In response to my article about what would cause a directly connected route to be overridden, Matt Love (@showflogi) made a good observation:
Good stuff – LPM rule can be a useful tool if you want to manipulate paths without mucking with metrics, esp if using multiple protocols
— Matt Love (@showflogi) July 13, 2017
What Matt is saying is that longest prefix match (LPM) is a mechanism that can be used to steer traffic around the network in order to meet a technical or business need. This type of traffic steering is called traffic engineering (TE).
LPM refers to how route lookups work on a Layer 3 device: the longest, most-specific match is always chosen. Like I explained in the prior post, if the routing table contains 10.10.10.0/24 and 10.10.10.64/26, the latter route will be used to forward traffic to 10.10.10.100 (as an example) because a /26 is longer (ie, has a longer prefix length) and is therefore more specific. We can use this behavior to direct traffic towards 10.10.10.100 over a specific interface or via a specific path (ie, a path with Continue reading
It’s like Microsoft Azure Stack, but on Oracle hardware and software.
Artificial intelligence is coming. Is your data center ready?
Know an amazing woman or girl in tech who’s working for access, skills, or leadership? Why not shine the light on them and nominate them for an EqualsInTech Award!
Equals is an initiative delivered by a committed partnership of ITU, UN Women, GSMA, ITC, and UN University joined by the Internet Society and over 20 corporate leaders, governments, non-profit organizations, communities, and individuals around the world working together to bridge the digital gender divide – by bringing women to tech, and tech to women.
Peter Welcher offers tips for expanding your design skills and discusses campus network segmentation options.
Is engineering talent disappearing from the enterprise? Our panel thinks so, and has a conversation about the implications for both businesses and individuals. This episode was recorded at Cisco Live 2017 in Las Vegas, NV.
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
Audio Only Podcast Feed:
The post Off The Cuff – Engineering In The Enterprise appeared first on Network Collective.
Is engineering talent disappearing from the enterprise? Our panel thinks so, and has a conversation about the implications for both businesses and individuals. This episode was recorded at Cisco Live 2017 in Las Vegas, NV.
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
Audio Only Podcast Feed:
The post Off The Cuff – Engineering In The Enterprise appeared first on Network Collective.
The use of geolocation is fairly obvious in monitoring networks with Firepower Management Center. What may be less obvious is that Continents and Countries can also be specified as the source or destination of connections in an Access Control Policy. Basically, this geographical information becomes one more match criteria that can be used to identify traffic for a block or allow action.
To get to this capability, open the Access Control Policy that is in use by the Firepower device. Within the policy, open or create an applicable rule. On the network tab (where you configure the source and destination addresses) a Geolocation tab can also be found. Clicking on this tab exposes Continents and Countries. These can be added as sources and/or destinations.
As can be seen in the diagram above, I am creating a rule to block traffic to France. Before I save and deploy the policy changes to the device, I will confirm reachability to an IP address that exists in that part of Europe.
Last login: Mon Jul 17 11:48:29 on ttys000 PAULS:~ pauls$ Continue reading
In response to my article about what would cause a directly connected route to be overridden, Matt Love (@showflogi) made a good observation:
Good stuff - LPM rule can be a useful tool if you want to manipulate paths without mucking with metrics, esp if using multiple protocols
— Matt Love (@checktheroads) July 13, 2017
What Matt is saying is that longest prefix match (LPM) is a mechanism that can be used to steer traffic around the network in order to meet a technical or business need. This type of traffic steering is called traffic engineering (TE).
Juniper’s former CTO was the founder of the company.
This partnership has been in the works since Ixia announced the availability of CloudLens for the public cloud.
It struck managed services deals with the two companies.
It has been a few weeks since Geek Summer Camp has ended, oh how I miss seeing everyone. Now that …
The post Geek Summer Camp Review – Cisco Live 2017 Recap appeared first on Fryguy's Blog.
The post Worth Reading: Secure the Grid appeared first on rule 11 reader.
As we’ve previously discussed on this blog, Cloudflare has been challenging for years the constitutionality of the FBI’s use of national security letters (NSLs) to demand user data on a confidential basis. On Monday morning, a three-judge panel of the U.S. Ninth Circuit Court of Appeals released the latest decision in our lawsuit, and endorsed the use of gag orders that severely restrict a company's disclosures related to NSLs.
CC-BY 2.0 image by a200/a77Wells
This is the latest chapter in a court proceeding that dates back to 2013, when Cloudflare initiated a challenge to the previous form of the NSL statute with the help of our friends at EFF. Our efforts regarding NSLs have already seen considerable success. After a federal district court agreed with some of our arguments, Congress passed a new law that addressed transparency, the USA FREEDOM Act. Under the new law, companies were finally permitted to disclose the number of NSLs they receive in aggregate bands of 250. But there were still other concerns about judicial review or limitation of gag orders that remained.
Today’s outcome is disappointing for Cloudflare. NSLs are “administrative subpoenas” that fall short of a warrant, and are frequently accompanied Continue reading
Gartner predicts automated penetration testing to hit 10 percent by 2020.