Cisco EnergyWise is a new energy management architecture that will allow IT operations and facilities to measure and fine-tune power usage to realize significant cost savings. Cisco EnergyWise focuses on reducing power utilization on all devices connected to a Cisco network ranging from Power over Ethernet (PoE) devices such as IP phones and wireless access points to IP-enabled building and lighting controllers. It uses an intelligent network-based approach, allowing IT and building facilities operations to understand, optimize, and control power across an entire corporate infrastructure, potentially affecting any powered device.

Con la segunda generación de routers de servicios integrados, Cisco ayuda a las organizaciones a implantar vídeo bajo demanda, movilidad y seguridad, incrementando el ahorro empresarial

Con el objetivo de afrontar las necesidades tecnológicas de los equipos que trabajan en colaboración y de forma distribuida, Cisco ha desarrollado su arquitectura Borderless Networks y ha anunciado hoy su estrategia para proporcionar servicios y aplicaciones a los profesionales de cualquier compañía, desde cualquier lugar y para cualquier dispositivo, a través de una comunicación sin fisuras, fiable y segura.

Como parte de la arquitectura Borderless Networks, la compañía ha anunciado la disponibilidad de la segunda generación de su Router de Servicios Integrados ISR G2 . La familia Cisco ISR G2 ayuda a las empresas y a las operadoras a simplificar los procesos y a llevar a las filiales la prestación, bajo demanda, de servicios empresariales en red, tales como aplicaciones de vídeo y colaboración. El nuevo conjunto de routers combina las tecnologías de enrutamiento, conmutación, conexión inalámbrica y de seguridad, en una infraestructura de redes más integrada, que permite a las empresas extender el uso del vídeo, las aplicaciones de colaboración y otros servicios en red con más eficacia en sus instalaciones. De esta forma, los responsables de informática pueden gestionar, ampliar, controlar y proteger las redes con más facilidad, mientras estrechan la sinergia entre usuarios, dispositivos, aplicaciones y procesos empresariales.

Google Africa BlogにG-Africa Initiativeという活動についての投稿があった。

G-Africa Initiativeとは、Googleの慈善活動という位置づけで、サブサハラ・アフリカ諸国でソフトウェア開発者を対象にしたセミナーを開催する活動のこと。今回のGoogle Africa Blogではナイジェリアで実施されたことが書いてあった。

10月28日から3日間、ナイジェリア最大の都市（旧首都）ラゴスで、国内トップクラスのソフトウェア開発者50名を呼び、Google Web Toolkit, AppEngine, Maps API, iGoogle and iGadgetsの使い方の講習が行われた。アフリカで実施する「インターネットってのはね・・・」という説明が必要な初歩的なITセミナーとは異なり、トップクラスの技術者対象だけあって、その内容も高度なもの。3日間という短期間で、Googleの提供する上記のツールを利用して携帯アプリを作成する者までいたという。

G-Africa Initiativeの説明によれば、ソフトウェア開発だけでなく、Web上におけるローカル・コンテンツの作成方法やマーケティング等、小規模ビジネスに向けての講習も含まれている。そして、このG-Africa Initiativeイベントはサブサハラ・アフリカ諸国で継続的に開催するようだ。こうやって、アフリカのIT人材育成に貢献し、「良いとこしてる」感をアピールしつつ、アフリカにおけるGoogleのプレゼンス向上と、同地のITビジネスにおけるGoogleツールのデファクトスタンダード化を、着々と図っているのだなぁと感心。

アフリカではほかにも、Cisco Systemsも同じような取り組みを援助機関と協力して実施しており、Cisco Networking Academyという名でアフリカ諸国でCCNA（Ciscoのネットワーク技術者資格）取得用の教育を提供している（エチオピアでもあったなぁ）。ちなみに、JICAもアフリカからのIT技術者を日本に招いて東大で研修をうけさせるという研修事業を手がけている（日本に来るけど、受講する内容は、Ciscoのネットワークだ・・・）。

数年後にはアフリカのITビジネス界が盛り上がることが期待出来る。そして、それまでの経過を追っていくのも面白そうだね。

Hace unos días recibí cuatro gigabytes de ram para mi portátil del trabajo, así que aproveche para actualizar mi viejo Windows XP por el Siete que parece que ha recibido buenas críticas. Pero el Siete de 32 bit (i386) solo aprovechaba 3 de los 4 Gigabytes y la avaricia me hizo probar la versión de 64 bits que si que reconocía y aprovechaba toda la RAM. Todo iba perfectamente hasta que instale la vpn para conectarme a mi trabajo. Cisco VPN Client no corre en 64 bits ni parece que los chicos de Cisco tengan interés por darle solución.

Pero tranquilos tiene solución o mejor dicho soluciones.

1. Windows Virtual PC Instalar una máquina virtual con el Windows XP de toda la vida.
2. NCP Secure Entry Client un software que sustituye perfectamente al de Cisco e importa tu pcx correspondiente a tu perfil.
3. Shrew VPN Client una solución open source que también importa el pcx.

Por cierto si no sabes la contraseña del pcx, la seguridad de las claves no es que sea muy allá y de hecho el algoritmo de Cisco está roto. Aquí podrás encontrar cómo hacerlo.

CHAPTER-9-CS12Fr-Disc2v4.1-07/09-Tues/Fri-MK
9.1.1.1 OSI Model & Troubleshooting
 Good network trouble shooters are always in high demand.
 Knowledge of t features, functions, and devices of each OSI layer and how each relates to those around it help a network technician troubleshoot better.
 Upper layers (5-7): deal with specific app functionality and are implemented only in software.
 Problems here are caused by end-system software config errors on clients/servers.

 Lower layers (1-4): = data-transport issues.
 Network (3) and Transport Layer (4): = only software.
 Software config errors on routers and firewalls happen here.
 IP addressing and routing errors happen at Layer 3.

 Physical (1) and Data Link Layer (2): = hardware and software.
 Hardware problems and incompatibilities cause Layer 1/Layer 2 problems.
 There are three main troubleshooting approaches when using network models:

9.1.2.1 Troubleshooting Methodologies
 Top-down
 Bottom-up
 Divide-and-conquer

 Top-down : App Layer and works down. Views problem from user and application.

 Bottom-up : Physical Layer and works up. Hardware and wire connections.

 Divide-and-Conquer: Begin at middle layers and work up or down from there.

9.1.3.1 Troubleshooting Tools
 Difficult to troubleshoot network connectivity issue without a network diagram.
 Logical and physical topologies are extremely useful in troubleshooting.

Physical Network Topologies:
 Shows physical layout of devices connected to network.

Physical network topologies include:
 Device types
 Models and manufacturers of devices
 Locations
 Operating system versions
 Cable types and identifiers
 Cabling endpoints

Logical Network Topologies:
 Shows how data is transferred on network.
 Symbols used as network elements: routers, servers, hubs, hosts, and security devices.

Logical network topologies include:
 Device identifiers
 IP addresses and subnet masks
 Interface identifiers
 Routing protocols
 Static and default routes
 Data-link protocols
 WAN technologies

Network Documentation and Baseline Tools:
 Available for Windows, Linux, and UNIX OS’.
 CiscoWorks used to draw network diagrams, keep documentation up to date and measure baseline network bandwidth use.
 Tools provide monitoring and reporting functions for finding network baseline.

 Network Management System Tools:
 NMS tools monitor network performance.
 Graphically display physical view of network devices.
 Locate source of failure and determine what possible cause was.
 E.g.: CiscoView, HP Openview, SolarWinds and WhatsUp Gold.

