tag:blogger.com,1999:blog-75298554781402906822024-02-18T21:12:42.838-08:00State of the NetworkAnonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.comBlogger15125tag:blogger.com,1999:blog-7529855478140290682.post-58946987455480776052017-02-06T11:06:00.002-08:002017-02-06T11:15:10.900-08:00State Data Breach Notification Statutes: A Year in Review and Preparing for 2017<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5f5zCOMkvtyRAf-sK8efAT1r3HC-f5_tlb7c0UnhKOWrlS_FiVe7BgRVaqsb3n1ZeQwtm4q0zRqtKVEm1-OSXBU9DJJbb0bx6IwmyFvC4fqwz5BsKUAnA3V4_jQcy2aq1Fq2A-sEsn1zA/s1600/patient-data-breaches1.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5f5zCOMkvtyRAf-sK8efAT1r3HC-f5_tlb7c0UnhKOWrlS_FiVe7BgRVaqsb3n1ZeQwtm4q0zRqtKVEm1-OSXBU9DJJbb0bx6IwmyFvC4fqwz5BsKUAnA3V4_jQcy2aq1Fq2A-sEsn1zA/s320/patient-data-breaches1.jpg" width="320" /></a></div>
Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of breach notification legislation.<br />
<br />
Several trends have emerged from these recent enactments. States are broadening the definition of “personal information,” redefining content and timing requirements for notification, clarifying the role of encryption in providing a safe harbor, and providing carve-outs for entities compliant with other privacy regulations.<br />
<br />
The amendments enacted in <b>Nebraska, Tennessee, </b>and <b>Arizona</b> all took effect in 2016, while the updates in <b>California</b> and <b>Illinois</b> became effective on January 1, 2017.<br />
<br />
<a href="http://bit.ly/2lciDDU">Learn More</a><br />
<br />
<b>Michael R. Overly, Esq.</b>, Partner at Foley & Lardner LLP, will be speaking at the next Inland Southern California Cyber Security Summit (#ISCCS) 2017 in Riverside. Follow us on Twitter <a href="http://bit.ly/iflextwitter">@IntelliFlexTeam</a> to receive updates on this event or visit our website at <a href="http://www.iflex.com/events">www.iflex.com/events</a>.<br />
<br />
<a href="http://bit.ly/2lhfiQD">Summary of Amendments to State Data Breach Notification Laws in 2016</a><br />
<br />
<i>Source: Foley & Lardner LLP</i>Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-9090370019334838842016-12-13T10:31:00.000-08:002016-12-13T10:31:05.771-08:00Web Applications & Cybersecurity Protection<h2>
<b><span style="color: blue;">You Asked the Questions, We’re Giving You the Answers!</span></b></h2>
<h3>
<span style="color: blue; font-weight: normal;">Overview </span></h3>
In a series of responses to a yearlong survey, we heard all sorts of cybersecurity related questions and we’d like to help our community by digging into these questions and providing some insight and answers. Naturally, we had to do some “sorting out” but one main topic of conversation was Web Application Security and how to protect our most valuable resources and private information. We took some of your questions and have answered them in a way that we hope addresses your concerns but also provides you with a path to consider when taking steps on your own to resolve these highly important cybersecurity concerns.<br />
<br />
So, how can we win the battle for secured web application delivery? In today’s application-centric world, there’s truly an app for everything. Organizations offer applications with data access to employees and consumers to drive greater productivity, meet business demands, and ultimately achieve a competitive advantage. But as organizations deliver more and more sensitive data through applications, they’re also introducing ever-increasing risk. That’s because today’s users are everywhere—frequently outside the corporate network—and the apps they rely on can be anywhere, from private data centers to the public cloud. The result is less visibility and control for the organization. It’s no surprise that cybercriminals are taking advantage of this exposure by targeting these applications, which exist largely outside the sphere of traditional security protections like firewalls, antivirus software, and TLS/SSL encryption.<br />
<br />
What are the greatest threats facing us today? Whether it’s a volumetric denial-of-service (DoS) attack, browser-based malware, or an advanced persistent threat, today’s application attacks are really gambits to obtain or compromise corporate data. As more and more data is encrypted traffic, the majority of today’s security tools are running blind, unable to decrypt that data to ensure it’s not malicious. Traditionally, the approach to application security has been focused on the software development lifecycle (SDLC), trying to ensure developers are following best practices for secure coding. While secure code is still a core piece of the overall security puzzle, it’s not the whole picture. The old security perimeter continues to dissolve as more endpoints and networks fall outside of conventional enterprise network footprints, while the risks to applications and sensitive corporate data continue to evolve. Security measures must be enhanced to ensure apps are secured everywhere.<br />
The vast majority of attacks today target the application level—but enterprises are not making corresponding security investments at that level. It’s time for organizations to come to terms with a new reality: Security needs to be more focused at the app level. We are dedicated to elevating the awareness level and this article will provide you with much of the needed data points which will help you articulate these facts management and secure the budget necessary to accomplish your objectives.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">A Risk-Based Approach to Application Security</span></h3>
Is there a process for evaluating your web application for risk instead of vulnerability? Looking at application security from this risk-based perspective enables organizations to focus on component failures and helps provide the most robust security for the data that’s the ultimate target of most attacks. By analyzing all the components that make up an application, organizations can develop a strategy that delivers the strongest, most appropriate security to the app as a whole. Because compromising one component of an app or the network delivering it —whether a code vulnerability, network availability, or DNS—endangers the entire application, as well as the data it houses.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">Critical Components of Application Security</span></h3>
When do hackers chose an alternate target in their effort to attack and why? It’s vital for organizations to deploy the strongest possible set of application security controls to reduce the risk of sensitive data being compromised by an application-level attack. Key components of a proactive, defense-in-depth security posture for the application perimeter include application security testing, firewall services, access controls, and specific protection against various types of threats. A consistent approach to these assessments and processes make it more difficult to be compromised and far less attractive to the “would be bad-guys.” So, do the right thing, get the vulnerability assessment first and understand the finding before spending a single dime. Any money thrown at resolving a problem before getting the data need to validate and prioritize criticality is simply not best business practice and could be considered grounds for termination. In an effort to avoid such unpleasantries, let’s take a look at these following areas of concern.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">Application Security Testing </span></h3>
What can we do as Administrators to be better prepared and automate processes that will lessen the likelihood of being compromised? Software security is still a cornerstone of an overall application protection strategy. Organizations must ensure that new websites and software are coded securely, but they must also address the countless vulnerabilities already present in existing websites that were built without a secure software development lifecycle. It’s important to remember that finding and fixing vulnerabilities isn’t an academic exercise; it’s all about keeping a sentient attacker out of enterprise systems and away from the data those systems protect. But without a clear picture of the adversaries and their tactics, security professionals will have a difficult time developing effective strategies to defeat them. Going forward, it will be imperative that more people working in the security community better understand software—and software security. <a href="http://www.usprotech.com/">US ProTech</a> offers US DOC Validated vulnerability scanners to help identify and mitigate software issues, whether they are found before or after new websites and web applications go live online. Organizations can obtain the best protection, however, by integrating a robust vulnerability scanner service with a full proxy web application firewall coupled by regular penetration testing which should be done (at a minimum) once a year for all the correct reasons.<br />
<br />
<h3>
<span style="font-weight: normal;"><span style="color: blue;">Web Application Firewall</span> </span></h3>
Speaking about Firewalls, how can we benchmark Good, Better and Best in the growing world of options for Next-Generation Firewalls before we make the wrong recommendation to our superiors? Today, a robust and agile web application firewall (WAF) isn’t a luxury—it’s a necessity. The growth of cloud-hosted web applications has been accompanied by increasingly sophisticated security attacks and risks that threaten enterprise data. A hybrid web application firewall can help enterprises defend themselves against OWASP Top 10 threats, application vulnerabilities, and zero-day attacks—no matter where applications are located. Strong layer 7 distributed denial-of service (DDoS) defenses, detection and mitigation techniques, virtual patching, and granular attack visibility can thwart even the most sophisticated threats before they reach network servers. In addition, having the ability to detect and block attackers before they access an enterprise data center provides a major advantage. A powerful web application firewall that can stop malicious activity at the earliest stage of a potential attack allows organizations to significantly reduce risk as well as increase data center efficiency by eliminating the resources spent processing unwanted traffic.<br />
<br />
<b>Enterprises Should Look for a Web Application Firewall That: </b><br />
<br />
1.<span class="Apple-tab-span" style="white-space: pre;"> </span>Provides a proactive defense against automated attack networks.<br />
2.<span class="Apple-tab-span" style="white-space: pre;"> </span>Identifies suspicious events by correlating malicious activity with violations.<br />
3.<span class="Apple-tab-span" style="white-space: pre;"> </span>Delivers easy-to-read reports to help streamline compliance with key regulatory standards such as the Payment Card Industry Data Security Standard (PCI DSS), HIPAA, and Sarbanes-Oxley.<br />
4.<span class="Apple-tab-span" style="white-space: pre;"> </span>Integrates with leading dynamic application security testing (DAST) scanners for immediate patching of vulnerabilities.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">SSL Inspection and the Race to Encryption</span></h3>
What major technology adoption trends will happen in 2017 that you won’t want to miss? Today, SSL is everywhere. Analysts predict that encrypted traffic will jump to nearly 64 percent of all North American online traffic in 2016, up from just 29 percent in 2015. Organizations are scrambling to encrypt the majority of traffic, including everything from email and social media to streaming video. The level of security provided by SSL is enticing, but at the same time, it has become a vulnerability vector as attackers use SSL as a way to hide malware from security devices that cannot see encrypted traffic.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">Stealth Networking and Inspecting Encrypted Packets</span></h3>
Is there a way to use encryption in a way that still allows for deep packet inspection? Yes, it called Stealth Networking and it’s available right now through <a href="http://www.usprotech.com/">US ProTech</a> and <a href="http://www.iflex.com/">Intelli-Flex</a>. Enterprise security solutions must gain visibility into this encrypted traffic to ensure that it is not bringing malware into the network. One way to battle these encrypted threats is to deploy an SSL “air gap” solution, which consists of placing an Application Delivery Controller (ADC) on either side of the visibility chain. The ADC closest to the users decrypts outbound traffic and sends the decrypted communications through the security devices. These devices, which can now see the content, apply policies and controls, detecting and neutralizing malware. At the other end of the chain, another ADC re-encrypts the traffic as it leaves the data center. This solution provides the flexibility of keeping security devices in line while ensuring that they can do the job they were built for.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">DDoS Protection </span></h3>
Are old cybersecurity threats that have been around for decades - still a threat? Yes, indeed they are! Today, most apps are Internet based, so a volumetric DDoS attack can cripple—or even take down—an application. DDoS attacks are increasing in scale and complexity, threatening to overwhelm the internal resources of enterprises around the world. These attacks combine high-volume traffic clogging with stealthy, application-targeted techniques—all with the intent of disrupting service for legitimate users. Organizations must ensure they have a robust DDoS protection strategy in place to ensure the availability of their critical applications. Consider solutions that offer comprehensive, multi-layered L3 through L7 protection and can stop DDoS attacks in the cloud before they reach the network and the data center.<br />
<br />
<h3>
<span style="font-weight: normal;"><span style="color: blue;">DNS Security</span> </span></h3>
What can I do to help hide my environments and is there value in 3rd party offerings to do so? While not a part of the traditional, secure-coding view of application security, an enterprise’s DNS strategy plays a huge role in the security and availability of its applications. DNS is the backbone of the Internet, as well as one of the most vulnerable points in an organization’s network. Organizations must protect against an ever-growing variety of DNS attacks, including DNS amplification query floods, dictionary attacks, and DNS poisoning. An enterprise can ensure that customers—and employees—can access critical web, application, and database services whenever they need them with a solution that intelligently manages global traffic, mitigates complex threats by blocking access to malicious IP domains, and integrates seamlessly with third-party vendors for implementation such as with <a href="http://www.usprotech.com/">US ProTech</a>, they even offer centralized management, and secure handling of DNSSEC keys. <a href="http://www.usprotech.com/">US ProTech</a> solutions also deliver high-performance DNS, which can scale quickly to better absorb DDoS attacks.<br />
