Archive

Category Archives for "Networking"

Cisco Meraki Security – Meraki MX Security Appliances


Meraki Cloud Managed Security Appliance Series 

Today I am going to talk about Cisco acquired Meraki or Cisco Meraki MX Security Appliances. These appliances are ideal for organizations with large numbers of distributed sites. Since the MX is 100% cloud managed, installation and remote management is simple.  So it means that these security appliances will be managed on cloud.The Meraki MX has a comprehensive suite of network services, eliminating the need for multiple appliances. These services include Layer 7 application firewall, content filtering, web search filtering with intrusion prevention, web caching, Intelligent WAN with multiple uplinks and 4G failover. 

Fig 1.1- Cisco Meraki MX Security Appliances

Security Features 
  • With the help of Meraki MX Security appliances we can have Application-aware traffic control which can set bandwidth policies based on Layer 7 application type (e.g., YouTube, Skype, P2P). 
  • Another best feature is the content Filtering which can be used as CIPA-compliant content filtering and safe search enforcement.
  • Meraki based Intrusion prevention ( IPS feature) : PCI-compliant IPS sensor using industry-leading SNORT signature database from Cisco Sourcefire. 
  • With the help of Meraki MX security appliances, you can have the Anti-virus and anti-phishing with flow Continue reading

Episode 14 – Digging Deep into the IS-IS Routing Protocol

In a return to our routing protocol series, Russ White and Nick Russo join Network Collective to talk about some of the intricacies of the IS-IS routing protocol. While not usually found in enterprises, Service Providers have used IS-IS as the underlay to their MPLS networks and it is starting to make an appearance as the underlay to several newer enterprise technologies. If you’ve been curious about how it works, and how it is different than what you use today, this show is for you.
 

Russ White
Guest
Nicholas Russo
Guest

Jordan Martin
Co-Host
Eyvonne Sharp
Co-Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post Episode 14 – Digging Deep into the IS-IS Routing Protocol appeared first on Network Collective.

Episode 14 – Digging Deep into the IS-IS Routing Protocol

In a return to our routing protocol series, Russ White and Nick Russo join Network Collective to talk about some of the intricacies of the IS-IS routing protocol. While not usually found in enterprises, Service Providers have used IS-IS as the underlay to their MPLS networks and it is starting to make an appearance as the underlay to several newer enterprise technologies. If you’ve been curious about how it works, and how it is different than what you use today, this show is for you.

 

Show Links

https://www.iso.org/standard/30932.html

https://tools.ietf.org/html/rfc1142

https://en.wikipedia.org/wiki/Dijkstra%27s_algorithm

 

Show Notes

  • IS-IS Characteristics
    • IS-IS is a graph
      • Vertices, edges, link types, cost
      • Uses Dijkstra’s algorithm
      • Based on Type Link Value protocol (TLV) instead of fixed type fields which allows IS-IS to be very extensible
      • Similar to OSPF, but the P-node is called the DIS, not the DR, and behaves a bit differently
      • Originally built for host routing
    • Not an IP protocol
      • direct encapsulation to L2, ethertype 0xFEFE
      • Provides some inherent security benefits (very hard to reach in and attack; OSPF solved this with TTL security)
    • QoS over L2VPNs

Worth Reading: Responsible Encryption Fallacies

Moreover, instead being a solution to cyber threats, law enforcement has become a threat itself. The DNC didn’t have the FBI investigate the attacks from Russia likely because they didn’t want the FBI reading all their files, finding wrongdoing by the DNC. It’s not that they did anything actually wrong, but it’s more like that famous quote from Richelieu “Give me six words written by the most honest of men and I’ll find something to hang him by”. Give all your internal emails over to the FBI and I’m certain they’ll find something to hang you by, if they want. —Robert Graham @ Errata Security

The post Worth Reading: Responsible Encryption Fallacies appeared first on rule 11 reader.