Knowledge Bases:
 Have become good sources of info.
 Network admin has access to a vast pool of experience-based info.

Protocol Analysers:
 Decodes protocol layers in recorded frame and presents info in an easy-to-use format.
 Capture network traffic for analysis.
 Output is filtered to view specific traffic/types of traffic based on criteria. E.g.: to/from a certain device.

Hardware troubleshooting tools:
Cable Testers:
 Specialized, handheld devices designed for testing comms cabling.
 Used to detect opens, shorts and wire map errors.
 Time-domain reflectometer (TDR),can pinpoint distance to break in cable.
 Can determine length of a cable.

Digital Multimeters:
 Test instruments that measure voltage, current, and resistance.
 In network troubleshooting tests involve checking PSU voltage and verifying that network devices are receiving power.

Portable Network Analysers:
 Engineers use these to see average and peak utilization of a network segment.
 Used to identify devices producing most network traffic, analyse network traffic protocols and view interface details.
 Useful for problems caused by malware or DOS attacks.

9.2.1.1 Layer 1 & 2 Problems
 Network problems at Layer 1 can cause loss of network connectivity or network performance to degrade.
 Types of problems that occur at Layer 1 are related to type of technology used.
 Ethernet is multi-access technology. (Layer 2)
 Ethernet = Carrier Sense Multiple Access with Collision Detection (CSMA/CD).
 Excessive collisions cause network performance to degrade.
 Layer 2 specifies how data is formatted for transmission over network media.
 Layer 2 regulates how access to network is granted.
 Layer 2 links Network Layer software functions to Layer 1 hardware for LAN and WAN apps.
 Network analysers can locate source of a Layer 2 issue.

9.2.2.1 Troubleshooting Device Hardware & Boot Errors
The boot-up process:
 1. Performing POST and loading bootstrap program.
 2. Locating and loading Cisco IOS software.
 3. Locating and loading t startup config file or entering setup mode.

 When Cisco IOS software is loaded, technician verifies that hardware/software are fully operational.
 ‘Show version’ displays version of OS and if interface hardware is recognized.
 ‘Show flash‘ shows content of Flash memory (and Cisco IOS image file),flash memory used and memory available.
 ‘Show ip interfaces brief’ shows status of device interfaces and IP addresses assigned.
 ‘Show running-configuration’ and ‘show startup-configuration’ verify if config commands recognized during reload.
 If device fails to boot and creates network outage, replace device with known good.
 When service to users is restored, troubleshoot and repair failed device.
 If router boot ok then green LED indicators will display.

Device Fails POST:
 No output appears on console screen and system LEDs change color or blink.
 If POST fails, turn off power, unplug device, remove all i modules and reboot device.
 If POST still fails then device needs service or brick it!
 If POST ok without modules installed, then dodgy module.
 Reinstall each module individually, rebooting each time to find Mr. Dodgy!

Cisco IOS Image in Flash is Corrupt:
 If image file in flash is corrupt/missing, boot-loader can’t find Cisco IOS file to load.
 Boothelper is an image with limited functionality that runs if no image exists.
 If Boothelper cannot bring device back into operation then device enters ROMmon mode.
 Use ROMmon to reload Cisco IOS image from TFTP server.

Memory is not Recognized or Fails:
 If insufficient memory to decompress image, device scrolls error messages rapidly or constantly reboots.
 Boot device into ROMmon mode by using ‘Ctrl-Break’ command during startup.

 Determine the status of the memory in ROMmon mode.

Interface Modules are not Recognized:
 Interface modules not recognized during POST/IOS load.
 ‘show version’ does not match installed modules.
 If module is new, check if module is supported by Cisco IOS version installed and enough memory to support module.
 Power down device, disconnect t power, and reseat module to see if hardware problem.
 If module still dodgy, replace with known good.

Configuration File is Corrupt or Missing:
 If startup config file cannot be found, some devices execute autoinstall.
 Utility broadcasts TFTP request for config file.
 Some devices enter initial config dialog (setup utility/setup mode).
 Devices that use autoinstall enter setup mode if no TFTP server responds after five attempts.

9.2.3.1 Troubleshooting Cable & Device Port Errors
 Router interface errors show up Layer 1 and Layer 2 cabling/connectivity errors.
 Examine statistics recorded on suspected interface with ‘show interfaces’ and status of interfaces with ‘show ip interface brief ‘.

 Up/up status = normal operation and media/Layer 2 protocols are functional.
 Down/down status = connectivity/media problem exists.
 Up/down status = media is connected properly, but Layer 2 protocol is not ok.

Layer 1 Issues that cause down/down output:
 Loose cable or tight cable = circuit down.
 If pins cannot make good connection = circuit down.
 Incorrect termination or correct standard is not followed.
 Pins correctly terminated in connector.
 Pins on interface connection are bent/missing.
 Dodgy cable – interface cannot sense correct signals.

Layer 2 issues that cause an up/down output:
 Encapsulation not configured correctly.
 No keep-a-lives are received on interface.

 ‘Show interfaces’ shows extra info to help identify media errors.

 Output for show interfaces:
 Excessive Noise – Presence of plenty CRC errors but not many collisions indicates noise. CRC errors indicate media or cable error caused by emi, bad connections, incorrect cabling.
 Excessive collisions – Occur on half-duplex/shared-media Ethernet connections. Damaged cables cause excessive collisions.
 Excessive runt frames – Malfunctioning NICs cause runt frames, but can also be caused by same issues as excessive collisions.
 Late collisions – Caused by excessive cable lengths and duplex mismatches.

9.2.4.1 Troubleshooting LAN Connectivity Issues
 Each port on a switch has an LED indicator that provides info.
 Verify switch port connected to user is active and appropriate LED indicators are lit.
 Error condition = red or orange.
 Check to see that both sides of connection have link.
 If no link light is present, ensure physical connectivity and correct port is used.
 Ensure devices are powered up with no boot errors.
 Change suspected patch cables with known good and verify terminations are correct for desired connectivity.
 If still no link light, check port is not administratively shut down.
 Use ‘show running-config interface’ to show config of switch port.

 Switch# show run interface fastEthernet 1/1
 interface FastEthernet 1/1
 shutdown
 duplex full
 speed 100
 end

 Use ‘show interface port counters errors’ if link light is present, but cable is suspected damaged.
 Duplex mismatches are more common on switches than and may occur if one device configured to auto-negotiate and other manually configured which lead to collisions and dropped packets.
 Use ‘show interface port status’ to view speed, duplex and auto-neg settings on a port.
 If Cisco Discovery Protocol (CDP) enabled, CDP error messages show on console/logging buffer.
 CDP is useful to detect errors, port and system stats on nearby Cisco devices.

