Cisco Routers

Cisco routers provide access to applications and services, and integrate technologies

IP Phone - Cisco

IP phone takes full advantage of converged voice and data networks, while retaining the convenience and user-friendliness you expect from a business phone...

WAN - Cisco Systems

Transform your WAN to deliver high-performance, highly secure, and reliable services to unite campus, data center, and branch networks.

EtherChannel - Cisco Systems

EtherChannel provides incremental trunk speeds between Fast Ethernet, Gigabit Ethernet, and 10 Gigabit Ethernet. EtherChannel combines multiple Fast ...

Looking Toward the Future - Cisco Systems

Looking Toward the Future by Vint Cerf. The Internet Corporation for Assigned Names and Numbers (ICANN) was formed 9 years ago....

Pages

Sunday, December 11, 2011

Cisco Telephony Providing...

     Cisco Telephony Providing The Very Best In Communications Hardware. Every modern business has come to depend upon up to date information and communication technology hardware within the last couple of decades. 

      The manner in which businesses operate has noticeably changed due to modern communications having advanced. There are not many aspects of the business world which have not developed with such improvements. For a business to keep up their presence in the market they have to make sure that the their hardware and software is both current and fully maintained.

In-depth Analys Of Network Cabling

     ‘Networking’, is a term that is commonly used for PCs and laptops, which have already become essential parts of our daily lives, nowadays. Because of this, it is not unusual to find a computer or laptop in each and every home and office. And in organizations, where numerous computers are already present, a good network topologies system becomes a must to have in place, because it lets the people work impeccably and accomplish the maximum output. Apart from this, the data cable which is used for networking is the only source for sharing data between various computers at a time.

     Moreover, networking is also termed as the mainstay for any business,

Better network management


     Companies now are looking forward to better network management. Better network management means better and more effective productivity. All problems related to network management are taken care of with great care in all companies.

     Companies are looking forward to tools and software which shall you with your network configuration management. T FTP server for network is a new revolution which is being introduced by Spice-works for all its users in September 2010. The main benefit of this server is it’s built in T FTP server which is completely free.

      There are a number of functional benefits for those who use T FTP server for network.

Wednesday, December 7, 2011

OSI Model to Troubleshoot Networks


       Some of you might be thinking “theoretical models don’t help me” or “the OSI model is just some engineering thing for the nerds”. However, in reality, it is quite the opposite. The OSI model can help you. Let me show you how.
Using the OSI model

       First off, I want you to have a visual image of the OSI mode. It looks like this:
This graphic is courtesy of the Abdus Salam International Centre for Theoretical Physics
       On the left hand side is a user. On the right hand side, you could have a server. Every request AND response has to travel from the left, down every layer, to the physical layer, across the physical layer, up the layers on the right, and up to the server on the top right hand corner.

Voice VLAN QoS Policy


       The following is a basic QoS Policy for a branch office router to prioritize voice traffic . The assumption made is that the voice traffic is marked at source (i.e. ip phones). This is an example of a LLQ (Low Latency Queue) in which voice traffic is placed in a priority queue and all other traffic is placed in a WFQ (Weighted Fair Queue). DMVPN is being used for connectivity back to the main office so we have to use the qos pre-classify command to ensure QoS is applied before data is encrypted and markings on the tunneled packets are preserved. Congestion management and avoidance is implement using a WFQ (Weighted Fair Queue) and WRED (Weighted Random Early Discard) for all non voice traffic.



class-map match-all VOICE
match ip dscp ef
class-map match-any CALL-SIGNALING
match ip dscp cs3
class-map match-any CRITICAL-DATA
match ip dscp cs6
match ip dscp af21 af22
match ip dscp cs2
policy-map WAN-EDGE
class VOICE

priority 256
class CALL-SIGNALING
bandwidth 32
class CRITICAL-DATA

Network Security

       An enterprise network design must include security measures to mitigate network attacks. Fortunately, with the modularity of the Cisco Enterprise Architecture, you can address security concerns on a module-by-module basis. This section introduces the concept of a security policy, reviews various types of network attacks, discusses the elements of the Cisco Self-Defending Network, and helps you select appropriate security design components for the various locations in an enterprise network.

Network Security Concepts
       Organizational requirements and potential threats drive the scope of a security design. At its essence, network security measures should not only defend against attacks and guard against unauthorized access, these measures should also prevent data theft and comply with security legislation, industry standards, and company policy.

