DMVPN Dynamic Multipoint VPN

DMVPN is dynamic, scalable and easy to configure Cisco specific VPN solution. DMVPN uses two major technologies for its operation : NHRP Next Hop Resolution Protocol mGRE Multipoint GRE In this post I will explain all the basics of DMVPN. For detailed routing protocol design over DMVPN will be covered in different post which will… Read More »

The post DMVPN Dynamic Multipoint VPN appeared first on Network Design and Architecture.

Asus seeks to expand smartphone presence in Europe, China and US

Asustek Computer isn’t exactly known for smartphones, but the Taiwanese PC maker is aiming to bring more Android phones to U.S. and European markets this year.A year ago, Asus introduced its ZenFone line, a range of Android handsets, and demand for the phones is growing.In the fourth quarter, Asus shipped 4.5 million smartphones, up from a mere 200,000 units in the first quarter of 2014.The shipments are still small compared to those of leading vendors such as Apple and Samsung Electronics, but Asus is among the PC makers hoping to break out from the notebook market by releasing more mobile devices. In 2017, Asus expects revenue from its mobile business to surpass that of its PCs.To read this article in full or to leave a comment, please click here

Jeb Bush’s email cache held another surprise: Viruses

In addition to personal phone numbers and email addresses for hundreds of people who corresponded with him, there’s something else inside the cache of emails that Jeb Bush released this week: computer viruses.Earlier this week, Bush, who some tip as a presidential hopeful, released thousands of emails from his time as governor of Florida, when he promoted his “[email protected]” email address as a way for voters to interact with him. The emails were released unredacted—a deliberate move intended to demonstrate transparency but one that backfired because the messages included the names, email addresses and phone numbers of thousands of people.Alongside a Web interface to read the emails, Bush also offered raw Microsoft Outlook files, and it’s in those files where the viruses lurked in file attachments.To read this article in full or to leave a comment, please click here

US lawmakers introduce two bills to protect email privacy

A long-standing effort to extend privacy protections to email and other data in the cloud got new life Thursday when U.S. lawmakers introduced not one, but two bills to reform the country’s electronic privacy laws.Both the Law Enforcement Access to Data Stored Abroad Act, called the LEADS Act, and the Electronic Communications Privacy Amendments Act would require law enforcement agencies to get court-ordered warrants to search data that’s been stored on Web-based or cloud-based services for more than 180 days.Under the 29-year-old Electronic Communications Privacy Act [ECPA], law enforcement agencies do not need a court-ordered warrant to search unopened email stored with a vendor for longer than 180 days, although they do need court approval to access unopened email less than 180 days old.To read this article in full or to leave a comment, please click here

GeoPoll, Control Union tap mobile tech to bring African farmers into supply chain

U.S.-based GeoPoll is partnering with Control Union, an international provider of agricultural inspection and safety services, to reach out to African farmers and bring them into global supply chain networks while ensuring compliance with standard business practices.GeoPoll provides technology for data collection, using mobile platforms for surveys. Control Union will be able to use GeoPoll technology to reach small-holding farmers to gain more information about their practices. The idea is to bring increased transparency to food supply chains globally, with a focus on key products such as cocoa, coffee, cotton, fruits and vegetables, palm oil, rice, and tobacco. To read this article in full or to leave a comment, please click here

GeoPoll, Control Union tap mobile tech to bring African farmers into supply chain

U.S.-based GeoPoll is partnering with Control Union, an international provider of agricultural inspection and safety services, to reach out to African farmers and bring them into global supply chain networks while ensuring compliance with standard business practices.GeoPoll provides technology for data collection, using mobile platforms for surveys. Control Union will be able to use GeoPoll technology to reach small-holding farmers to gain more information about their practices. The idea is to bring increased transparency to food supply chains globally, with a focus on key products such as cocoa, coffee, cotton, fruits and vegetables, palm oil, rice, and tobacco. To read this article in full or to leave a comment, please click here

Technical terms are not ambiguous

I see technical terms like "interference" and "authorization" in laws. As a technical person, this confuses me. I have a different understand of these terms than how the courts might interpret them. Courts insist that these words must be interpreted using their common everyday meanings, not their technical meanings. Yet, situations are inherently technical, so the common meanings are ambiguous.


Take for example the law that forbids causing radio interference:
No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this chapter or operated by the United States Government.
Interference seems like a common, non-technical term, but it's unlikely that's the meaning here. Interference has a very technical meaning, as demonstrated by this long Wikipedia article on "radio interference". There are entire books dedicated this this subject. It's a big technical deal, it's unreasonable to think the law means anythings else.