9.2.5.1 Troubleshooting WAN Connectivity Issues
 WAN connectivity relies on equipment owned/managed by telecommunications service provider (TSP).
 Correct serial interface and line problems using info from ‘show interfaces serial’.
 Packet errors, config errors, or mismatches in encapsulation and timing can plague serial connections.
 Consider CSU/DSU or modems when troubleshooting serial lines.
 Know type of modem or CSU/DSU installed and how to place device in loopback state for testing.
 ‘Show interfaces serial’ displays problem states:
 Serial x is down, line protocol is down (DTE mode) – When interface cannot detect signal on line, it reports line and Layer 2 protocol down.
 Serial x is up, line protocol is down (DTE mode) – When interface does not receive keep-a-lives or there is encapsulation error Layer 2 protocol is reported down.
 Serial x is up, line protocol is down (DCE mode) – When router is providing clock signal and DCE cable is attached with no clock rate configured, Layer 2 protocol is reported down.
 Serial x is up, line protocol is up (looped) – When serial interface receives own signals back on circuit, it reports line as looped. (Common practice to place circuit in loopback condition to test connectivity).
 Serial x is up, line protocol is down (disabled) – High error rates cause protocol disabled mode. ( hardware related).
 Serial x is administratively down, line protocol is down – Device configured with ‘shutdown’. Enter ‘no shutdown’ on interface to fix. If interface does not come up, check for duplicate IP address. If duplicate IP address exists use ‘no shutdown’ command again.
 Serial x is up, line protocol is up – interface is honky dory!

9.3.1.1 Layer 3 Functionality & IP Addressing
 Layer 1 networks created by interconnecting devices over physical media.
 Layer 2 network protocols are hardware dependent. (Ethernet/serial)
 Layer 3 protocols not bound to type of media or Layer 2 framing protocol.
 Same Layer 3 protocols can use Ethernet, wireless, serial, or others.
 Layer 3 networks can have hosts connected using different Layer 1 and 2 thingys!.
 Layer 3 networks = logical networks created in software.
 Most networks use TCP/IP protocols to exchange info between hosts.

9.3.2.1 IP Design & Config Issues
 Overlapping subnet occurs when address range of two separate subnets include some same host/ broadcast addresses.
 Overlapping caused by poor network docs or entering incorrect subnet mask/network prefix.
 Poorly configured subnet mask cause some hosts on a network to lose access to services.
 Subnet mask config errors can also display variety of symptoms not easily identified.

9.3.3.1 IP Address Planning
 When Windows host does not receive address from a DHCP server, it automatically assigns itself an address on 169.254.0.0 network.
 Use ‘show ip dhcp binding’ to check if DHCP server has available addresses.

9.3.3.1 DHCP & NAT Issues
 Verify that IP addressing is assigned using ‘ipconfig /all’.
 If host not receiving IP address, then troubleshoot DHCP config.
 First step in troubleshooting = check physical connectivity.
 Next check DHCP server is correctly configured and has IP addresses to lease.
 Check for any address conflicts. (static address contained in range of DHCP pool).
 Use ‘show ip dhcp conflict’ to show address conflicts in DHCP server.
 If problem still exists, configure static IP address info on host and if unable to reach network resources then problem is not DHCP.
 Router can forward broadcast packets (incl.DHCP) to server using ‘ip helper-address’.
 Router(config-if)# ip helper-address x.x.x.x

 First indication of NAT problem is users cannot reach internet sites.
Incorrect Designation of Inside and Outside Interface
 Inside interface connects to local network, which uses private IP address space.
 Outside interface connects to public network ( ISP).
 Use ‘show running-config interface’

Incorrect Assignment of Interface IP Address or Pool Addresses
 IP address pool and static NAT translations must use addresses on same local IP network as outside interface. (no route to the translated addresses are found).
 Check config to verify translated addresses are reachable.
 When address translation is config on outside interface address in PAT, ensure interface is on correct network and subnet mask.

 If dynamic NAT/PAT is enabled and external users cannot connect to static internal devices, then check static translations are configured.
 Verify NAT is operational by using ‘show ip nat translations’.
 After viewing, use ‘clear ip nat translation *’ (may disrupt user services).
 Use ‘show ip nat translations’ again and if new translations appear, problem is elsewhere.
 Use ‘traceroute’ to find path translated packets are taking.

9.5.1.1 Layer 4 Traffic Filtering Errors
 Some engineers are unsure which transport protocol used by apps and deny port number for TCP and UDP traffic.
 This practice denies traffic that should be allowed.
 Firewalls are often configured to deny everything except apps specified in permit statements, then firewall filtering problems occur.
 Layer 4 problem = users reporting video or audio web services are not reachable.

9.5.2.1 Upper Layer Problems
TCP/IP Application Layer protocols:
 Telnet – establishes terminal session connections with remote hosts.
 HTTP – exchanges text, graphic images, sound, video, and other multimedia files on the web.
 FTP – interactive file transfers between hosts, using TCP.
 TFTP – basic interactive file transfers between hosts and networking devices (UDP) .
 SMTP – basic email message delivery services.
 POP3 – connects to mail servers and downloads email to a client application.
 IMAP4 – lets email clients retrieve messages and store email on servers.
 SNMP – info from managed devices.
 NTP – updated time to hosts and network devices.
 DNS – maps IP addresses to names assigned to hosts.
 SSL – encryption and security for HTTP transactions.
 SSH – secure remote terminal access to servers and networking devices.

 Using “divide and conquer” and verify Layer 3 connectivity:
 Step 1. Ping host default gateway.
 Step 2. Verify end-to-end connectivity.
 Step 3. Verify routing configuration.
 Step 4. Ensure that NAT is working correctly.
 Step 5. Check for firewall filter rules.

 Check with ISP to ensure network connection is up and operational.
 If verified that the end-to-end connectivity is not issue, but end device is still not operating then problem has been isolated to upper layers.
 It is possible to have full network connectivity, but app cannot provide data.
 Misconfigured client applications account for the majority of upper layer network problems.
 Use ‘nslookup’ to verify DNS is working ok.
 If DNS server is ok and reachable, check for DNS zone config errors.
 Browser plug-in programs must be kept updated for web pages to display correctly.
 Use correct protocol to request data can cause a web page to be unreachable.
 Specify https:// or http:// for desired protocol.

9.5.3.1 Using Telnet to check upper layer connectivity
 Use of Telnet indicates lower layer connectivity exists between devices.
 Cisco IOS devices include an SSH client that can be used for SSH sessions with other devices.

CISCO ha lanzado una excelente aplicación gratuita para el iPhone/iTouch que mantiene al usuario al tanto de las amenazas de seguridad y otra información para navager con seguridad.  La aplicación, SIO To Go,  está dividida en varias secciones, todas relacionadas a seguridad en el internet, y te permite escoger cuáles de ellas deseas tener activas.   Incluso te da acceso a las entradas de CISCO  en Twitter y su blog; también puedes corroborar la integridad de un web site.   La información sale del sistema “Security Intelligence Operations” (SIO) de la compañía, que obtiene dicha información en tiempo real de cerca de 700,00 sensores localizados en páginas de clientes, ISP’s y otros lugares alrededor del mundo. La cantidad de información es abundante, al día y prácticamente indispensable para cualquier administrador de redes, ahora al alcance de tu iPhone/iTouch.

Fuente:  cnet

Certinside GUARANTEES that you will pass your 642-964 exam on your first attempt after using our Certinside 642-964 dumps. It could give a boost to your career by opening new horizons of employment opportunities.

