Rough Guide to IETF 98: Internet Infrastructure Resilience
Let’s look at what’s happening in the area of Internet infrastructure resilience in the IETF and at the upcoming IETF 98 meeting. My focus here is primarily on the routing and forwarding planes and specifically routing security and unwanted traffic of Distributed Denial of Service Attacks (DDoS) attacks. There is interesting and important work underway at the IETF that can help address problems in both areas.
Andrei Robachevsky
FatPipe Networks Updates Its SD-WAN Platform
It's eliminated the need for Avaya’s Open Network Adapter.
Middleboxes and the End-to-End Principle
The IP suite was always loosely grounded in the end-to-end principle, defined here (a version of this paper is also apparently available here), is quoted in RFC2775 as:
The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the endpoints of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible. … This principle has important consequences if we require applications to survive partial network failures. An end-to-end protocol design should not rely on the maintenance of state (i.e. information about the state of the end-to-end communication) inside the network.
How are the Internet and (by extension) IP networks in general doing in regards to the end-to-end principle? Perhaps the first notice in IETF drafts is RFC2101, which argues the IPv4 address was originally a locater and an identifier, and that the locater usage has become the primary usage. This is much of the argument around LISP and many other areas of work—but I think 2101 mistates the case a bit. That the original point of an IP address is to locate a topological location in the network is Continue reading
Infinera Software Serves Up On-Demand Optical Capacity
ACE combines integrated photonics with SDN.
Worth Reading: So You Want to get Certified
The post Worth Reading: So You Want to get Certified appeared first on 'net work.
IETF Journal Volume 12, Issue 3 Now Online
The latest issue of the IETF Journal (Volume 12, Issue 3) is now available online: https://www.ietfjournal.org/journal-issues/march-2017/
Our cover article is a manifesto of why Internet-enabled businesses should care about the open standards and open source communities. We present the first two of a series of interviews with IETF leadership, in this case outgoing IETF chair Jari Arkko and his successor Alissa Cooper.
Megan Kruse
INE’s CCIE Security v5 Content Updates
With the CCIE SCv5 blueprint now being live, we’re in the process of updating our Security product line in order to meet the new exam requirements. First of all, the following products will be released:
- Advanced Technologies Class
- Workbook
Advanced Technologies Class
The Advanced Technologies Class will run live online, starting 1st of May. This course series is now available for preorder here, and the full schedule is shown on the product page. The live course is also open to any All Access Pass subscriber. Given the current blueprint, which includes pretty much all Cisco Security products, most probably this will be the biggest video series we have ever released so far across all CCIE tracks; expect more than 150 hours of CCIE level training. First and most important, we’re going to deep dive into all core technologies:
- EndFragment
- ASA Firewall
- IOS Firewall
- FirePOWER
- FirePOWER Threat Defense
- FMC
- WSA
- ESA
- AMP
- IPsec VPN’s (IKEv1 and IKEv2)
- SSL VPN’s
- TrustSec
- ISE
- ACS
At the same time we’ll cover all the remaining topics (small but many), including technologies which will be tested mainly in the written exam (like CWS, SMA or Lancope). Oh….of course we’ll also Continue reading