       Consider the following threats and risks facing today’s enterprise networks:

Threats:
  • Reconnaissance—A reconnaissance attack gathers information about the target of an attack (for example, the customer’s network). For example, a reconnaissance attack might use a port-scanning utility to determine what ports (for example, Telnet or FTP ports) are open on various network hosts.
  • Gaining system access—After attackers gather information about their target, they often attempt to gain access to the system. One approach is to use social egnineering, where they convince a legitimate user of the system to provide their login credentials. Other approaches for gaining access include exploiting known system vulnerabilities or physically accessing the system.
  • Denial of service (DoS)—A DoS attack can flood a system with traffic, thereby consuming the system’s processor and bandwidth. Even though the attacker does not gain system access with a DoS attack, the system becomes unusable for legitimate users.

Thursday, December 1, 2011

Why Move To IPv6?

       I did a post last week titled Are You Ready for IPv6? where I share some of my thoughts on IPv6 and the allocation of the last IPv4 /8 blocks. Since then, I've done some more reading and found a couple of very useful podcasts by Greg Ferro and Ethan Banks. It is where I first heard about v6RD.

There are real reasons to move to IPv6. I recall a few statistics and examples from years ago that illustrate the need for IPv6. Addressing every school in China would have exhausted the available IPv4 address space even a few years ago when many more IPv4 addresses were available. The other example is addressing all the power meters in the country. Think about all the power meters you see around and the effort that goes into reading them on a regular basis. Addressing each meter and building a way to network them back to the power provider allows them to be read with fully automated mechanisms. That volume of addresses that was required was also bigger than the then-available IPv4 address space (and perhaps even a big chunk of all the IPv4 address space, regardless of whether it is used or not). So we definitely need more address space. And some of the functions within IPv6 are useful, such as auto-configuration, which would be very beneficial for power meter addressing.
  • Training the network staff to handle IPv6 configuration and troubleshooting.
  • Any application that uses IP addresses internally or that sends IP addresses in messages to other systems will need to be modified.
  • pplication developers will need to modify and validate applications to use DNS to translate system names into IPv6 addresses. Some applications are very expensive to modify. I know of several health care applications and products that use hard-coded IP addresses (no DNS) and that the vendor requires payment to modify embedded addresses. Because many of these products are certified by the Food and Drug Administration, they cannot be modified without going through another validation and acceptance process. I don't see this happening anytime soon.
  • Dual-stack support (or a similar mechanism) will be required by the e-commerce sites because many customers will be on legacy IPv4 networks while other customers will have transitioned to IPv6.
  • Firewalls and ACLs will need to be updated to perform equivalent functions for both IPv4 and IPv6. Keeping changes to firewall rules and ACLs in sync will be problematic at best.
  • Network management systems will need to handle IPv6. Address fields will need to be much larger. The NMS databases will grow in size and NMS developers will need to spend time looking at how they display device and interface information. And how is the NMS supposed to display the information about an interface that is configured for both IPv4 and IPv6? Maybe IPv6 will force the industry to start using logical names instead of addresses.
  • What does IPAM in IPv6 look like? Each subnet is a /64, on which there are 2^^64 host addresses. Displaying an IP address map of the entire address space doesn't make sense. Perhaps it should display the locally-assigned part of the address (exclude the site prefix and the host part of the address) and show the number of systems that exist in the subnet. IPAM will still be needed to help track which subnets have been allocated and where they are allocated. If you want to track end stations, the NMS will need to query the routers and switches to find the end station addresses or you'll need to use DHCP for IPv6.
  • Firewall rules and ACL entries need to be replicated into IPv6, with certain exceptions for ICMP that IPv6 uses for neighbor discovery.
In summary, I see a lot of costs and not much economic benefit to offset those costs. However, I'm looking forward to exhaustion of IPv4 space. It is going to create a whole new line of consulting and network management work as companies start to figure out what to do about it. You can think of it as the Y2K event of this decade.

The points I make above are why organizations won't move to IPv6. It is quite possible that I've overlooked some reasons why organizations should aggressively move to IPv6.  The only incentive that I can identify is for organizations to be internationally competitive. Any information that you may have regarding economic incentives to implement IPv6 are greatly appreciated. Please post a comment if you know something that I have overlooked.

For some additional reading, check out the following links:


Thank you to

Why is the Application Slow?

We've all encountered situations where an application is slow and the network gets blamed. I've been having some fun working with our Terry Slattery on consulting work to determine why a specific six applications are slow.  He's come up with some good insights into the applications at this particular site. And we've been talking about some of the reasons why applications might be slow. Yes, it might be the network. It also might be the application, particularly if the application writer or toolkit is oblivious to what it is doing in network terms. 

I started brainstorming to come up with a list of ideas for things that could make an application slow, breaking it out by whether the cause is an application or a network problem. Some of these are items Terry touched upon in his recent blogs. I was thinking about blogging about them individually or in small groups, then decided a check-list of things to consider might be useful.