Worth Reading: IPv6 Performance

Every so often I hear the claim that some service or other does not support IPv6 not because of some technical issue, or some cost or business issue, but simply because the service operator is of the view that IPv6 offers an inferior level service as compared to IPv4, and by offering the service over IPv6 they would be exposing their clients to an inferior level of performance of the service. via potaroo.net

The post Worth Reading: IPv6 Performance appeared first on 'net work.

Judge strips redactions from NSL, showing info FBI gets without a warrant

A federal judge lifted an 11-year gag order the FBI had imposed on Nicholas Merrill and removed redactions of a National Security Letter (NSL) so Americans can see the overly broad "types of electronic communications transaction records" that the FBI has sought and continues to seek through NSLs.The FBI served the NSL back in 2004 when Nicholas Merrill owned and operated Calyx Internet Access, a small ISP with about 200 customers. After the judge found in favor of Merrill and not the government, Merrill said, "For more than a decade, the FBI has fought tooth and nail in order to prevent me from speaking freely about the NSL I received. Judge Marrero’s decision vindicates the public’s right to know how the FBI uses warrantless surveillance to peer into our digital lives. I hope today’s victory will finally allow Americans to engage in an informed debate about proper the scope [sic] of the government’s warrantless surveillance powers."To read this article in full or to leave a comment, please click here

Security ‘net: Google, Watson, and other thoughts

Encryption, security, and privacy are at the top of our list, it seems. The question is — who really cares about your privacy? Is Google a champion of freedom, or a threat to national sovereignty?

Google is unique in its leadership, plans, and global marketpower to accelerate the majority of all global Web traffic “going dark,” i.e. encrypted by default. Google’s “going dark” leadership seriously threatens to neuter sovereign nations’ law-enforcement and intelligence capabilities to investigate and prevent terrorism and crime going forward.

Or has Google just figured out that encryption is the best way to funnel all the world’s information through their servers so it can be properly indexed and used to its maximum commercial value?

But the truth about where the giants of tech stand on user privacy is another matter entirely. No organizations on earth have exploited users more than Google (GOOGL) and Facebook (FB) have in their zealous quest to boost ad revenues by providing users’ personal data – demographics, searches, email and location, among others – to an ever-growing list of digital advertisers.

Russ’ take: The truth is probably out there someplace, but I doubt it’s as clean cut as either of these articles Continue reading

The Marriage of the Ecosystem

 

marriage

A recent discussion with Greg Ferro (@EtherealMind) of Packet Pushers and Nigel Poulton (@NigelPoulton) of In Tech We Trust got me thinking about product ecosystems. Nigel was talking about his new favorite topic of Docker and containers. He mentioned to us that it had him excited because it felt like the good old days of VMware when they were doing great things with the technology. That’s when I realized that ecosystems aren’t all they are cracked up to be.

Courting Technology

Technology is a huge driver for innovation. New ideas are formed into code that runs to accomplish a task. That code is then disseminated to teams and built upon to create toolsets to accomplish even more tasks. That’s how programs happen. Almost every successful shift in technology starts with the courtship of focused code designed to accomplish a simple task or solve a quick problem.

The courtship evolves over time to include other aspects of technology. Development work extends the codebase to accept things like plugins to provide additional functionality. Not core functions though. The separation comes when people want to add additional pieces without compromising the original program. Bolting additional non-core pieces on Continue reading

OSPF vs EIGRP for DMVPN

In this post I’m going to look at the characteristics of OSPF and EIGRP when used in a Dynamic Multipoint VPN (DMVPN). I will do my best not to play favorites and instead stick to the facts (yes, I do have a preference :-). To that end I will back everything up with data from my lab. The focus areas of the comparison will be:

  • Scalability of the hub router’s control plane
  • Overall control plane stability
  • Traffic engineering

This post won’t go into any background on how DMVPN works. If you’re not yet familiar with DMVPN, I recommend watching these introductory videos by Brian McGahan. This post also does not do a deep dive on OSPF or EIGRP. I’m making the assumption that you’re already familiar with the different LSA types in OSPF and general functions of EIGRP.

After reading this post you should be able to describe the pros and cons of OSPF and EIGRP in the three areas listed above and incorporate this knowlege into a DMVPN design.

Continue reading

No letup seen in Chinese cyber spying

A deal announced two months ago between China and the U.S. was pitched as bringing an end to economic espionage.But if any business leader thinks that means their organizations are no longer a target, they haven’t been paying attention.That is the unanimous conclusion of a number of experts who have been tracking cyber attacks from China in the two months since Chinese President Xi Jinping and U.S. President Barack Obama announced that, “neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property (IP), including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”To read this article in full or to leave a comment, please click here

Forecast 2016: 5 fast-track trends to tackle now (and one to ignore)

Of all the burning questions that keep tech execs awake at night, perhaps none is more urgent than, "Are we keeping up?" The breakneck pace of change in IT and in business at large means that CIOs and other senior technologists can't afford to lose focus as they head into 2016.Where should you center your efforts as you build your to-do list for the year ahead? Computerworld's Forecast 2016 survey of IT professionals points to five key areas -- cloud computing, security, the Internet of Things, analytics, and the emergence of IT as a change agent -- as well as one area where you don't need to devote resources (or not yet, anyway).To read this article in full or to leave a comment, please click here(Insider Story)

IDG Contributor Network: How to prepare your organization for the risk of data loss