<br />
<h3>
<span style="color: blue; font-weight: normal;">Web Fraud Detection </span></h3>
Can someone please show me a better way to capture, monitor and implement corrective action plans against anomalies linked to massive fraud? Fifty years ago, if you wanted to rob a bank, you had to actually go to the bank. Now, you can rob a bank from 5,000 miles away. The global nature of the Internet means that everything is equidistant to the adversary, and financial institutions are some of the highest-value targets on the Internet. To effectively combat the perils of fraud, organizations that offer financial services over the Internet must defend their businesses with a combination of security technologies. Consider a <a href="http://www.usprotech.com/">US ProTech</a> solution that helps protect against a full range of fraud threat vectors, preventing attackers from spoofing, disabling, or otherwise bypassing security checks. Organizations can thereby reduce the risk of financial and intellectual property loss—and feel secure with proactive protection against emerging web threats and fraud.<br />
<br />
<h3>
<span style="background-color: white; font-weight: normal;"><span style="color: blue;">Access Controls </span></span></h3>
“I AM” is the shortest sentence in the English language. But failing to deploy Identity Access Management may be the fastest way to get “fired.” Some of the most recent and damaging security breaches have been due to compromised user and administrator credentials. These breaches may have been thwarted by authenticating and authorizing the right people to the right information and ensuring secure connectivity to applications with single sign-on and multi-factor authentication technologies. Furthermore, identity and access controls centralized by the enterprise can provide secure authentication between the enterprise network and applications based in the cloud or as Software as a Service (SaaS). <br />
<br />
<h3>
<span style="background-color: white; font-weight: normal;"><span style="color: blue;">Conclusion:</span></span> </h3>
<h3>
<span style="color: blue; font-weight: normal;">The Future of Application Protection</span></h3>
Application protection is fraught with complexity, and with the exponential growth of the Internet of Things and the applications that go along with it, the issues are only growing. In 2010, there were 200 million web apps; today, there are nearly a billion. In 2020, that could easily be five billion. All those applications are vulnerability vectors—and many of them contain critical data that could be the target of attackers. By enhancing existing security portfolios with solutions and services focused on the application level, organizations can better protect the applications that can expose their sensitive data. Ensuring that applications are protected no matter where they reside is critical—and the stakes are high. It’s time to broaden the view of application security so that organizations are in a better position to effectively secure all the components that make up their critical apps, safeguard their data, and protect their businesses. In an effort to make these recommendations a reality for our clients, prospects and readers of our whitepapers, <a href="http://www.usprotech.com/">US ProTech</a> and <a href="http://www.iflex.com/">Intelli-Flex</a> offers a complimentary consultation coupled with two complimentary vulnerability scans (one internal & one external) so you can gain a baseline from which to start. Because remember, making technology decisions before gathering the knowledge of what your vulnerability poster is – is not a recommended cybersecurity remediation process. So please, give us a call and get started today on the path to knowledge.<br />
<br />
<b><i>Acknowledgements:</i></b> <a href="http://www.iflex.com/">Intelli-Flex</a> thanks <a href="http://www.usprotech.com/">US ProTech</a>, their partners and guest contributors who assisted in the development of this Whitepaper, namely, the U.S. Department of Commerce, the SANS Institute, UCLA, Lockheed Martin and F5.Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-67430839609598125952016-11-14T10:15:00.001-08:002016-11-14T10:15:31.723-08:00Mirai or Mirage? The True Story Behind the DDOS Attack.<h2>
<b>The true story behind the October 20th massive DDOS attack on the IoT</b></h2>
<h3>
<b><i>It was a Test and a Distraction, just as planned.</i></b></h3>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBgqt-vK49LaetwmxkZ97i8Cb196ytNPSIc5jUqKAEpMzFYKOuFBPnOMt_8rfcd3gXXkXcqebbfktmewQyIYFxHIW-zdLqr-P0FytVp-rj2YGT1YVaM_bbOvoRUrGtjS4l81Ea38v_Shy8/s1600/planethands.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="179" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBgqt-vK49LaetwmxkZ97i8Cb196ytNPSIc5jUqKAEpMzFYKOuFBPnOMt_8rfcd3gXXkXcqebbfktmewQyIYFxHIW-zdLqr-P0FytVp-rj2YGT1YVaM_bbOvoRUrGtjS4l81Ea38v_Shy8/s320/planethands.jpg" width="320" /></a></div>
Yes, the latest DDOS attack was a test. It was a test of capabilities, wits and the weaponization of <a href="http://www.usprotech.com/">US ProTech</a> has spent years in the field of Cyber and related wargames and this use of targeted IP based devices was in one manor simple, which is also why it was successful. This attack, while seemingly massive, is nothing short of a distraction where you get to see what one hand is doing, while the other magically hides another quarter behind a child’s ear. Imagine the chaos this attack created, now imagine how it what likely used to hide its real purpose. US ProTech and the Cyber community will quickly be searching for clues… and will likely find all the usual suspects. Other firms such as Flashpoint traced Friday’s widespread internet outage to the IoT, according to another industry expert, Brian Krebs.<br />
malware. It was a test in America’s ability to respond and deal with this ever growing threat, a reality which is sure to be us for a very long time. <br />
<br />
Consequently, the cyber-attacks which affected popular websites from Twitter to Reddit are the result of malware called “Mirai”, which manipulated smart technology to take the sites offline. The malware used vulnerable technology to launch a Distributed Denial of Service attack, overwhelming the <a href="http://www.dyn.com/">web service DYN</a> with traffic resulting in slow Internet speeds and offline sites. You’re going to ask questions so here are 5 things you need to know about ‘Mirai’:<br />
<br />
<b>1. IoT Botnet ‘Mirai’ Targets Vulnerable ‘Smart’ IoT Technology and Turns Them into ‘Bots’</b><br />
<br />
Like a parasite, ‘Mirai’ will use a host to launch cyber-attacks. The botnet scans the Internet for IoT systems protected by factory default or hard-coded usernames and passwords, according to Kreb’s blog <a href="https://krebsonsecurity.com/about-this-blog/">KrebsOnSecurity</a>. Botnets can exploit weak security measures such as standard password and username combination (eg admin, 1111) across devices. These systems are infected with malware, which directs them to a central control system, where they are prepared to launch an attack to take websites offline. Here is a <a href="http://www.downdetector.com/">list</a> of the services that were down.<br />
<br />
According to <a href="https://www.hackread.com/ddos-attack-dns-sites-suffer-outage/">HackRead</a>, ‘Mirai’ can break into a wide range of IoT devices from CCTV cameras to DVRs to home networking equipment turning them into ‘bots’. There are nearly half a million Mirai-powered bots worldwide, according to telecommunications company and internet service provider (ISP) <a href="http://blog.level3.com/security/grinch-stole-iot/">Level 3 Communications</a>. Here are the countries with the highest concentrations of IoT devices:<br />
<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>United States: 29 percent<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Brazil: 23 percent<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Colombia: 8 percent<br />
<br />
<b>2. ‘Mirai’ Took Out Amazon, Spotify, Twitter and More Websites in a DDOS Attack</b><br />
<br />
The morning of October 21 saw widespread internet outages caused by a massive DDOS attack, which overwhelmed the web service with traffic. Krebs reported that cybersecurity firm Flashpoint traced the hack to Mirai. The journalist’s own website, krebsonsecurity.com, was taken down by Mirai-powered DDOS attack. The cyber-attack on Friday targeted Internet traffic company DYN, which provides services for websites like Amazon, Spotify and Twitter. Other botnets may have been behind the attack reports Politico’s cybersecurity reporter Eric Geller.<br />
<br />
In an interview with CNBC, DYN said that the attacks were “well planned and executed, coming from tens of millions IP addresses at same time.” The Department of Homeland Security and White House are also looking into the attack. NBC News reports that one official ruled out North Korea as a suspect.<br />
<br />
<b>3. ‘Mirai’s Author Has an Avi of Anime Character Anna Nishikinomiya and Mirai Means “Future” in Japanese</b><br />
<br />
The person who created the botnet is nicknamed ‘Anna-Senpai’ and has an avi of the anime figure Anna Nishikinomiya. Anna appears in the Japanese novel series Shimoseka, which is set in a dystopian future filled with morality police.<br />
<br />
As the student council president of a prominent ‘morality school’ Anna is the <a href="https://myanimelist.net/character/115699/Anna_Nishikinomiya">enforcer of public morality laws</a> according to MyAnimeList. The word ‘Mirai’ also has Japanese origins meaning ‘future’ in Japanese. A manga series called ‘Future Diary’ also describes a dystopian society modeled after the battle royale (think Hunger Games) where each contestant has a diary with notes written from the future.<br />
<br />
‘Mirai’ is also part of a family of malware that infects IoT devices through default usernames and passwords. The other malware that has been used to create an IoT device army is called “Bashlight”. While these two strains of malware compete with each other, research from Level 3 suggests that they target some of the same devices. Currently, “Bashlight” is creating an army of a million IoT devices.<br />
<br />
“Both [are] going after the same IoT device exposure and, in a lot of cases, the same devices,” said Dale Drew, Level3’s chief security officer told KrebsOnSecurity.<br />
<br />
<b>4. You Can Wipe Off the Malware from an IoT System but Recurrence is Likely</b><br />
<br />
It’s possible to clean an IoT system infected by ‘Mirai’, but the botnet scans systems so often that there’s a high chance of recurrence. You can destroy the malicious code by rebooting the computer, but experts warn that vulnerable IoT devices can be re-infected in minutes.<br />
This is bad news for cybersecurity as the IoT devices market heats up as people buy into the smart, automated systems. Gartner Inc. projects connected devices to rise to 6.4 billion worldwide in 2016 with almost 5.5 million devices being connected daily.<br />
<br />
Telecommunications company Level 3 advised users to upgrade devices and set strong passwords, according to the Wall Street Journal. For a more sustainable solution to DDOS attacks, Krebs says ISPs will need to protect their networks from spoofing, where the attacker sends messages as the victim website and generates a huge amount of traffic. He added that the lack of these safeguards could lead to <a href="https://krebsonsecurity.com/2016/09/the-democratization-of-censorship/">online censorship</a>.<br />
<b><br /></b>
<b>5. Source Code for ‘Mirai’ Botnet was Released Publicly Which Opens the Door for Future Botnet Attacks</b><br />
<br />
After weathering an attack from the ‘Mirai’ botnet, KrebsOnSecurity reported that the code that powers ‘Mirai’ was made publicly available on HackForums. The hacking community has access to information they can use to infect millions of smart devices. The source code for the scanner is also located on Github and has been copied at least 700 times as of this posting.<br />
<br />
So today, I have an amazing release for you. With Mirai, I usually pull max 380k bots from telnet alone. However, after the Kreb DDoS, ISPs been slowly shutting down and cleaning up their act. Today, max pull is about 300k bots, and dropping.<br />
<br />
Special thanks to Edward Cox of Heavy and assistance in the compilation of data.<br />
<br />
<b>About US ProTech:</b><br />
<a href="http://www.iflex.com/">Intelli-Flex</a> partner, <a href="http://www.usprotech.com/">US ProTech</a> offers clients Certified Technical Security Engineers with a wide background of specialization including experts from every branch of the United States military. Their vulnerability assessment process has been independently evaluated, tested and has received U.S. Government (USGCB) Configuration Baseline validation by the U.S. Dept. of Commerce; it exceeds NIST High-Impact (military-grade) standards and is SCAP Approved. <br />
<br />
As a result of it US Government Approved process, US ProTech offers a broad range of award winning cyber-security assessment and management services and today holds significant contracts throughout America, Canada, Mexico and Western Europe. “We maintain a focus on clients who seek demonstrable cyber-security and business process improvement”, says Goetsch “We have saved our clients hundreds of millions of dollars in Cyber-Liabilities and do so with an expert staff and a proprietary set of tools.”Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com1tag:blogger.com,1999:blog-7529855478140290682.post-11592048544121834792016-10-10T16:51:00.001-07:002016-10-10T16:51:12.256-07:00The Final Steps in the Cybersecurity Kill Chain<b>Are You Concerned About a Potential Backdoor? </b><br />
<b><br /></b><b>Better still…. Are You Ready to Do Something About It?</b><br />
<br />
<a href="http://bit.ly/2bJv2Iy"><b>Take Action</b></a><br />
<br />
This 7-Step Cybersecurity Kill-Chain Will Stop Your Enemy Cold! (But Not Before Gathering the Highly Prized Intelligence they want)<br />
<br />
Intelli-Flex partner <a href="http://www.usprotech.com/">US ProTech</a> has Mastered the Cybersecurity Kill Chain framework 1st developed with the DOD and in preparation for the CyberSecurity Summit, we wanted to share this information. It’s part of a process they have termed the “Intelligence Driven Defense model” for the identification and prevention of cybersecurity intrusion activity. The model identifies what 7-steps the adversaries must complete in order to achieve their objective and more importantly how and when to kill their presence.<br />