 1.roadcasts and add each switch to the NetFlow device table.
Answer: C1. What will be upgraded as a result of this command?
upgrade ftp://ftpuser@10.1.2.3//upgrade/IPS-K9-r-1.1-a-5.1-1.pkg
A. recovery partition
B. application partition
C. both application and recovery partitions immediately
D. both application and recovery partitions at the next scheduled automatic IDSM update
Answer: A

2. On a Cisco Catalyst 6500 Series Switch, how many physical links can be aggregated into an EtherChannel group?
A. 4
B. 8
C. 16
D. 32
Answer: B

3. How would you configure a NAM to monitor and report the most heavily viewed sections of a website?
A. Create a separate domain name or virtual server IP address for each section of the site. Add each domain name or IP address to the NAM application protocol directory.
B. Enable regular-expression pattern matching. Define application protocol filters based on regular expressions that match the desired URLs.
C. Enable URL monitoring. Define each desired URL as an application in the protocol directory.
D. Use SPAN or VACLs to capture upper-layer protocol data from the web servers. Use a third-party application to parse the stored capture files.
Answer: C

4. How can you configure the NAM to view a list of all switches that are sending NDE packets?
A. Enter the command sh data-source nde.
B. Configure Cisco Discovery Protocol to detect all switches on the network.
C. Launch NetFlow Listening Mode from the Cisco Traffic Analyzer application.
D. The NAM will automatically detect NDE b

Just download the Certinside 642-964 dumps Certinside 642-964 Practice Questions & Answers, Certinside 642-964 exam and study them for a bright future in IT.

from  http://www.hp0-y18.com/642-964-questions-and-answers/

This is targeted for security professionals.  It will probably overwhelm everyone else.  Click here.

CHAPTER-8-CS12Fr-Disc2v4.1-07/09-Tues/Fri-MK
8.1.1.1 ISP Security Services
ISPs serve:
 Unsecured ISP customer PC’s may lead to large failures in ISP networks.
 ISP must maintain secure customer data.
 Managed desktop security services help prevent attacks.
 Technicians implement security best practices on client PCs.

Security services:
 Help clients create secure passwords.
 Install App patches & upgrades.
 Remove vulnerable apps/services.
 Making apps/services available to some users and blocking other users.
 Configuring desktop firewalls and anti-virus software.
 Determine vulnerabilities via security scans.

8.1.2.1 Security Practices
Features and procedures:
 Encrypting data on server hdds.
 Use permissions to secure files and folders.
 Assign levels of access based on user a/c or group m-ship.
 “Principle of least privilege” = give users access to only those resources needed to do their job.
 Authentication, Authorization and Accounting (AAA) is a 3 step process used by admins to make life harder for attackers.
 Authentication = prove identity using username and password. Databases are stored on servers that use RADIUS or TACACS protocols.
 Authorization = user rights to access specific resources and specific tasks.
 Accounting = tracking apps used and length of time used.
 AAA requires database to track user credentials, permissions and account stats.
 Local authentication is simplest form of AAA and keeps database on gateway router.
 If org has more than a few users authenticating with AAA, org must use a database on separate server.

8.1.2.1 Data Encryption
 By default, data sent over network is unsecured and transmitted in clear text.

Encryption:
 Process of encrypting all transmitted data between client and the server.
 Protocols use secure version to transmit sensitive data.
 Using secure protocol when not needed = more overhead and slower response time.
 Web servers – HTTP by default = non secure protocol.
 HTTPS uses secure socket layer (SSL) protocol.
 Email servers – SMTP, POP3, and IMAP4.By default, info is sent in clear text.
 POP3 can use SSL for security.
 SMTP and IMAP4 can use SSL or Transport Layer Security (TLS) for security.
 Telnet servers – Uses clear text.
 Secure Shell (SSH) protocol allows secure authentication and data on router or switch.
 FTP servers – sent in clear text.
 FTP can use SSL and SSH to securely exchange authentication and data..
 File servers – In most cases do not offer secure version.
 IP Security (IPSec) = Network Layer security protocol used to secure Application Layer protocol for communication.

8. 2.1.1 Access Control Lists & Port Filtering
3 key types of DoS attacks:
DoS:
 When a server or service is attacked to prevent legitimate access to service.
 SYN floods, ping floods, LAND attacks, bandwidth consumption attacks and buffer overflow attacks.

DDoS:
 Distributed denial-of-service (DDoS) attack = multiple computers attack a specific target.
 Attacker has access to many compromised computer systems and remotely launch attack.
 Same kinds of attacks as DoS, except DDoS attacks run from many computer systems simultaneously.

DRDoS:
 Distributed reflected denial-of-service (DRDoS) attack = attacker sends a spoofed request to PC’s with source address modified to targeted computer system. The computer systems that receive request respond.
 When computer systems respond to request, all requests are directed at target computer system.
 Very difficult to determine the originator of the attack.
 ISPs must filter out network traffic that can be harmful to operation of network or servers.
 Port filtering and access control lists (ACL) are used to control traffic to servers and networking equipment.

Port Filtering:
 Controls flow of traffic based on specific TCP or UDP port.
 Many server operating systems restrict access using port filtering.
 Also used by network routers and switches to control traffic flow and secure access to device.

Access Control Lists:
 Defines traffic that is permitted/denied through network based on source and destination IP addresses and source and destination ports of protocol being used.
 ICMP and routing update traffic can also be controlled using ACLs.
 Admins create ACLs on network devices to control whether or not traffic is forwarded or blocked.
 ACLs are first line of defence and not enough to secure network.

8.2.2.1 Firewalls
 Hardware or software that defines which traffic can enter/leave sections of network and how traffic is handled.
 ACLs are one of the tools used by firewalls.
 ACLs control which type and direction of traffic is allowed to pass through firewall.
 Dynamic packet filter firewall (stateful) keeps track of actual communication process between source/destination devices, by using state table.
 Cisco IOS Firewall software is embedded in Cisco IOS software and allows user to turn a router into a network layer firewall with dynamic/stateful inspection.
 Constantly evolving as new capabilities are developed and new threats are discovered.
 More functionality embedded in firewall = more time for packets to be processed.
 Firewalls can provide perimeter security for the entire network and for internal local network segments, such as server farms.
 Firewalls implemented in multiple layers.
 Traffic from an untrusted network first encounters packet filter on the border router.
 Permitted traffic goes through border router to an internal firewall to route traffic to a demilitarized zone (DMZ).
 Only traffic that is permitted access to these servers is permitted into the DMZ.
 Firewalls also control what traffic is permitted into protected local network.

 Internal firewalls protect sensitive areas and are used to restrict access to areas of network that need more protection.
 Internal firewalls separate and protect resources on servers from inside users.
 Internal firewalls prevent external/internal hackers, unintentional internal attacks and malware.

8.2.3.1 IDS & IPS
Intrusion Detection System:
 Software- or hardware-based system that passively listens to network traffic.
 IDS device monitors traffic through network interface.
 When IDS detects malicious traffic it sends alert to preconfigured management station.

Intrusion Prevention System (IPS):
 Active physical device or software feature. Traffic goes in one interface and out other.
 IPS examines actual data packets that are in network traffic.
 Works in real time to permit/deny packets that want access into network

IDS and IPS technologies used as sensors can be:
 Router configured with Cisco IOS version IPS
 Hardware appliance designed for dedicated IDS/IPS services.
 Network module installed in an adaptive security appliance (ASA) switch/router.

 IDS and IPS sensors respond differently to incidences on network.
 IDS solutions are reactive when detecting intrusions.
 Detection is based on signature for network traffic/computer activity.
 IDS’ do not stop initial traffic from passing through to destination.

 IDS can block further malicious traffic by reconfiguring network devices in response to malicious traffic detection

 IDS used on untrusted perimeter of network, outside firewall.
 IDS can analyze type of traffic hitting firewall and see how attacks are executed.
 IDS can also be placed inside firewall to detect firewall misconfigurations.

