With the introduction of Cisco mDNS Service Discovery Gateway in IOS, customers that have implemented the solution are observing client behavior they haven’t seen prior to extending services across subnet boundaries. One of the effects is the duplicate name issue seen when devices with enabled services are moved from one L3 subnet to another L3 subnet and these two subnets happen to be connected to the same router/switch running the Service Discovery Gateway (SDG).
When devices (like a Mac OS X computer) offer a service such as Remote Login (SSH) or Screen Sharing (VNC), they will announce these services using mDNS/Bonjour/Zeroconf using their hostname as configured in ‘System Preferences -> Sharing -> Computer Name’ (see Fig. 1).
Read More »
Tags: Apple iOS, Bonjour, bonjour services, cisco ios, iPad, iphone, mdns, SDG, Service Discovery Gateway, wireless, zeroconf
Cisco’s One Platform Kit (onePK) is a fantastic toolkit for building custom applications that interact with your Cisco routers and switches. Using onePK, you can build automation directly into the network and extend all sorts of functionality using Cisco devices. The first in a three-part blog series, this article will introduce onePK to the reader, explain what it is, how it can be useful, and will show how to configure onePK on a router. The second and third installments will walk the reader through a simple security-relevant application using the C API. Important to note is that we’ll be covering the 0.6.0 version of onePK features and service sets. At the time of this writing, the toolkit is still in Controlled Availability and as such, is still in active development, and the API could change before it is released into General Availability. However, even in the face of API evolutionism, this article will provide you with a solid jumping-off point for your plunge into the wondrous world of onePK.
OK, Just What is onePK?
OnePK is a Cisco IOS Software feature and a set of programming libraries enabling an application programmer to build powerful applications that tightly integrate and interact with Cisco devices. onePK is available to you via a well-documented and unified API, currently offered in C and Java with Python in active development. It is currently in pre-release and is available only on request. Details on how to obtain onePK are provided below. Read More »
Tags: Cisco, cisco ios, Cisco Security, cisco sio, IOS, One Platform Kit, onePK, secure software, security
On March 12th, Cisco announced the ISR-AX and how Cisco is changing the game, reducing complexity and making it simpler for enterprises to deliver and manage application delivery to users. Cisco is expanding the role of our Integrated Service Routers (ISRs) to deliver application-centric networks that provide granular visibility, control, and optimization without additional devices or bandwidth upgrades – Cisco® Application Experience (AX) Router family is now a part of the ISR family of routers! The Cisco ISR-AX Routers directly integrate Cisco Wide Area Application Services (WAAS), Application Visibility and Control (AVC), Data/IPBase and Security services into a platform that is simple to order, configure, and deploy for secure, optimized cloud connectivity and branch-office routing. The Cisco ISR G2 and ISR-AX Routers are based on the same hardware and software that you know and love and are deploying today. Today I wanted to go into the technical details of each of the components. Read More »
Tags: Application Experience Router, Application Visibility and Control, AVC, Cisco 19xx, Cisco 29xx, Cisco 39xx, cisco ios, ISR, ISR G2, ISR-AX, NBAR2, netflow, PfR, router, secure routing, vpn, waas, wan opt, WAN Optimization, What is the ISR-AX?
Today, Cisco is celebrating a milestone in its commitment to helping you act on security intelligence—our 10th bundle of Cisco IOS Software Security Advisories. We’re proud of our commitment to these predictable disclosures (on the fourth Wednesday of March and September annually) because they originated as a direct response to your feedback. Bundled publications allow you to plan ahead and ensure resources are available to analyze, test, and remediate vulnerabilities in your environments. In an upcoming post, my colleague John Stuppi will share how the Cisco Product Security Incident Response Team (PSIRT) drove the evolution from a traditional disclosure model to the current semiannual bundled publication. John’s post will also provide another vehicle to share feedback with PSIRT, the organization that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks.
Make sure you take a look at the Cisco Event Response—our “go to” document that correlates the full array of Cisco Security Intelligence Operations (SIO) resources for this bundle (including links to the advisories, mitigations, Cisco IntelliShield Alerts, CVSS scores, and OVAL content). Remember, this collateral is not unique to Cisco IOS Software Security Advisories but is part of Cisco SIO’s response to current security events.
Today’s edition of the Cisco IOS Software Security Advisory Bundled Publication includes seven advisories that affect the following technologies:
- Network Address Translation
- Resource Reservation Protocol
- Internet Key Exchange
- Zone-Based Firewall Session Initiation Protocol Inspection
- Smart Install
- Protocol Translation
- IP Service Level Agreement Read More »
Tags: Cisco, cisco ios, Cisco PSIRT, Cisco Security, cisco sio, IOS, vulnerability