How to use enterprise Wi-Fi security in SMBs

It's become de rigeur to protect wireless networks with Wi-Fi Protected Access II (WPA2) security, but many small and even midsize businesses default to using the personal or pre-shared key (PSK) mode of WPA2, rather than its enterprise mode. Despite its name, however, the enterprise mode isn't only for large networks; it has a place in all businesses. Though you might think the simple personal mode is easier to use, the exact opposite can be true if you factor in the ongoing effort required to properly secure the business's network.Connecting devices that support enterprise modeTo read this article in full or to leave a comment, please click here(Insider Story)

Duqu spy group also targeted telecommunications companies

The group behind the Duqu cyberespionage tool has compromised at least two telecommunications operators and one electronic equipment manufacturer, in addition to a cybersecurity firm and venues that hosted high-level nuclear negotiations between world powers and Iran.On Wednesday, Moscow-based antivirus firm Kaspersky Lab, which has been deeply involved in exposing sophisticated cyberespionage campaigns over the past few years, revealed that it too fell victim to such an attack.The company discovered in early spring that several of its internal systems were infected with a new version of Duqu, a sophisticated malware platform believed to be related to the Stuxnet worm used to sabotage Iran’s nuclear enrichment centrifuges at Natanz.To read this article in full or to leave a comment, please click here

ONOS and AT&T Team Up to Deliver CORD

ON.Lab wants to transform the CO into a data center, and will demo the concept at Open Networking Summit.

The Upload: Your tech news briefing for Thursday, June 11

Google wants in on this “smart cities” thing tooGoogle has launched Sidewalk Labs, a New York-based company that will develop technology to make urban transportation and government more efficient, as well as lower the cost of living and cut energy use. The search giant is a little late to the party: Cisco, IBM and Microsoft are already heavily invested in this space, and the European Union has a major Smart Cities initiative as part of its Digital Agenda.Ebay, PayPal scrutinized for claiming robocall rights in user agreementsTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Thursday, June 11

Google wants in on this “smart cities” thing tooGoogle has launched Sidewalk Labs, a New York-based company that will develop technology to make urban transportation and government more efficient, as well as lower the cost of living and cut energy use. The search giant is a little late to the party: Cisco, IBM and Microsoft are already heavily invested in this space, and the European Union has a major Smart Cities initiative as part of its Digital Agenda.Ebay, PayPal scrutinized for claiming robocall rights in user agreementsTo read this article in full or to leave a comment, please click here

Cisco Live!: In pictures

Group shotImage by FacebookOutgoing and incoming Cisco CEOs John Chambers and Chuck Robbins weren’t the only attractions at the annual Cisco event in San Diego this week, though they did seem to be everywhere (Chambers in center, with blazer).RELATED: Cisco boosts cloud software, lines up ISVs to write Internet of Everything servicesTo read this article in full or to leave a comment, please click here

iOS Developers — Migrate to iOS 9 with CloudFlare

Thousands of developers use CloudFlare to accelerate and secure the backend of their mobile applications and websites. This week is Apple’s Worldwide Developers Conference (WWDC), where thousands of Apple developers come to San Francisco to talk, learn and share best practices for developing software for Apple platforms. New announcements from Apple this week make CloudFlare an even more obvious choice for application developers.

New operating systems, new application requirements

The flagship announcement of WWDC 2015 was a new version of Apple’s mobile operating system, iOS 9, to be released in September with a developer preview available now. They also announced a new Mac operating system, OS X El Capitan, launching in the fall. Apple has a track record of developing and supporting technologies that enhance user privacy and security with iMessage and Facetime and the trend is continuing with these new operating systems. In both cases, Apple is requiring application developers to make use of two network technologies that CloudFlare is big fan of: HTTPS and IPv6.

For iOS 9 and El Capitan, all applications submitted to the iOS and Mac App Stores must work over IPv6. In previous versions, applications were allowed that only worked with IPv4.

