Cisco Blogs

Cisco Blog > Inside Cisco IT

Location, Location, Data Center Location

I spent a recent weekend helping a friend load his belongings into a moving van, in preparation for relocating his family from California to Texas.  Sometime between lifting my end of a sofa and carrying boxes that apparently contained his collection of concrete blocks, we talked about his search for a new home.

Although there are certain amenities he would like his new house to have, the biggest influence on his choice of residence is the old real estate axiom location, location, location.  He has a child in preschool and a good job, so you can guess his priorities:  something near a highly rated school, not too far from work and where property values are apt to rise over time.

Location is a critical consideration for Data Centers, too, although for different reasons.  Read More »

Tags: , , , , , , , , , ,

Broadband and Commerce are Booming in South America

By Howard Baldwin, Contributing Columnist

While the European and United States economies struggle with mounting debt, there’s an encouraging success story south of the equator; one that combines infrastructure improvement, broadband deployment, and thriving commerce.

According to the findings in a white paper entitled Latin American Economic Outlook 2012 — jointly produced by the Economic Commission for Latin America and The Caribbean (ECLAC) and the Development Centre of the Organisation for Economic Co-Operation and Development (OECD) — between 2000 and 2007, public debt in Latin America

Read More »

Tags: , , ,

802.11i, Authentication and You

Not too long ago I was assigned to a troubleshooting and remediation project for a hospital here in the SF bay area. The problem, after much troubleshooting and lab recreations, was determined to be due to an unique issue with client roaming and authentication. During the course of troubleshooting my coworker and myself often found ourselves explaining 802.1X and 802.11i to others working on the troubleshooting effort, or requesting technical updates. So based on that experience, I started thinking this might a be a good topic to cover here.

Let’s review the some of typical components of the enterprise wireless security model.

What is 802.1X?
802.1X is not a protocol, but rather a framework for a “port-based” access control method.  802.1X was initially created for use in switches, hence the port-based terminology, which really doesn’t fit too well in wireless since users don’t connect to a port. In the end it’s meant to be a logical concept in the 802.11 world.  802.1X was adopted for wireless networks with the creation of 802.11i to provide authenticated access to wireless networks. At a high level. the framework allows for a client that has connected to the WLAN to remain in a blocked port status until it has been authenticated by a AAA server. Essentially the only traffic allow through this virtual blocked port is EAP traffic, things like HTTP would be dropped.

What is EAP?

EAP  (Extensible Authentication Protocol) is the authentication method used by 802.1X. It can take on various forms, such as PEAP, EAP-TLS, EAP-FAST, to name a few. There is one thing to remember when determining what EAP type to use in your network, is that it is dependent upon what your client and AAA server supports. This is it, your AP or AP/Controller hardware or code version will play no part in version is supported. Unless your AP/controller is acting as the AAA server, but I’ll stay away from that in this post. I think this can be a point of confusion for people who haven’t read much or anything about EAP methods. So, if some one asks what version of EAP the AP will support, all you need to do is ask them, what does their Client and AAA server support.

What is 802.11i?

Simply put, 802.11i is an amendment to the original 802.11 standard to address the well documented security short comings of WEP. It incorporates WPA  as a part of the 802.11i amendment and adds the fully approved WPA2 with AES encryption method. 802.11i  introduces the concept of a Robust Security Network (RSN) with the Four-way handshake and the Group key Handshake.

Read More »

Tags: , , , , , , , , , , , , , , , , , ,

Fast Convergence Counts

Video compression formats typically use a technique known as ‘difference coding’ by comparing the difference between the current video frame with the preceding frame. This ensures that information which does not change (e.g. static background) is not repeatedly transmitted. To reduce network bandwidth, video is highly compressed, but losses affect quality. Watch this short video and see the impact of packet loss, jitter and delay on video.

Silicon Valley Innovation is Built Around Employee Mobility

In my last blog, I wrote about HP’s disturbing pattern of suing non-California employees under ‘non compete’ clauses, often imposed  years after employment began.  Apparently it’s relatively recently that HP decided to abandon its Silicon Valley roots and tie up its  non-California employees in legal knots.  HP is in fact the only large Silicon Valley-based company to have two classes of employees and try to impose mobility restrictions on those who live outside California.  HP’s efforts have gone so far as to sue an employee who took a buyout after having his salary cut, and one who didn’t even work in an area related to HP’s products that compete with Cisco’s.

Two recent actions since that blog posting are stunning.   First, HP renewed legal action in Texas, where one of the employees used to live, trying to get a judge there to schedule a court date on a day’s notice and to apply Texas law even though the California judge in the case is going to hold a hearing, as is certainly appropriate, to verify that the employee has in fact moved to California. (Yes, he came to work for Cisco after he arrived in California, rented an apartment, got a drivers license, etc.) Once again the Texas court refused to intervene, and in fact effectively “stayed” HP’s legal actions indefinitely. HP also tried in Texas to raise another bar to employee freedom, claiming that the employee would ‘inevitably’ use HP’s trade secrets to do his job at Cisco, and therefore should be barred from continuing his new job. Just as California law bars enforcement of non-compete clauses, California courts won’t recognize this doctrine either, seeing it for what it is — an effort to impose de facto non competition clauses.

Read More »

Tags: , , , , ,