Firewall Standard Zones and Configurations

Lets talk about the security Zone in the enterprise network or you can say that implementing the Security Zone in the university that approach to firewall configuration and deployment.  These “Security Zones” are implemented as rule-sets on University firewalls.  

Fig 1.1- Standard Firewall Zones

Each firewall will provide multiple “Security Zones” to implement specific security controls for each zone.  Default sets of “Security Zones” are created during the implementation of each University firewall as follows:
  • Workstation Zone 
  • Server Zone 
  • DMZ Zone

 CSSD defines these “Security Zones” to be implemented for each firewall as follows:
  • Workstation Zone – The Workstation zone is designed to protect a University Unit’s workstations, network printers, and other local network devices (inside the firewall) from all other zones.  Access to this zone from all other zones is restricted and controlled
  • Server Zone – The Server zone is designed to protect a University Unit’s critical infrastructure such as domain controllers, file, print, intranet (internal web applications), application, and database servers. Access to this zone is limited to the Unit’s Workstation Zone.
  • DMZ Zone– The DMZ zone is designed to protect any server that is accessed by a broad audience. An example Continue reading

How Governments Can Be Smart about Artificial Intelligence

The French MP and Fields medal award winner, Cédric Villani, officially auditioned Constance Bommelaer de Leusse, the Internet Society’s Senior Director, Global Internet Policy, last Monday on national strategies for the future of artificial intelligence (AI). In addition, the Internet Society was asked to send written comments, which are reprinted here.

Practical AI successes, computational programs that actually achieved intelligent behavior, were soon assimilated into whatever application domain they were found to be useful […] Once in use, successful AI systems were simply considered valuable automatic helpers.”

Pamela McCorduck, Machines Who Think: A Personal Inquiry into the History and Prospects of Artificial Intelligence

AI is not new, nor is it magic. It’s about algorithms.

“Intelligent” technology is already everywhere – such as spam filters or systems used by banks to monitor unusual activity and detect fraud – and it has been for some time. What is new and creating a lot of interest from governments stems from recent successes in a subfield of AI known as “machine learning,” which has spurred the rapid deployment of AI into new fields and applications. It is the result of a potent mix of data availability, increased computer power and algorithmic innovation that, if Continue reading

Updating to JDK 1.8 or 1.9 on Ubuntu

Trying to install OpenDaylight Nitrogen needs JDK 1.8 or later.

Needless to say, I’ve not go the right version on my Ubuntu 16.04 server – it reports 1.7.  Also needless to say, installing it isn’t a simple matter of adding the software through apt-get because the repository appears to be broken or empty (at the time of writing).  I was hoping to get away with doing this:

sudo add-apt-repository ppa:webupd8team/java

sudo apt-get update

sudo apt-get install oracle-java9-installer

Anyway, the last part failed with:

Connecting to download.oracle.com (download.oracle.com)|104.86.110.251|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2017-10-20 14:05:08 ERROR 404: Not Found.download failed
Oracle JDK 9 is NOT installed.
dpkg: error processing package oracle-java9-installer (--configure):
 subprocess installed post-installation script returned error exit status 1
E: Sub-process /usr/bin/dpkg returned an error code (1)

So instead I downloaded it from here:  http://www.oracle.com/technetwork/java/javase/downloads/jdk9-downloads-3848520.html

Unpacked the tarball with this:

cd /opt
tar -xvzf jdk-9.0.1_linux-x64_bin.tar.gz

Finally updated my environment variables to tell it where the JDK is:

 export JAVA_HOME=/opt/jdk-9.0.1/
  Continue reading

To back up or not to back up — your data has the answer

As IBM’s general manager of analytics, Rob Thomas’s job is to understand how big data can benefit industries all around the world. In his book The End of Tech Companies, Thomas reported findings from Siemens AG that hold that by 2020, over 50 billion connected devices worldwide will produce 43 zettabytes of digital data. He also discusses how non-IT companies are becoming as well-versed at analytics as their IT peers.With so many connected devices “phoning home” and so much of what we do in our daily lives being tracked by someone somewhere in the ether, it’s no wonder our data centers are bursting at the seams. But do companies need to back up all of that data? Does every last byte of chatter need to become part of our disaster recovery (DR) strategy?To read this article in full or to leave a comment, please click here

IDG Contributor Network: Decoding DOCSIS 3.1

Data Over Cable Service Interface Specification. Say that five times fast.Thankfully, we call it DOCSIS. But unless you follow the rise, fall and rise again of cable, DOCSIS sounds like just another tech industry acronym. DOCSIS 3.1 is the latest standard in the CATV industry, enabling higher data speeds for high-definition television (HDTV) and video on demand (VOD) services. The latest flavor of DOCSIS increases effective downstream data rates from 160 Megabits per second (Mbps) to 10 Gigabits per second (Gbps), and upstream data rates from 120 Mbps to 1 Gbps when compared to DOCSIS 3.0.To read this article in full or to leave a comment, please click here

RIPE 75 starts in Dubai next week

The RIPE 75 meeting is happening next week in Dubai, United Arab Emirates, and it’s going to be a busy week for the Deploy360 team who are chairing and presenting in several sessions. Both Jan Žorž and Kevin Meynell will be there, along with our colleague Andrei Robachevsky, and we’ll also be reporting on relevant developments as usual.

