Cisco Blogs


Cisco Blog > Perspectives

The Evolution of Branch Connectivity

Over the past few weeks I’ve had the chance to come up from my rabbit hole of deployment projects and catch up on the tech news. In particular, the announcement at Interop New York where Cisco announced the new ISR 4400 family of routers along with a few other articles got me to thinking about how far branch office connectivity has come in the past decade or so and to a question: is one method of branch connectivity better than another?

In the Beginning…

In the past decade or so we have seen substantial change in how we connect to the internet and how fast we do so. Early on (circa early 2000s) the internet was fairly flat. Real time voice and video were still a thing of science fiction. In the enterprise we connected remote offices back to the central office via leased lines over a frame relay network. T1s were considered good and if you had a DS-3 link you must have been in a big IT shop. Compute services were limited to corporate email (Outlook/Exchange were the new kids on the block) and client/server based systems. Read More »

Tags: , , , , , , ,

On Being Wrong

I have always found it easy to confidently stand on what I know. I have found it even easier to stand on what I think I know. The difficult part is finding the line where one becomes the other. When does confidence become overconfidence?

Sometimes, I only find out when my assumptions are proven wrong in the lab. When this happens, a lot of time and money gets wasted in reworking the design to follow the way things actually work. For the most part, I charge my customers a per-project rate and pay for such mistakes myself, impacting my own bottom line rather than the customer’s. Read More »

Tags: ,

Cisco Features you should be using

I know more than once now the Cisco ISR/ISR-G2’s Series have been dubbed as the ‘Swiss Army Knife’ of networking devices, simply due to the amount of flexibility & the number of technologies available to you when deploying these devices. Luckily for us, these devices provide even more features available to us to assist with troubleshooting and maintaining the overall health of the network. What is even better is that many of these useful troubleshooting features exist on many of the other product families not just ISR/ISR-G2’s. I’ve had the pleasure to work on networks all around the world for some decent size companies so I wanted to kick off this list with what I consider to be the most useful tools built-in to Cisco devices that are not very well known out there.

1. Embedded Packet Capture (EPC) -- There is no doubt about it, but the ability to perform a packet capture at key points throughout the network can make troubleshooting particular issues that much easier. Luckily this feature exists on many different devices:

1. ISR G2′s -- Even the older ISR’s have this ability
2. ASA Firewalls
3. IOS-XE devices -- From the powerful ASR’s to the newer Catalyst 3850
4. NX-OS devices -- Granted on NX-OS you can capture packets that are process switched, there is an easy way around this by creating an Access-list to match the traffic you want to capture.
5. Even in Cisco UCS we can configure a traffic monitoring policy to capture traffic directly from particular servers and capture directly off the Fabric Interconnects. *This is more of a SPAN-type session than Embedded Packet Capture. Read More »

Tags: , , , , ,

Summary: The First 4 Steps to Simplify Your Small Business Information Technology

Sam O’Daniel (better known as the Startup IT Guy) has put together a short list of steps to take when starting or just simplifying your business information technology.  If the next couple of months are your slow season, you can get these steps in motion to have a better handle on IT in the new year. From signing up with a cloud productivity suite to establishing a vendor relationship for purchasing to streamlining network hardware (on Meraki gear, of course!), these 4 steps will help get you out of IT support and put your focus back where it belongs -- your business.

Read the full article here.

Tags: , , , ,

IPv6 First-Hop-Security

If you’ve worked with networking sometime in the last decade, I’m sure you’ve heard of this thing called IPv6. IPv6 has been around for quite a while, but it seems to be growing increasingly more popular as of late.
My focus on this article will be some of the challenges with security and IPv6, primarily those that Cisco IPv6 First-Hop-Security (FHS) solves.

Several times I’ve found myself looking at the network traffic traversing a customer’s network, asking if they use IPv6.
Unfortunately, most of the times the answer is no, even though I can see the Link-local and multicast addresses flying by my screen.
When I proceed to ask if they’ve added any security measurements in the network to protect against IPv6 attacks, the answer is mostly: “Why would we need any IPv6 security if we don’t use IPv6”? Read More »

Tags: , ,