<br />
We are going to run this in this series of 3 blog posts, that will provide you the critical info needed to take action against the greatest threat of our time – Hackers using APT’s. We've already covered steps one through four.<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<b>1.<span class="Apple-tab-span" style="white-space: pre;"> </span>RECONNAISSANCE</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>Harvesting email addresses, conference information, etc.<br />
b.<span class="Apple-tab-span" style="white-space: pre;"> </span>The first step of any APT attack is to select a target.<br />
<br />
<b>2.<span class="Apple-tab-span" style="white-space: pre;"> </span>WEAPONIZATION</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>Coupling exploit with backdoor into deliverable payload<br />
b.<span class="Apple-tab-span" style="white-space: pre;"> </span>Next, attackers will re-engineer some core malware to suit their purposes using sophisticated techniques.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<b>3.<span class="Apple-tab-span" style="white-space: pre;"> </span>DELIVERY </b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>The three most prevalent delivery vectors for weaponized payloads by APT actors, as observed by the US ProTech Computer Incident Response Team (USPT-CIRT) for the years 2005-215, are email attachments, websites, and removable media such as a USB stick.<br />
<br />
<b>4.<span class="Apple-tab-span" style="white-space: pre;"> </span>EXPLOITATION</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>At this stage exploiting a vulnerability to execute code on victim’s system command channel for remote manipulation of victim is the objective.<br />
<br />
<b><span style="font-size: large;">Today, let’s discuss the final steps:</span></b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVIICciHx9__urFf5fgfXGZXO2jFM-qIXZFamV0fOjKqFMSyv7QX6FsIe9e6RkJ91E9a8pzrJYpBTkQQSxR9nuoKSsibcTpucgovK65tcPFEcV2mnDprtWo9GTw4JiMlRPuPEi-ss6xkOR/s1600/Installation.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="96" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVIICciHx9__urFf5fgfXGZXO2jFM-qIXZFamV0fOjKqFMSyv7QX6FsIe9e6RkJ91E9a8pzrJYpBTkQQSxR9nuoKSsibcTpucgovK65tcPFEcV2mnDprtWo9GTw4JiMlRPuPEi-ss6xkOR/s320/Installation.jpg" width="320" /></a></div>
<b>5. INSTALLATION </b><br />
a. At this stage the installation of a remote access Trojan or backdoor on the victim system allows the adversary to maintain persistence inside the environment. Installing malware on the asset requires end-user participation by unknowingly enabling the malicious code. Taking action at this point can be considered critical. One method to effect this would be to deploy a HIPS (Host-Based Intrusion Prevention System) to alert or block on common installation paths, e.g. NSA Job, RECYCLER. It’s critical to understand if malware requires administrator privileges or only user to execute the objective. Defenders must understand endpoint process auditing to discover abnormal file creations. They need to be able to compile time of malware to determine if it is old or new. Answers to the following questions should be consider mandatory: How does it last, survive, etc. Does it use Auto run key, etc. Does Backdoor need to run to provide access. Can you identify any certificates and extract any signed executables?<br />
<br />
<b>REAL LIFE EXAMPLE:</b><br />
a. A Watering Hole Attack on Aerospace Firm<br />
b. Exploits CVE-2015-5122 to Install IsSpace Backdoor<br />
i. See: <a href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5122">https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5122</a><br />
Case Study: <a href="http://bit.ly/cybersecuritycase">http://bit.ly/cybersecuritycase</a><br />
<br />
<b>6. COMMAND AND CONTROL</b><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmfSoqj73-e-kWT8OWlLaB3g15_lFTGs6rC7d55HdViaDzbQtXrICfv_w4HjMxo6g6yYtcaxn0HW0xgESnG1dCganb_Rk1jUkuwFo-Ml2MRMwE8AdyT4UL3Xzkuen_Ls10Isk4w-V19w9F/s1600/Command_Control.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="79" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmfSoqj73-e-kWT8OWlLaB3g15_lFTGs6rC7d55HdViaDzbQtXrICfv_w4HjMxo6g6yYtcaxn0HW0xgESnG1dCganb_Rk1jUkuwFo-Ml2MRMwE8AdyT4UL3Xzkuen_Ls10Isk4w-V19w9F/s320/Command_Control.jpg" width="320" /></a>This stage is the defender’s “last best chance” to block the operation: by blocking the Command and Control channel. If adversaries can’t issue commands, defenders can prevent impact. Typically, compromised hosts must beacon outbound to an Internet controller server to establish a Command & Control (aka C2) channel. APT malware especially requires manual interaction rather than conduct activity automatically. Once the C2 channel establishes, intruders effectively have “hands on the keyboard" access inside the target environment. Let’s remember that seldom is Malware automated, normally this command channel is manual. The general practice of intruders is: Email – in, Web = Out. The trick for them is to have established the control over many work stations in an effort to “exfiltrate” data without setting off any anomalies or other monitoring applications based upon content, quantity, frequency, etc. Hence, the reason it is essential to have the proper tools in place that can identify, track, observe, stop and destroy these campaigns within your arsenal of capabilities.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-csGvYyeliXzG6HbomZttfejdIxMCgAGhCct8xGZjYMV2_NhluOSCQke_G1sT0buiijPRkUFx9m5ynIEekQH0r2e13HcfzCD7shvUf7dk1mAYOB65x1Vv7FC9-f9dNeHpNWQfEScMdVf0/s1600/Actions_Objectives.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="94" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-csGvYyeliXzG6HbomZttfejdIxMCgAGhCct8xGZjYMV2_NhluOSCQke_G1sT0buiijPRkUFx9m5ynIEekQH0r2e13HcfzCD7shvUf7dk1mAYOB65x1Vv7FC9-f9dNeHpNWQfEScMdVf0/s320/Actions_Objectives.jpg" width="320" /></a></div>
<b>7. ACTIONS ON OBJECTIVES</b><br />
The longer an adversary has this level of access, the greater the impact. Defenders must detect this stage as quickly as possible and deploy tools which will enable them to collect forensic evidence. One example would include network packet captures, for damage assessment. Only now, after progressing through the first six phases, can intruders take actions to achieve their original objectives. Typically, the objective of data ex-filtration involves collecting, encrypting and extracting information from the victim(s) environment; violations of data integrity or availability are potential objectives as well. Alternatively, and most commonly, the intruder may only desire access to the initial victim box for use as a hop point to compromise additional systems and move laterally inside the network. Once this stage is identified within an environment, the implementation of prepared reaction plans must be initiated. At a minimum, the plan should include a comprehensive communication plan, detailed evidence must be elevated to the highest ranking official or governing Board, the deployment of end-point security tools to block data loss and preparation for briefing a CIRT Team. Having these resources well established in advance is a “MUST” in today’s quickly evolving landscape of cybersecurity threats.<br />
<br />
<h3>
<b><span style="color: blue;">900,833,392+ Records Breached During 5,063 Reported Data Breaches*</span></b><b>*<a href="https://www.privacyrights.org/data-breach-FAQ#2">Explanation about this total</a></b></h3>
<i><b>Coming Soon:</b></i><br />
<i>5.<span class="Apple-tab-span" style="white-space: pre;"> </span>INSTALLATION </i><br />
<i>6.<span class="Apple-tab-span" style="white-space: pre;"> </span>Real-Life Example “IsSpace Backdoor”</i><br />
<i>7.<span class="Apple-tab-span" style="white-space: pre;"> </span>COMMAND & CONTROL</i><br />
<i>8.<span class="Apple-tab-span" style="white-space: pre;"> </span>ACTIONS ON OBJECTIVES </i><br />
<br />
<b><a href="http://bit.ly/2bJv2Iy">CONTACT US</a></b> for a demonstration<br />
<br />
<b><a href="http://bit.ly/2bJv2Iy">REGISTER TODAY</a></b> for the <b>Inland Southern California Cybersecurity Summit (#ISCCS)</b><br />
<b><br /></b>
<b><a href="http://bit.ly/2d2XAjw">ISCCS ARTICLE</a></b><br />
<b><br /></b><b>Guest Blogger - Jonathan Goetsch, Speaker and Panelist at ISCCS</b><br />
<b><br /></b><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd_U2YjZM5EX0UHEypC4sgOb-fKOerocqmdEpFZGgkp_YSFjR8L7cAv3VwFlSlHbRUGDb_5PPeU4BixSv1YQ_fohqriTeP0LjYXCvV8W2snJMHNdbbC3Stxe_H_u-7T7ItC-T6Y2P08pq3/s1600/Jonathan+Goetsch+Pic.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd_U2YjZM5EX0UHEypC4sgOb-fKOerocqmdEpFZGgkp_YSFjR8L7cAv3VwFlSlHbRUGDb_5PPeU4BixSv1YQ_fohqriTeP0LjYXCvV8W2snJMHNdbbC3Stxe_H_u-7T7ItC-T6Y2P08pq3/s200/Jonathan+Goetsch+Pic.jpg" width="200" /></a>Jonathan Goetsch is the CEO of US ProTech, Inc., a highly recognized Cybersecurity services company that has been established since 1999 serving thousands of clients. Based in Las Vegas, NV with operations in California, Texas and Belgium, US ProTech’s Cyber-Expertise serves mid-market to large enterprise business and Governmental agencies in six countries. As an Offensive-Side Red-Team Cyber Penetration Testing Team, US ProTech specializes in cybersecurity processes that are approved by the U.S. Government, validated by the U.S. Department of Commerce to exceed US Military Standards under NIST (National Institute of Standards and Technology) and accommodates SCAP (Security Content Automation Protocol). Jonathan’s work in the Cybersecurity community spans the past 20+ years and he’s regularly recognized by the media and his peers for exceptional industry insight, contributions to the community and has been named to The Top 20 List as Global Providers of Cyber Security Services each of the past two years.Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-54753371673045879872016-09-14T10:14:00.001-07:002016-10-10T16:21:11.340-07:00This 7-Step Cybersecurity Kill-Chain Will Stop Your Enemy Cold!<b>Are You Concerned About a Potential Backdoor? </b><br />
<b><br /></b><b>Better still…. Are You Ready to Do Something About It?</b><br />
<br />
<a href="http://bit.ly/2bJv2Iy"><b>Take Action</b></a><br />
<br />
This 7-Step Cybersecurity Kill-Chain Will Stop Your Enemy Cold! (But Not Before Gathering the Highly Prized Intelligence they want)<br />
<br />
Intelli-Flex partner <a href="http://www.usprotech.com/">US ProTech</a> has Mastered the Cybersecurity Kill Chain framework 1st developed with the DOD and in preparation for the CyberSecurity Summit, we wanted to share this information. It’s part of a process they have termed the “Intelligence Driven Defense model” for the identification and prevention of cybersecurity intrusion activity. The model identifies what 7-steps the adversaries must complete in order to achieve their objective and more importantly how and when to kill their presence.<br />
<br />
We are going to run this in this series of 4 blog posts, that will provide you the critical info needed to take action against the greatest threat of our time – Hackers using APT’s.<br />
<br />
<b><span style="font-size: large;">Today, let’s discuss steps three and four in the process of seven:</span></b><br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<b>1.<span class="Apple-tab-span" style="white-space: pre;"> </span>RECONNAISSANCE</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>Harvesting email addresses, conference information, etc.<br />
b.<span class="Apple-tab-span" style="white-space: pre;"> </span>The first step of any APT attack is to select a target.<br />
<br />
<b>2.<span class="Apple-tab-span" style="white-space: pre;"> </span>WEAPONIZATION</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>Coupling exploit with backdoor into deliverable payload<br />
b.<span class="Apple-tab-span" style="white-space: pre;"> </span>Next, attackers will re-engineer some core malware to suit their purposes using sophisticated techniques.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLVaOzxU5bRDF55Mf3EbZAwZfkEIE57REz3MK8t7HWaA-0JUBGHx9Y2zAZYNJXc1D4pleQKeFodo_4EWjEOKhmW_GO1iaY3Slq_Q3ddt-wxYf_Eo_dy6DBszp4w09wkBsuWJNx3edXmAXR/s1600/Delivery.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="96" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLVaOzxU5bRDF55Mf3EbZAwZfkEIE57REz3MK8t7HWaA-0JUBGHx9Y2zAZYNJXc1D4pleQKeFodo_4EWjEOKhmW_GO1iaY3Slq_Q3ddt-wxYf_Eo_dy6DBszp4w09wkBsuWJNx3edXmAXR/s320/Delivery.jpg" width="320" /></a></div>
<b>3.<span class="Apple-tab-span" style="white-space: pre;"> </span>DELIVERY </b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>The three most prevalent delivery vectors for weaponized payloads by APT actors, as observed by the US ProTech Computer Incident Response Team (USPT-CIRT) for the years 2005-215, are email attachments, websites, and removable media such as a USB stick.<br />
<br />
The transmission and delivery of weaponized bundles to the victim’s targeted environment is the objective but these efforts arrive with some digital fingerprinting. This stage represents the first and most important opportunity for defenders to block an operation; however, doing so defeats certain key capabilities and other highly prized data. At this stage we measure of effectiveness of the fractional intrusion attempts that are blocked at the delivery point.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiePuVc_uXDzKhq8liw20qEb_7ij1vsR041iecJf0mO1Y-JpbqawWm7rv14clMy_YzZItul6ewKp9HcVxP8KV7X124BlfGhe_-FTe19bQWa43S29L4Gp8hP6QAaVxH48pcsc0hVoQwVYToZ/s1600/Exploitation.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="79" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiePuVc_uXDzKhq8liw20qEb_7ij1vsR041iecJf0mO1Y-JpbqawWm7rv14clMy_YzZItul6ewKp9HcVxP8KV7X124BlfGhe_-FTe19bQWa43S29L4Gp8hP6QAaVxH48pcsc0hVoQwVYToZ/s320/Exploitation.jpg" width="320" /></a><b>4.<span class="Apple-tab-span" style="white-space: pre;"> </span>EXPLOITATION</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>At this stage exploiting a vulnerability to execute code on victim’s system command channel for remote manipulation of victim is the objective. <br />
<br />
Here traditional hardening measures add resiliency, but custom defense capabilities are necessary to stop zero-day exploits at this stage. After the weapon is delivered to victim host, exploitation triggers intruders’ code. Most often, exploitation targets an application or operating system vulnerability, but it could also more simply exploit the users themselves or leverage an operating system feature that auto-executes code. In recent years this has become an area of expertise in the hacking community which is often demonstrated at events such as Blackhat, Defcon and the like.<br />