IPS:
 IPS solutions are proactive and block all suspicious activity in real time.
 IPS examines data packet Layer 2 to Layer 7.
 When IPS detects malicious traffic it blocks it immediately.
 IPS then sends alert to management station.
 IPS blocks original and subsequent malicious traffic.

 IPS = intrusion detection appliance and is not software.
 IPS placed inside firewall because it examines most of data packet.
 IPS’s protect server apps if malicious traffic is being sent.
 Firewall drops most packets not allowed, but can allow some malicious packets through.
 IPS has fewer packets to examine, so it can examine the entire packet.
 IPS can stop new attacks that firewall was not configured to deny.
 IPS can stop attacks that firewall is unable to deny due to limitations.

8.2.4.1 Wireless Security
 Wireless networks can be secured by changing default settings, enabling authentication or MAC address filtering.

Changing Default Settings:
 Change default values for SSID, usernames and passwords on wireless access point.
 Disable broadcasting of SSID.

Enabling Authentication:
 Permits entry to network based on credentials.
 Verifies that device attempting to connect to network is trusted.

Open authentication:
 Any and all clients are able to access regardless of who they are. (used on public networks)

Pre-shared key (PSK):
 Needs matching preconfigured key on server and client.
 When connecting, access point sends random bytes to client.
 Client accepts data, encrypts it and sends it back to access point.
 Access point gets encrypted string and uses its key to decrypt it.
 If both match then authentication is successful.

Extensible Authentication Protocol (EAP):
 2 way authentication.
 When using EAP software, client communicates with backend authentication server. Eg-RADIUS.

Enabling MAC Address Filtering:
 Prevents unwanted computers connecting by restricting MAC addresses.
 MAC address cloning is possible.

WEP – Wired Equivalent Privacy:
 Encrypts data sent between wireless nodes.
 Uses a 64, 128, or 256 bit pre-shared hexadecimal key to encrypt data.
 WEPs weakness is static encryption keys.
 Use WEP only with older equipment that does not support newer wireless security protocols.

WPA – Wifi Protected Access:
 Newer encryption protocol uses improved encryption algorithm.(Temporal Key Integrity Protocol)
 TKIP generates a unique key for each client and rotates security keys at a configurable interval.
 WPA allows client and access point to have key, it is never transmitted.
WPA2:
 New, improved version of WPA.
 Uses more secure Advanced Encryption Standard (AES).

8.2.5.1 Host Security
 Regardless of network defence servers are open attack if not properly secured.
 ISP servers are vulnerable because they are accessible from Internet.

Host-based firewall:
 Software that runs on host OS and protects against malicious attacks..
 Host-based firewalls control inbound and outbound network traffic.

 Allows filtering based on a computer address and port and offers more protection than regular port filtering.
 Comes with predefined rules that block all incoming network traffic.
 Exceptions are added to rules set to permit correct mixture of inbound and outbound network traffic.
 Balance need to allow network resources required to complete job tasks and need to prevent apps from being left vulnerable to malicious attacks.
 Server OS’ are preconfigured with host-based firewall and limited options.
 ISPs use host-based firewalls to restrict access to specific services a server offers.
 ISP protects their servers and customer data by blocking access to extra ports which are not used.

Known Attacks:
 Firewalls recognize malicious activity based on updatable signatures or patterns.
 They detect a known attack and block traffic on the port used by attack.

Exploitable Services:
 Host-based firewalls protect exploitable services running on servers by preventing access to ports that service is using.
 Some firewalls inspect packet contents to find malicious code.
 Web and email servers are common targets for service exploits but are protected if host-based firewall performs packet inspection.

Worms and Viruses:
 Spread by exploiting vulnerabilities in services/weaknesses in OS’.
 Host-based firewalls prevent malware from gaining access to servers.
 Prevent spread of worms/viruses by controlling outbound traffic originating from server.

Back Doors and Trojans:
 Allow hackers to remotely gain access to servers on network.
 Software sends a message to let hacker know of a successful infection.
 Then provides service to hacker to gain access to system.
 Host-based firewalls prevent Trojans from sending messages by limiting outbound network access.

 Anti-X software installed as an overall security measure.
 Protects computer systems from viruses, worms, spyware, malware, phishing and spam.
 ISPs offer anti-X software as part of security services.
 Not all anti-X software protects against same threats.

 Anti-X software packages allow for remote management.
 Have an incident management process to help prevent infection from reoccurring.
 Incident management is required by ISPs that manage and maintain customer data for security reasons.

8.3.1.1 SLA’s
 Documents expectations and obligations of ISP and user.

SLA’s contain:
 Service description
 Costs
 Tracking and reporting
 Problem management
 Security
 Termination
 Penalties for service outages
 Availability, performance, and reliability

 Clearly outlines management, monitoring and maintenance of network.

8.3.2.1 Monitoring Network Link Performance
 ISP is responsible for monitoring and checking device connectivity which includes equipment that belongs to ISP and any customer equipment that ISP agreed to monitor in SLA.
 Monitoring and configuration can be performed either out-of-band or in-band.
 In-band tools can have more management functionality : e.g overall view of the network.
 In-band management protocols =Telnet, SSH, HTTP and SNMP.

8.3.3.1 In Band Tools
 Telnet = Virtual Terminal (VTY) session or connection.
 Telnet is a client/server protocol.
 On a MS Windows PC, Telnet can be run from command prompt.
 Other Telnet clients are HyperTerminal, Minicom and TeraTerm.
 Routers run Telnet client and Telnet daemon and can be client or server.
 Using Telnet, users can conduct any authorized function on server.
 Telnet session can be initiated using router CLI.
 Telnet client can connect to multiple servers simultaneously.
 Using a Cisco router, press Ctrl-Shift-6 X to toggle between Telnet sessions.
 Telnet server can support multiple client connections.
 If router is acting as server, use ‘show sessions’ command to show all client connections.
 Telnet protocol supports user authentication but does not support encrypted data.

 Secure Shell (SSH) protocol offers secure method for server access.
 SSH provides secure remote login and other network services.
 SSH has stronger authentication than Telnet and encrypts transport of session data.
 2 versions of SSH. Which supported depends on Cisco IOS image loaded on device.
 SSH client must support the SSH version configured on server.

8.3.4.1 SNMP & Syslog
 SNMP = UDP based – Simple network management protocol, which lets admin collect data about network and devices.
 SNMP eg: CiscoWorks.
 SNMP management agent software embedded in OS’ on servers, routers and switches.

4 main components of SNMP:
 Management station = PC with SNMP management app used by admin to monitor or configure network.
 Management agent = Software on device managed by SNMP.
 Management Information Base (MIB) = Database kept by device re: network performance parameters.
 Network management protocol = Comms protocol used between management station and agent.

 Management station holds SNMP management apps that admin uses to configure devices on network.
 Management station stores data about those devices by collecting poll info.
 Agent uses statistics in the MIB to send to Management Station.
 Agents can be configured with traps. (alarm-triggering event).
 If configured with thresholds, when threshold is exceeded agent sends alert management station.
 Traps leave management station free from continuously polling of network devices.
 Management stations/managed devices are identified by community ID.( community string)
 Community string on SMNP agent must match SMNP management station.

 Syslog = standard for logging system events.
 App Layer protocol that allows devices to send info to syslog daemon running on management station.
 Syslog system = syslog servers and syslog clients.
 Log messages have an ID, type of message, a time stamp, what device sent message and message text.
 Some equipment can send more items than above.