Just to point out that the MANRS initiative is planning an informal BoF sometime during the week to discuss ideas for measuring the health of the Internet routing system. The aim is to develop some empirical data to strengthen the case for collaborative routing security, although the date and time of the BoF is still to be determined.

The RIPE meeting kicks off on Sunday this time, as that’s the start of the working week in Dubai. Proceedings commence with tutorials on IPv6 Deployment in Cellular networks, an Introduction to DDoS attacks, and one on Decoding the IoT ecosystem. These are followed by a Newcomers’ Introduction if you’re a first timer.

The opening plenary commences at 14.00 GST/UTC+4, and after the introductory pleasantries, one presentation not to miss is from Lee Howard (Retevia) on the State of IPv6-only. There’s also an Continue reading

[Video] Data Center Fabric Validation

Validating the expected network behavior is (according to the intent-driven pundits) a fundamental difference that makes intent-driven products more than glorified orchestration systems.

Guess what: smart people knew that for ages and validated their deployments even when using simple tools like Ansible playbooks.

Dinesh Dutt explained how he validates data center fabric deployment during the Network Automation Use Cases webinar; I’m doing something similar in my OSPF deployment playbooks (described in detail in Ansible online course).

Watch the video

I Don’t Need a Car

You know, having conversations with teenagers can be a little annoying sometimes. One of mine (and I’ve heard others) keeps responding to my answers with “Why”. While this gets my blood circulating a little too fast in some contexts, getting to the simplest form of the answer often has validity. John G. Miller actually wrote a book called QBQ! The Question Behind the Question: Practicing Personal Accountability in Work and in Life. 

Circling back to the car, why do I have three of these financially draining machines if I don’t need one? The answer is simple, automobiles are a means to a necessary end for my family. We go to work, we play, we go to college, high school, and the associated extracurricular activities. Transportation is necessary for the way we conduct our daily lives. Transportation in middle America requires a car.

I often think about how it could be different and better. In major cities, and in a lot of the world, public transportation is king. In my part of the world, we’ve been spoiled with personal transportation and our public transportation has failed to develop. It is largely a timing issue and a product of prosperity. It Continue reading

The IBM Transformation Can Gather Steam Now

For the past five and a half years, which is not quite an eternity in the IT business but is something akin to a half of a generation or so, IBM’s revenues have been declining, quarter in and quarter out. As has happened many, many times in its more than century of existence, Big Blue, which used to be a peddler of meat slicers, time machines, scales, and punch card tabulators early in its history, has had to constantly evolve and reimagine itself.

The transformation that IBM had to undergo in the late 1980s and early 1990s was a near

The IBM Transformation Can Gather Steam Now was written by Timothy Prickett Morgan at The Next Platform.

Rebuttal to Daring Fireball: FreeBSD, Intel and Microsoft did save the Mac

The point of my blog post, "What the IoT industry can learn from Apple’s revival of the Mac," was to use Apple’s pivot to the Intel platform and compliance with the Open Group’s Unix standards as an example of the importance of a large vibrant ecosystem (created by Intel and Microsoft) is for the IoT industry to follow.Without the PC ecosystem, the Mac would be an obsolete machine exhibited in the Computer History Museum. The PC ecosystem eliminated much redundant development, letting component and product companies focus on their products’ differentiation. The IoT industry would benefit if it had a robust ecosystem the eliminated redundant development. To read this article in full or to leave a comment, please click here

Easing Enterprise Migration To The Cloud

No one knows better than IBM that the time, money, energy, and risk associated with changing platforms can hinder that change. In some cases, as with the System z mainframe, this helps the company preserve its footprint in the datacenter. But in other cases, it hurts IBM’s ability to get people to try out different public or private infrastructure.

It is no secret that Big Blue wants a much bigger cloud business, and that it got a late start compared to Amazon, Microsoft, and Google. But IBM does have a presence at most of the large companies on earth, and

Easing Enterprise Migration To The Cloud was written by Jeffrey Burt at The Next Platform.

Accessibility Needs to Be at the Heart of Internet Policy, Planning and Design

The Internet Society’s 2017 Global Internet Report: Paths to Our Digital Future shows that new digital divides are emerging. It’s not just about accessing the Internet, but our ability to make the most of it.

One only has to look at the UN DESA 2015 Global Status Report on Disability and Development to start putting the pieces together. Not only does the report show a significant gap between people with and people without disabilities when it comes to things like education, employment, and health, but also, that those who are doubly disadvantaged (women, refugees, indigenous communities) experience the lowest level of inclusion and participation in society.

What does this mean for the Internet and information communication technology (ICTs)? They’re tools that help us bridge space and time, can start a business with the spark of an idea, and help kids stay in school.

If we want to build a digital future where people come first, accessibility needs to be at the heart of Internet policy, planning and design.

This means accessibility is first in. Not last out. It is always smarter, less expensive, and more functional to build accessibility into technology at the start rather than as a second-class add Continue reading

1 1,877 1,878 1,879 1,880 1,881 3,860