<br />
<h3>
<b><span style="color: blue;">900,833,392+ Records Breached During 5,063 Reported Data Breaches*</span></b><b>*<a href="https://www.privacyrights.org/data-breach-FAQ#2">Explanation about this total</a></b></h3>
<i><b>Coming Soon:</b></i><br />
<i>5.<span class="Apple-tab-span" style="white-space: pre;"> </span>INSTALLATION </i><br />
<i>6.<span class="Apple-tab-span" style="white-space: pre;"> </span>Real-Life Example “IsSpace Backdoor”</i><br />
<i>7.<span class="Apple-tab-span" style="white-space: pre;"> </span>COMMAND & CONTROL</i><br />
<i>8.<span class="Apple-tab-span" style="white-space: pre;"> </span>ACTIONS ON OBJECTIVES </i><br />
<br />
<b><a href="http://bit.ly/2bJv2Iy">CONTACT US</a></b> for a demonstration<br />
<br />
<b><a href="http://bit.ly/2bJv2Iy">REGISTER TODAY</a></b> for the <b>Inland Southern California Cybersecurity Summit (#ISCCS)</b><br />
<b><br /></b><b>Guest Blogger - Jonathan Goetsch, Speaker and Panelist at ISCCS</b><br />
<b><br /></b><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd_U2YjZM5EX0UHEypC4sgOb-fKOerocqmdEpFZGgkp_YSFjR8L7cAv3VwFlSlHbRUGDb_5PPeU4BixSv1YQ_fohqriTeP0LjYXCvV8W2snJMHNdbbC3Stxe_H_u-7T7ItC-T6Y2P08pq3/s1600/Jonathan+Goetsch+Pic.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd_U2YjZM5EX0UHEypC4sgOb-fKOerocqmdEpFZGgkp_YSFjR8L7cAv3VwFlSlHbRUGDb_5PPeU4BixSv1YQ_fohqriTeP0LjYXCvV8W2snJMHNdbbC3Stxe_H_u-7T7ItC-T6Y2P08pq3/s200/Jonathan+Goetsch+Pic.jpg" width="200" /></a>Jonathan Goetsch is the CEO of US ProTech, Inc., a highly recognized Cybersecurity services company that has been established since 1999 serving thousands of clients. Based in Las Vegas, NV with operations in California, Texas and Belgium, US ProTech’s Cyber-Expertise serves mid-market to large enterprise business and Governmental agencies in six countries. As an Offensive-Side Red-Team Cyber Penetration Testing Team, US ProTech specializes in cybersecurity processes that are approved by the U.S. Government, validated by the U.S. Department of Commerce to exceed US Military Standards under NIST (National Institute of Standards and Technology) and accommodates SCAP (Security Content Automation Protocol). Jonathan’s work in the Cybersecurity community spans the past 20+ years and he’s regularly recognized by the media and his peers for exceptional industry insight, contributions to the community and has been named to The Top 20 List as Global Providers of Cyber Security Services each of the past two years.Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-75529219600259403152016-08-31T10:55:00.000-07:002016-10-10T16:21:31.999-07:00900,833,392+ Records Breached During 5,063 Reported Data Breaches*<b>Are You Concerned About a Potential Backdoor? </b><br />
<b><br /></b>
<b>Better still…. Are You Ready to Do Something About It?</b><br />
<br />
<a href="http://bit.ly/2bJv2Iy"><b>Take Action</b></a><br />
<br />
This 7-Step Cybersecurity Kill-Chain Will Stop Your Enemy Cold! (But Not Before Gathering the Highly Prized Intelligence they want)<br />
<br />
Intelli-Flex partner <a href="http://www.usprotech.com/">US ProTech</a> has Mastered the Cybersecurity Kill Chain framework 1st developed with the DOD and in preparation for the CyberSecurity Summit, we wanted to share this information. It’s part of a process they have termed the “Intelligence Driven Defense model” for the identification and prevention of cybersecurity intrusion activity. The model identifies what 7-steps the adversaries must complete in order to achieve their objective and more importantly how and when to kill their presence.<br />
<br />
We are going to run this in this series of 4 blog posts, that will provide you the critical info needed to take action against the greatest threat of our time – Hackers using APT’s.<br />
<br />
<b><span style="font-size: large;">Today, let’s discuss the first two steps in the process of seven:</span></b><br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCsshvjH6VYV84gwZlUTJmKGcbIqdgdltDaQSBEAojVQStm3p_q6Rl7L3SEYQ_ehH1jgd7bbUDHr4YBay1Qxc1XvG_NzewxufGAWredZ7eSdQA2Y5iAn9ea-sWxjmQ5WpYfM-8aY_dXXWs/s1600/Reconnaissance.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="87" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCsshvjH6VYV84gwZlUTJmKGcbIqdgdltDaQSBEAojVQStm3p_q6Rl7L3SEYQ_ehH1jgd7bbUDHr4YBay1Qxc1XvG_NzewxufGAWredZ7eSdQA2Y5iAn9ea-sWxjmQ5WpYfM-8aY_dXXWs/s320/Reconnaissance.jpg" width="320" /></a><br />
<b>1.<span class="Apple-tab-span" style="white-space: pre;"> </span>RECONNAISSANCE</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>Harvesting email addresses, conference information, etc.<br />
b.<span class="Apple-tab-span" style="white-space: pre;"> </span>The first step of any APT attack is to select a target.<br />
<br />
Depending on the motive(s) of the APT actor, the victim could be any company or person with information the attacker(s) sees as valuable. Attackers “fingerprint” the target to create a blueprint of IT systems, organizational structure, relationships, or affiliations and search for vulnerabilities—both technical and human— to exploit and breach the network. As large organizations tend to invest in multiple layers of security, this step could take weeks, even months. However, the more knowledge the APT actor acquires on its target, the higher the success rate of breaching the network.<br />
<div>
<br /></div>
<br />
<b><br /></b>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfFgpkcHo4XNI5_45Ug6eSg0cuDck2U1vKQzWEFFAZs2bfEvCB-67BasO1RmpoHpNgtvwa52VAPHJLpuWKepZpjJ_Ke2azWigobeNyzniKWqyYG9IIM7-Kkv_jemY-NgFCL9B9vbF0W5n-/s1600/Weaponization.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="81" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfFgpkcHo4XNI5_45Ug6eSg0cuDck2U1vKQzWEFFAZs2bfEvCB-67BasO1RmpoHpNgtvwa52VAPHJLpuWKepZpjJ_Ke2azWigobeNyzniKWqyYG9IIM7-Kkv_jemY-NgFCL9B9vbF0W5n-/s320/Weaponization.jpg" width="320" /></a><b>2.<span class="Apple-tab-span" style="white-space: pre;"> </span>WEAPONIZATION</b><br />
a.<span class="Apple-tab-span" style="white-space: pre;"> </span>Coupling exploit with backdoor into deliverable payload<br />
b.<span class="Apple-tab-span" style="white-space: pre;"> </span>Next, attackers will re-engineer some core malware to suit their purposes using sophisticated techniques.<br />
Depending on the needs and abilities of the attacker, the malware may exploit previously unknown vulnerabilities, aka “zero-day” exploits, or some combination of vulnerabilities, to quietly defeat a network’s defenses. By re-engineering the malware, attackers reduce the likelihood of detection by traditional security solutions. This process often involves embedding specially crafted malware into an otherwise benign or legitimate document, such as a press release or contract document, or hosting the malware on a compromised domain.<br />
<br />
<b>*<a href="https://www.privacyrights.org/data-breach-FAQ#2">Explanation about this total</a></b><br />
<br />
<i><b>Coming Soon:</b></i><br />
<i>3.<span class="Apple-tab-span" style="white-space: pre;"> </span>DELIVERY </i><br />
<i>4.<span class="Apple-tab-span" style="white-space: pre;"> </span>EXPLOITATION </i><br />
<i>5.<span class="Apple-tab-span" style="white-space: pre;"> </span>INSTALLATION </i><br />
<i>6.<span class="Apple-tab-span" style="white-space: pre;"> </span>Real-Life Example “IsSpace Backdoor”</i><br />
<i>7.<span class="Apple-tab-span" style="white-space: pre;"> </span>COMMAND & CONTROL</i><br />
<i>8.<span class="Apple-tab-span" style="white-space: pre;"> </span>ACTIONS ON OBJECTIVES </i><br />
<br />
<b><a href="http://bit.ly/2bJv2Iy">CONTACT US</a></b> for a demonstration<br />
<br />
<b><a href="http://bit.ly/2bJv2Iy">REGISTER TODAY</a></b> for the <b>Inland Southern California Cybersecurity Summit (#ISCCS)</b><br />
<b><br /></b>
<b>Guest Blogger - Jonathan Goetsch, Speaker and Panelist at ISCCS</b><br />
<b><br /></b>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd_U2YjZM5EX0UHEypC4sgOb-fKOerocqmdEpFZGgkp_YSFjR8L7cAv3VwFlSlHbRUGDb_5PPeU4BixSv1YQ_fohqriTeP0LjYXCvV8W2snJMHNdbbC3Stxe_H_u-7T7ItC-T6Y2P08pq3/s1600/Jonathan+Goetsch+Pic.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd_U2YjZM5EX0UHEypC4sgOb-fKOerocqmdEpFZGgkp_YSFjR8L7cAv3VwFlSlHbRUGDb_5PPeU4BixSv1YQ_fohqriTeP0LjYXCvV8W2snJMHNdbbC3Stxe_H_u-7T7ItC-T6Y2P08pq3/s200/Jonathan+Goetsch+Pic.jpg" width="200" /></a>Jonathan Goetsch is the CEO of US ProTech, Inc., a highly recognized Cybersecurity services company that has been established since 1999 serving thousands of clients. Based in Las Vegas, NV with operations in California, Texas and Belgium, US ProTech’s Cyber-Expertise serves mid-market to large enterprise business and Governmental agencies in six countries. As an Offensive-Side Red-Team Cyber Penetration Testing Team, US ProTech specializes in cybersecurity processes that are approved by the U.S. Government, validated by the U.S. Department of Commerce to exceed US Military Standards under NIST (National Institute of Standards and Technology) and accommodates SCAP (Security Content Automation Protocol). Jonathan’s work in the Cybersecurity community spans the past 20+ years and he’s regularly recognized by the media and his peers for exceptional industry insight, contributions to the community and has been named to The Top 20 List as Global Providers of Cyber Security Services each of the past two years.Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com1tag:blogger.com,1999:blog-7529855478140290682.post-72990519969477221042016-06-27T12:13:00.002-07:002016-06-30T14:34:12.505-07:00SD-WAN – a.k.a. A Three Stranded Cord Is Not Easily Broken<div class="MsoNormal">
Many of us have heard the adage: "A Three Stranded Cord is Not Easily Broken." Inherently, we understand that this is true. We see this in demonstrated for example when we purchase rope: lots of strings intertwined. Over the years as the cords weaken, one may break but the rope still holds. With this basic explanation, you now understand SD-WAN. </div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCKJI2Ab6vgWk6ApCz9AVAsWDaFia9U_5nqztFWWzagFNkorWRx5YpkXggH9XWvK3FxrjaTH2DzdGbHbdIELwcLz-mwDLq36wFdKjH38N7Uk0mYvMpK-L0aUVLVS14m1GOrYEYt5oFPj40/s1600/rope3strands.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="159" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCKJI2Ab6vgWk6ApCz9AVAsWDaFia9U_5nqztFWWzagFNkorWRx5YpkXggH9XWvK3FxrjaTH2DzdGbHbdIELwcLz-mwDLq36wFdKjH38N7Uk0mYvMpK-L0aUVLVS14m1GOrYEYt5oFPj40/s320/rope3strands.jpg" width="320" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Now let me explain a little further.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Whenever a new technology solution arrives on the scene it takes a while before its widespread adoption. Part of the reason is that new terms are created and blended with our existing vocabulary creating confusion. SD-WAN is a new technology born out of a recognition that one of the major expenses for many organizations is their bandwidth. Over the years numerous technologies have been introduced to reduce these cost:</div>
<div class="MsoNormal">
</div>
<ul>
<li>MUXes</li>
<li>Voice over Frame-Relay</li>
<li>VoIP</li>
<li>WAN Optimizers</li>
</ul>
<br />
<div class="MsoNormal">
Just to name a few. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The carriers have also been trying to stretch and maximize their investments. For most of us the network has become a utility. We expect an always on network and use it constantly. Just look around, the proliferation of hand held mobile devices with a plethora of applications that allow non-stop communication, entertainment, and access to information (Maps, Google, Starbucks) has created a demand for bandwidth that is frankly challenging to meet. Each of the respective carriers is adding bandwidth daily. I work with a number of them and Time Warner, AT&T and others are laying fiber all over metropolitan areas. Private companies have cropped up that lay and sell both dark and lit fiber. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
We also see that the cellular companies are adding and upgrading cell sites and working to partner with other cellular companies to exchange bandwidth. The appetite for bandwidth is so high that 3rd party companies are building cell sites and selling or renting them to the highest bidder. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Enough said, back to SD-WAN.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This demand for higher amounts bandwidth is a challenge for most, if not all, organizations. Every CIO is faced with the need to increase the amount of bandwidth, while trying to maintain costs. IT Budgets are consistently flat¹ and 80% of the IT budget is spent just maintaining the status quo. The reality of today is that the network IS a utility and if it goes down, most organizations come to a grinding halt. “All the while, of course, the IT department is expected to deliver value for money by minimizing capital expenditure and operational costs wherever possible.” ² My focus is SDN over SPB, and while I seek to build secure, resilient, "always on" infrastructures that are easy to manage and deploy, eventually we have to leave the premise and traverse the WAN. Whenever I have to extend my network fabric over the WAN I am faced with the reality that the single MPLS pipe they pay for becomes my single point of failure. It doesn’t matter that my SDN network built on SPB has sub-second failover, if that WAN link is the only link, my network is down. Those virtual servers and applications are cutoff from the users. I now bring in my carriers and help the customers to create a more resilient WAN. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Enter in SD WAN. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Talari and other companies have developed technologies and algorithms that allow the bonding together of multiple lower costs links from different carriers into a single, higher aggregate bandwidth pipe, that has higher availability and throughput than a traditional more expensive MPLS network. In addition, because we have spread the bandwidth over different medium (cable, fiber, G4, etc), and different companies, the failure of any one link does not bring the network down and is therefore more resilient. So, the adage: A three stranded cord… applies. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