8.4.1.1 Back up Media
 Network management / monitoring software helps ISPs identify and correct causes of network failures. Caused by e.g.: malware, network functionality and failed devices.
 IT professional must reduce risks of data loss and find a way for quick recovery of any data lost.
 Cost of backup solution and effectiveness must be balanced.
Some factors affecting choice of back up media:
 Amount of data
 Cost of media
 Performance of media
 Reliability of media
 Ease of offsite storage

 Tape is most common type of backup media available.
 Tapes have large capacities an cheapest media on market.
 Tape media prone to failure and drives need regular cleaning to maintain functionality.
 High failure rate through wear.
Different types of tapes:
 Digital data storage (DDS)
 Digital audio tape (DAT)
 Digital linear tape (DLT)
 Linear tape-open (LTO)

Optical Media Discs:

 Common choice for smaller amounts of data.
 CDs = 700 MB, DVDs = up to 8.5 GB, HD-DVD and Blu-Ray discs = 25+ GB per disc.
 ISPs use optical media to transfer web content data to customers.
 Customers use to transfer website content to ISP web hosting site.

Hard Disks:
 More popular due to low cost of high-capacity drives, but makes offsite storage difficult.
 Large disk arrays: direct attached storage (DAS), network attached storage (NAS) and storage area networks (SANs) not transportable.
 Some hard disk-based backup systems work with tape backup systems for offsite storage.
 Using both provides quick restore time, data available locally on hard disks and long-term archives.

Solid State Storage Devices:
 Non-volatile storage media without moving parts.
 Postage-stamp-sized drives = 1 GB of data, router-sized packages = 1000 GB (1TB) of data.
 Ideal fast storage/retrieval of data.
 Apps for solid state data storage systems: database acceleration, high-definition video access/editing, data retrieval and SANS.

8.4.1.1 Methods of file back up
Normal/Full:
 Copies all selected files.
 Each file is marked as having been backed up.
 Most recent backup is needed to restore files.
 Speeds up/simplifies restore process.
 All data is backed up, which takes the most amount of time.

Differential:
 Copies only files that have changed since last normal/full backup.
 Full backup on first day of backup cycle is needed, then files created/changed since time of last full backup are saved.
 Reduces amount of time needed for backup.
 When restoring data, last normal backup is restored and latest differential backup restores all created/changed files since last full backup.

Incremental:
 Only saves files created/changed since last incremental backup.
 Quickest to backup but longest to restore.

 Backup systems need maintenance to keep them running properly.

 Swap media: Use a notification method: task scheduling to ensure humans don’t forget to swap tapes etc.
 Review backup logs: Logs report on success of backup or specify where it failed. Regular monitoring means quick identification of backup issues which need attention.
 Perform trial restores: Do a trial restore of data to verify backup is usable and restore procedure works.
 Perform drive maintenance: Routine cleaning of tape drive with cleaning tapes. Defrag HDD’s to improve overall performance of system.

8.4.3.1 Cisco IOS Software Back up & Recovery
 Cisco device software and config files can be saved to network server using TFTP and copy commands.
 The command to save the IOS file is very similar to the command to backup and save a running configuration file.

3 Steps to back up Cisco IOS software:
 Step 1: Ping TFTP server where file should be saved to verify connectivity.
 Step 2: Verify IOS image in flash on route using ‘show flash’ command see filename/ file size of IOS image. Confirm TFTP server has sufficient disk space for file.
 Step 3: Copy IOS image to TFTP server using ‘Router# copy flash tftp’

Steps to upgrade an IOS image file on router:
 Step 1: Use ‘show flash’ command to verify available memory in flash and confirm enough room for IOS file before starting upgrade or restore.
 Step 2: Use ‘copy tftp: flash:’ to upgrade Cisco IOS software.
 Router may prompt user to erase flash memory if insufficient memory available for old and new images.
 Series of ‘e’s appear to indicate erase process.
 After new image is loaded and verified, device is reloaded with new Cisco IOS image.
 If IOS image is lost and needs to be restored, ROMmon mode is required.
 Quickest way to restore Cisco IOS image on router: useTFTP in ROM monitor (ROMmon) mode.
 ROMmon -TFTP transfer uses specified LAN port (default is first available LAN interface).
 TFTP in ROMmon mode: set environmental variables then use ‘tftpdnld’ to restore image.
 To set ROMmon environment variable enter variable name, equals sign and value of variable.
 E.g.: to set IP address of 192.168.1.1, type IP_ADDRESS=192.168.1.1

Required environment variables:
 IP_ADDRESS – IP address on LAN interface
 IP_SUBNET_MASK – Subnet mask for LAN interface
 DEFAULT_GATEWAY – Default gateway for LAN interface
 TFTP_SERVER – IP address of TFTP server
 TFTP_FILE – Cisco IOS filename on server

 ‘set’ command displays ROMmon environment variables.
 Now use ‘ tftpdnld’
 Each datagram is displayed with an exclamation point (!) as Cisco IOS file is received.
 Existing flash and all other files in flash memory are erased.
 Back up these files to a TFTP server in case you may need to restore original IOS image.
 When ‘rommon 1>’ appears restart router using ‘reset’ or type ‘i ’ to boot from new Cisco IOS image in flash.

8.4.4.1 Disaster Recovery Plan
 Comprehensive document that describes how to restore operation quickly.
 Plan ensures that business can adapt to physical/social changes caused by disaster.
 Plan includes info: offsite locations where services may move, info on changing network devices/servers and backup connectivity options.
 When building plan, fully understand critical services for operation.

Services available during a disaster:
 Databases
 Application servers
 System management servers
 Web
 Data stores
 Directory

 When designing plan understand needs of org.

Vulnerability assessment:
 How vulnerable are critical business processes and associated apps to common disasters.

Risk assessment:
 Analyse risk of disaster occurring and associated effects/costs to business.
 Create a list of 10 potential disasters and effects.

Management awareness:
 Use info gathered on vulnerability/risks to get approval on disaster recovery project.
 Maintain equipment/locations for disaster recovery can be $$$.
 Senior management must understand effects of any disaster situation.

Planning group:
 Manage development/implementation of strategy and plan.
 When disaster occurs, individuals must understand their roles/responsibilities.

Prioritize:
 Assign priority for scenarios e.g.: mission critical, important and minor.

 Planning process should first use top managers and include all personnel that work with critical business processes.

Phase 1: Network Design Recovery Strategy
Analyse network design to include:
 Any backup connectivity options and is redundancy in network design?
 Availability of offsite servers that can support apps.
 Availability of backup routers, switches, and other network devices.
 Location of services and resources that the network needs.

Phase 2: Inventory and Documentation
 Create inventory of all locations, devices, vendors, used services and contact names.
 Verify cost estimates created in risk assessment step.

Phase 3: Verification
 Create verification process to prove that strategy works.
 Practice exercises to ensure plan is up to date/workable.

Phase 4: Approval and Implementation
 Get approval and develop budget to implement disaster recovery plan.

Phase 5: Review
 When disaster recovery plan has been used for 1 year, review plan.

When I was a kid, my sisters and brother would antagonize me and I’d charge, like a little bull. Then they’d put their hand on my head and hold me away. I fell for it a lot and it always infuriated me and I’d fight even harder and they’d laugh even louder, which made me angrier, which made them laugh … it was a vicious circle. Until I learned to stop falling for it. I learned to stop showing them that they were getting to me. And I learned to fight dirty. I was the youngest and the smallest, I did what I had to do. A lot of that involved tattling. If I couldn’t beat them, I’d get them in trouble. We got older and my brother stopped trying to kill me, but it took my sisters longer to get the idea.

