deeper validation of the inline imposition itself. For this process, we will use Netflow and Embedded Packet Capture. I happen to know that there is already EIGRP traversing the link that will help produce some output. Let’s just jump right in with a very basic Netflow configuration.

Netflow Configuration

//you could additionally configure and exporter
//if there is a proper netflow collector

flow record my_record_output
 match flow cts source group-tag
 match flow cts destination group-tag
 match ipv4 source address
 match ipv4 destination address
 match ipv4 protocol
 match transport source-port
 match transport destination-port
flow monitor my_monitor_output
 record my_record_output
!
interface GigabitEthernet1/0/1
 description trunk to c9kSW2
 switchport mode trunk
 ip flow monitor my_monitor_output output
 cts manual
  policy static sgt 100 trusted

Verification Using Netflow

c9kSW1#show flow monitor my_monitor_output cache
  Cache type:                               Normal (Platform cache)
  Cache size:                                10000
  Current entries:                               1

  Flows added:                                   9
  Flows aged:                                    8
    - Active timeout      (  1800 secs)          2
    -  Continue reading