Networks

Networks / Most Commented

Designing Secure Networks with Cisco Technology, Part 4

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more

More Cracks Appearing in Mobile Market

When I wrote the BuddeComm analysis on the introduction of Apple's iPhone I commented that the most significant element of this event was that it would begin to create cracks in the flawed business models of the mobile operators, who are desperately hanging on to their closed networks very much like the fixed operators were fighting tooth and nail against opening up their networks. We have seen that the fixed operators have largely lost this battle and we predict that the future of the mobile networks will be no different... more

The Slow Mainstreaming of IPv6

Slowly, we’re making progress mainstreaming IPv6. I wanted to post on a few interesting developments. Late last month, Netflix got an IPv6 allocation from ARIN, and they’re advertising it in BGP... I look forward to the day I can stream movies to my Netflix set-top box over IPv6. more

Designing Secure Networks with Cisco Technology, Part 1

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies.... "Wisdom consists in being able to distinguish among dangers and make a choice of the least harmful." That quote is quite possibly the most accurate depiction possible of the never-ending struggle between network security and corporate budget. Providing a mechanism to defend the enterprise network from every conceivable threat is impossible in terms of both technology and funding. more

VoIP Security Predictions for 2009

Here are my VoIP and Voice security predictions for 2009, limited to just a few, key predictions... The poor economy will slow the adoption rate for VoIP and Unified Communications (UC). This will continue to limit the size of the enterprise VoIP deployments for potential hackers to exploit. VoIP/UC will continue to be mostly an internal/campus application where the threat level for attack is low, so deployments will be largely secured along the same lines as other data network applications. more

Network Solutions Under Large Scale DDoS Attack, Millions of Websites Potentially Unreachable

Network Solutions is having problems with "all" its name servers, according to their tech support and a recent post on North American Network Operators' Group (NANOG) mailing list indicates that it has been under very large-scale UDP/53 DDoS attack for the last 48 hour period. As a result, domain names hosted with Network Solutions' Worldnic have been affected. Network Solutions is one of the leading domain registrars and DNS hosting providers in the world, managing more than 7.6 million domain names. more

IPv6… The Dangers of Prolonged Inter AS Tunnel Vision

Tunnel vision is a rather serious medical condition and the Internet or at least a number of service providers could be at risk if not treated soon enough. Symptoms of inter AS (Autonomous System) tunnel vision are many slower connections with IPv6 compared to IPv4 with some failing all together. Reason is that tunnels, especially inter-AS tunnels, can lead to long paths and non-optimal routing. more

Spam Peaked at 200 Billion per Day in 2008, Botnets Nexus of Criminal Activity, Says Cisco

In a 52 page security report released by Cisco, the company has confirmed what has been consistently been observed through out this year: "the Internet-based attacks are becoming increasingly sophisticated and specialized as profit-driven criminals continue to hone their approach to stealing data from businesses, employees and consumers." The 2008 edition of the report has specified the year's top security threats and offers recommendations for protecting networks against attacks that are propagating more rapidly, becoming increasingly difficult to detect, and exploiting technological and human vulnerabilities. more

The Report on “Securing Cyberspace for the 44th Presidency”

A report "Securing Cyberspace for the 44th Presidency" has just been released. While I don't agree with everything it says (and in fact I strongly disagree with some parts of it), I regard it as required reading for anyone interested in cybersecurity and public policy. The analysis of the threat environment is, in my opinion, superb; I don't think I've seen it explicated better. Briefly, the US is facing threats at all levels, from individual cybercriminals to actions perpetrated by nation-states. The report pulls no punches... more

Why We’ll Never Replace SMTP

An acquaintance asked whether there's been any progress in the oft-rumored project to come up with a more secure replacement for SMTP. Answer: No. Truly, spam isn't a technical problem, it's a social one. If we could figure out some way to make mail recipient networks and hosts willing to shun known bad actors, even at the cost of losing some real mail for a while until the bad actors cave, it would make vastly more difference than any possible technical changes. more

Cisco: P2P Flat in North America? Some Experiencing Major Growth

North American p2p went from 370 petabytes in 2006 to only 416 petabytes in 2007 according to Cisco's figures. Since U.S. users increased 16% in the same period, that's a drop in p2p per user and a significant drop in p2p as a percentage of all traffic. There's a major margin of error in these figures, so I'm calling it "flat." That's very different from pre 2007 experience, when p2p grew rapidly. It severely contradicts what many in Washington D.C. are saying... more

Cisco Speaks at FOSE on IPv6 Enterprise Architecture Transition

"The world is flattening," says Dave Rubal at the FOSE Conference and Exhibition this week in Washington, DC. "The race for IT dominance is on, and it is coming west." Mr. Rubal, Cisco's Worldwide Internet Protocol version 6 (IPv6) Task Force Lead, spoke of the tremendous race in IT dominance that is occurring, stating that the "mainstay technologies at the Beijing Olympics will be IPv6-powered." IPv6 is in line to replace version 4, but Rubal hinted that China and other Far East countries may be adopting the new version faster than the United States... more

Hot Architectural Issues for the Internet

The Internet Architecture Board's (IAB) chair, Olaf Kolkman, asked the members of the IAB to provide a statement paper each on what they believe the current most pressing issues in terms of Internet architecture are... I have thought about this for the past few days, and realised that it's hard to come up with overarching issues and even harder to come up with issues, where the IAB actually could make a difference. But I came with up with two issues. more

IPv6 Deployment: Just Where Are We?

In this article we'd like to look at some measures of the use of IPv4 and IPv6 protocols in today's Internet and see if we can draw any conclusions about just how far down the track we are with the IPv6 part of dual stack deployment. We'll use a number of measurements that have been made consistently since 1 January 2004 to the present, where we can distinguish between the relative levels of IPv4 and IPv6 use in various ways. more

iPhone, Android, 700 MHz: What Maximizes Wireless Innovation?

At the Emerging Communications Conference eComm 2008, I'm moderating a panel "Wireless Innovation, with or without operators." This will be a discussion -- smart people from differing camps responding to (hopefully) probing questions from yours truly, and the audience. Points of view represented include Google Android, J2ME/JavaFX Mobile, iPhoneWebDev.com, Skype and Trolltech Qtopia (Nokia), plus Chris Sacca, formerly head of Google's wireless initiatives. I've been thinking about subjects and questions for the panel. As a start, I'll set down my current views, then seek others' views and questions. more