Worth Reading: Is it time to build an anti-DDoS alliance?

A functional “anti-DOS alliance” is only feasible if SP”s are ready to commit to specific frugal investments. These ‘ prudent commitments’ will not require millions of dollars in anti-DOS technology. The commitments will require a change of the SP’s attitude and approach to DOS. It moved from a model that “I’m island on my own” mentality to a model where the SP see their business, network, and services as part of a global interconnection system. This interconnected system requires security collaboration to push back against the DOS Storm that threatens their business. We can break this “change of attitude into three actionable changes which will Clear the Path for an SP anti-DOS alliance. —Barry Greene @Senki

The post Worth Reading: Is it time to build an anti-DDoS alliance? appeared first on rule 11 reader.

Demand for server specialists increases, but talent pool is small

Almost two-thirds of organizations surveyed say recruiting for jobs in data center and server management is becoming increasingly difficult because of the skills needed, both in traditional servers and converged infrastructure.The findings come from a worldwide survey by 451 Research for its Voice of the Enterprise: Servers and Converged Infrastructure, Organizational Dynamics study (registration required). It found that IT shops have concerns about the long-term costs of using public cloud, and that is causing many IT shops to pull back on their cloud movement and even expand on their on-premises infrastructure.To read this article in full or to leave a comment, please click here

Demand for server specialists increases, but talent pool is small

Almost two-thirds of organizations surveyed say recruiting for jobs in data center and server management is becoming increasingly difficult because of the skills needed, both in traditional servers and converged infrastructure.The findings come from a worldwide survey by 451 Research for its Voice of the Enterprise: Servers and Converged Infrastructure, Organizational Dynamics study (registration required). It found that IT shops have concerns about the long-term costs of using public cloud, and that is causing many IT shops to pull back on their cloud movement and even expand on their on-premises infrastructure.To read this article in full or to leave a comment, please click here

How to use the motd file to get Linux users to pay attention

It seems only decades ago that I was commonly sending out notices to my users by editing the /etc/motd file on the servers I managed. I would tell them about planned outages, system upgrades, new tools and who would be covering for me during my very rare vacations.Somewhere along the stretch of time since, message of the day files seem to have faded from common usage — maybe overwhelmed by an excess of system messages, emailed alerts, texts, and other notices that have taken over, the /etc/motd file has. Or maybe not.+ Also on Network World: Half a dozen clever Linux command line tricks + The truth is the /etc/motd file on quite a number of Linux systems has simply become part of a larger configuration of messages that are fed to users when they log in. And even if your /etc/motd file is empty or doesn’t exist at all, login messages are being delivered when someone logs into a server via a terminal window — and you have more control over what those messages are telling your users than you might realize.To read this article in full or to leave a comment, please click here

What is Attachment Circuit in MPLS VPN ?

What is attachment circuit in MPLS VPN ? Definitions are important in networking, if there are alternative usages of the definition, better to know them all for effective communication.   MPLS Layer 2 VPN Topology   In the above topology, I share, MPLS Layer 2 VPN Topology. There are many terminology but let’s focus on […]

The post What is Attachment Circuit in MPLS VPN ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Hot products at VMworld 2017

VMworld 2017Image by Thinkstock/VMwareVMworld 2017 is underway in Las Vegas, where IT pros are converging to learn about the latest in enterprise cloud, virtualization, security, and software-defined data center technologies. Here are some of the product highlights on display at the show.To read this article in full or to leave a comment, please click here

Hot products at VMworld 2017

VMworld 2017Image by Thinkstock/VMwareVMworld 2017 is underway in Las Vegas, where IT pros are converging to learn about the latest in enterprise cloud, virtualization, security, and software-defined data center technologies. Here are some of the product highlights on display at the show.To read this article in full or to leave a comment, please click here

Hot products at VMworld 2017

VMworld 2017Image by Thinkstock/VMwareVMworld 2017 is underway in Las Vegas, where IT pros are converging to learn about the latest in enterprise cloud, virtualization, security, and software-defined data center technologies. Here are some of the product highlights on display at the show.To read this article in full or to leave a comment, please click here