Data breaches are serious and very real threats in today's digital world, and no industry sectors are immune. In the medical sector alone, the cost of client data breach liability, expense, and settlements surpassed the same costs from medical malpractice. Securing data and minimizing the probability and impact of data breaches is at its core a risk-based endeavor.While many businesses have recognized the need for risk assessment and management, there is still a tendency to treat risk assessment and managements as "checkbox" exercises. For a risk management program to provide true benefit, several things are required: An enterprise-level risk management practice. This is NOT your IT risk management team – it is a standalone and empowered practice that operates at the CXO level. This team is focused on business alignment. An IT-level risk management practice. This team is focused on the application and testing of applicable risk management frameworks and the controls associated with those frameworks. Certified and qualified risk management professionals. There are several industry certifications available. CRISC (Certified in Risk & Information Systems Control) and CRMP (Certified Risk Management Professional) are examples. They both require hefty amounts of continuing education, which is critical, given the moving target Continue reading

Enterprise nets: HP, Cisco, Brocade and Huawei take charge

A report released today by Cambridge, Mass.-based researcher IHS named Huawei, Cisco, Brocade and HP as the four leading companies in the enterprise networking sector.The leaders, according to IHS research director Matthias Machowinski, were chosen in part because of their roles as large-scale providers of a range of networking products and services for the enterprise.+ALSO ON NETWORK WORLD: Welcome to the Internet of stupid (hackable) things + Looking into the crystal ball of Amazon’s cloud futureTo read this article in full or to leave a comment, please click here

HPE’s Synergy is a new type of ‘composable’ infrastructure

Hewlett Packard Enterprise has developed a new type of "composable' hardware that it claims will cut data center costs and slash the time it takes to spin up new applications.Called HPE Synergy, it combines storage, compute and network equipment in one chassis, along with management software that can quickly configure the hardware automatically to provide just the resources needed to run an application, HPE said."HPE Synergy's unique built-in software intelligence, auto discovery capabilities and fluid resource pools enable customers to instantly boot up infrastructure ready to run physical, virtual and containerized applications," the company said.To read this article in full or to leave a comment, please click here

Flaws in Huawei WiMax routers won’t be fixed, researcher says

Huawei isn't planning on patching several flaws in seven models of WiMax routers that are not being supported anymore by the company, according to a security researcher.Pierre Kim published a list of the affected models, which are still used in countries including Ivory Coast, Iran, Iraq, Libya, the Philippines, Bahrain and Ukraine.Kim notified Huawei of the problem on Oct. 28. He wrote that Huawei said the routers are no longer serviced by the company and would not be patched.The routers include the EchoLife BM626 WiMax CPE and associated models running the same firmware including the BM626e, BM635, BM632, BM631a, BM632w and the BM652.To read this article in full or to leave a comment, please click here

Understanding VLAN terminology – Access Trunk Native Tagged Untagged

Ever so often I myself have searched around for the exact difference between all of the different terms associated with VLAN's (Virtual Local Area Networks) and I'm sure a lot of people out there do the same. There's so much out there explaining these terms but it gets confusing when everything is virtualized. How does networking work in a virtualized host where the operating system networking stack provide virtual network functions such as a virtual switch?

I will start out by stating that networking works the same way it is expected to work in the physical world with wires and hardware boxes that switch or route traffic. To understand what these terms mean you need to first understand how VLANs work. VLAN segregation can happen on a IP range basis, on a port to port basis on the switch,  based on protocol, based on mac addresses or just based on some other higher layer abstractions. The most common implementation is however port based and I will go ahead by explaining these terms with respect to this premise. Also some of these terms are specifically defined by Cisco switches and have then on gone to become popular in network design vocabulary Continue reading

Data breach of toy maker VTech leaked photos of children, parents

The data breach of Hong Kong toy manufacturer VTech appears to have also included photos of children and parents, adding to what could be one of the most surprising leaks of the year.VTech, which makes cordless phones and what it terms electronic learning devices for kids, apologized on Twitter on Monday. The company said it has suspended the affected service, called Learning Lodge, and is notifying customers.Vice's Motherboard tech news site, which first reported the breach, said on Monday the breach also contained thousands of photos of parents and kids and chat logs.To read this article in full or to leave a comment, please click here

OSPF vs EIGRP for DMVPN

In this post I'm going to look at the characteristics of OSPF and EIGRP when used in a Dynamic Multipoint VPN (DMVPN). I will do my best not to play favorites and instead stick to the facts (yes, I do have a preference :-). To that end I will back everything up with data from my lab. The focus areas of the comparison will be:

  • Scalability of the hub router's control plane
  • Overall control plane stability
  • Traffic engineering

This post won't go into any background on how DMVPN works. If you're not yet familiar with DMVPN, I recommend watching these introductory videos by Brian McGahan. This post also does not do a deep dive on OSPF or EIGRP. I'm making the assumption that you're already familiar with the different LSA types in OSPF and general functions of EIGRP.

After reading this post you should be able to describe the pros and cons of OSPF and EIGRP in the three areas listed above and incorporate this knowlege into a DMVPN design.

CCIE Written Changes

Just when you thought you were prepared for your CCIE written exam, think again! Cisco has announced that as of July 25th 2016 they will be adding the section called “Evolving Technologies” to all written exams. If you are scheduled to take your written, in any track, before July25th than not to worry, these changes will not affect you in anyway according to Cisco.

This new section is going to account for 10% of your overall score on the exam with the original topics in your blueprint coming out to 90%. The most interesting point that we need to focus on is that the subdomains of this new section are subject to change as “new and emerging technologies are developed and adopted by the industry”.

Now I know what you’re thinking, “how am I supposed to study for this?”. It’s not all that bad! Cisco has at least given us some resources that we can use to begin preparing for these new topics on our written exam. Here at iPexpert, we’ll be adding these topics to new Written VOD products accordingly, and releasing updates over the next few months.

The last big update to the CCIE blueprints that I Continue reading

1 3,175 3,176 3,177 3,178 3,179 3,785