A021 – Cloud Computing 101
- Part 2
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
More and more companies are starting to look at the cloud instead of building a conventional data center. I recently had the chance to sit down with Willem van Biljon, Nimbula Co-Founder and Vice President of Products. Willem built the business plan and led product development for Amazon EC2. Prior to joining Amazon, van Biljon was a co-founder of Mosaic Software, which was acquired by S1 Corp.
In the last of two conversations, I finish my conversation with Willem about what you need to think about when moving your computing needs to the Cloud.
I dont know about you but I seem to be my families computer support person. This usually means (on the windows machines) that I need to make sure that all of the windows updates are applied on a periodic basis. Call me old fashioned but I am not comfortable with leaving Windows set up to automatically download and install the updates with having been through a few updates that were either rolled back because of problems or with ones that were later updated with a replacement because of something that was missed or a problem that the patch/update introduced that wasnt present before the update was applied.
The challenge we have all run into at some point is that where we happen to be at either doesnt have broadband or has a very very slow DSL connection that in either case could result in hours or a day or more of download time spent getting the updates depending on how long it has been since the alst updates were applied. I was recently made aware of something called WSUS Offline Update. This tool gives you the ability to download all of the updates for a particular OS to a portable flash or hard drive and locally installing the updates without tying up your internet connection.
A020 – Cloud Computing 101 – Part 1
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
More and more companies are starting to look at the cloud instead of building a conventional data center. I recently had the chance to sit down with Willem van Biljon, Nimbula Co-Founder and Vice President of Products. Willem built the business plan and led product development for Amazon EC2. Prior to joining Amazon, van Biljon was a co-founder of Mosaic Software, which was acquired by S1 Corp.
In this first of two conversations, I talk with Willem about the basics of what you need to think about when your company is looking to start deploying resources using a cloud infrastructure. We discuss whether you can try to do this on your own and what to think about when looking for a provider to help you do it.
A019 – Network Flow Analysis
(Part 2) – Michael W. Lucas
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
This is the second of a two part conversation I had with Michael about Netflow and how best to use it. You dont have to buy an expensive monitoring system to get the most from Netflow. In this episode, we talk about using all the data that you have collected using Flowtools. Just as important, you dont have to be an all Cisco shop to be able to use Netflow either. Michael also has a good section in his book about setting up your own Netflow collection system without hocking your firstborn or the family jewels. If you dont already have this book in your library, click on this link to add it now.
Michael W. Lucas is a network/security engineer how keeps getting stuck with network problems that nobody else will go near. He has also written several other books – Absolute FreeBSD, Absolute OpenBSD, Cisco Routers for the Desperate and PGP & GPG.
A018 – Network Flow Analysis
(Part 1) – Michael W. Lucas
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
Knowing when your network is having a problem before it becomes critical is becoming more and more important. Working better and smarter is something that everyone can do better. This is the first of a two part conversation I had with Michael about Netflow and how best to use it. You dont have to buy an expensive monitoring system to get the most from Netflow. Just as important, you dont have to be an all Cisco shop to be able to use Netflow either. Michael also has a good section in his book about setting up your own Netflow collection system without hocking your firstborn or the family jewels. If you dont already have this book in your library, click on this link to add it now.
Michael W. Lucas is a network/security engineer how keeps getting stuck with network problems that nobody else will go near. He has also written several other books – Absolute FreeBSD, Absolute OpenBSD, Cisco Routers for the Desperate and PGP & GPG.
A017 – DNSSEC on Root DNS Servers is finally here !!
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
I recently talked with Cory von Wallenstein, VP of Product Management with Dynamic Network Services Inc. about the recently change that took place that is good for everyone, the implementation of DNSSEC on the root DNS Servers. We talk about what it took to get there, what was involved in getting it in place and what you need to think about when doing it yourself. For more information, please check out http://www.dyn.com.
Episode A016 – Social Networking Apps Pose Security Challenges
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
Here is a conversation I had with Anthony Bettini, part of McAfee Labs senior management team about the Security Challenges posed by all of the Social Network Apps our users just have to have and the same ones that we would all rather never see the light of day on our networks. Here is the link the White Paper that he wrote.