Cloud Connectivity Drives SD-WAN Growth

How I’ve Attempted to Blog More in 2017

This post has been sitting in the “drafts” folder for a while now. Clearly, since it’s August and is therefore a little late to be deciding on a plan that is supposed to carry through all 12 months of 2017. Regardless, I think it’s still worth sharing how I’ve attempted to increase the frequency of my blogging. My basic goal for 2017 is:

Create more content in 12 months than I ever have before in order to a) significantly build up the depth and breadth of knowledge on my blog, b) increase my skills as a writer, and c) continue to build this blog and the readership as a key part of my online persona and brand.

In order to achieve this goal, I’ve identified a couple of tactical objectives:

1. Reduce the friction between me and the keyboard; make it possible to “just write”.
2. Be able to “just write” anywhere. At home. On vacation. In a waiting room. On an airplane. I should also be able to start a post in one location and pick it up again in another. Indirectly this means I need to be able to write on any of my computers or mobile devices.

In order Continue reading

Network Troubleshooting: The Ultimate Toolkit

VMware embraces cloud during VMWorld, CEO Gelsinger says

(In the run-up to VMWorld this week, VMware CEO Pat Gelsinger spoke to IDG Enterprise Editor-in-Chief Eric Knorr about announcements at the conference, the future of the company and his five-year tenure at the helm. This is a summary of some of the highlights of that interview.)As VMware opens up its user conference this week in Las Vegas, the company’s CEO Pat Gelsinger says it is making significant announcements about cloud integration and security.To read this article in full or to leave a comment, please click here

VMware embraces cloud during VMWorld, CEO Gelsinger says

(In the run-up to VMWorld this week, VMware CEO Pat Gelsinger spoke to IDG Enterprise Editor-in-Chief Eric Knorr about announcements at the conference, the future of the company and his five-year tenure at the helm. This is a summary of some of the highlights of that interview.)As VMware opens up its user conference this week in Las Vegas, the company’s CEO Pat Gelsinger says it is making significant announcements about cloud integration and security.To read this article in full or to leave a comment, please click here

Palo-Alto Firewalls Category IV

In my previous article I wrote about the Category I, II, III firewalls with features, capabilities and other functions. You can go through the article again on the below mentioned links as

Palo-Alto Firewalls Category I firewalls
Palo-Alto Firewalls Category II
Palo-Alto Firewalls Category III

Now after Category I, Lets talk about the category II firewalls now. As i earlier divide the firewalls in the categories, so below are the Category II firewalls 

Catagory-IV
In the Virtual Firewall appliances we have VM-50; VM-100/200; VM-300/VM-1000HV; VM-500 and VM-700 models.


We will have the discussion in the same features which I discussed in Category I, Category II and Category III firewalls and the features are 

• Throughput of the firewalls
• Threat Preventions capabilities
• IPSEC VPN throughput
• CPU configuration supported
• New Sessions per seconds
• Dedicated Memory
• Dedicated disk drive
• VMware Support
• NSX Manager support
• Citrix Xen Server support
• Amazon AWS support
• Microsoft Azure support

Below is the table showing all the capabilities of the Category IV firewalls. Please click on the image for more clarity.

Fig 1.1- Palo Alto Firewalls- Category IV

Palo-Alto Firewalls Category III

In my previous article I wrote about the Category I, II firewalls with features, capabilities and other functions. You can go through the article again on the below mentioned links as

Palo-Alto Firewalls Category I firewalls
Palo-Alto Firewalls Category II

Now after Category I, II Lets talk about the category III firewalls now. As i earlier divide the firewalls in the categories, so below are the Category III firewalls 

Catagory-III
PA-850; PA-820; PA-500; PA-220 and PA-200 models of Firewall in the Palo-Alto portfolio.

We will have the discussion in the same features which I discussed in Category I, II and now in  Category III firewalls and the features are 

• Throughput of the firewalls
• Threat Preventions capabilities
• IPSEC VPN throughput
• Max and New Sessions per seconds
• Interface supported
• Management I/O systems information
• Rack mountable Information
• Power supply information
• Disk drives and hot swap fans information with full details.