There are a number of organizations that are offering SD-WAN³, and there are a number of great white papers available⁴ for those of you that would like to get a better understanding of what, how, who, etc. Most traditional router/WAN Optimize vendors have begun to develop products in this area, so make sure, when investigating them to do your research. I work with a number of carriers and they are starting to include this as part of their service. They provide multiple connections over different technologies and incorporate the SD-WAN service as a bundle. I suspect that this trend will become common place. It seems like a win-win to me. As with most technologies today, there are hosted and premise offerings and many include firewalls, etc. Make sure if you opt for a hosted solution, that behind the scenes, they are not creating a single point of failure. As always: Caveat Emptor a.k.a. get references. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Good luck.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
¹ <a href="http://www.zdnet.com/article/it-budgets-2016-surveys-software-and-services/">http://www.zdnet.com/article/it-budgets-2016-surveys-software-and-services/</a> <i style="font-size: small;">Data source: Gartner</i></div>
<div class="MsoNormal">
² <a href="https://www.sdxcentral.com/sdn/definitions/software-defined-sdn-wan/">https://www.sdxcentral.com/sdn/definitions/software-defined-sdn-wan/</a></div>
<div class="MsoNormal">
³ <a href="http://www.networkcomputing.com/networking/sd-wan-vendors-making-splash/1374423624">http://www.networkcomputing.com/networking/sd-wan-vendors-making-splash/1374423624</a></div>
<div class="MsoNormal">
⁴ <a href="http://www.talari.com/resources/white_papers.php">http://www.talari.com/resources/white_papers.php</a></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-70129652067362341622016-04-20T10:59:00.000-07:002016-04-20T10:59:53.556-07:00Shhh… It's a secret! Third Party Maintenance<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjprMLOGG-kXexESpZ0wP0Ja7JAi-aikIwg7eBW1jq4-0jUHYbkQybtZ-kTekeXVsTbE4D-Q6WLMcRY8V7ifFxlP9EY61flLAqLBnMOMULGtr8RY2jFGUcz_u4c6w1VMxDUzlAICi7karlO/s1600/service.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="137" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjprMLOGG-kXexESpZ0wP0Ja7JAi-aikIwg7eBW1jq4-0jUHYbkQybtZ-kTekeXVsTbE4D-Q6WLMcRY8V7ifFxlP9EY61flLAqLBnMOMULGtr8RY2jFGUcz_u4c6w1VMxDUzlAICi7karlO/s200/service.jpg" width="200" /></a></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">Ever find out about something new
only to find out that it wasn't really new at all? Not only that, but that many
before you had made the discovery and were already reaping the benefits. That's fine, as Alexander Pope said: "Be not the 1st by which a new thing is
tried, nor the last to lay the old aside."
So, rather than lamenting over what cannot be reclaimed, I have come to
embrace that I am now blessed with the ability to take advantage of it and
can't wait to share the news with others, who like me were previously in the
dark.<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">For years I had been working with
customers and encouraging them to make sure to keep their equipment warrantied
by the manufacturer. Advising them
"Don't go on the tightrope without a net." The risks to the business were too
critical. <o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">Fast forward to today. 80% of our customers IT budgets are spent to
maintain status quo and a large portion of this it tied to vendor
maintenance. That leaves only 20% of
their budgets available to bring on new applications that enable the
organizations to take advantage of the technologies and services I offer. Technologies and services that can bring
about transformation of their businesses.
In trying to solve this conundrum for our customers and help them to
recognize the benefits of revitalizing their organizations through improved
communications services, I stumbled upon Third Party Maintenance (TPM). These TPM Services offer lower cost technical
support for the key vendor offerings. I
am talking substantially reduced rates with easier administration because they
are provided through a single source.
So we have centralized contract and support administration. Yes, Virginia there is a Santa Claus! The same technical support for products and
applications, hardware replacement, patching, etc. So how is it that I never knew about
this? Well reality is that the Vendors
are never going to share this information, they count on maintenance
dollars. Many sell hardware just to get
the maintenance. So, and unless you were
among the select group of companies using these services by these exclusive
organizations, you didn't realize it.
Recently however, <a href="http://www.sysmaint.com/about-sms/company-news/20150223">Gartner</a>, Forrester and IDC² all published articles on the
topic and so the secret is out. Savings
can be achieved in a number of key areas:<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">1.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Lower
Hardware Replacement costs<o:p></o:p></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">2.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Reduced
TAC (Technical Assistance Centers) - Live help<o:p></o:p></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">3.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Eliminated
Software Support costs<o:p></o:p></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">4.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Extended
refresh cycles on hardware and software<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">This is really good news for all
of us. These saving can be used to
accomplish a number of key initiatives such as funding for: <o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">1.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Outsourcing
IT to a managed service - allowing
exiting staff to refocus on core competencies and project completion<o:p></o:p></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">2.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">New technology
introduction (SPB/SDN) that will enable faster, non-disruptive new application
introduction<o:p></o:p></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">3.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">New
applications that improve business processes and revitalize communications<o:p></o:p></span></div>
<div class="MsoNormal" style="margin-left: 27.0pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in; vertical-align: middle;">
<!--[if !supportLists]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">4.<span style="font-family: 'Times New Roman'; font-size: 7pt; font-stretch: normal;"> </span></span><!--[endif]--><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Additional
staffing, enabling project completion<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">Now, "any change, even for
the better is always accompanied by drawbacks and discomforts¹".<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">For example: <o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 27.0pt; margin-right: 0in; margin-top: 0in;">
<b><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Quality Concerns</span></b><span style="font-family: Calibri, sans-serif; font-size: 11pt;">:
Some will be will be fearful that they will not get the same levels and
quality of service. This was my initial
concern, but having investigated this a bit, and seeing organizations such as
Walt Disney, I was put at ease. Disney
does NOT accept lower quality service, I suspect that it is actually better. <br />
<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 27.0pt; margin-right: 0in; margin-top: 0in;">
<b><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Vendor Resistance</span></b><span style="font-family: Calibri, sans-serif; font-size: 11pt;">:
Guaranteed, you will hear resistance and pushback from the Vendors. No doubt, your Cisco Rep is NOT going to be
happy to see you cut off SmartNet (Smart for them, expensive for you). Maybe a few less Box Tickets to your
favorite sporting events.<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 27.0pt; margin-right: 0in; margin-top: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 27.0pt; margin-right: 0in; margin-top: 0in;">
<b><span style="font-family: Calibri, sans-serif; font-size: 11pt;">Refresh Policies</span></b><span style="font-family: Calibri, sans-serif; font-size: 11pt;">:
You may also need to redo some long engrained policies around hardware
refresh. But Gartner/Forrester/IDC are
all saying the same thing: Why replace
equipment that is performing the exact same function it was when purchased and
that is still working, has an MTBF (Mean Time Before Failure) of 15+ Years?²<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin-bottom: 0in; margin-left: 27.0pt; margin-right: 0in; margin-top: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">So, consider a change that will
allow you to be the hero to the team, because you will be able to say yes to
some of the projects on hold for budget, and can help your organization begin
its transformation.<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<br /></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">¹ Arnold Bennett<o:p></o:p></span></div>
<div style="margin-bottom: .0001pt; margin: 0in;">
<span style="font-family: Calibri, sans-serif; font-size: 11pt;">² Challenging the Status Quo on
Maintenance Contracts and Refresh Cycles to Lower Costs</span></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com1tag:blogger.com,1999:blog-7529855478140290682.post-91442697423439182222016-04-06T12:32:00.000-07:002016-06-30T10:16:05.012-07:00What Exactly is the Internet of Things?Internet of Things/Internet of Anything/BYOT (Bring Your Own Thing)? Pick one. They all work. <br />
<br />
<i>I apologize in advance for the excessive use of alphabet soup acronyms, it is the way of the industry. If you don't know what they are, Wikipedia is a good start.</i><br />
<br />
What exactly is the Internet of Things? It is a world where IP addresses are applied to non-traditional network devices that allows them to be controlled by network management (Software Define Networking/SDN). It is kind of humorous, but a perfect example is seen in YouTube videos that people post. Videos of them watching their pets on their PC's/Smart Phones, doing the oddest things while they are away via IP cameras installed in their homes. <br />
<br />
All this is done is being transmitted over the Internet. Your turn. You think of something you'd like to do. How about being able to check your groceries in when placing them into your refrigerator or freezer, track the contents and create recipes based on what you have on hand? <br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2eARETXC40-KRRnJ6-eCI9ZLGXnJFDRvxctJh_HgNPhxJYinFsIY0h-zlmL0XOnfS578ezxwHUIklS_k8kOEVuT8k__yNLQoSIRalFBZ7ZCsrL-iWlNS122ZqHsLqC6UJxTnGGli8wUdG/s1600/electrolux-screenfridge_cropped.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2eARETXC40-KRRnJ6-eCI9ZLGXnJFDRvxctJh_HgNPhxJYinFsIY0h-zlmL0XOnfS578ezxwHUIklS_k8kOEVuT8k__yNLQoSIRalFBZ7ZCsrL-iWlNS122ZqHsLqC6UJxTnGGli8wUdG/s1600/electrolux-screenfridge_cropped.jpg" /></a>Yes, you could correlate what you have in your cupboards to recipes on the Internet, even tie them to your diet preferences (Gluten Free, Dairy Free, Low Fat, Low Carb, and Weight Watchers) and voila! You now have a meal based on what you have on hand, or even, create a shopping list based on what you have used. No longer do you need to call some to check to see if you need milk, etc. You just login to your home and check to see if there is milk in your refrigerator. <br />
<br />
Far-fetched? Not really. The capabilities exist today. The concept of tying your devices to a network (home or office) and the Internet and then doing a Mashup¹ to combine the information with other information available on the Internet to create useful usable knowledge from information. <br />
<br />
Another example is aligned with the PoE+ standards. PoE+ (Power over Ethernet) The updated IEEE 802.3at-2009[7] PoE standard also known as PoE+ ² that allows devices that are not traditionally considered network devices (lights, HVAC [*Heating/Ventilation/Air Conditioning], water heaters, refrigeration, and other devices) to be IP enabled and thus monitored and controlled by standard network protocols (Ethernet/IP(Internet Protocol)/SNMP (Simple Network Management Protocol)). <br />
<br />
Beyond this there is the draft-unbehagen-11dp-spb-00, dated December 31, 2014, that speaks to an extension of the RFC 6329³ to allow Auto Attachment of devices to an SPB (Shortest Path Bridged Network 802.1aq)⁴ network using the LLDP (Link Layer Discovery Protocol- 802.1AB)⁵. This means that dumb devices, like unto Wireless Access Points (APs), Cameras, LED Lighting, etc. could be provisioned to use the existing protocols as defined by the IEEE Institute of Electrical and Electronics Engineers) to attach to a network and securely connect to the appropriate services. <br />
<br />
What it means to businesses? A worker or person (perhaps your Grandmother) that knows nothing about networking can connect these devices to an Ethernet port and it will auto-provision.<br />
<br />
<i>I promise you I am not purposely intending to confuse you by using all these acronyms. </i><br />
<br />
Once connected to the network these devices can be remotely monitored and controlled by a person or persons that is authorized to do the provisioning. It is all there, pre-built and it makes complete sense. Every day, new devices are being added to the list of IP/Internet enabled devices can connect to an Ethernet PoE+ switch, get power and automatically join the network and be securely managed. <br />
<br />
Over the next few years, you can expect to hear about smart buildings that have very low power consumption (PoE+) partly due to the use of lighting products that are comprised of LEDs that require minimal power and phones and devices that connect to the Ethernet switches to get power an allow control. These smart buildings will be able to be fully automated via software to meet the needs of the tenants, while maximizing the efficiency and customizing the facilities to meet the specific needs of the occupants. I am looking forward to the day when every office has its own climate control. <br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqn9lHnOzR83hLMa5RW0E8SL9isIMhcCbG1G8tSlobreMhBZTELpX26GECgkMfeD_EBfUhEZ3RHdFfYoMFeFTty-y8jC8bOe6nCRquRMwHnYsNegkkjv_AoG5t5QSZSngk1OVz8eSEZkqR/s1600/security1_sm.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqn9lHnOzR83hLMa5RW0E8SL9isIMhcCbG1G8tSlobreMhBZTELpX26GECgkMfeD_EBfUhEZ3RHdFfYoMFeFTty-y8jC8bOe6nCRquRMwHnYsNegkkjv_AoG5t5QSZSngk1OVz8eSEZkqR/s1600/security1_sm.jpg" /></a>Ordinarily, my immediate concern would be for security, but thanks to SPB (802.1aq & RFC 6329) these networks can be stealth networks (read that as invisible) and therefore inaccessible to malevolent probing entities. The Access Control will be defined in Software Profiles (SDN -Software Defined Networks). So, the access to the network and control will be restricted to those users on approved devices, having the proper security profiles. No hijacking of the network, no ransoms. <br />
