My last post was all about finding IPv6 prefixes on the IPv6 Internet. I think the next natural question is “What about IPv6 traffic?” or more specifically, “What about IPv6 traffic on my network?” In this post, I’ll talk about some network tools, or instrumentation, that can be used to find and measure IPv6 traffic that is out on your network. Network instrumentation is going to be important whether you plan to integrate IPv6 into your network or not. “What?” you might ask, “why is instrumenting my network to detect IPv6 important if I’m not going to run IPv6 in my network?”
Accounting Traffic in the Internet Today
[the full article can be seen at http://www.internetsociety.org/sites/default/files/BGP-for-regulators.pdf]
Business Model Changes
In the past, voice traffic was transported over a dedicated voice infrastructure, and the data network infrastructure was established in parallel so that voice and data traffic did not interfere with each other. Traditional voice accounting and performance functions are standardized within SS7 (Common Channel Signaling System No. 7), the global standard for telecommunications, defined by the ITU-T. The success of data networks led to the development of techniques to encapsulate voice traffic in IP packets, and thus Voice over IP (VoIP) was born. Read More »
In this last part of this series I will discuss the top customer priority of visibility. Cisco offers customers the ability to gain insight into what’s happening in their network and, at the same time, maintain compliance and business operations.
But before we dive into that let’s do a recap of part two of our series on Cisco’s Secure Data Center Strategy on threat defense. In summary, Cisco understands that to prevent threats both internally and externally it’s not a permit or deny of data, but rather that data needs deeper inspection. Cisco offers two leading platforms that work with the ASA 5585-X Series Adaptive Security Appliance to protect the data center and they are the new IPS 4500 Series Sensor platform for high data rate environments and the ASA CX Context Aware Security for application control. To learn more go to part 2 here.
As customers move from the physical to virtual to cloud data centers, a challenge heard over is over is that they desire to maintain their compliance, security, and policies across these varying instantiations of their data center. In other words, they want to same controls in the physical world present in the virtual – one policy, one set of security capabilities. This will maintain compliance, overall security and ease business operations.
By offering better visibility into users, their devices, applications and access controls this not only helps with maintaining compliance but also deal with the threat defense requirements in our overall data center. Cisco’s visibility tools gives our customers the insight they need to make decisions about who gets access to what kinds of information, where segmentation is needed, what are the boundaries in your data center, whether these boundaries are physical or virtual and the ability to do the right level of policy orchestration to maintain compliance and the overall security posture. These tools have been grouped into three key areas: management and reporting, insights, and policy orchestration.
Tags: ASA-CX, Cisco ASA, cisco firewall, Cisco Security, cisco sio, Cisco UCS, cloud, data center, data center security, DC, firewall, Identity Services Engine, intrusion prevention, IPS, ISE, it security, netflow, network security, pci-dss, policy, security, server, threat defense, TrustSec, virtual, virtualization, VMDC
At Interop this week, Cisco unveiled its new Netflow Generation Appliance (NGA) 3140, which establishes a new standard for high-performance, cost-effective solutions for flow visibility. It empowers network operations, engineering, and security teams with actionable insight into network traffic for the purpose of resource optimization, application performance improvement, traffic accounting, and security needs.
Cisco NGA customer, Human Kinetics conducts online certification courses and tests for health and fitness professionals, and offers print and multimedia content such as videos, ebooks, apps on tablets, and other downloadable material. “We needed comprehensive information about our network to keep our content protected, secure our site against disruption, and deliver excellent, reliable performance,” says Brad Trankina, director of network and information systems at Human Kinetics. “Comparing Cisco NGA to what we had just a few months ago is like comparing our network today to the 3Com hubs we had ten years ago. It’s like a night and day difference.”
Read More »
For Day 2 we spent more time on stage than in front of the camera but we continued to dig up some very interesting stories, updates and another announcement!
Go here for the Day 1 recap and collection of great (IMHO) video.
Right off the bat -- The NetFlow Next Generation Appliance
Jimmy Ray jumped at the chance to talk to Damien Lim about the new NetFlow Generation Appliance. Watch it here then meet scroll on down or make the jump for more videos and links to the details!