Anthony has also worked for Foundstone, Guardent, Bindview and as an independent contrator. He specializes in software security and vulnerability protection. His list of speaking credits include NIST, the Computer Anti-Virus Research Organization in Europe, RSA Europe 2009 and the 22nd Annual FIRST Conference on local-specific threats. He has published vulnerabilities found in Microsoft Windows, ISS Scanner, PGP, Symantec ESM and other well known applications.
At first look, WCS (Wireless Control System) can be a little overwhelming. While positioned as an overall management option when dealing with multiple WLC’s, it offers a lot to those who only have one or two WLC’s. Think of it this way, the GUI of the WLC gives you an idea of what is going on with wireless at a specific point in time, WCS can give you more of a historical perspective. One thing that you will need to work with your helpdesk folks on is that they need to start giving you the mac address of the wireless card of the device having the problem. Simply telling you that wireless is having a problem wont cut it.
When troubleshooting a client having problems getting or keeping a wireless connection, the WLC console can tell you if the client is getting a connection to the AP(s) in the area and possibly what the problem is. If the problem is to the extent that the client cant even get a connection, it becomes a little more problematic on figuring out what the problem is. The WLC console can only show you if the client is currently connected or hasnt been dissassociated yet. This is where WCS can really help. As long as the device has been able to associate at some point, you will see when and where it associated to any AP on your network. You will also see what type of signal levels it has reported. This can help you see if you need to add additional access points before you start getting coverage hole alarms.
Another area where WCS can help is seen when RRM is causing more of a problem than it is fixing. One of the reports you can run will show you how often the AP’s are switching channels and what channels are being used. Until you can start implementing the newer CleanAir versions of the AP’ that are currently available, all you can tell is that something it causing the AP to need to change channels but not what. One thing that I have found is to watch for particular times of day (i.e. lunch or break times) for channel changes. If you see this happen, there is a good chance that a microwave oven is nearby. I have seen a Microwave oven over 70 feet away from an access point interfere with wireless coverage in an area. There are times that RRM needs to be disabled. You do that by locking down an AP to a specific channel on each band.
I recently did some work with my WLC and getting the iPhone and iPad to play a little nicer than they had show the ability to when I last looked at them. I had first started out with using WEP encryption on the SSID’s that I was working with. It wasnt unusual to experience connection drops several times an hour even with the AP just feet away. I worked today with an iPad with the latest release of pre 4.0 code available and the 4.0 code available for the iPhone. I was able to get both devices to work relatively flawlessly using WPA2 Enterprise. Did learn several lessons along the way. You have to have the box beside broadcast this SSID selected. Even if the iPad or iPhone has already been configured with this particular AP/Controller, if the box is unchecked the iPad/iPhone will not connect to the SSID, period.
If you have been working with the WLC/AP with the iPhone/iPad on another SSID, you will run into problems with connecting to the newly created SSID. Your indication of things not working will be that you wont be able to connect to the SSID and wont see the mac address show up on the WLC. What you will need to do is to disable wireless on your Apple device and let it stay that way for about 20 to 30 seconds. Turn on the wireless and immediately select the new WPA2 encrypted SSID. It will take a bit to connect but your indication of success is that you should be prompted to accept the SSL Cert from your Cisco ACS Server. After that, you should connect and get an ip address shortly. You might have to disable and re-enable the wireless one more time but after that you should be ok.
I ran this configuration for about 6 hours today and didnt have any problems connecting after I got things up and running. I noticed that when the device went to sleep and then was woken back up, that it re-acquired the SSID almost immediately and had no problems in communicating. I was testing the controller using the 7.x code required to support Clean Air. I will be changing over to the latest 6.x code that was released to address a DHCP bug that prevented devices from working correctly with WEP based 802.1x SSID’s. Will post more info if I find any differences or problems with the 6.x code.
Episode A015 – Mode N Improvements
Click Play Below or Right-Click Here to Download
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
Here is the last of my conversations with Joe Bardwell, Chief Scientist and President of Connect802. This time we talk about MiMo and SpatialMultiplexing.
Joe designs and installs wireless networks for companies all over the US. Here is a link to Joe’s website -http://www.connect802.com/. He has an excellent selection of tutorials on mode N and wireless in general to help grow your knowledge and understanding of wireless networking.