<br />
Tomorrow is a whole new world, and with the IOT and BYOT (Bring Your Own Thing) you will find happier employers and employees. No longer will a bright, talented worker arrive at an organization only to receive two year old technology. Instead, they will bring their computing device of choice (MAC, Android, Windows, and Linux) to the job and it will attach to the network with a profile that grants it access to only those records that are necessary to perform their duties. <br />
<br />
The companies will no longer have to concern themselves with the capital and operational expenditures for PCs, Phones, Tablets, etc. Each user will bring their own (they may need to provide some monitors and/or universal docking stations). Cabling will be minimized, also reducing costs. As WiFi matures and we move into 802.11ac Phase 2, speeds and densities will be sufficient to untether our users and allow them to work….where ever: Where ever they are, on whatever device they choose, using whatever mode they prefer (Text/IM, Voice, Video, Immersive Collaboration). <br />
<br />
So, let your imagination go and imagine what Thing you will attach.<br />
<br />
<a href="http://bit.ly/295e5F8">The IoT Playbook for Wireless LAN</a><br />
<br />
<i><b>References: </b></i><br />
<i>¹ "A mashup, in web development, is a web page, or web application, that uses content from more than one source to create a single new service displayed in a single graphical interface. </i><br />
<br />
<i>From <https://en.wikipedia.org/wiki/Mashup_(web_application_hybrid)> "</i><br />
<i>² PoE plus, provides up to 25.5 W of power.[8] The 2009 standard prohibits a powered device from using all four pairs for power.[9]</i><br />
<br />
<i>From <https://en.wikipedia.org/wiki/Power_over_Ethernet> </i><br />
<i>³ RFC 6329 - An IETF Standards Track defining the extensions to the IS-IS standards for Shortest Path Bridging 802.1aq using SPBM (MAC-in-MAC 802.1ah) and SPBV (Virtual LANs).</i><br />
<i>⁴SPB (Shortest Path Bridged Network 802.1aq) - IETF Standard that defines shortest path forwarding in a mesh Ethernet network using multiple equal cost paths.</i><br />
<i>⁵LLDP Link Layer Discovery Protocol, an IEEE Standard for LAN/MAN Media Access Control Connectivity Discovery</i><br />
<br />
<i>From <https://en.wikipedia.org/wiki/Institute_of_Electrical_and_Electronics_Engineers> </i><br />
<br />
<i>⁶SDN is an evolving standard based on both Open Flow/Open Stack that allows centralized control to network access. Specific deployment options vary from Vendor to Vendor. SDN is championed by numerous organizations including ONF (Open Networking Foundation), IEEE, Avaya, HP, Sun, etc.</i><br />
<div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-29687054509527900122016-03-31T10:39:00.000-07:002016-04-20T11:02:36.327-07:00To the Future Employees of Information Technology<div class="MsoNormal">
<span style="font-family: "calibri" , sans-serif; font-size: 11pt;">This week, I had the honor of addressing the graduating class of
2016 at ITT Technical Institute. Many students received degrees in IT,
business, computer science, electrical and industrial engineering, drafting and
design, project management, network systems administration IS and
Cybersecurity.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-family: "calibri" , sans-serif; font-size: 11pt;">That their program includes Cybersecurity got me excited. As we
all know, ransomware attacks have become more and more prevalent. Emerging
technologies such as SDN and SPB are designed to negate this danger for
networks. The solutions are available TODAY and these graduates will be the
ones to protect their future employer’s networks from hackers and cyber
stalkers.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlTcScor30QHYFi5hhtCmEXTDQDpiKiEvfoLQX0f-ZWdPBKId0VWZlxtrJaW6WT5wvbmudS7KFeuQq3rzEK85XFuenoiC6hgNoCnShFlvno0L-UCNuzCzzBlmuBTlboGjg35U3HrfO1fZI/s1600/ITT1_cropped.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlTcScor30QHYFi5hhtCmEXTDQDpiKiEvfoLQX0f-ZWdPBKId0VWZlxtrJaW6WT5wvbmudS7KFeuQq3rzEK85XFuenoiC6hgNoCnShFlvno0L-UCNuzCzzBlmuBTlboGjg35U3HrfO1fZI/s320/ITT1_cropped.jpg" width="315" /></a><span style="font-family: "calibri" , sans-serif; font-size: 11pt;">I spoke to these future employees about why it’s a great time to
enter into the industry. I shared that when certain pivotal technology is introduced,
it becomes an enabler of a whole new era of possibilities, pointing out that
nearly two-thirds of the jobs that will exist in the future – jobs that these
graduates will eventually occupy - haven't even been named. Some good examples: Graphic Artist? CAD Engineer?
Web Developer? Who heard of them
20 years ago? The evolution of these
technologies bring about improvements and widespread adoption and availability
to the general population. Whole new
industries are born with endless possibilities and exciting careers!<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
<span style="font-family: "calibri" , sans-serif; font-size: 11pt;">We live in a time that this evolution is propelling us forward at
a rate that previously only existed in science fiction and the movies. This new generation of IT focused students
will be part of this transformation, if they chose to. I hope they do.</span><o:p></o:p></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-45840175195465752502016-03-25T11:27:00.001-07:002016-04-20T11:03:06.097-07:00Magic Quadrant Leader Mitel Looking To Go Bigger<div class="MsoNormal">
<span style="font-size: 14.0pt;">A Mitel/Polycom merger would
certainly be advantageous to both organizations. Mitel has a solid
Voice/UC footprint and history. They recently have made a number of noteworthy
acquisitions (PrairieFyre/Oaisys/Aastra/Mavenir) and partnerships (Vidyo/LiveOps)
that they have been able to capitalize on. This track record is evidence
of a company with a good grasp of the industry and trends. With the
acquisition of Aastra, Mitel has a large hosted footprint and the ability to
provide a hybrid solution to meet the real-time communications needs of an
increasingly mobile and dispersed workforce will ensure they are invited to the
table. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM4JO6q6GBZv_IgiRBh8L2RWj24dOubOYy3b5DeopgANIuHrhqJLjX0m3F92uxfN5luAZOSxRegec-azjb3kka3o_tmgCx_Bvla6pvT1Y4oUw1A8mlHdRSVGH2udULMLKvdS59X3aZU4_4/s1600/acquisition.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM4JO6q6GBZv_IgiRBh8L2RWj24dOubOYy3b5DeopgANIuHrhqJLjX0m3F92uxfN5luAZOSxRegec-azjb3kka3o_tmgCx_Bvla6pvT1Y4oUw1A8mlHdRSVGH2udULMLKvdS59X3aZU4_4/s320/acquisition.jpg" width="320" /></a></div>
<div class="MsoNormal">
<span style="font-size: 14.0pt;">The Mitel/Polycom blend would
bring both organizations into a key position for hosted, mobile and IP
endpoints. In addition, with the widespread acceptance and expectation of
immersive UC that allows anywhere collaboration across diverse endpoints, the
merger would make them a de facto leader in this space. <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="font-size: 14.0pt;">This is certainly something
to keep an eye on. Shoretel, are you sure you don’t want to be
acquired? <o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal" style="line-height: 13.5pt; margin-top: 3.75pt; mso-outline-level: 1;">
<b><span style="font-family: "arial" , sans-serif; font-size: 12pt;"><a href="http://investor.mitel.com/releasedetail.cfm?ReleaseID=938648">Mitel Advances toLeaders Position in Latest Gartner Magic Quadrant for Corporate TelephonyReport</a></span></b></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-56673428852065919612016-03-16T10:11:00.004-07:002016-04-20T11:03:59.157-07:00An Ounce of PreventionWe have all heard the adage that "An Ounce of Prevention is worth a pound of cure". While we instinctively know this, do you know how it applies to your business infrastructure? Today, businesses have become inexorably dependent on business critical applications that are comprised of software, hardware and services. These components are interdependent, creating delicate links in a chain that has been termed the "Application Delivery Chain". What this means is that many of your applications are dependent on each other and most assuredly the servers and networks that support them. Keeping these mission critical applications at peak performance is the primary directive for IT Professionals. The demand for new applications, coupled with burgeoning use of edge computing, and the need to keep the current systems operational may lead to overlooking the importance of day to day preventative steps and/or underlying infrastructure requirements.<br />
<br />
Early in my career, while a support specialist to both customers and their end-users we found that 85% of all tickets were the result of what we refer to as Layer 1 issues: Cable/Power/Connectivity? With nostalgia, I could tell stories that would make you smile. You know, the ones where you ask them what position the "ON" Slash "OFF button is in, or what, if any lights are illuminated on the device? And while we have come a long way since those days, end user experience and user interface is still king.<br />
<br />
Below is a list of the top causes of communications outages:[1]<br />
1.<span class="Apple-tab-span" style="white-space: pre;"> </span>Faults, errors or discards in network devices<br />
2.<span class="Apple-tab-span" style="white-space: pre;"> </span>Device configuration changes<br />
3.<span class="Apple-tab-span" style="white-space: pre;"> </span>Operational human errors and mismanagement of devices - (22%)[2]<br />
4.<span class="Apple-tab-span" style="white-space: pre;"> </span>Link failure caused due to fiber cable cuts or network congestion<br />
5.<span class="Apple-tab-span" style="white-space: pre;"> </span>Power outages<br />
6.<span class="Apple-tab-span" style="white-space: pre;"> </span>Server hardware failure (55%) [2]<br />
7.<span class="Apple-tab-span" style="white-space: pre;"> </span>Security attacks such as denial of service (DoS)<br />
8.<span class="Apple-tab-span" style="white-space: pre;"> </span>Failed software and firmware upgrade or patches (18%) [2]<br />
9.<span class="Apple-tab-span" style="white-space: pre;"> </span>Incompatibility between firmware and hardware device<br />
10.<span class="Apple-tab-span" style="white-space: pre;"> </span>Unprecedented natural disasters and ad hoc mishaps on the network such as a minor accidents, or even as unrelated as a rodent chewing through a network line, etc<br />
<br />
One of the major vendors found while researching their customer support history that they had five major causes for communications outages. [3]<br />
1.<span class="Apple-tab-span" style="white-space: pre;"> </span>Power outage<br />
2.<span class="Apple-tab-span" style="white-space: pre;"> </span>Lack of routine maintenance<br />
3.<span class="Apple-tab-span" style="white-space: pre;"> </span>Hardware failure 55%<br />
4.<span class="Apple-tab-span" style="white-space: pre;"> </span>Software bug / Corruption<br />
5.<span class="Apple-tab-span" style="white-space: pre;"> </span>Network issue/outages<br />
[3] The Essential Guide to Avoiding Network Outages<br />
<br />
What's more important is the percentage of time the outage could have been prevented had standard best practices been followed: [3]<br />
1.<span class="Apple-tab-span" style="white-space: pre;"> </span>Power outage (81%)<br />
2.<span class="Apple-tab-span" style="white-space: pre;"> </span>Lack of routine maintenance (78%)<br />
3.<span class="Apple-tab-span" style="white-space: pre;"> </span>Hardware failure (52%)<br />
4.<span class="Apple-tab-span" style="white-space: pre;"> </span>Software bug / Corruption (34%)<br />
5.<span class="Apple-tab-span" style="white-space: pre;"> </span>Network issue/Outage (27%) <br />
<br />
This downtime is costly and can be defined in both hard and soft dollars. For the purposes of this discussion, let’s define hard dollars as the expenses incurred directly to bring the systems back online: Hardware, labor, tech support, etc.) and soft dollars as the indirect costs such as loss of employee productivity, loss of business, dissatisfied customers, customer perceptions, customer loss of confidence, etc.. With these definitions in mind, considered the impact to your business in soft dollars in the event of an outage? [4] If you are an online or transactional business, your competitor is just one click away. We must face the reality that we live in the age of the consumer. No longer do customers need to wait for you, they can locate an alternative to you in a New York minute (that’s fast). We live in a world that expects real-time communications. And frankly, your customers are no longer willing to wait.<br />
<br />
So, just as we understand that we should drink more water, eat healthy and exercise more to prevent health issues, we also need to apply this to our communications infrastructure. When was the last time you did an assessment on your systems? No one wants to be caught saying to management, that the RCA(root cause analysis) shows that the reason for a major outage was due to a failure on your team to follow well known industry standard best practices. Most manufacturers offer a maintenance policy on hardware and software and their vendors offer complimentary packages that provide the expertise to perform these actions on your behalf.<br />
<br />
We have seen an alarming trend in the industry to cut costs by dropping maintenance services and to "self-insure". While this may offer short term operational cost savings, when the outages occur the time to recover results in an overall higher cost. A prime example is that of backups. We all know we should perform backups, but did you know that the time to recover from an outage with a valid backup is 1/15th the time of the restore with a valid backup. [3] The degree of recovery is also proportional. Just as with health issues, sometimes full recovery is never achieved. The overall cost to the business can be catastrophic. In a survey of companies that experienced outages, the average loss for a small business was $55,000, mid-sized company averaged more than $91,000 and large companies over $1,000,000. [4] The good news is that there are lower cost maintenance offerings to keep costs down and offset the costs and still provide full coverage. [5] <br />
<br />
