Activate the IT Transformation with Unified Access: Part 4 --  Centralized Policy, Control, and Enforcement 

Wednesday, May 15, 2013  10am-11am PDT     |       Register Now

Don’t miss the next in line of our five-part Unified Access Webinar Series  on May 15th to hear how organizations in education and healthcare rely on Cisco Identity Services Engine (ISE) to provide the identity enforcement and secure access control that allow employees, contractors, students, faculty, and guests (choose the user) to use their own devices on the network. Read More »

Tags: access, activate, authentication, central, centralize, Cisco, control, demo, device, enforcement, ISE, IT, management, MDM, mobile, mobility, network, organization, policy, secure, security, technology, wi-fi, wifi, wireless

Activate the IT Transformation with Unified Access: Part 4 --  Centralized Policy, Control, and Enforcement 

Wednesday, May 15, 2013  10am-11am PDT     |       Register Now

With more users and devices being added to your network every day, unified access and central policy control have become critical needs. Your organization isn’t alone.

Attend our next live workshop  on May 15th to hear how organizations in education and healthcare rely on Cisco Identity Services Engine (ISE) to provide the identity enforcement and secure access control that allow employees, contractors, students, faculty, and guests (choose the user) to use their own devices on the network. Read More »

Tags: access, activate, authentication, central, centralize, Cisco, control, demo, device, enforcement, ISE, IT, management, MDM, mobile, mobility, network, organization, policy, security, technology, wi-fi, wifi, wireless

I have commented before on numeric passwords, and how they can and cannot be used securely. Apparently, not everyone has been reading my blog. Developer Kevin Burke has apparently discovered a phone company that limited customer passwords to a six-digit code, with only the numbers 0-9 as options. Combined with not having any failed password lockouts, nor requiring any other information besides username (your phone number) and the six-digit password, this is a recipe for disaster.

Read More »

Tags: authentication, passwords, security, strong passwords

One of my favorite books is The Pillars of the Earth by Ken Follet, I’ve read it and reread it many times and each time I read it I get something new out of it.  With so many good books out there it seems silly to reread a book, especially a very long book. I think what it is, is that the story is so good, the characters so compelling that I don’t want to leave them and when I’m finished with the book I miss them.  Fortunately the book was made into a mini-series that I enjoyed and brought a nice visualization of the story.  I also think the mini-series may have attracted a new set of readers in the viewing audience.

New audiences come with new methods of distribution for the same, similar or different presentation of an already published work.  With the intent to reach a new audience I am republishing a UCS XML API focused blog from another blog site on Cisco Developer Network UCS Section.  I wrote this blog in April 2010, but the methods utilized seemed to flow from my prior entries on this site.The previously published blog has references to other blogs on the on the Cisco Developer Network site in the Cisco UCS section.

The previous blog…

Last time I wrote about using telnet to connect to the UCS Manager XML API as a way to introduce the API and show it’s lack of complexity. Now I don’t expect anyone to write an application that uses telnet to manage a UCS system, I just wanted to get across that if text, XML structured text, can be pushed across an open port to the listening API process on the UCS then it doesn’t matter how the push is done.

However telnet is not very practical, so I thought I would write about curl and xmlstarlet (xmlstarlet referred to as xml in this entry). curl is used to handle the request and response cycle with the UCS and xml is used to process the XML response. In some of my early scripts I used sed and awk to “parse” the output. I say parse but it was more pattern matching; by the way sed and awk are great tools, but maybe I’m partial to them because I’ve been around for a while. The reason I started with curl, sed and awk was not because I lacked XML experience but because I wanted to appeal to the administrators out there and show that XML experience, while beneficial, is not specifically needed.

Read More »

Tags: authentication, Cisco UCS, curl, query, XML API

Either someone is doing some serious academic work in researching password strengths, or someone is building a really great hashed password dictionary. The Steam community forum compromise, in which attackers gained access to a database containing usernames, encrypted passwords, and e-mail addresses, is just the latest in a series of compromises targeting a subset of the online community: gamers.

It’s difficult to say whether these attacks are increasing in frequency or whether media reporting and voluntary disclosure has created the illusion of a growing trend. In either case, our activities are continually moving online, often protected only by a username and password, instead of staying safe and warm in hard disks on our home desktop computers. The attack surface is increasing as more web services require more usernames and passwords and the opportunity for password reuse increases.
Read More »

Tags: authentication, security, strong passwords