Tools for TE with EIGRP

In response to my article about what would cause a directly connected route to be overridden, Matt Love (@showflogi) made a good observation:

What Matt is saying is that longest prefix match (LPM) is a mechanism that can be used to steer traffic around the network in order to meet a technical or business need. This type of traffic steering is called traffic engineering (TE).

LPM refers to how route lookups work on a Layer 3 device: the longest, most-specific match is always chosen. Like I explained in the prior post, if the routing table contains 10.10.10.0/24 and 10.10.10.64/26, the latter route will be used to forward traffic to 10.10.10.100 (as an example) because a /26 is longer (ie, has a longer prefix length) and is therefore more specific. We can use this behavior to direct traffic towards 10.10.10.100 over a specific interface or via a specific path (ie, a path with Continue reading

Nominate a Women Or Girl for an EqualsInTech Award!

Know an amazing woman or girl in tech who’s working for access, skills, or leadership? Why not shine the light on them and nominate them for an EqualsInTech Award!

Equals is an initiative delivered by a committed partnership of ITU, UN Women, GSMA, ITC, and UN University joined by the Internet Society and over 20 corporate leaders, governments, non-profit organizations, communities, and individuals around the world working together to bridge the digital gender divide – by bringing women to tech, and tech to women.

Ms. Joyce Dogniez

Off The Cuff – Engineering In The Enterprise

Is engineering talent disappearing from the enterprise? Our panel thinks so, and has a conversation about the implications for both businesses and individuals. This episode was recorded at Cisco Live 2017 in Las Vegas, NV.

 

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

Denise Donohue
Guest
Mike Zsiga
Guest
Daniel Dib
Guest
Jeff Fry
Guest
Jordan Martin
Host

Audio Only Podcast Feed:

The post Off The Cuff – Engineering In The Enterprise appeared first on Network Collective.

Off The Cuff – Engineering In The Enterprise

Is engineering talent disappearing from the enterprise? Our panel thinks so, and has a conversation about the implications for both businesses and individuals. This episode was recorded at Cisco Live 2017 in Las Vegas, NV.

 

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

Denise Donohue
Guest
Mike Zsiga
Guest
Daniel Dib
Guest
Jeff Fry
Guest
Jordan Martin
Host

Audio Only Podcast Feed:

The post Off The Cuff – Engineering In The Enterprise appeared first on Network Collective.

Using Geolocation in Firepower Access Control Policies

The use of geolocation is fairly obvious in monitoring networks with Firepower Management Center. What may be less obvious is that Continents and Countries can also be specified as the source or destination of connections in an Access Control Policy. Basically, this geographical information becomes one more match criteria that can be used to identify traffic for a block or allow action.

To get to this capability, open the Access Control Policy that is in use by the Firepower device. Within the policy, open or create an applicable rule. On the network tab (where you configure the source and destination addresses) a Geolocation tab can also be found. Clicking on this tab exposes Continents and Countries. These can be added as sources and/or destinations.

ACPGEO

Note to reader: All Firepower content can be accessed by clicking here (or choosing Firepower from the menu at the top of the page).

As can be seen in the diagram above, I am creating a rule to block traffic to France. Before I save and deploy the policy changes to the device, I will confirm reachability to an IP address that exists in that part of Europe.

Last login: Mon Jul 17 11:48:29 on ttys000
PAULS:~ pauls$  Continue reading

Tools for TE with EIGRP

In response to my article about what would cause a directly connected route to be overridden, Matt Love (@showflogi) made a good observation:

What Matt is saying is that longest prefix match (LPM) is a mechanism that can be used to steer traffic around the network in order to meet a technical or business need. This type of traffic steering is called traffic engineering (TE).

Bluetooth Mesh takes aim at enterprise IoT, but hasn’t taken flight

The mesh networking features introduced to Bluetooth this week are designed to make the technology more appealing for enterprise IoT use. A lot depends, however, on which enterprise use case you’re talking about.Put simply, Bluetooth Mesh is a new technology that lets Bluetooth endpoints form networks among themselves, instead of having a central hub do the processing and sending all the instructions. That’s a big advantage since it overcomes the limited range inherent to the technology – as long as an endpoint is close enough to at least one other endpoint, it’s connected to the rest of the network, too.It’s a big change for the technology, according to Farpoint Group principal and Network World contributor Craig Mathias.To read this article in full or to leave a comment, please click here

Amazon, VMware rumored to be developing data center software

Amazon Web Services (AWS) and VMware are reportedly in talks about possibly teaming up to develop data center software products, according to The Information, which cited anonymous sources.Unfortunately, the article doesn’t have much if any detail on what that product would be. The speculation is it might be a stack-like product, since VMware already provides what would be the base software for such a product and stacks are becoming the in thing.Already there is OpenStack, the open-source product that runs cloud services in a data center, and Microsoft just shipped Azure Stack, its answer to OpenStack that will allow the same features of its Azure public cloud to run within a company’s private data center.To read this article in full or to leave a comment, please click here

Amazon, VMware rumored to be developing data center software

Amazon Web Services (AWS) and VMware are reportedly in talks about possibly teaming up to develop data center software products, according to The Information, which cited anonymous sources.Unfortunately, the article doesn’t have much if any detail on what that product would be. The speculation is it might be a stack-like product, since VMware already provides what would be the base software for such a product and stacks are becoming the in thing.Already there is OpenStack, the open-source product that runs cloud services in a data center, and Microsoft just shipped Azure Stack, its answer to OpenStack that will allow the same features of its Azure public cloud to run within a company’s private data center.To read this article in full or to leave a comment, please click here

Ninth Circuit Rules on National Security Letter Gag Orders

As we’ve previously discussed on this blog, Cloudflare has been challenging for years the constitutionality of the FBI’s use of national security letters (NSLs) to demand user data on a confidential basis. On Monday morning, a three-judge panel of the U.S. Ninth Circuit Court of Appeals released the latest decision in our lawsuit, and endorsed the use of gag orders that severely restrict a company's disclosures related to NSLs.

CC-BY 2.0 image by a200/a77Wells

This is the latest chapter in a court proceeding that dates back to 2013, when Cloudflare initiated a challenge to the previous form of the NSL statute with the help of our friends at EFF. Our efforts regarding NSLs have already seen considerable success. After a federal district court agreed with some of our arguments, Congress passed a new law that addressed transparency, the USA FREEDOM Act. Under the new law, companies were finally permitted to disclose the number of NSLs they receive in aggregate bands of 250. But there were still other concerns about judicial review or limitation of gag orders that remained.

Today’s outcome is disappointing for Cloudflare. NSLs are “administrative subpoenas” that fall short of a warrant, and are frequently accompanied Continue reading

1 2,008 2,009 2,010 2,011 2,012 3,872