Ivan Pepelnjak over at IOS Hints and Tricks wrote a post about DMZ VLAN leaking that got me thinking.
He writes about “the VLAN leaking myth” and how it encourages clients to utilize physically separate network infrastructure in the DMZ’s. Now first things first, I wouldn’t call VLAN leaking a myth. At one time it was [...]
Entries Tagged as 'threat'
Measuring and mitigating risk involved with sharing virtual infrastructure between DMZ and Internal environments
September 9th, 2008 · No Comments · hyper-v, virtualization, vmware
Tags: blog·breach·business context·C·CISCO·Colin·compromise·Data Center·DESIGN·device contexts·enhancements·FCOE·HP·hyper-v·Instances·linux·NDA·Network·network infrastructure·Nexus 5020·passed·Pic·risk risk·san·security·storage·switch·threat·TrustSec·virtual device·virtualization·vlan·vmware·vulnerability
Simplifying remote site security with Cisco’s new video surveillance modules on the ISR
June 10th, 2008 · No Comments · 4s ranch rancho bernardo san diego witch fire evacuated, CCIE, CISCO, Technology, security, sun
One giant pain I have always faced when working with high security environments is dealing with surveillance systems. They are a necessary and required part of your security infrastructure. However they just never seem to integrate as well as your network, storage, or server devices.
When I work with data center infrastructure I expect the following [...]
Tags: archived footage·C·camera control·CCIE·center infrastructure·CISCO·cisco secure·Colin·Data Center·dust mites·encoders·Gadget·hardware replacement·HP·ip cameras·isr·legal·life on mars·linux·management infrastructure·mars·mitiigation·Network·network storage·Pic·Power·Router·security·security environments·security infrastructure·storage·storage system·support contract·surveillance systems·switch·Technology·threat·two choices·video encoding·video management·video streams·video surveillance
Zone based IOS firewalls
October 15th, 2007 · No Comments · CCIE, CISCO, Technology
Zone based IOS firewalls
Cisco has finally included zone based firewalling in the IOS firewall feature set. The configuration guide can be found here -
Zone Based Firewall Design and Configuration Guide
The things that really got me interested are -
1. It is VRF aware (works well with network virtualization strategies)
2. No more CBAC’s
3. Policing built into firewalling [...]
Tags: C·CCIE·CISCO·Colin·DESIGN·error·NDA·Network·packet·Router·security·threat·virtualization
