ASA Active/Standby with BDI/BVI

I see a lot of ASA designs and they are typically flanked with switches. One of the reasons for this is that the failover requirements typically dictate that the devices to be layer 2 adjacent in each security zone. There is obviously the requirement to be L3 directly connected to their next hop. The result of this requirement that an ASA can’t typically be directly connected directly to an L3 only device and it is often the case that a switch is sandwiched between the FW and the next L3 device.

This article is meant to outline a possible work around with IOS and IOS-XE based routers to provide the L2 two adjacency using inherit L2 features. Readers may use these sample configurations to build out there own labs and more fully validate the applicability the their environment.

TL;DR–BDI and BVI allow ASA A/S to function properly in my testing.

The Topology

Below is the topology that used for validating this. In a real world scenario it is less likely that routers would be the connection point on all interfaces. The reason I positioned them here is to demonstrate both IOS and IOS-XE techniques in the same lab.

asa_bvi_bdi

Solution Overview

Continue reading

How To Wade Through 100s Of Articles Weekly

The writing masses in addition to professional media generate tons of articles each week. What’s the best way to keep up? My strategy is multi-pronged.

TL;DR.

Filter quickly and mercilessly. Read only the most interesting articles.

  1. Know why you read. Ignore content that doesn’t align with your personal consumption goals.
  2. Ignore content with clickbait titles. These articles are purposely designed to drive traffic, generating salable ad impressions. Most of the time, they are content-free and safely ignored.
  3. Have no fear of declaring amnesty. Missing out doesn’t matter.
  4. Read it now; you probably won’t read it later. Don’t let articles pile up for when you have a better time.
  5. Use tools effectively. You can get through content more quickly and share or save the best stuff easily.

Know why you read.

Keeping up with technology is a big part of my business. Therefore, I subscribe to feeds about emerging tech from news organizations, independent tech writers, and technology vendors. From these sources, I monitor trends and hype, picking out what strikes me as useful or at least thought-provoking for IT practitioners. Articles that match this criteria inspire articles of my own as well as podcast scripts, and spawn research projects. My overarching goal is Continue reading

The FTC’s IoT security case against D-Link will test its power

A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company’s internet routers and web cameras can easily be hacked, putting consumers at risk.But the FTC’s complaint doesn’t cite evidence that the products have been breached, only the potential for harm to consumers.That’s among the reasons D-Link is contesting the complaint. “Notably, the complaint does not allege any breach of a D-Link Systems device,” it said in a statement. To read this article in full or to leave a comment, please click here

The FTC’s IoT security case against D-Link will test its power

A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company’s internet routers and web cameras can easily be hacked, putting consumers at risk.But the FTC’s complaint doesn’t cite evidence that the products have been breached, only the potential for harm to consumers.That’s among the reasons D-Link is contesting the complaint. “Notably, the complaint does not allege any breach of a D-Link Systems device,” it said in a statement. To read this article in full or to leave a comment, please click here

Hey Alexa, what are your competitors doing?

Internet-connected intelligent gizmos had a big showing at this year's Consumer Electronics Show, and there is one common thread between many ofthem: Amazon’s Alexa virtual assistant.Lenovo has a new speaker featuring the assistant. Volkswagen and Ford are building Alexa into their cars. Plus, there’s a whole flotilla of other connected devices featuring Alexa, including a high-tech refrigerator from LG.That’s not to say other virtual assistants aren’t doing the same thing, but Amazon is the clear winner by volume at CES.So, what does that mean for the virtual assistant market, which includes competitors such as Microsoft's Cortana, the Google Assistant and Apple's Siri? To read this article in full or to leave a comment, please click here

US: Putin ordered cyber-meddling to favor Trump

A highly anticipated U.S. intelligence report claims that Russian President Vladimir Putin ordered a campaign to covertly influence last year’s presidential election in favor for Donald Trump.However, the report – or at least the declassified version – offered no new evidence or sources to prove the Kremlin’s role in sponsoring the effort, which included hacks and online propaganda.The U.S. government published the 25-page document on Friday amid skepticism from incoming President-elect Trump over whether Russia was really involved.Outgoing President Barack Obama has nevertheless ordered sanctions against Russia and threatened covert action in retaliation for the cyber-meddling.To read this article in full or to leave a comment, please click here

