5 signs we’re finally getting our act together on security
The high-water line in information security gets higher each year. Just as we think we’ve finally figured out how to defend against attacks, then attackers come up with something new and we are right back to trying to figure out what to do next.For example, ransomware has surged in the last year. Although that kind of malware has been around for years, the current model of encrypting user files to hold data hostage came about just recently. Infections quadrupled in 2016, with the FBI estimating an average of 4,000 attacks a day. A recent IBM survey of 600 business leaders in the United States found that one in two had experienced a ransomware attack in the workplace, and that companies paid the ransom 70 percent of the time. As a result, criminals are on track to make nearly $1 billion this year from ransomware, IBM X-Force said.To read this article in full or to leave a comment, please click here
Many networks leverage what is known as a VRF. These are used for traffic isolation and create separate routing instances within a router. It is important that vrf awareness is confirmed for any service (DHCP, Voice GW, etc) being locally provided for a given point in the network. One use case for such a configuration might be for voice isolation with or without MPLS. In the case that a router is providing voice gateway functionality (i.e. FXO/FXS to VOIP), the voice functions must understand the VRF construct in order to properly fulfill the role.
TL;DR–This configuration sometimes does not behave as expected and, in my experience, may require a reboot after following the documented procedure.
The configuration for VRF-Aware H.323 and SIP for Voice Gateways can be found at the URL below.
http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t15/stork.html
Notice that it makes reference to the fact that the services need to be restarted–
To configure a voice VRF, you must shut down voice services on the gateway, assign a previously defined VPN VRF to the VoIP SPI, and then restart voice services.
As one researches this particular configuration, the concept of voice “multi-vrf” will likely come up. Based on my Continue reading