Cisco Announces Version 3 of the CCIE Wireless Blueprint

The wait is finally over and version 3 of the wireless CCIE blueprint has finally been announced.  On September 14, the new version of the written and lab exams will go live.  This will bring a very long-in-the-tooth version 2 blueprint to an end after a nearly 4-year run.  While we tearfully say goodbye to WCS, let’s take a look at what version 3 is bringing to the table.

New Lab Exam Format

First off, let’s look at what has changed in the format of the lab itself.  The wireless track is following suit with the R&S and SP tracks and including multiple sections to the lab.  The wireless lab will now begin with a 1 hour Diagnostic section, followed by a 7 hour Configuration section.

The Diagnostic section is similar to what was done in R&S and SP.  This section tests your ability to assess and diagnose issues in a network without any access to the devices themselves.  Basically, you are given access to a number of pieces of information (emails, topology diagrams, logs, etc) that describe an issue and give the needed information to figure out the root cause.  You Continue reading

CCIE Data Center Rack Rental Scheduling Changes

In an effort to make our CCIE Data Center Rack Rentals have a better fair scheduler, we’ve implemented a new QoS policy for them as follows:

• Users can have a maximum of 3 concurrent sessions scheduled
• Sessions can be a maximum of 9 hours apiece
• Maximum hours per month limit is now removed
• Base sessions (Nexus 7K/5K) and add-ons (UCS/SAN & Nexus 2K/SAN) are now 8 tokens per hour

Note that these changes will only affect new session bookings, not any sessions that you already have reserved.

For those of you looking for more dedicated rack time I would suggest to look into our CCIE Data Center Bootcamp, where students get 12 days of 24/7 access to all hardware platforms in our racks (Nexus 7K/5K/2K, MDS, & UCS).

Happy Labbing!

Twitter adds tool to report tweets to the police

Twitter has added a tool to help users report abusive content to law enforcement, which could aid in removing the most threatening posts as Twitter ramps up its efforts to combat harassment.The tool has been incorporated into the existing process for flagging abusive content or tweets. After reporting abusive or threatening content to Twitter, users have an option to receive an emailed summary of the report. The report would include the flagged tweet and its URL, the time at which it was sent, and the user name and account URL of the person who posted it.The report, aimed at law enforcement, would also include a link to Twitter’s guidelines on how authorities can request non-public user account information from Twitter. The idea is that after seeing a report, law enforcement might feel compelled to take further action.To read this article in full or to leave a comment, please click here

IBM Exec: ‘Perfect Storm’ Poised to Transform Networking

How IoT could change network management.

First Docker Maintainers Summit

5G faces technical, political hurdles on the way to offering multigigabit speeds

For 5G to be successful, the whole telecom industry has to re-evaluate how networks work and are developed. Multiple challenges, both political and technical, have to be overcome before the technology can become a reality.“Availability of spectrum is obviously a big thing,” said Gerhard Fettweis, who heads a Vodafone-sponsored program at the Dresden University of Technology.The amount of spectrum allocated to 5G will determine how fast networks based on the technology will eventually become. If they are to reach multiple gigabits per second, which proponents are already promising, operators are going to need a lot more bandwidth than they have today. A first step in securing that will hopefully be taken at the World Radiocommunication Conference in Geneva in November, according to Fettweis.To read this article in full or to leave a comment, please click here

Carrier SDN Efforts Require New Service Orchestration

Decades-old telco software is due for an SDN-driven makeover.

Docker Governance Advisory Board: 2nd meeting

EMET security tool updated to prevent VBScript God Mode attacks

Microsoft updated its Enhanced Mitigation Experience Toolkit (EMET), a free exploit prevention tool, to protect against attacks that attempt to bypass Internet Explorer’s sandbox using VBScript.Microsoft first released EMET 5.2 last week, but re-released it Monday to fix issues that some customers experienced when running the tool in conjunction with Internet Explorer 11 on Windows 8.1.The new version offers protection against so-called VBScript God Mode attacks, which rely on a method documented last year that can bypass anti-exploitation mechanisms like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR) and Control-Flow Integrity (CFI).To read this article in full or to leave a comment, please click here

Ansible Fundamentals Webinar

If you missed our Ansible Training webinar today, or were not able to sign-up before it filled up, we were able to record the session. If you were able to attend, we hope you enjoyed it and learned about how to use Ansible.

We'll be announcing the next session soon, so follow us on Twitter for updates.

Skip ahead to 11:24 to view the training.

We also have an Ansible Tower webinar scheduled for later this month.

Use Cases and Requirements for Service Centric SDN Management and Orchestration

Ever since we unveiled our SDN MANO (management and orchestration) prototype at the Cisco Live event last May, we have been demonstrating it to many service providers, industry analysts, and partners. The response has been very positive due to the simplicity and depth of our approach, facilitated by the 10+ years of rich analytics in our arsenal. Aside from demonstrating the prototype, we have also been collecting SDN MANO requirements. The feedback indicates SDN MANO needs to be service centric.