As our dependence on applications continues to increase, the servers and networks over which they ride become increasingly relevant. In addition, the trend to virtualization, both server and network virtualization, has brought about an increasingly distributed network. The current imperative is to maintain the end user experience. IT professionals need the ability to monitor the overall network as it pertains to the user experience from an individual application perspective. Many factors converge influence the user experience: application code, edge computing devices with their resources (CPU, Memory, storage and network access method), the internal and external networks with their delicate protocol layers used carry the interactions and the servers with their respective resources. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5iTLnb9ekOW6beCHTMg9rMgfBSg7wIVbFBo7YJ8jEPAsCLCESD5cE5bYH1YjDXAO5CQRf46J5IBGhuydlyglabBMC7GRsUMHpRjg4CTYx667I1p8NcHv2OWWlgJUbWzA0v5hUUuGs1tUR/s1600/Delivery+Chain.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5iTLnb9ekOW6beCHTMg9rMgfBSg7wIVbFBo7YJ8jEPAsCLCESD5cE5bYH1YjDXAO5CQRf46J5IBGhuydlyglabBMC7GRsUMHpRjg4CTYx667I1p8NcHv2OWWlgJUbWzA0v5hUUuGs1tUR/s640/Delivery+Chain.jpg" width="640" /></a></div>
<br />
<br />
The good news is that with the advances made by SPB and SDN, the network and associated infrastructure, which is the most pervasive part of the delivery chain, can now exist to serve and support applications. The new breed of tools emerging provide the ability an end-to-end view of the entire application delivery chain with the ability to drill down to any infrastructure element or method deep within the application [6]. These tools give the ability to easily determine the source of the delay (application, server, client, network, etc.)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxuS7Lvgbte3RzLc5PFa8sfVGTehm8i5mA-kOWapsyrAtDrKo-XVKDoLO9FaMpZCAqnOp4mrOtaRb9DHWUh3ObU7bN5WPtXF08bxN0ADc1oRCpSzBVJWVpdNAosoKn_EY2P-ahq6lFWAD/s1600/Point+of+View.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="443" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxuS7Lvgbte3RzLc5PFa8sfVGTehm8i5mA-kOWapsyrAtDrKo-XVKDoLO9FaMpZCAqnOp4mrOtaRb9DHWUh3ObU7bN5WPtXF08bxN0ADc1oRCpSzBVJWVpdNAosoKn_EY2P-ahq6lFWAD/s640/Point+of+View.jpg" width="640" /></a></div>
<br />
<br />
So, where to start? Begin by doing a risk assessment. You'll want to assess your network, power, systems, security, services, etc. and put together a list of actions to take based on the level of risk. If you don't have the time or skill set, hire someone to do this, they will provide you reports of system status, risk levels and offer recommendations for remediation. Some of the fixes will be simple (do backups), others may require a minimal spend (replace aging batteries, clean the telecom room), to be sure, some will involve maintenance windows to update software to current release and a few may actually save you money (such as a telecom assessment that reduces overall spend and identifies unused services that you are still paying for). Many consulting groups have a specific vertical that they specialize in (Medical, Retail, Warehousing) and will understand your business and provide excellent input on new technologies that will help you achieve your business goals and maybe even define some new ones. Depending on the size and complexity of your network, you may be surprised how the latest advancements in systems will allow you to centralize control and monitoring of your overall network, and provide risk free methods to quickly introduce new applications and services that management determines are needed to grow the business.<br />
<br />
In the end, your goal will be to have a stable, resilient system that is easy to maintain and that provides the users (customers and employees) an efficient, positive experience that allows them to do whatever it is that they set out to do, whether it be to make a purchase or enable employees to provide your customer's an excellent experience.<br />
<br />
<h4>
<i><b>References:</b></i><i>Dynatrace, 2016</i><i>[1} From <a href="https://www.blogger.com/%3Chttps://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/08/29/top-10-reasons-for-network-downtime%3E"><https://thwack.solarwinds.com/community/solarwinds-community/geek-speak_tht/blog/2013/08/29/top-10-reasons-for-network-downtime> </a></i><i>[2} <a href="http://www.continuitycentral.com/news06645.html">http://www.continuitycentral.com/news06645.html</a></i><i>[3] <a href="https://www.avaya.com/usa/documents/best-practices-for-avoiding-outages-svc7663.pdf">The Essential Guide to Avoiding Network Outages</a></i><i>[4] <a href="http://www.informationweek.com/it-downtime-costs-$265-billion-in-lost-revenue/d/d-id/1097919?">http://www.informationweek.com/it-downtime-costs-$265-billion-in-lost-revenue/d/d-id/1097919?</a></i><i>[5] <a href="https://www.gartner.com/doc/2978417/usedhardware-resellers-offer-hardware-support">https://www.gartner.com/doc/2978417/usedhardware-resellers-offer-hardware-support</a></i><i>[6] <a href="http://innetworktech.com/wp-content/uploads/2015/05/Convergence-of-NPM-and-APM.pdf">http://innetworktech.com/wp-content/uploads/2015/05/Convergence-of-NPM-and-APM.pdf</a></i></h4>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com1tag:blogger.com,1999:blog-7529855478140290682.post-38309179043733722222015-08-28T14:06:00.001-07:002016-04-20T11:04:26.700-07:00Software Defined Networks (SDN) - The Next Trend in NetworkingEvery once in a while a protocol is named so succinctly that in a few brief words the explanation is actually embedded within the name. SDN is a good example of a name that says so much. For the newcomer to the world of networking these three words may seem nebulous, and for those of you who have seen the evolution, the terms take on new meaning.<br />
<br />
This article will explore what this simple name means and why this standard is attracting so much attention.<br />
<br />
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfO6YbU_HbwCVbS2Gf-2Du7ROGzWnB5TVY105xkoYt9Bjqql93lFAf9NS56uwZob8MPXqdUjLlNxhQ7Cbek9o8v19sLX2dItkg6Rr9ANSVihuoKNpF181GZaWVtwpZStEo8cFByvmpfJfw/s1600/OSI+Model.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfO6YbU_HbwCVbS2Gf-2Du7ROGzWnB5TVY105xkoYt9Bjqql93lFAf9NS56uwZob8MPXqdUjLlNxhQ7Cbek9o8v19sLX2dItkg6Rr9ANSVihuoKNpF181GZaWVtwpZStEo8cFByvmpfJfw/s400/OSI+Model.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Exhibit A</td></tr>
</tbody></table>
Let's start with the word "Networking". Whenever the industry experts discuss networking they all refer to the OSI model which describes the functions performed at each of the seven layers. For those of you that need a refresher, refer to our Exhibit A. While "networking" does involve all seven layers, most industry experts and analysts are commonly referring to the Data Link/Network/Transport/Session layers when they use the term "network". Within these layers are the appliances that users connect to that contain the intelligence to forward and route data frames/packets.<br />
<br />
Today these appliances are known as switches. Universally they all support Ethernet (the current <br />
defacto data link standard) at its various speeds (10/100/1000 mb). Some offer PoE and L3 (routing), almost all support SNMP (Simple Network Management Protocol). There are also firewalls, Session Border Controllers, traditional routers and some gateways. The amalgamation of these devices with their interconnections is known collectively as "the network". Below in our Exhibit B is a depiction of a typical network that shows the various components and where they are deployed. These networks have been built, managed, and maintained by highly skilled individuals that perform magic that allows end users to connect various devices (PCs, printers, servers) to run the applications that mere mortals use to work, play, and interact. <br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRIuNRVTIF8aPEp_zUvOQ1Lun4ekbquJ41ZehdXVRYhaHsw3QbPF6U0iKKTDiE6tZkGHISn_XZdn5Ybn1pCoOO__7H3jWTzQBgTehWq1t50t841uOgjsf0ExiSU8yB5qECI1iNDf2vbT9L/s1600/Exhibit+B.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="489" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRIuNRVTIF8aPEp_zUvOQ1Lun4ekbquJ41ZehdXVRYhaHsw3QbPF6U0iKKTDiE6tZkGHISn_XZdn5Ybn1pCoOO__7H3jWTzQBgTehWq1t50t841uOgjsf0ExiSU8yB5qECI1iNDf2vbT9L/s640/Exhibit+B.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Exhibit B</td></tr>
</tbody></table>
<br />
Ever since Radia Perlman defined the Spanning Tree protocol/802.1d to solve the issue of loops in bridged networks, networking architects have been formulating new and creative protocols to overcome the challenges that have arisen as the IoT (Internet of Things) sprang into being. Considering that the versions of the standards are defined with letters and that the current standard is 802.1aq, it is obvious that many iterations of the standards have been previously published. Each iteration had been written to resolve a challenge that was encountered as new applications and uses for the Internet were introduced.<br />
<br />
While each of these standards resolved an issue, they also put an additional burden on the network administrators who had to learn how to deploy these protocols and perform even greater and more complex forms of magic on the network. This new magic was layered on top of the old magic creating a complex set of steps that had to be performed repeatedly on each device in the network, resulting in a manually configured and defined network. <br />
<br />
Networking vendors have all tried to overcome this complexity with proprietary management systems that allow the administrators to control various components from a centralized management console. The engineers could access the individual appliances from this console and write and execute the complex scripts necessary to configure the devices, and then rollout, audit, and rollback changes made to the network (provided they had connectivity). These management applications could also be used to monitor the overall health of the network and devices. While this was substantially better than telnetting to each device and executing the changes manually or via scripts. It still required touching each device and an intimate knowledge of the network design and configuration, as well as the protocols and how they were implemented on each of the different elements.<br />
<br />
Today, the great minds of the Internet (IEEE/IETF members) have come together to develop a standard that incorporates all the industry's "best practices" for each of the underlying networking protocols; network and endpoint security, and application and endpoint performance into a common management and control plane. This protocol will allow the administrators to Define profiles for users, devices, applications, etc. via Software for the Network. These definitions will then be pushed out to the network. When an application, user, or device attempts to join or transmit on the network, the pre-defined rules (profiles) will determine IF that application, user, or device may enter the network. Once access is gained, SDN will define what level of access it will have and what level of performance it will receive. <br />
<br />
As always, there are a number of competing standards being proposed and championed by different manufacturers. The good news is that they are being rolled out, tested, and updated quickly. The reason behind this rapid acceptance and testing is that the industry understands that the IoT (Internet of Things) is here and that every day new devices are joining the network using Ethernet with PoE. "New devices" include LED lighting, fire alarms, smoke detectors, paging systems, IP cameras, refrigerators, thermostats, etc. The value to the world is so tangible that there is no waiting. The Smart Buildings of the future will actually use less electricity and low voltage wiring using Ethernet with PoE is so safe and cost effective that the adoption rate is skyrocketing. <br />
<br />
To enable SDN, the network must be equipped with technologies such as SPB (Shortest Path Bridging/802.1aq). This is because when the network is comprised of these smart devices they automagically configure the best available paths from the devices (Ingress) to the applications (Egress) using the industry's best practices. The network administrators no longer configure the individual components, they merely configure the ingress and egress (entry and exit points), and the "network" self-configures to establish the communications path. This of course is predicated on the device, user, and/or applications having permission to access the network based on the rules/profiles set by SDN. The SDN controller (aka management station) is where the administrator defines the rules. Once defined, these rules are pushed to the network and therefore the controller is not a single point of failure.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCxNGLLy8iWzq4SgbtSPdp_i2AzW9Ga7dYuxfEW84VeXMi4sXJQxjjWas8JfMmdFumrcjlXwbU271omYCi4YTJ52JSwmhvFwl-8JGJ7DKiUdzRjd6Lj2FUIk21XcIDfoK9bYmM-Sflmnxz/s1600/SDN_flowchart.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="494" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCxNGLLy8iWzq4SgbtSPdp_i2AzW9Ga7dYuxfEW84VeXMi4sXJQxjjWas8JfMmdFumrcjlXwbU271omYCi4YTJ52JSwmhvFwl-8JGJ7DKiUdzRjd6Lj2FUIk21XcIDfoK9bYmM-Sflmnxz/s640/SDN_flowchart.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">SDN</td></tr>
</tbody></table>
Too good to be true? Nah… the team of experts (IEEE/IETF members) understands that the rules, no matter how seemingly complex, are configurable and therefore they can be incorporated into the new 802.1 standards. They just had to be codified aka SPB/SDN.<br />
<br />
The current version of SDN still requires the configuration of the ingress/egress. The next iteration of SDN will allow auto-configuration based on the rules. Impossible you say? Nope, it will take a similar approach as DHCP (Dynamic Host Configuration Protocol). The device will connect, identify itself, the user and the application, and then the network will look up the rules/profile and allow only and exactly what the profile says.<br />
<br />
In conclusion, since everything has moved to the network, businesses that are looking to do more with less complexity, expense, delay, and risk, and with greater speed, security, and ease of management should be seriously investigating how to introduce SDN into their network. <br />
<br />
The Internet of Things (IoT) is a scenario in which objects, animals or people are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.<br />
<div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-50871077980777100452015-07-31T08:59:00.002-07:002016-04-20T11:05:14.093-07:00Shortest Path Bridging (SPB)<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiWwz_BQDEvEGO2hG2KxCcrMS2kFPuslm-rsxik2hkx0eolga6jId1vEnjyAQhhBIYQIPPQusGNX8stA4uMTmJRSo5KdwVaaO3c-lb6MQ0UWsi1tkkau5Ou8d_AZzK3H9SbzjUYKNwYsBi/s1600/Tolkien+Ring.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiWwz_BQDEvEGO2hG2KxCcrMS2kFPuslm-rsxik2hkx0eolga6jId1vEnjyAQhhBIYQIPPQusGNX8stA4uMTmJRSo5KdwVaaO3c-lb6MQ0UWsi1tkkau5Ou8d_AZzK3H9SbzjUYKNwYsBi/s200/Tolkien+Ring.png" width="200" /></a></div>
