PlexxiPulse—Arrow IoT Immersions in Boston 3/26
Last week, we were in Santa Clara, California for Arrow Electronics’ Internet of Things Immersions conference. We demonstrated our big data fabrics, learned about Arrow’s #FiveYearsOut philosophy and conversed with innovators and thought leaders from businesses, government agencies and academia. We will be exhibiting at the last installment of the Immersions conference in Boston on March 26 at the Hynes Convention Center. Come see Plexxi in action and to talk with our team about the next era of IT. You can register to attend here. We can’t wait to see you!
Below please find a few of our top picks for our favorite news articles of the week. Have a great weekend!
Channelnomics: SDN and SDS key for CIOs – Walsh
By Jessica Meek
Software defined networking (SDN) and software defined storage (SDS) are key concerns for chief information officers (CIOs), delegates at the ITEX 2015 National Conference and Expo in Fort Lauderdale, FL heard today. In his keynote address, Lawrence M. Walsh, CEO and chief analyst at The 2112 Group, said this was a top concern for CIOs he speaks with. “CIOs consistently tell me that what’s getting them excited is SDN and SDS. This is the ability to Continue reading
Analysis: CloudFlare Keyless SSL Scales Down Internet Connections
Providing a web application on the Internet can be a risky business. DDOS attacks are commonly exceeding 40 Gigabits per second of data, crackers are web crawling the Internet looking for vulnerabilities and much more. As a result, the data centre Internet connection is scaled for a worst case scenario and not for customer need. […]
The post Analysis: CloudFlare Keyless SSL Scales Down Internet Connections appeared first on EtherealMind.
Why joining APs to a Controller Across a NAT Needs Special Configurations
Many wireless engineers know that having a lightweight AP join up to a controller across a NAT requires some extra configuration. But many don’t understand why it needs the configuration. This article will talk about what the NAT is, why it causes a problem for the normal join process, and what the configuration changes do to make things work.
What is NAT and where do we see it in the wireless world?
NAT stands for Network Address Translation, and it does pretty much what the name implies. It translates addresses from their original values to something new. Let’s take a look at a classic wireless example.
Let’s say I have an office Extend AP (OEAP) in my house, and I want it to join the WLC in my company’s DMZ. But I don’t want to actually configure a public IP on my WLC. This is where the NAT comes into play.
In the image above, the OEAP talks through the firewall in order to talk to the DMZ WLC. In order for the AP to talk to the WLC, it has to target a public IP because it needs to communicate across the Internet. So if the WLC itself doesn’t Continue reading
iPexpert’s Newest “CCIE Wall of Fame” Additions 3/13/2015
Please join us in congratulating the following iPexpert client’s who have passed their CCIE lab!
This Week’s CCIE Success Stories
- Celso Akira Myasaki, CCIE #47386 (Data Center)
- David Ratcliffe, CCIE #47463 (Wireless)
- Frederik Schon, CCIE #47321 (Wireless)
- JP Cedeno, CCIE #47408 (Routing & Switching)
- Sandeep Choudhary, CCIE #47462 (Wireless)
We Want to Hear From You!
Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!
UK traffic diverted through Ukraine
On the heels of the BGP leak yesterday that briefly impaired Google services around the world, comes another routing incident that impacted some other important Internet services.
Beginning on Saturday, Ukrainian telecom provider, Vega, began announcing 14 British Telecom (BT) routes, resulting in the redirection of Internet traffic through Ukraine for a handful of British Telecom customers. Early yesterday morning, Vega announced another 167 BT prefixes for 1.5 hours resulting in the rerouting of additional traffic destined for some of BT’s customers, including the UK’s Atomic Weapons Establishment, the “organization responsible for the design, manufacture and support of warheads for the United Kingdom’s nuclear deterrent.”
Background
In early 2013, Ukrainian provider Vega (AS12883) became a reseller of BT services, but prior to Saturday had never announced any BT routes. Then, in the middle of a weekend night in Europe (02:37 UTC on Saturday, March 7th), Vega began announcing 14 prefixes typically announced by AS2856 of BT. These prefixes are listed below.
109.234.168.0/21 Thales Transport and Security Ltd (Barnet, GB)
109.234.169.0/24 Thales Transport and Security Ltd (Ealing, GB)
144.87.142.0/24 Royal Mail Group Limited (Sheffield, GB)
144.87.143.0/24 Royal Mail Group Limited (Chesterfield, GB)
147.182.214.0/24 Black & Veatch (Manchester, GB)
193.113.245.0/24 BT - 21CN (GB)
193.221.55.0/24 Svenska Cellulosa Aktiebolaget SCA (GB)
193. Continue reading
Role Based Access Control in IOS
I don’t believe this is well known: Cisco IOS has Role Based Access Control (RBAC) which can be used to create and assign different levels of privileged access to the device. Without RBAC there are two access levels in IOS: a read-only mode with limited access to commands and no ability to modify the running config (also called privilege level 1) and enable mode with full administrative access. There is no middle ground; it’s all or nothing. RBAC allows creation of access levels somewhere between nothing and everything. A common use case is creating a role for the first line NOC analyst which might allow them to view the running config, configure interfaces, and configure named access-lists.
A “role” in IOS is called a “view” and since views control which commands are available in the command line parser, they are configured under the parser. A view can be assigned a password which allows users to “enable” into the view. More typically, the view is assigned by the RADIUS/TACACS server as part of the authorization process when a user is logging into the device.
A view is configured with the “parser view <view-name>” config command after which commands are added/removed to/from Continue reading