Below is the table showing all the capabilities of the Category III firewalls. Please click on the image for more clarity.

Fig 1.1- Palo-Alto Firewalls Category III

Palo-Alto Firewalls Category II

In my previous article I wrote about the Category I firewalls with features, capabilities and other functions. You can go through the article again on the below mentioned links as

Palo-Alto Firewalls Category I firewalls

Now after Category I, Lets talk about the category II firewalls now. As i earlier divide the firewalls in the categories, so below are the Category II firewalls 

Catagory-II
PA-5060; PA-5050; PA-5020; PA-3060; PA-3050 and PA-3020 Systems.

We will have the discussion in the same features which I discussed in Category I firewalls and the features are 

• Throughput of the firewalls
• Threat Preventions capabilities
• IPSEC VPN throughput
• Max and New Sessions per seconds
• Interface supported
• Management I/O systems information
• Rack mountable Information
• Power supply information
• Disk drives and hot swap fans information with full details.

Below is the table showing all the capabilities of the Category II firewalls. Please click on the image for more clarity.

Fig 1.1- Palo-Alto Firewalls Category II

Palo Alto Firewalls and Models- Category I

Today I am going to talk about the various models of Palo-Alto Firewalls with their features and the capabilities. They have major market hold in this segment and competing with the various competitors which includes Cisco, Checkpoint mainly. In this article I am going to cover various models of the Palo-Alto Firewalls.

Catagory-I
We have various models which includes Palo-Alto PA-7080 Systems; PA-7050 Systems; PA-5260; PA-5250; PA-5220 Systems.

Catagory-II
PA-5060; PA-5050; PA-5020; PA-3060; PA-3050 and PA-3020 Systems.

Catagory-III
Apart from the above mentioned models we have some small capable models as well which includes PA-850; PA-820; PA-500; PA-220 and PA-200 models of Firewall in the Palo-Alto portfolio.

Catagory-IV
In the Virtual Firewall appliances we have VM-50; VM-100/200; VM-300/VM-1000HV; VM-500 and VM-700 models. In this article I am going to talk about the Category I.

Below is the diagram showing the deployment of the Palo-Alto Firewalls with Arista Switches in the network.

Fig 1.1- Palo Alto Firewalls

Now Let's talk about the various models and the features they supports. I will talk Category II and Category III in another post.

Below is the comparison showing between the various models which i talk about in the Category1 Palo-Alto Firewalls. To view Continue reading

Synchronizing BGP and OSPF (or OSPF and LDP)

Rich sent me a question about temporary traffic blackholing in networks where every router is running IGP (OSPF or IS-IS) and iBGP.

He started with a very simple network diagram:

A Career Planning Ride Along with Fish

February 15th, 2020 Updated Comment: Back in July of 2017 I went thru the first “real” re-org in my career.  Yes, of course I had been through other re-orgs.  But none of them really significantly impacted my primary day to... Read More ›

The post A Career Planning Ride Along with Fish appeared first on Networking with FISH.

My Career Planning: A Ride-Along

About a year ago I shared with you (Thinking Out Loud: My Career Planning) a little about my yearly career planning process.  This time I’m going to bring you on a ride-along of this year’s annual Career Planning exercise.

First and foremost I must answer a common question that I was asked a lot after last year’s blog.

The Dream Job Question: 

“Why do you even bother with the yearly career planning process? You are always saying that CPOC is your dream job come true”

Yes. Without a doubt CPOC really is my absolute dream job come true!  I consider myself so truly fortunate, blessed and lucky to still be here with CPOC.  Rocking 16 1/2 years with CPOC and the CPOC family at Cisco!

So that all being said… why do I still review every year?  Like I mentioned in last year’s blog “over the years what I’ve seen is that my 1 year plan, 3 year plan, 5 year plan and 10 year plans have changed as I have changed.”  So then reviewing every year is just taking the time to “check in” that the job I’m in is not Continue reading