One day JR and I were at war (and it was always a full-scale war, never a minor skirmish) and she had me against the wall choking me. A few days earlier, she had fallen off a friend’s trampoline and had a big cut on her arm (she still has the scar). I stopped trying to pry her hands off my neck and I raised up and smashed her arm with everything I had – right on that wound. She howled and dropped me. I ran.  JR never touched me again.

I don’t remember what started that particular fight, but I’m sure I was not totally innocent. I was a scrappy kid and I had a big mouth. There was chaos in that house until I was 16, which is when everyone had moved out and I finally had a room to myself.

That temper burned out a long time ago. I don’t like chaos and I don’t like to fight anymore. A friendly debate is one thing, but you won’t find me in an argument these days. It takes too much energy and I’m lazy. In fact, some people think I’m a pushover. Bosshole, for example, walked on me. She did it because she got away with it – because I allowed it. I allowed it because it was the path of least resistance – because I just didn’t want to be bothered. If she had ever done something truly outrageous, I would have stood up to her but I don’t think she ever realized that.

I still have a spine. It’s still stainless steel. If you push me too far, I’ll whip it out and beat you senseless with it. You can push and push and I won’t react but when you cross that line, it’s over.

Cisco? You’ve crossed that line, bitch. I refuse to be intimidated. I refuse to back down. I will not quit. You will not get the best of me. You will not defeat me. You won’t make me cry and you won’t make me doubt myself. I don’t care if I flunk 100 practice tests – I will not fail when it counts. You can pose any trick question you want and I will know that the correct answer is always the Cisco answer. I ain’t your bitch, bitch.

Phoenix? You think you cram so much into 5 weeks that I will have to choose between getting a good grade with you and passing the Cisco exam? Really? Hi, Phoenix. I’m Determined.  And I’m smarter than that.

Did you think I’d crumble? Did you think I’d lay down and die? Oh no, not I.

You should have left me alone because now I’ve had it. You finally pissed me off and I’m about to kick both your asses.

It’s on.

Viral Marketing is no easy feat. It’s very hard to predict what’s going to become viral. Actually naming anything “viral” even before it becomes viral is an oxymoron. So, if anyone tells you – I am working on a viral marketing project, do this for me, roll your eyes. “Viral” cannot be created, it happens.

But it’s not just art; it’s science as well. Most importantly, if you are working on a “viral” project, make sure you can track the metrics from the top of the funnel to the bottom so that you can show success or failure. Many marketers forget that and focus too much on the creativity part. Remember, even if you are not successful, it is important that you have some key learning from the campaign or else how will you objectify the investment.

Also, most of the time, marketers don’t think about the end-result. What’s the goal of the viral marketing campaign? Do you want to raise awareness? Generate Leads? Based on your goal, the vehicles you use and the tactics you implement will be different.

Let me walk you through a very successful campaign we did here at Cisco to illustrate that. The power of networking and communications solutions is not necessarily well known among small business (5 – 250 employees) decision makers. They know Cisco, but may not know what we do, and specifically, what we can do for them. The idea of the campaign was to raise awareness among small business customers around Cisco small business solutions and pique their interest to provide contact information so that we can nurture them and entice them to buy our solution in the future.

Our objectives were straightforward:

1. Educate small business decision makers on the power of networking technologies to enable their businesses to succeed using humor

2. Demonstrate that these robust capabilities are well within reach of a small business’ budget and resources

3. Build a scalable marketing program that would enable us and our partners to drive demand, close sales opportunities, and create broader awareness for Cisco as a solution provider for small business.

4. Generate interest and excitement in Cisco’s solutions where you find small businesses—not at conferences once or twice a year, but on-demand, on the web.

We posted the “Peace of Mind” viral video on multiple video syndication sites across the web like MetaCafe and YouTube. It was also posted on internal Cisco sites, Cisco.com and partner sites. The concept of the video was to relay using humor how the Cisco small business portfolio provides peace of mind with reliable and trustworthy networking solutions.

Small Businesses who watched the video were enticed to come to the “Peace of Mind” landing page to watch more such videos. We also used banner ads with the theme “Peace of Mind” and Google paid search to direct traffic to the landing page. In the landing page, we had two offers – one for customers interested to buy the networking solution and one who were still not ready to buy.The customers who were ready to buy Cisco solutions were qualified by a third party telemarketing firm and passed on to partners to be followed up. The customers who were not ready to buy subscribed to our monthly Innovators newsletters to be further nurtured.

The end-results were phenomenal:

• 500,000 video hits on metacafe.com; digged 113 times; 58 comments
• More than 200,000 video hits on Youtube; 33 comments
• More than a million video hits on the internet; syndicated in more than 100 sites and 25 languages
• More than 5000 additional visitors on Cisco.com in 3 months and 88% new traffic
• 5000 new “Innovators” Subscribers
• More than 200 networking solution leads in the US
• Featured on UK and France small business Web sites
• 64% more traffic on Latin America Web site and 27% more online leads

Some key takeaways from this campaign:

• It is very important that you think through the objective of the campaign
• You measure every single touch point with your audience
• The audience has a pay-off at the end of the video as well as the landing page
• The landing page has compelling offers to engage the audience
• You deliver on your promise and experience throughout the customer journey

Momentum is important for anything to succeed.  A few individual innovations are important to get the ball rolling, but once you have major companies and sections of the population embracing a trend, it can take off like wildfire.  The US stimulus funding for smart grid technology was one of these big jumps in momentum.  And today, another one in the form of a want ad for a job opening …

Requisition #: E851662 Location: UNITED STATES.CALIFORNIA.SAN JOSE Job Title: CTO Smart Grid Region: US & Canada Area of Interest: Executive Level of Experience: Experienced – Manager Flexible Work Option: No Job Description: POSITION: Chief Technology Officer, Smart Grid Business Unit

-Rob

November 20th 2009

Bend, OR

Broadcast quality video cameras are only doing one thing: getting smaller.

But the smallest one, the Mini-HD camera, has so far been largely shunned by professional video journalists, chiefly because of their shaky footage and poor on-board audio.

Now though, there’s a new camera on the scene which threatens to change all that- and it weighs just 110 grams. It’s Kodak’s latest MiniHD cam, the Zi8, and now has an external microphone input for high quality sound recording.

I’ve put together a quick run through explaining its features…

Now I think if used creatively, it’s possible to produce a high quality film with the Zi8. If so, the potential for citizen journalism, hyper-locals and other smaller news enterprises could be profound. Michael Rosenblum has already written about the potential of giving cameras like these to large numbers of people.

And you just have to watch this film by PNW Local (previously featured on this blog) to see the potential. It was shot entirely on the Zi8’s predecessor the Zi6. Elsewhere Cisco are now promising wi-fi with their next FlipCam model, but unless its’ got better audio I think it won’t rival the Zi8 for professional use.

I’m going to keep filming and experimenting – all the results will appear right here!

As part of my ongoing research, I’ve been paying close attention to developments around Twitter’s “list” feature (launched in October) – “A great way to organize the people you follow and discover new and interesting accounts.” Yesterday I stumbled upon an interesting finding (that has me scratching my ahead a bit) in relation to follower vs. list counts as a measure of popularity.