From Continue reading

Campus LAN Design – A Different Approach

Throughout my career I have implemented a pretty large number of standard Cisco campus LAN designs. You know the model; a hierarchical one with access switches aggregating to a distribution layer, which then aggregates to a fast core switching layer. Pieces of the hierarchy can be collapsed into one another in situations where, for example, due to […]

Author information

Andy Burridge

Andy spends his days working as a network engineer for a solutions provider. Andy also mostly spends his evenings working as a network engineer for a solutions provider.

Twitter

The post Campus LAN Design – A Different Approach appeared first on Packet Pushers Podcast and was written by Andy Burridge.

Microsoft predicts China’s air pollution with data analysis

Microsoft has taken its big data analysis to China, with computing models that can forecast the air quality across 41 cities in the country.Pollution continues to be a major problem in China, with hazardous air quality levels a common occurrence in cities including Beijing. To bring some clarity to the situation, Microsoft has come up with a mobile app that can predict the air quality two days in advance.The Your Weather app works by first taking official data from government air quality monitoring stations across a 300 kilometer distance, and then using weather data to predict the pollution levels. The weather data used includes forecasts, along with current information on humidity, temperature and wind direction in a selected city.To read this article in full or to leave a comment, please click here

Microsoft predicts China’s air pollution with data analysis

Microsoft has taken its big data analysis to China, with computing models that can forecast the air quality across 41 cities in the country.Pollution continues to be a major problem in China, with hazardous air quality levels a common occurrence in cities including Beijing. To bring some clarity to the situation, Microsoft has come up with a mobile app that can predict the air quality two days in advance.The Your Weather app works by first taking official data from government air quality monitoring stations across a 300 kilometer distance, and then using weather data to predict the pollution levels. The weather data used includes forecasts, along with current information on humidity, temperature and wind direction in a selected city.To read this article in full or to leave a comment, please click here

Should I Use a Traditional Firewall in Microsegmented Environment?

One of my readers wondered whether one still needs traditional firewalls in microsegmented environments like VMware NSX.

As always, it depends.

Apple Mail flaw could pose risk to iCloud passwords

A security researcher says a vulnerability in Apple’s mobile email application could be used to trick someone into divulging their iCloud password.Prague-based Jan Soucek published proof-of-concept code that shows how he could send an email to someone with HTML code that resembles the iCloud login pop-up window. Soucek then receives an email containing the password.The vulnerability allows remote HTML content to be loaded in an email, which replaces the content of the email message. Soucek wrote he then built a functional password collector using HTML and CSS. He also published a demonstration video.To read this article in full or to leave a comment, please click here

Cisco Security Has a Job Waiting for John Chambers

Security is pervasive to networking, so it's an area Chambers will keep an eye on.

‘Your PC may be infected!’ Inside the shady world of antivirus telemarketing

Scotty Zifka was looking for a sales job. He started one in late May at a company called EZ Tech Support, a small inbound call center in an older building in northeast Portland, Oregon.The first day of Zifka’s unpaid training involved listening in on sales calls. But within three hours, Zifka felt something wasn’t quite right.“Everything about it was so weird,” he recalled.The company’s 15 agents answer calls from people who’ve seen a pop-up message saying their computer may be having problems, and advising them to call a number, which rings at the offices of EZ Tech Support.The agents are instructed to stick to a 13-page script. They ask callers whether they have an antivirus program installed. If they do, Zifka said, callers are usually told that whatever they’re using isn’t a “full-time real spectrum virus protection program.”To read this article in full or to leave a comment, please click here

BRKSEC-2139: Advanced Malware Protection

Presenter: Eric Howard, Techincal Marketing Engineer

Why aren’t we stopping all the malware???

The term “APT” has become the boogey man of cyber security. :-)

You don’t need to know squat about writing malware in order to launch malware

• Malware rentals
• Malware as a Service (swipe CC, pay bitcoin)

Why aren’t we stopping all the malware?

1. To solve the malware problem is to follow a very involved, multi-step process. Not every step can be automated; humans are needed (analysis, triage, more). This makes the process expensive, too.
2. There’s no silver bullet

Product does not solve the issue. Process is required, too. Ideally, good process backed by good product.

