My previous two posts have been about the address planning process and how to break into the IPv6 integration process. I’ve tried to show that IPv6 is a task that you should be interested in and that it is not an intractable problem. However, I know that some people are still questioning why they would ever want to take this task on. I typically hear comments along the lines of “IPv4 is working for my organization and we’ve got plenty of address space to grow the business. There is nothing interesting on the IPv6 Internet. We don’t need IPv6.” With the successful World IPv6 Launch and over 3500 web sites now IPv6 enabled, the IPv6 Internet has grown in size and demonstrated that IPv6 transport is a viable way to deliver content and services.
I won’t spend too much time discussing it here, but I will remind everyone that IPv4 address depletion is a very real problem. It is not something to be lightly ignored, and it will impact your business and the services you offer whether you like it or not. I see two areas where IPv6 is going to have to be a part of future plans: customer/partner interaction and security.
Reap the benefits of social sites by protecting your network from security threats and data loss
In a relatively short amount of time, social media has gone from an annoying productivity killer to an important business productivity and marketing tool. Of course, employees can still while away time on sites like Facebook and YouTube, but they’re also using these sites, along with LinkedIn, Twitter, and Pinterest, to promote their companies’ products and brands, track the success of marketing campaigns, respond to customers’ complaints and compliments, and recruit new talent. Social media sites have even become a way to collaborate with coworkers and business partners. Companies that limit access to social media may actually find themselves at a competitive disadvantage.
Finding the balance between business needs and risk is key to allowing employees access to social media sites. You can do this by loosening some of your security controls, adjusting your acceptable use policy (AUP), and tolerating a little personal use of social media by employees.
Gartner has released their 2012 Wired and Wireless LAN Infrastructure Magic Quadrant. Cisco is recognized as a leader in this highly anticipated publication.
Our industry is going through dramatic changes. The rapid growth of cloud, mobility and business collaborations has put more and more pressure on the network. Disparate wired and wireless networks architected and managed separately are no longer sufficient to meet the new demand. This is the first time that Gartner covers wired and wireless LAN infrastructure together in one Magic Quadrant. It is a clear sign that the time has come to evolve the network infrastructure to address the rapid growth of cloud, mobility and business collaborations with a unified approach. Read More »
In the recently posted research paper “Off-Path TCP Sequence Number Inference Attack: How Firewall Middleboxes Reduce Security“, Zhiyun Qian and Z. Morley Mao from the University of Michigan discuss a method to try to infer the sequence numbers in use by a TCP connection -- and if successful, how to try to hijack the connection and inject data on it in order to, as an example, steal credentials to web sites (banking, social networking, etc.)
Before talking further about their research, I would like to talk a bit about the Maginot Line. The Maginot Line was a line of fortifications located in France, established after World War I, and roughly following France’s borders with Germany and Italy. The idea behind it: in case of another war with Germany, the line would hold the enemy attacks, giving the French Army the chance to regroup and counterattack. The problem: the line only extended so far up North. So during World War II, and instead of attacking the line from the East, the German army completely bypassed it – by attacking Belgium first and then flanking the line.
So a lot of resources were allocated to set-up defenses for a very specific attack scenario – but that scenario never happened, as an easier way was found to bypass the defenses. And the mere fact of allocating so many resources to counter a specific threat significantly reduced the number of resources available to protect against other threats.
The method posited by Qian and Mao on their research paper strongly reminds me of the assumptions made by the French while building the Maginot Line.