One would think that there would be a very high correlation between the two – if a lot of people follow you, you are likely to make a lot of lists. While I haven’t actually run a regression to prove that, as I’ve looked around it generally seems like a fairly safe assumption. But there’s one interesting anomaly I’ve found recently – @Marvel vs. @Agent_M.

@Marvel is “the official Twitter for Marvel Comics, Movies, Games and More.” Agent_M is the “editor for Marvel.com. Writer, blogger, loves tacos, tattoos, comics…” I’ve been watching these two accounts with interest for some time, because the former has about 43 thousand followers, and the latter has about 1.4 million. This would seem to say something important about relative popularity, and it’s interesting when the editor is more widely followed than the content.

But the “list” count tells a slightly different story. @Marvel has been added to 1,467 lists, while @Agent_M has been added to 1,234. So even though Agent_M has 0ver 30 times more followers, his account has been added to fewer lists. Divide lists Marvel is on by total followers you get 3.4%; for Agent_M you get 0.1%. ; Why is that? And what does it mean?

I have a few ideas (that basically amount to pure speculation), but there’s one other wrinkle I’d like to throw in here from my previous research. Regular readers have heard me talk about the Twitter brand engagement matrix before (see here, here, here, here, and here). The basic idea is to differentiate between brand and personality centric accounts, and broadcasting vs. conversational strategies, by using a 2 by 2 matrix. It looks like this (with a few examples thrown in):

The general message (as each of the examples represents) is you can have success from each of the quadrants. In this case, @Agent_M is squarely in the personality / conversational quadrant (upper right). @Marvel is squarely in brand /broadcast quadrant (lower left). Two diametrically opposed approaches, with two very different results.

So in this case, the personality / conversational approach has proven far more effective at attracting followers – a sign of popularity. But the brand / broadcast approach has proven far more effective (on a relative basis) at making it onto lists – a different sign of popularity. So why? Is it a different type of person that follows the different type of accounts? Does it indicate that a higher proportion of @Marvel’s followers are actually interested – and perhaps a significant chunk of Agent_M’s aren’t paying attention? What exactly is it about the type of content @Marvel posts that makes it more likely to crack lists?

Can’t claim to have the answer (at least not yet ). But I think there are some interesting questions here that I will be paying attention to…

Numerous experiences with clients and students implementing Virtual Private Networks (VPNs) with IPSec have shown me that some common misconceptions exist as to their operation and troubleshooting.  We will examine three of these using the scenario below between an ASA running version 8.0 code and a Cisco Router running IOS version 12.2 or higher code.

Misconception #1: A Site-to-Site VPN created with the ASDM Wizard is Bidirectional

The commands below are a portion of what would be displayed if the “Preview Commands…” option were selected in the ASDM preferences after finishing the Site-to-Site wizard.

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs group2
crypto map outside_map 1 set peer 192.168.11.2
crypto map outside_map 1 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside

Note the set pfs group2 statement above; this default deployment option with the wizard will result in the IKE Phase II proposal of Perfect Forward Secrecy using Diffie-Hellman Group #2.  While the IOS Router will support this and agree to it (even though it wasn’t explicitly configured), the tunnel CANNOT be successfully initiated by the site owning that router!  For this to happen, the router MUST be configured with the same statement for its Phase II policy in its crypto map.

Misconception #2: The IKE keepalive keeps the Site-to-Site tunnel up

Actually, the IKE keepalive merely insures that the remote peer is reachable. A little-known fact is that the Idle Timeout usually found in the Network (Client) Access for the IPSec client also impacts Site-to-Site tunnels being kept up.  A screenshot is provided below showing where this is configured for the default group policy, DfltGrpPolicy.

Studies have shown that if this time interval is increased to be greater than 80% of the Phase II IPSec Security Association lifetime, the tunnel will stay up.

Misconception #3: Allowing IPSec ACL bypass is insecure – Default Wizard option

This appears as a checkbox in the wizard, or could be configured using the CLI command sysopt connection permit-vpn. Two very effective techniques can be used here, the mechanics of which will be discussed in future postings.  The first of these would be to configure a VPN Group Filter (done under the Group Policy settings), a feature which applies for both Site-to-Site or Remote Access VPNs. A second effective technique, applicable for both IPSec and SSL VPN Client access, would be to use downloadable access-control lists with RADIUS.

Author: Doug McKillip

References
Most Common L2L and Remote Access IPSec VPN Troubleshooting Solutions Document ID #81824

Tellumat Telecoms, the converged communications specialist in the Tellumat Group and distributor of ShoreTel’s IP range, says the US vendor’s recent exploits corroborate the benefits that ShoreTel customers report in their own businesses.

In just one week leading into November, ShoreTel won the prestigious Nemertes Best IP Telephony (IPT) Provider award for the sixth time, and joined the select Deloittes Technology Fast 500 club.

Top IPT provider – value and technology stand out

Since Nemertes (www.nemertes.com) launched its independent survey of IPT providers in 2003, ShoreTel (founded 1998) has top-scored in every ratings category. This year it beat a field of 39 in the areas of Value; Customer Service; Technology; Management Tools; as well as Installation and Trouble-Shooting.

“ShoreTel’s key driver continues to be its value with a 4.31 rating out of 5,” the citation reads. “Low prices, a broad set of features, scalability, strong customer service and relatively uncomplicated deployment and troubleshooting all contributed to its win.”

The end-user-only research sample collectively praised ShoreTel’s “exceptional features”, its “highly resilient architecture” and its low upfront and ongoing costs. They add that the vendor’s distributed architecture offers redundancy at an affordable price and is easy to expand.

The interesting aspect of ShoreTel’s achievements is that it is one of a number of IP market ‘challengers’ in the survey, the award citation discloses. And yet, it has outdone all competitors, including the market leaders.

Challengers besides ShoreTel include Microsoft, Alcatel-Lucent, 3Com and Mitel. The ‘market leader’ group is brought up by Cisco, Avaya and Nortel.

For the full report, visit here.

Technology Fast 500

ShoreTel has further been ranked 228^th in Deloitte’s Technology Fast 500 survey, having grown its revenue by 584% in the five years under consideration (2004 – 2008).

The award category rates the fastest-growing US companies in the IT, telecoms, life sciences and clean technology industries – a voluminous category with stellar performers.

ShoreTel’s CEO, John Combs, credits ShoreTel’s engineering ingenuity and customer satisfaction. “Our focus is on providing easy-to-manage, simple-to-use solutions, an architecture that is built for reliability and growth, and on earning customer satisfaction.”

Everyone will benefit

“Accolades don’t come much bigger and better than this,” says Bennie Langenhoven, managing executive of Tellumat Telecoms, which launched the ShoreTel range in South Africa in April 2009.

At the time, Langenhoven based his choice on the redundant distributed architecture of the ShoreTel platform, its simple business integration, scalability, manageability, high customer satisfaction index, low cost of ownership and ease of deployment and use.

“Nothing has changed since then,” he says. “What we liked then continues to rake in the accolades. Our customers, channel partners and everyone else involved in ShoreTel can only benefit from an ongoing association.”

Langenhoven notes that ShoreTel has been an excellent partner and is a very good fit with Tellumat Telecoms’ own strategy, bolstering our ability to provide support to our local partners and re-sellers.

View the full 2009 Technology Fast 500™ ranking at http://www.deloitte.com/us/2009Fast500winners.

2009-11

2009-11

2009-10-29

2009-10-20

2009-10-9

2009-10-19

2009-10-15