IDG Contributor Network: 5 cloud computing trends to prepare for in 2018

As we enter the last quarter of 2017, business and IT executives are turning more of their attention to how they can use technology to accomplish their 2018 business objectives. We’ve compiled a list of five trends in cloud computing that strategic businesses will prepare for in the coming year.1. Exponential growth in cloud services solutions Software as a Service (SaaS) opened a flexible and financially attractive door for businesses and consumers to try early cloud services. The growth of infrastructure and platform as a service (Iaas and PaaS, respectively) has expanded the number of cloud solutions available in the public and private sectors. In 2018, we expect to see many more organizations take advantage of the simplicity and high-performance the cloud guarantees.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 5 cloud computing trends to prepare for in 2018

As we enter the last quarter of 2017, business and IT executives are turning more of their attention to how they can use technology to accomplish their 2018 business objectives. We’ve compiled a list of five trends in cloud computing that strategic businesses will prepare for in the coming year.1. Exponential growth in cloud services solutions Software as a Service (SaaS) opened a flexible and financially attractive door for businesses and consumers to try early cloud services. The growth of infrastructure and platform as a service (Iaas and PaaS, respectively) has expanded the number of cloud solutions available in the public and private sectors. In 2018, we expect to see many more organizations take advantage of the simplicity and high-performance the cloud guarantees.To read this article in full or to leave a comment, please click here

48% off Kidde Carbon Monoxide Alarm with Display and 10 Year Battery – Deal Alert

Carbon Monoxide is odorless, tasteless and invisible, and it accounts for over 72,000 cases of poisoning each year. Kidde calls their C3010D model "worry free" because its sensor and sealed battery provide 10 years of uninterrupted CO detection, and a digital display that updates every 15 seconds. The unit will chirp when its reaching the ends of its life, so you don't have to wonder. The Kidde C3010D alarm is currently discounted down to just $27.93. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

48% off Kidde Carbon Monoxide Alarm with Display and 10 Year Battery – Deal Alert

Carbon Monoxide is odorless, tasteless and invisible, and it accounts for over 72,000 cases of poisoning each year. Kidde calls their C3010D model "worry free" because its sensor and sealed battery provide 10 years of uninterrupted CO detection, and a digital display that updates every 15 seconds. The unit will chirp when its reaching the ends of its life, so you don't have to wonder. The Kidde C3010D alarm is currently discounted down to just $27.93. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

IPv6 prefix assignment BCOP published as RIPE-690

We’re pleased to announce that after a year of intensive work by IPv6 experts around the world, supported by the Deploy360 team, the RIPE community has reached consensus on the Best Current Operational Practices (BCOP) for IPv6 prefix assignment for end-users – persistent vs non persistent and what size to choose. These were officially published as RIPE-690 this week.

RIPE-690 outlines best current operational practices for the assignment of IPv6 prefixes (i.e. a block of IPv6 addresses) for end-users, as making wrong choices when designing an IPv6 network will eventually have negative implications for deployment and require further effort such as renumbering when the network is already in operation. In particular, assigning IPv6 prefixes longer than /56 to residential customers is strong discouraged, with /48 recommended for business customers. This will allow plenty of space for future expansion and sub-netting without the need for renumbering, whilst persistent prefixes (i.e. static) should be highly preferred for simplicity, stability and cost reasons.

The target audience of RIPE-690 is technical staff working in ISPs and other network operators who currently provide or intend to provide IPv6 services to residential or business end-users. Up until now, there have been no clear Continue reading

Canonical CEO Mark Shuttleworth: IoT, Ubuntu and the yogurt of the future

Canonical founder and CEO Mark Shuttleworth is one of the most prominent people in open source software.Ubuntu, the GNU/Linux-based operating system that he helped birth in 2004 is now one of the best-known open source projects in the world, accounting for a vast proportion of the Linux VMs in the public cloud and huge numbers of connected devices.He sat down with Network World Senior Writer Jon Gold to talk about the future of IoT and the evolution of technology.NW: One thing that’s interesting about IoT is that new tech is coming from companies that you wouldn’t consider traditional IT vendors.MS: The thing I personally love about IoT is that it’s genuine entrepreneurship – but the thing about IoT is that literally anybody that finds themselves in a particular situation is able to see how taking a small piece of electronics and some software in a particular context to make something better. So that makes it just a lot of fun from an entrepreneurial point of view.To read this article in full or to leave a comment, please click here

1 1,562 1,563 1,564 1,565 1,566 3,419