This is important when looking at the recent "Marriott WiFi Jamming" case, because Marriott did not cause "radio interference" or "jamming". Instead, what they did was send "deauth" packets. Using a real world analogy, jamming is like a locked door, blocking access against Continue reading

Microsoft releases Windows 10 technical preview for phones: What (some of you) will get

Microsoft opened its Windows 10 Technical Preview for Phones on Thursday by supporting just midrange to lower-end devices, disappointing some early adopters who were hoping to try out Microsoft’s new preview.Currently, just six phones can download the Windows 10 Technical Preview: the Lumia 630, 635, 636, 638, 730, and Lumia 830. Aside from the Lumia 830, Microsoft’s “affordable flagship,” the remainder are midrange Windows Phones that were released according to Microsoft’s principle of driving Windows Phone market share by expanding its user base.10 mobile startups to watch “We are starting with a limited set of devices supported for this first preview,” Gabe Aul, the engineering general manager at Microsoft who has been the point man for Windows 10, said in a blog post. “Windows 10 will drive innovation across screens of all sizes and we will have new hardware from Microsoft and our partners, including new flagship phones.”To read this article in full or to leave a comment, please click here

Cyberattacks in West Africa spark debate over online security

A wave of cyberattacks aimed at government-related websites in Nigeria, Ghana and Senegal over the last two months has triggered a debate over how to bolster online security and deal with politically motivated hacking.A popular Senegalese news site, Seneweb and the website of the government’s ICT management agency, L’Agence De l’Informatique de l’Etat (ADIE), were the first to be hacked in the latest round of attacks, in December and January, respectively (though the Seneweb hack was not disclosed until January).The attacks were reportedly launched in response to Senegalese President Macky Sall’s participation in a rally in support of the French magazine, Charlie Hebdo. Twelve people were killed on Jan. 7 by two heavily armed men at the Paris office of satirical news weekly Charlie Hebdo. The attack was reportedly prompted by satirical material involving Muslim themes and historical figures.To read this article in full or to leave a comment, please click here

No, you can’t make things impossible to reverse-engineer

I keep seeing this Wired article about somebody announcing a trick to make software "nearly impossible" to reverse-engineer. It's hype. The technique's features are no better at stopping reverse-engineering than many existing techniques, but has an enormous cost on the system that makes it a lot worse.

We already have deterrents to reverse-engineering. Take Apple iTunes, for example, which has successfully resisted reverse-engineering for years. I think the last upgrade to patch reverse-engineered details was in 2006. Its anti-reverse-engineering techniques aren't wonderful, but are instead simply "good enough". It does dynamic code generation, so I can't easily reverse engineer the static code in IDApro. It does anti-debugging tricks, so I can't attach a debugger to the running software. I'm sure if I spent more time at it, I could defeat these mechanisms, but I'm just a casual reverse-engineer who is unwilling to put in the time.

The technique described by Wired requires that the software install itself as a "hypervisor", virtualizing parts of the system. This is bad. This is unacceptable for most commercial software, like iTunes, because it would break a lot of computers. It might be acceptable for really high-end software that costs more than the computer, in Continue reading

Google fear a factor behind Orbitz-Expedia deal

After acquiring a competitor weeks ago and just announcing plans to buy another one, Expedia may look like the dominant player in online travel, but its CEO argues the deals are necessary to battle another rival: Google.Expedia offers online booking services for flights, car rentals and hotels under brands such as Hotels.com and Hotwire.com, and plans to beef up its business with Thursday’s US$1.6 billion proposed acquisition of rival Orbitz, which offers similar services and operates sites such as CheapTickets.com.Snatching up Orbitz will give Expedia the customers it needs to fend off companies that have muscled their way into the online travel agency space, including Google, said Expedia CEO Dara Khosrowshahi during a webcast held to discuss the Orbitz deal. Google, along with traditional travel industry players like hotels, are all trying to establish themselves as the best option for consumers looking to book travel.To read this article in full or to leave a comment, please click here

Google fear a factor behind Orbitz-Expedia deal

After acquiring a competitor weeks ago and just announcing plans to buy another one, Expedia may look like the dominant player in online travel, but its CEO argues the deals are necessary to battle another rival: Google.Expedia offers online booking services for flights, car rentals and hotels under brands such as Hotels.com and Hotwire.com, and plans to beef up its business with Thursday’s US$1.6 billion proposed acquisition of rival Orbitz, which offers similar services and operates sites such as CheapTickets.com.Snatching up Orbitz will give Expedia the customers it needs to fend off companies that have muscled their way into the online travel agency space, including Google, said Expedia CEO Dara Khosrowshahi during a webcast held to discuss the Orbitz deal. Google, along with traditional travel industry players like hotels, are all trying to establish themselves as the best option for consumers looking to book travel.To read this article in full or to leave a comment, please click here

