Resource Library

One of the many useful features of tunneling is to carry non-IP traffic across an IP network, and this is still the case when dealing with IPv6 traffic. This transition mechanism makes use of a configured tunnel to transport IPv6 over a native IPv4 network, which may consist of two sites or more. Unlike the previous transition mechanisms, tunneling is not monolithic; while the basic principles may be similar, the operations are different. The following chart gives a breakdown of the current, major tunneling types in use, particularly in a Cisco environment:

Risk is something we deal with on a daily basis. Living in New Jersey and having the occasional storm, I’ve recently performed my own risk assessment determining the value of certain assets and activities and made a decision on what I was willing to spend to reduce risk to what I perceived as an acceptable level. My management of risk was a rather simple case. Sure, in my revised business continuity plan for my home, I’ll make sure that I have more D cell batteries, have my garage door adjusted so it opens manually again, more food I can heat on a stove and that doesn’t rely on refrigeration, and finally I’ll consider a whole house gas generator that uses natural gas, which has always been available to power critical systems like the sump pump in my basement. What if, however, I was a really large business? One with lots of components and interdependencies that require a tight integration in order to succeed? How and where can a large volume of information necessary to management, business continuity, and disaster recovery be correlated and communicated to those individuals who, because of their roles and responsibilities, need to make the critical decisions regarding the management of risk?

An attacker needs to destroy evidence of his presence and activities for several reasons like being able to maintain access and evade detection (and the resulting punishment). Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process.

In the fourth of his five-part series, Eric Strause explores the hardware and application benefits inherent in a cloud-based architecture.

I attended a meeting this week with a customer of mine and a potential new vendor. The new vendor was there to pitch his configuration and setup service offerings for a specific ITSM toolset. My customer has already had one bad experience with an ITSM tool configuration vendor who promised one thing and delivered much less. He ended up with a tool that’s minimally used and not configured to match his business needs. He’s looking for a vendor that can understand his business needs and priorities and quickly help him get his tool configured and working in a short time frame. Then the topic of standard changes came up. My customer asked for examples of standard changes. The vendor responded, “Server reboots are an example of standard changes.”

As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...

A feature common to IPSec Virtual Private Network implementations throughout the Cisco product line is Perfect Forward Secrecy (PFS). This optional additional component is now a default supplied configuration setting with the Adaptive Security Device Manager (ASDM) I...

Occasionally as I'm teaching a Cisco training class, I get an idea for a blog post and it happened again this week. The Securing Networks with ASA Fundamentals curriculum is mostly based on the Adaptive Security Device Manager (ASDM). While the class describes the us...

The subject of this week’s post was actually prompted by a question from a former colleague.  Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...

I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...