Are you ready? How to prepare for the DNSSEC Root KSK Rollover on October 11, 2018

skeleton key

Are you ready? Are your systems prepared so that DNS will keep functioning for your networks?  One week from today, on Thursday, October 11, 2018, at 16:00 UTC ICANN will change the cryptographic key that is at the center of the DNS security system – what we call DNSSEC. The current key has been in place since July 15, 2010. This is a long-planned replacement.

If everything goes fine, you should not notice and your systems will all work as normal. However, if your DNS resolvers are not ready to use the new key, your users may not be able to reach many websites, send email, use social media or engage in other Internet activities!

This change of this central security key for DNS is known as the “Root Key Signing Key (KSK) Rollover”. It has been in discussion and planning since 2013. We’ve written many articles about it and spoken about it at many conferences, as have many others in the industry. ICANN has a page with many links and articles at:

But here we are, with only a few days left and you may be wondering – how can I know if my systems Continue reading

Notes on the Bloomberg Supermicro supply chain hack story

Bloomberg has a story how Chinese intelligence inserted secret chips into servers bound for America. There are a couple issues with the story I wanted to address.


The story is based on anonymous sources, and not even good anonymous sources. An example is this attribution:
a person briefed on evidence gathered during the probe says
That means somebody not even involved, but somebody who heard a rumor. It also doesn't the person even had sufficient expertise to understand what they were being briefed about.

The technical detail that's missing from the story is that the supply chain is already messed up with fake chips rather than malicious chips. Reputable vendors spend a lot of time ensuring quality, reliability, tolerances, ability to withstand harsh environments, and so on. Even the simplest of chips can command a price premium when they are well made.

What happens is that other companies make clones that are cheaper and lower quality. They are just good enough to pass testing, but fail in the real world. They may not even be completely fake chips. They may be bad chips the original manufacturer discarded, or chips the night shift at the factory secretly ran through on the Continue reading

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

National Cybersecurity Awareness Month = International IoT Security and Privacy Month

October is National Cybersecurity Awareness Month, and as part of our work with the Online Trust Alliance and our Internet of Things (IoT) campaign, we think October also deserves another label… International IoT Security and Privacy Month. There are a number of significant activities and developments related to security and privacy. Here are a few highlights of what’s happening, how we are participating, and how you can get involved.

Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !

Hi everyone ! I am glad to announce that we started CCIE SP (Service Provider) Training.   The CCIE Service Provider Lab bootcamp has been developed by Orhan Ergun LLC. as a preparation tool for the CCIE Service Provider v4.1 Lab Exam.   Each session will start by reviewing the concepts and fundamentals of the related …

Continue reading "Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !"

The post Orhan Ergun Training and Consultancy Company has CCIE SP Training as well ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !

Hi everyone ! I am glad to announce that we started CCIE SP (Service Provider) Training.   The CCIE Service Provider Lab bootcamp has been developed by Orhan Ergun LLC. as a preparation tool for the CCIE Service Provider v4.1 Lab Exam.   Each session will start by reviewing the concepts and fundamentals of the related …

Continue reading "Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !"

The post Orhan Ergun Training and Consultancy Company has CCIE SP Training as well ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !

Hi everyone ! I am glad to announce that we started CCIE SP (Service Provider) Training.   The CCIE Service Provider Lab bootcamp has been developed by Orhan Ergun LLC. as a preparation tool for the CCIE Service Provider v4.1 Lab Exam.   Each session will start by reviewing the concepts and fundamentals of the related […]

The post Orhan Ergun Training and Consultancy Company has CCIE SP Training as well ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Cisco Webex outage: Collaboration service finding a lumpy recovery

Some Cisco Webex users are still having some problems with the collaboration system over a week after the service went dark.  According to the company’s website a major outage began on September 25 and shut down all Webex services from  – Calling, Meetings, Control Hub, Hybrid Services and Team.   At the time the company stated that “Webex Teams services are currently impacted by an ongoing service outage. Engineering resources are online and working to restore services. We apologize for the impact and all hands are on deck to restore Teams, Meetings, Calling, Care and Context services.”To read this article in full, please click here

Cisco Webex outage: Collaboration service finding a lumpy recovery

Some Cisco Webex users are still having some problems with the collaboration system over a week after the service went dark.  According to the company’s website a major outage began on September 25 and shut down all Webex services from  – Calling, Meetings, Control Hub, Hybrid Services and Team.   At the time the company stated that “Webex Teams services are currently impacted by an ongoing service outage. Engineering resources are online and working to restore services. We apologize for the impact and all hands are on deck to restore Teams, Meetings, Calling, Care and Context services.”To read this article in full, please click here

1 1,451 1,452 1,453 1,454 1,455 3,849