Experimenting with the CSR1000v REST API

This all started because we occasionally want to block traffic from an IP address or two for a short time. Our firewall is a pain to configure for this sort of thing: adding a drop for a single IP address literally takes 10 minutes. You have to open a fat client, create an object, add the object to a group, save the config, verify the config, push the config, etc.

I thought that SRTBH (Source-based Real-Time Black Hole) implemented by BGP would be the ticket: fast, easy, and theoretically easy to automate with the REST API in the Cisco Cloud Services Router 1000v. SRTBH is a simple and elegant way of dropping selected traffic on BGP speaking routers. In a nutshell:
  1. You configure a "trigger router" that speaks iBGP with the rest of your BGP-speaking routers (usually your Internet edge or transit routers), but doesn't participate in traffic forwarding.
  2. On each edge/transit router you configure a static route to null0 for an unused /32, usually 192.0.2.1: ip route 192.0.2.1 255.255.255.255 null0
  3. On each edge/transit router you configure loose-mode unicast RPF filtering on your outside interfaces: ip verify source reachable-via any. Continue reading

Experimenting with the CSR1000v REST API

This all started because we occasionally want to block traffic from an IP address or two for a short time. Our firewall is a pain to configure for this sort of thing: adding a drop for a single IP address literally takes 10 minutes. You have to open a fat client, create an object, add the object to a group, save the config, verify the config, push the config, etc.

I thought that SRTBH (Source-based Real-Time Black Hole) implemented by BGP would be the ticket: fast, easy, and theoretically easy to automate with the REST API in the Cisco Cloud Services Router 1000v. SRTBH is a simple and elegant way of dropping selected traffic on BGP speaking routers. In a nutshell:
  1. You configure a "trigger router" that speaks iBGP with the rest of your BGP-speaking routers (usually your Internet edge or transit routers), but doesn't participate in traffic forwarding.
  2. On each edge/transit router you configure a static route to null0 for an unused /32, usually 192.0.2.1: ip route 192.0.2.1 255.255.255.255 null0
  3. On each edge/transit router you configure loose-mode unicast RPF filtering on your outside interfaces: ip verify source reachable-via any. Continue reading

Cisco’s Nexus 9000, ACI customers grow

Cisco now has 1,700 customers for its Nexus 9000 switch and over 300 for its APIC controller, the central element of its Application Centric Infrastructure (ACI) programmable networking and SDN strategy. This is up from 970 and 200+, respectively, in the company’s fiscal first quarter.The number of ACI/APIC customers compared to the number of Nexus 9000 customers – Nexus 9000 is the hardware underlay or foundation for ACI – might seem underwhelming at first blush: only 20% were ACI customers in Q1 and less than 20% in Q2. But APIC just started shipping August 1, Cisco says, while the Nexus 9000 has been shipping for almost a year.To read this article in full or to leave a comment, please click here

Gartner: Makers of things for Internet of Things undervalue security

As the Internet of Things develops, most vendors that are making these things don’t make security their top priority, allowing business considerations to take precedent, according to a Gartner expert.“Some of the leading vendors that are developing products are making some effort to address security concerns, but Gartner believes the majority aren’t at this stage — convenience, user friendliness, time-to-market all win out over security at this point,” says Earl Perkins, a research vice president at Gartner.+ ALSO ON NETWORK WORLD The security implications of IoT: A roundtable discussion with four experts +To read this article in full or to leave a comment, please click here

IDG Contributor Network: Major phone network exploring drone and balloon masts

UK mobile network operator (MNO) EE said this week that it is exploring the use of small aerial cells positioned in the sky over hard-to-reach, patchy signal areas.It calls the technology "air masts," and says the system uses either "tethered balloons or unmanned craft." Unmanned craft are more commonly called drones.Air mastsThe phone company reckons it's going to be able to implement the masts in the sky in part because it's been banking on what it calls a "unique" micro-network technology. The base stations that it has been using consist of smaller elements than are commonly utilized in an MNO installation.To read this article in full or to leave a comment, please click here

1 3,543 3,544 3,545 3,546 3,547 3,753