If you knew you were going to be compromised, would you do security differently? — Marty Roesch, Cheif Architect, Cisco Security, founder of Sourcefire

Do security different:

• Plan A – Prevention: shore up the environment; dig a bigger moat, build thicker walls
• Plan B – Retrospection: track system behaviors without regard for disposition (ie, do this for everything, not just known malware but also “known good” and “unknown”)

Plan A

• 1-to-1 signatures: like anti-virus; also hashes; AV vendors only enable 8-10% of their rules; AMP cloud runs all sigs all the time; Continue reading

BRKDCT-2333 — Data Center Network Failure Detection

Presenter: Arkadiy Shapiro, Manager Technical Marketing (Nexus 2000 - 7000) @ArkadiyShapiro

“You could say I'm obsessed with BFD” -Arkadiy

Fast failure detection is the key to fast convergence.

BRKSEC-2137 — Snort Implementation in Cisco Products

Presenter: Eric Kostlan, Technical Marketing Engineer, Cisco Security Technologies Group

“Above all, Snort is a community” -Eric

Snort stats

• over 4 million downloads
• nearly 500,000 registered users

Snort was created in 1998 (!!). Sourcefire founded in 2001.

Jawbone again sues Fitbit, this time claiming patent infringement

Jawbone has filed its second lawsuit against Fitbit in less than two weeks, claiming its activity tracking products infringe several of Jawbone’s patents.The new suit, filed Wednesday in San Francisco by Jawbone parent company AliphCom, seeks unspecified damages and an injunction to block the sale of Fitbit devices such as the Flex, Charge and Surge bands.Late last month, Jawbone filed another lawsuit, accusing Fitbit of poaching its employees and stealing trade secrets. Fitbit has said it has no knowledge of any such information in its possession.To read this article in full or to leave a comment, please click here

BRKCRS-3900: NBase-T and the Evolution of Ethernet

Presenters: Dave Zacks, Distinguished Engineer; Peter Zones, Principle Engineer

History has been: 10x performnce increase at 3x the cost. 40Gb broke that model –> 100Gb PHYs were very expensive; industry needed/wanted an intermediate step.

Ethernet has a really strong roadmap and will continue to evolve for a very long time. Roadmap: http://www.ethernetalliance.org/roadmap/

• 25Gb – direct server connect (Twinax)
• 40GBase-T (Cat 8 cable!)
• 2.5/5G – N-BaseT
• 400Gb
• More

SERDES

• Serializer/deserializer
• Turns bits on the wire into bytes and vise-versa
• 40Gb Ethernet based on 4x10Gb SERDES

100m is the sweet spot for copper cable lengths. Why? CSMA/CD and also electrical wiring, placement of wiring closets just make 100m the right fit.

Cisco Mgig

• PoE/PoE+/UPoE
• Standards compliant
• Investment protection (existing cable plant)
• Supports 100M but not 10M; (had to drop something as far as standards and nobody uses 10M anymore really)

802.11ac Wave 2

• Max PHY rate: 6.8Gbps (in absolute best conditions)
• More likely 3-ish Gb/s
• Point: it’s more than 1Gbs

Cisco Mgig products:

• 4500E line card
• New 3850 models with Mgig ports
• New compact 3560CX with 2x Mgig ports

Between 2003 and 2014, approx 70 billion meters of Cat 5e and Cat 6 cabling were sold

Continue reading

Leveraging SD-WAN for Skype for Business Enterprise Voice

This guest blog post is by Daniel Teichman, Senior Manager, Product Marketing; and Brad Chapin, Director, Strategic Alliances, at Sonus. We thank Sonus for being a sponsor. Software-defined wide area network (SD-WAN) technology is a viable option for organizations that have to provide real-time Unified Communications (UC), such as Microsoft’s Skype for Business Enterprise Voice, […]

Author information

Drew Conry-Murray

I'm a tech journalist, editor, and content director with 17 years' experience covering the IT industry. I'm author of the book "The Symantec Guide To Home Internet Security" and co-author of the post-apocalyptic novel "Wasteland Blues," available at Amazon.

TwitterLinkedIn

The post Leveraging SD-WAN for Skype for Business Enterprise Voice appeared first on Packet Pushers Podcast and was written by Drew Conry-Murray.