Currently, Packet Design has the right foundation for service centric SDN monitoring and management, including the real-time topology, both current and predictive future traffic matrices, and the service awareness that these devices, paths and traffic flows encompass. Using these ingredients, we compute shortest and constraint-based non-shortest paths for these services.

For us and for the industry, the next step is service activation and policy. For example, for one of our mobile operator customers, the main use of these traffic-engineered paths is fast-re-route. When a link (or a router/switch) fails, they would like to pre-setup a bypass path so that packets are Continue reading

Yes, I still have an answering machine

This morning I mentioned my telephone answering machine in passing and a colleague reacted as though I had just confessed to still having an 8-track in my car.“You must be the last person on the planet to still be using one,” he said dismissively.In fact, I am not. It took me all of two attempts to find another colleague who also still has an honest-to-goodness physical answering machine.A bit of Googling failed to produce any statistics, but it did uncover a New York Times story reporting on what was then a relatively new phenomenon of answering-machine ownership by consumers. It was published in 1982, which -- pardon me for living -- doesn’t seem all that long ago.To read this article in full or to leave a comment, please click here

It’s a smartphone world, everyone else just lives in it

It doesn't take perfect vision to see that smartphones and mobile computing are the hottest part of the modern technology infrastructure. Open your eyes almost anywhere in the world and it's instantly obvious that mobile devices are continuing to revolutionize…well, just about everything.Still, those of us who work in technology may sometimes be too close to the situation to fully understand how much the industry continues to tilt away from legacy PC and server platforms—and even wannabe platforms like tablets—toward building everything around the ubiquitous smartphone. We still live and work with older categories—and in many cases still rely on them to run our businesses—and so may not always see how much the global center of gravity is shifting to the devices in the palms of our hands.To read this article in full or to leave a comment, please click here

Insecurity Guards

Pick a random headline related to security today and you’ll see lots of exclamation points and dire warnings about the insecurity of a something we thought was inviolate, such as Apple Pay or TLS. It’s enough to make you jump out of your skin and crawl into a dark hole somewhere never to use electricity again. Until you read the article, that is. After going through a couple of paragraphs, you realize that a click-bait headline about a new technology actually underscores an age-old problem: people are the weakest link.

Engineered To Be Social

We can engineer security for protocols and systems until the cows come home. We can use ciphers so complicated that even Deep Thought couldn’t figure them out. We can create a system so secure that it could never be hacked. But in the end that system needs to be used by people. And people are where everything breaks down.

Take the most recent Apple Pay “exploit” in the news that’s been making all the headlines. The problem has nothing to do with Apple Pay itself, or the way the device interacts with the point-of-sale terminal. It has everything to do with enterprising crooks calling in to Continue reading

Show 228 – Standards Bodies vs. Open Source with Dave Ward & Lauren Cooney

Cisco's Dave Ward and Lauren Cooney join Packet Pushers' co-hosts Greg Ferro and Ethan Banks for a discussion on the value of standards bodies in the age of open source software.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

TwitterGoogle+LinkedIn

The post Show 228 – Standards Bodies vs. Open Source with Dave Ward & Lauren Cooney appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Pleasure

Deploying VMware NSX with Horizon

As part of the recent launch of Horizon 6, Tony Paikeday, senior product line manager, End-User Computing, VMware, takes a look at the value proposition of deploying the VMware NSX network virtualization platform together with Horzon.

Deploying VMware NSX with Horizon

VMware NSX, deployed with Horizon, offers a better alternative to securing east-west traffic between VMs, turning data center security from a perimeter-centric view to one that gives each individual desktop VM its own virtual network container – creating if you will, a network of “one.” This approach, also known as micro-segmentation, has been an ideal for network teams, but traditionally unachievable due to the cost, and the operational complexity involved. With the number of user VM’s introduced by desktop virtualization, and the sprawl of firewall rules needing to be manually added, deleted or modified every time a new VM is introduced, this has been untenable in the past. With VMware NSX, we have a completely new model for networking and security, delivering virtualization of the network, much as we did for server virtualization – reproducing it in software, with a logical library of networking elements and services including switches, routers, firewalls, load-balancers and more that can Continue reading

Microsoft blacklists fraudulently issued SSL certificate

Microsoft released an update to blacklist an SSL certificate for one of its domain names that was issued to an unauthorized third party.The improperly issued certificate could be used to spoof content, launch phishing attacks, or perform man-in-the-middle HTTPS interception against the live.fi and www.live.fi Web properties, Microsoft said in a security advisory Monday.The company updated the Certificate Trust List (CTL) included in Windows in order to blacklist the fraudulent certificate. Systems running Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2012 and Windows Server 2012 R2 will receive the update automatically and transparently.To read this article in full or to leave a comment, please click here

Using local tcpdump for transit traffic

Using local tcpdump for transit traffic