For those of you who have been around long enough to know that “token ring” <i>(not to be confused with Tolkien Ring or something a guy gives a girl when he’s not ready to get married but wants her to stick around)</i>, you are going to LOVE SPB! For those of you newer to networking, you’ll love it too, but perhaps not with the same level of appreciation.<br />
<br />
And yes, I am almost afraid to admit that I understand that ArcNet is not a type of basketball shot, and that at one time ATM was NOT a machine that you used to withdraw funds from your account. But maybe that explains why I am so excited about the new era of networking that is known as "Fabric". <br />
<br />
Over the years we have seen the number of Data Link and Network Layer protocols whittled down to Ethernet and IP, while the number of routing protocols (RIP, RIPII, OSPF) and Transport Layers (UDP, TCP, RDP) increased to address the advent of new applications emerging. I stand in awe of the folks on the IETF along with their ingenuity to extend IPV4 well past its expected lifespan through creative methods devised via subnetting, use of private subnets, NAT, spoofing, etc. You really need to take your hat off to these creative individuals. Talk about making the most of something! <br />
<br />
That being said, deploying a network in the era of the "Internet of things", is to say the least quite challenging. Those of you who are tasked with maintaining the IP Addressing and extending the network to support the vast number of users and devices in a secure fashion are to be commended. I sympathize with all of you who have to carve out an IP range, negotiate for a maintenance window to deploy a new application, and then have to spend late night hours programming each switch (ingress/egress) with the IP addresses that you manually input. Hoping that you input each of the 32 bits correctly without a fat finger or dyslexic moment. Some of you are so adept at writing the scripts that are executed at each point that you remind me of those irritating folks in typing class (yes, back then it was typing, not keyboarding) that could type 100 words per minute without a mistake. Quite unnatural, even freakish I’d say. Anyway, back to networking. I almost forgot, multicast. Great IDEA! But woe to those of you with Cisco or Enterasys networks, should you be asked to deploy. <br />
<br />
Welcome SPB!<br />
I can only imagine that some very bright, out of the box thinkers must have been sitting in a room with a really big white board pondering these issues. Or perhaps they sat in a brew house discussing them over a few beers when they decided to make a list. This list consisted of all the networking protocols, and in another column all the services these protocols performed and in yet another column the problems the protocols were created to solve. Finally in the last column, all the challenges associated with them. I can just see them sitting back and asking themselves, "What if we could create a NEW networking standard that could do all the good things, and eliminate the problems?" …hmmmm – the birth of SPB!<br />
<br />
SPB is a scalable (it can grow really big!), extensible (it can support new devices, applications, etc.), secure (you can’t hack what you can’t see), fast (lots of high speed links), resilient (it can have a link or two or three…go down and your packets still get around), and simple (zero touch cores, endpoint only provisioning, no more scripts, maintenance windows, or all-nighters!). For those of you who want to take a deep dive you can see Paul Unbehagen (Co-Author) giving an overview of the protocol in a 30-minute YouTube video:<br />
<br />
<a href="https://www.youtube.com/watch?v=t15CsE-6Chg">Avaya Fabric Connect SPB Deep Dive</a><br />
<br />
For the rest of us, here are the common denominators of networking today:<br />
<br />
<b>Layer 1: Cabling standards</b>:<br />
Copper Twisted Pair (Cat 6e). Yes, we still run into Cat 5e and via the use of ingenuous designs we can also ride over Cat 3 but….<br />
- Fiber: Single Mode / Multi-Mode with SC or LC connectors<br />
- Air Waves: 802.11ac is the current flavor of WiFi. In a very short time, everyone will be using ac. Since the standard is relatively new, you will see a lot of legacy WiFi with 802.11n, but manufactures are now offering APs that have software upgradeable options.<br />
<br />
<b>Layer 2: Ethernet 10/100/1000 </b><br />
There were a number of competing standards in the early days but Ethernet was declared the winner a long time ago (at least in networking years).<br />
<br />
<b>Layer 3: IP Won in the Enterprise</b><br />
There were also a number of competing standards in the early days but IP was declared the winner in that arena. Anyone shedding a tear over IPX or AppleTalk?<br />
<br />
However, in the carrier space there have been protocols that we mere mortals rarely encounter. One of these protocols is IS-IS that is renowned for scalability. <b><i>(This is a hint)</i></b><br />
<br />
A new standard has emerged that blends the best of L2, L3 and the concept of virtualization, that standard is ….SPB. It takes the best of all the rest and combines them to create a virtualized network with ease of configuration and inherent scalability through the use of IS-IS in the core of the Fabric. Ethernet endpoints can now be added to the Fabric by simply configuring the ingress (Entry point) port and Egress (Exit Point). The Fabric will automatically determine the best and shortest path through the network automatically. <br />
<br />
How? The intermediate devices (switches with Fabric and SDN) communicate and negotiate to provide the Shortest Path with the best available service to Bridge the two Points together = SPB. <br />
<br />
How? Well, the devices talk amongst themselves and exchange information about who knows about what and they maintain tables of the paths, their speed and link states. <br />
<br />
SPB uses the concept of VLANs but at a whole new level. While VLANs imposed a limit of 4096 VLANs, SPB allows over 16 Million VRFs (Virtual Route Fabric) to be created and SPB devices are provided VID (Virtual InDentifiers). Those of you who are familiar with Routing protocols and the concept of Link States will be right at home with SPB, because as I previously stated, SPB took the best of the rest, eliminated the negative components, and combined them to create a scalable (you can grow it really, really big across large geographic areas), secure (you can’t hack what you can’t see), extensible (add any protocol or application you need to your network – event ones that haven’t been written yet), and simple (a few technicians can configure and run an enormous, extremely complex network all by themselves, easily). <b>One of the most gratifying aspects of the protocol is that it gives the technical staff back their life! </b><br />
<br />
Yes, their life. <br />
<br />
How you ask? Because they don’t have to spend their holiday weekends rolling out new applications or adding another site. The Management tools provide an easy to use interface that enables the users to become involved as much or as little as they want.<br />
<br />
<a href="https://www.youtube.com/watch?v=Ykg6UycXndY">Avaya Fabric - Simplifying Networking</a><br />
<br />
In Summary SPB is: <br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Plug and Play<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Ethernet attached<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Has a Symbiotic relationship with IP and Ethernet<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Scalable<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Uses VRF offering (16 Million)<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Creates a seamless, consistent, contextually relevant experience<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Offers One protocol that does all the routing and switching at once<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>With no complexity<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Edge Only Configuration<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Protection for applications<br />
<br />
All with major:<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Cost reduction to build and maintain network – 20-30% savings in hardware, Rackspace,<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Reduction in time to deploy. – reduce provisioning 80%<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Operational expense saving of 87% through reduction in time to service and time to deploy<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>37% of all network outage is a result of human error at the core<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>5 9’s reliability (less than 4 minutes downtime annually)<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Usage of ISID 802.1ah protocol for simplicity<br />
<br />
SPB Offers support that includes:<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>16 million services<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>A Network that becomes invisible/No IP Visibility<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>1 Hop through the Fabric to the Internet for low latency<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Integrated Routing & Switching<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>A Fabric that is a single state machine<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Isolation of services<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Simple endpoint provisioning<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Flexible – Multiple Services<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Secure – Separation of Networks<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Zero Touch Core<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Fabric Attach<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Zero Touch Edge<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>No Clients<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>The Endpoint/Client connections trigger auto configuration of ISID, VLANs, port membership, etc.<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Automatically, authenticated, authorized, and provisioned to automatically connect the client to the required services.<br />
<br />
SPB is the foundation for:<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>SDN<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>Automation<br />
•<span class="Apple-tab-span" style="white-space: pre;"> </span>A network that does not require tuning every day.<br />
<br />
And as such, it is going to be one of the key elements that will enable your organization to keep up with the pressures being exerted on your team. The pressure to provide new services by your customers, employees, business initiatives, applications, compliance regulations, security initiatives, etc. So, strap in and get ready for a fun ride with a driving force in the next wave of the "Internet of Things".<br />
<br />
Stay tuned for the next article on SDN: The deployment tool that makes network provisioning a 15 minute task rather than a maintenance window.Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0tag:blogger.com,1999:blog-7529855478140290682.post-3400577370313061982015-07-08T12:55:00.002-07:002015-07-08T12:55:15.188-07:00Fabric<div class="MsoNormal">
</div>
<div class="MsoNormal">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilZPH4N1gfyd4dEAIAFb-8aLovCOvf-YHYeHxI-xjV92Kj4mc_6aUMB-lDHKvC5WhrikTFIhsB9-1FzUWSubRw2GM__rLFL2VnpXNLufjKHHlxXTPif2oUz8uFK0PBWaEhJbFnCZTjAkm3/s1600/fabric.png" imageanchor="1" style="clear: left; display: inline !important; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilZPH4N1gfyd4dEAIAFb-8aLovCOvf-YHYeHxI-xjV92Kj4mc_6aUMB-lDHKvC5WhrikTFIhsB9-1FzUWSubRw2GM__rLFL2VnpXNLufjKHHlxXTPif2oUz8uFK0PBWaEhJbFnCZTjAkm3/s1600/fabric.png" /></a>The term Fabric and Fabric Networking is used a lot these
days by almost all vendors, the question is: What does that actually
mean?<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
The industry came up with the term “Fabric” to describe
networking technologies that allow networking gear (Switches & L3 Switches)
to connect in a way to achieve a mesh topology. If you think of a real
piece of cloth (fabric) the threads create a mesh. Mesh topology has always
been identified as the ideal for resiliency; however, in the past, due to cost
and protocol limitations this has been difficult, if not impossible to achieve.
Traditional networking connectivity had only a few connections between
devices. Resiliency typically meant two trunks, maybe three, especially
in the WAN. Recent advancements in technology now permit intelligent
switches to be hyper-connected and thus the term “Fabric” emerged to describe
this new intelligent network. When you hear the term “Fabric” think more
than “lots of links”. This new fabric is intelligent and
scaleable. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
What does it mean to have an intelligent network? It
means that the devices that comprise the network fabric are managed and seen as
an integrated whole rather than a series of interconnected devices. The
network administrator has the ability to define policies for any device,
application, job classification, individual, etc. These policies can
intersect and the fabric will automatically adjust to provide that object the
level of service that the policies dictate. There is no longer a need to
provision each switch and port whenever a new user, device, or application is
added to the organization. An administrator will create the policy,
provision the endpoints and the fabric will auto learn and provision itself to
meet the requirements. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This capability is enabled via new technologies and
protocols that have been defined and ratified by the IEEE (Institute of
Electrical and Electronics Engineers) and IETF (Internet Engineering Task
Force). To achieve end to end fabric, the network will need to have
intelligent devices capable of SPB (Shortest Path Bridging), and SDN (Software
Defined Networks). TRILL ("Transparent Interconnection of Lots of
Links") is another standard that was developed in an attempt to achieve
full fabric networking. While it does meet some of the requirement for
fabric, it is intended only for the core and does not reach to the edge so that
the promise of full fabric and SDN can never be realized.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<br />
<div class="MsoNormal">
This article is the first in a series of the new state of
the network. The next article will be on the topic of Shortened Path Bridging
(SPB).<o:p></o:p></div>
Anonymoushttp://www.blogger.com/profile/16137006783243733515noreply@blogger.com0