Aside from the obvious waste of company time that could otherwise be put to some productive use, should organizations be concerned about employees using social networking sites? Maybe. In fact, company policy regarding social networking sites should possibly extend beyond working hours. An employee may not use company resources or time to access the site, but if an employee posts sensitive information or derogatory information about the company on their personal MySpace page, it can have an impact on the company. Check out what network security expert Michael Gregg has to say about the subject.
The odds on favorite being groomed to replace Cisco CEO John Chambers was Chief Development Officer Charles Giancarlo. However, Giancarlo apparently has other plans. He announced that effective December 31, 2007 he will be leaving Cisco to pursue other opportunities. Giancarlo was instrumental in creating a new collaborative leadership body, the Development Council, which will help to fill the void. Does Giancarlo’s abrupt departure signal anything deeper or more ominous going on at Cisco, or did he just get restless and decide to move on? It is hard to say, but so far it appears that he simply chose to move on. Read Key Cisco leader Giancarlo steps down for more details.
I know that it is sort of a “sky is falling”, FUD (Fear, Uncertainty, and Doubt) sort of statement, but the threat from inside your network is significant. While you focus on keeping unauthorized users out, locking down your network perimeter, detecting and blocking incoming malware, etc., your authorized users may be busy at work pushing the boundaries of their access and poking your internal security measures for holes. Then there are those users who are authorized access and unwittingly expose sensitive data, such as placing it unprotected on a USB thumb drive which they subsequently misplace while stopping for a cup of coffee. There are a number of ways- both intentional, and accidental- that your users may pose a bigger threat to your network security than all of the bad, nasty external forces seeking to compromise your systems. Check out How dangerous user behavior puts networks at risk to read the whole article and hopefully pick up some tips you can use to protect your network from the inside as well.
VoIP has a number of benefits, but it can have its down sides as well. One downside is that the sound-quality of the phone calls can have issues. Normal telephones sometimes have sound issues as well though. The benefit of VoIP is that, because the communications are network-based, it can be monitored in real-time for easier troubleshooting than a normal phone. Microsoft has released a free tool for their Office Communications Server 2007. The module is called Quality of Experience Monitoring (QSM) Server. QSM can monitor voice quality by collecting information from the endpoints. It measures loss, jitter, delay, device quality and other parameters to assess quality. You can get more details on the scope and features of this new tool by reading Microsoft releases free tool to monitor voice quality from Computerworld.
VoIP is the new wireless (unfortunately, wireless is still the new wireless as well). By that, I mean it is the hot new technology that everyone is implementing even though they don’t really know how to properly deploy it and they have even less knowledge of how to secure it. Vendors are guilty too. They rush products to market to take advantage of the popularity, but the products are not designed securely and they are not adequately tested. The result is a bunch of flawed and vulnerable VoIP networks out there, built on essentially beta-version hardware, just waiting to be exploited. At HACK.LU 2007 in Luxembourg this past October, security researcher Joffrey Czarny described a technique to eavesdrop on remote conversations using Cisco VoIP phones. Check out Cisco confirms ability to spy on remote calls with VoIP to learn more about this, and other, VoIP exploits that may affect your cutting edge phone network.
For organizations that have high-volume networks, such as networks that are used to stream audio or video, or networks that are used to process large quantities of transactions, monitoring can be a problem. The functionality of the network, and the security of the network, are in conflict. From a functionality standpoint, you want the fastest possible throughput, but from a security perspective, you want to monitor the traffic for suspicious or malicious behavior. The monitoring process is a bottleneck for many networks. Cisco hopes to relieve some of that bottleneck with their new IPS 4270 Intrusion Prevention appliance. With speeds up to 4Gbps, the IPS 4270 can monitor and protect your network while still allowing for exceptionally fast network speeds. Check out Cisco Unveils Next-Gen Intrusion Prevention System for more about Cisco’s new appliance.
What are your plans for your network infrastructure for 2008? Do you have a holiday wish list or some New Year’s resolutions regarding the technologies you want to implement or the changes you plan to make? TechTarget’s SearchNetworking site conducted a survey of over 1,200 respondents and they have published the results. Some of the key results are:
- 21.28% project an increase in their budget of more than 10%
- 7.26% of respondents said their networking budgets will decrease
- 8.34% claim that VoIP/data convergence is driving their budget increase
Check out Applications, convergence to boost network spending for the complete results. You can read it just out of curiosity, or maybe you can use the survey results to help prove your case to management and get your budget requests approved.
This blog is titled “Connectivity” because it deals with all aspects and issues of network connectivity. That includes how to ensure your network connectivity is secure and available, and how to make sure that malicious attackers can not intercept or disrupt your network connectivity. Do you know what ARP Poisoning is? How about a multicast storm? Have you heard of Spanning Tree Protocol or VLAN Trunking Protocol hacks? Do you know how to protect your network from them? Networkworld.com recently hosted a chat session with Christopher Paggen and Eric Vyncke, authors of LAN switch security: What hackers know about your switches, which covers a wide range of security issues and the authors’ advice and tips for how to lock your network down and protect against these (and other) threats. Read LAN switch security: what the hackers know that you don’t to see what the authors have to say.
Peer-to-Peer (P2P) networking is sort of the “red-headed step child” of the network world. It is almost universally condemned by network administrators and security experts. It is blamed for a good chunk of software piracy, and illegal music and movie downloads. Files downloaded may contain spyware or malware. Even in a best-case scenario, where a user is downloading a legitimate program that is clean and safe, participating on a P2P network still eats up network bandwidth. On the other hand, P2P networking has innovated and revolutionized certain aspects of networking and content delivery. That is particularly true of BitTorrent. BitTorrent filters out spyware/malware, as well as corrupt or fake files, and the method of downloading from multiple sources simultaneously allows BitTorrent users to achieve exceptional download speeds. BitTorrent is continuing to strive to establish the distributed P2P technology as a legitimate networking solution. BitTorrent has announced a new service, BitTorrent DNA, to let customers use the BitTorrent network to distribute streaming video. Check out BitTorrent moves from piracy to video streaming to read more about the new offering.
Managing wired networks is pretty old school. It is a mature field of information technology with many capable and stable tools. Administrators have experience and the utilities available to proactively monitor network performance, simplify management, allow them to allocate network resources and more. Then along came wireless. Many organizations are still struggling with whether or not to implement wireless networks, never mind how. Many of those that have deployed wireless networks are still on the low end of the learning curve for managing them at all. But, as wireless networks evolve and become an accepted part of standard enterprise networks, administrators will increasingly be looking for tools & utilities that allow them to monitor and maintain the overall network- wired and wireless included. Computerworld.com has an article which explores this issue in some detail. Check out Want to manage your wired / wireless LANs together? Too bad to learn more.