Our very own Jeremy Duncan lead a webinar today on Network Simulation with EVE-NG. Thanks again to Tyrone Wilson from Cover6 Solutions and all the folks part of the DC Cybersecurity Professionals Meetup group for hosting us. If you have any questions feel free to get in contact with us today here! For anyone who […]
Network Simulation with EVE-NG Webinar Read More »
OSPFv3 AF Authentication is finally fixed! Unless you are a regular follower of this blog, you may not have heard that Cisco’s OSPFv3 with Address Families (AF) Authentication support was broken. By broken I mean it took down OSPFv3 adjacencies. Not good. Read here for that article. Anyway, I have been using the IOS-XE version
Cisco OSPFv3 AF Authentication Fixed! Read More »
Bottom line up front: Cisco has a broken implementation of OSPFv3 authentication. This story begins like many do with network engineers trying to do their best in implementing IPv6 after a thorough and exhaustive engineering exercise. Cisco’s Aggregation Services Router (ASR) routing platform running IOS-XE, starting with version 3.1.0 until the most recent 3.09.02 S,
Authentication for OSPFv3 Address Family support in IOS-XE? Think again Read More »
FIPS 140-1 and FIPS 140-2 had quite a bit of longevity. However, FIPS 140-3 is almost here. Based on previous NIST standards development processes, the 140-3 standard will most likely have a publication date of a year from now. So sometime in February/March 2014, FIPS 140-3 will be the dominate federal crypto module certification. Not
FIPS 140-3 is Coming: Time to Plan Read More »
A colleague brought up a very important issue in regards to vPC survivability. There are Nexus vPC Peer-Link interface options. Take a look at the below diagrams. As you can see, we have a big problem here with survivability that can often be overlooked: if the one single vPC layer-3 peer-link interface goes down for
Nexus vPC Peer-Link Interface Options Read More »
***Updated on 14 May 2014 – regarding NET-IPv6-022, See below*** Thousands of network engineers in the DoD out there looking at implementing IPv6 now have to address a few Security and Technical Implementation Guidance (STIG) items that they used to just annotate as “Not Applicable – NA.” Now, IPv6 security is important. If you are
Cisco IPv6 IOS Hardening – DoD Style Read More »
Last month I presented the case as to why 802.1x authentication is not enough for local network (wired or wireless) security (go back here to read). In this post I will present an alternative: IPv6 Secure Neighbor Discovery (SeND). If you have an IPv6 enterprise, small IPv6 deployment, or a little IPv6 lab then pay
Why 802.1x is Not Enough: How to Implement SeND – Part 2 Read More »
Software Defined Networking (SDN) is the new buzzword in IT today. It has become synonymous with things like cloud, cyber security, CDN, and yes even IPv6. The curious thing is that they are all inter-related. Open Flow, which is a specification of the Open Network Foundation, has defined this new phenomenon as something that, “enables
SDN, Open Flow and Cisco ONE: A First Look Read More »