US: Putin ordered cyber-meddling to favor Trump

A highly anticipated U.S. intelligence report claims that Russian President Vladimir Putin ordered a campaign to covertly influence last year’s presidential election in favor for Donald Trump.However, the report – or at least the declassified version – offered no new evidence or sources to prove the Kremlin’s role in sponsoring the effort, which included hacks and online propaganda.The U.S. government published the 25-page document on Friday amid skepticism from incoming President-elect Trump over whether Russia was really involved.Outgoing President Barack Obama has nevertheless ordered sanctions against Russia and threatened covert action in retaliation for the cyber-meddling.To read this article in full or to leave a comment, please click here

Trump mum on Russia blame after US intelligence briefing

After meeting with U.S. intelligence leaders on Friday, President-elect Donald Trump withheld any direct endorsement of their findings that Russia tried to meddle with the recent election.Rather, he focused on whether the hacking efforts -- from any country -- had an effect on the election’s outcome. In his view, there was “absolutely” none."While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election," Trump said in a statement. To read this article in full or to leave a comment, please click here

Trump mum on Russia blame after US intelligence briefing

After meeting with U.S. intelligence leaders on Friday, President-elect Donald Trump withheld any direct endorsement of their findings that Russia tried to meddle with the recent election.Rather, he focused on whether the hacking efforts -- from any country -- had an effect on the election’s outcome. In his view, there was “absolutely” none."While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election," Trump said in a statement. To read this article in full or to leave a comment, please click here

Microsoft’s OS supremacy over Apple to end in 2017

Apple will steal a march on Microsoft this year when for the first time this century shipments of devices powered by its operating systems outnumber those running Windows, research firm Gartner said today.In 2017, Apple's combination of iOS and macOS -- the former on iPhones and iPads, the latter on Macs -- will take second place from Windows on the devices shipped during the year. The gap between the two will widen in 2018 and 2019, with Apple ahead of Microsoft both years.According to Gartner, which provided Computerworld with its latest device shipment forecast broken out by operating system, in 2016 Windows powered about 260 million devices of the 2.3 billion shipped during the year. Windows accounted for approximately 11.2% of the total devices, which overwhelmingly ran Google's Android.To read this article in full or to leave a comment, please click here

Wandera helps manage the risks a mobile fleet poses to corporate data  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  The 2016 holiday shopping season is barely in the rearview mirror and already the retail analysts are claiming that sales via mobile devices hit a new all-time high. According to Google Analytics data, 30% of all online shopping now happens on mobile devices.That’s good news for e-commerce companies—assuming they provide shoppers with a secure application that isn’t leaking sensitive information such as user credentials and financial transaction data. How long will it be before we hear of a significant data breach due to a poorly secured mobile app?To read this article in full or to leave a comment, please click here

Intel’s Optane: What users can expect in PCs and when it will ship

Intel is known for cranking up PC speeds to new highs, and it's doing the same for storage with the super fast Optane.Optane, which Intel claims will replace today's SSDs and DRAM, is exciting for many reasons. Game play, PC booting, and productivity applications will be much faster with the new class of storage and memory.Intel has said Optane could be up to 10 times faster than conventional SSDs, but real-world tests on the storage have yet to be done. The first Optane storage was announced at CES, but it's only in the form of low-capacity 16GB and 32GB units to be used as cache and not as primary storage.The initial Optanes will not have a meaty capacity, but it will be a good start to test and play with the storage, said Pat Kannar, marketing director for Precision desktops at Dell.To read this article in full or to leave a comment, please click here

Review: Dell’s new Kaby Lake XPS 13 Developer Edition laptop amazes

Back in May of 2016, I reviewed the (then current) Dell XPS 13 Developer Edition laptop. At just a bit over $2,000 it wasn’t the world’s cheapest machine, but for a Linux user looking for a high-end (but very portable) notebook, that XPS proved to be a remarkable rig. Well, Dell has a new model of the XPS Developer Edition. And I pestered them until they sent me one to test. To read this article in full or to leave a comment, please click here

1 2,377 2,378 2,379 2,380 2,381 3,808