|
Logicalis Named U.S. Services Partner of the Year by Cisco at Annual Partner Summit
Prestigious award recognizes superior service delivery capabilities.
Getting Your Cisco Systems ERP Certification
Cisco's B2B Internetworking Product Center (IPC) is what drives its ecommerce functions is being majorly overhauled and is being moved from the cumbersome CGI/Perl driven applications to the more stable and scalable Java/CORBA framework. The developers at Cisco along with the Java team at Alta Software are going to be finishing this task soon completing a one year software development cycle. The new framework is expected to increase performance and also to offer new levels of customization and personalization with improved management and tighter integration into other systems of Cisco and its suppliers and customers.
Train Signal Releases Third New Cisco CCNP Course: Cisco ONT "Optimizing Converged Cisco Networks"
New Cisco ONT video training covers advanced Remote Access Security and VPN Client Configuration plus 642-845 exam changes.
Cisco Awards EXPEDITE PLUS 2007 Excellence in Transportation and Logistics Award
Prestigous Cisco award presented to Expedite Plus for responsiveness needed to deliver material in the shortest timeframes available. Victor Deschenes, CEO of Expedite Plus, confirms that the recognition shows that Expedite Plus is succeeding at their goal of providing great shipping and logistic services on a large scale.
Cisco Systems, LifeSize Communications, RADVISION, TANDBERG and the CEO of Cisco Systems win Awards from Videoconferencing Insight Newsletter for thei
Awards are for: Telepresence Company of the Year 2007 (Cisco), Videoconferencing Company of the Year 2007 (LifeSize), Unified Visual Communications Company of the Year 2007 (RADVISION), The Most Innovative Videoconferencing Technology of the Year 2007(TANDBERG) and Industry Leader of the Year 2007 (John Chambers, CEO Cisco). They were announced by online Specialist Newsletter Videoconferencing Insight at www.vcinsight.com on 9 January 2008.
Cisco Certification: Taking Your First Certification Exam
You’ve studied hard; you’ve practiced your configurations; you’ve used your flash cards over and over again; and finally, the big day is here. Your first certification exam!For many Cisco certification candidates, their first exam is the CCNA Composite exam or one of the two exams that make up the CCNA, the Introduction To Networking exam or the ICND (Interconnecting Cisco Networking Devices) exam.
Cisco Certification: The OSI Model, Part I
To conquer the Introduction To Cisco Networking exam, and to begin the process of becoming an expert network troubleshooter, you have to master the OSI model and learn what happens at each of the seven layers.In this three-part series, we'll examine each level of the OSI model, paying particular attention to the details that will help you pass the CCNA exams and give you the foundation you need to become a true networking professional.
Cisco CCNA / CCNP Certification: OSPF ASBRs Explained And Illustrated
When I first started studying for my CCNP, some of the concepts of OSPF really confused me. This was especially true for the ASBR, stub areas, and total stub areas.
DORETEL Communications Now Offering Cisco Certified Refurbished Equipment Program
The Cisco Certified Refurbished Equipment Program, now offered by DORETEL Communications, is a price competitive and trusted alternative when buying new Cisco equipment is not an option. The Cisco Certified Refurbished Equipment is ideal for customers faced with tight or limited capital spending budgets, "lowest price option" procurement policy, maintenance and extension of legacy networks, and immediate network equipment delivery.
TelepresenceReport.com
|
 |
 |
Cisco CBAC � The Poor Mans Firewall
  
 
What’s the difference between Video Conferencing and Telepresence?
Telepresence picks up where video conferencing left off. Telepresence IS real time, full-high-definition, immersible sound and vision. Telepresence IS most importantly: the feeling of being “there” when you’re “here”. Telepresence is lifelike, video conferencing is not. Telepresence is that hi-line Mercedes AMG, video conferencing is a Ford Escort - Period.
Why Telepresence now?
Video conferencing has been around a while now but has always lacked the feeling we spoke about above. Jumpy computer screens, broken audio and poor lighting add to the impersonal touches of video conferencing (ie slow motion camcorder on top of your computer monitor). Finally, technology, bandwidth, vision and sound have all converged on video conferencing to create the telepresence experience. It’s about time! Crystal clear surround sound and real-time full-high-definition visual effects enhance the feeling of being there – thus telepresence. That nervous twitch, roll of the eyes, sniffle, tap of the foot – things you see when you’re present and sitting across a conference room table – things you don’t see or feel from video conferencing, but do with telepresence.
Today, what “real” uses are there for Telepresence?
There is no short answer even possible here. We’ll name a few, more like we’ll put your imagination to work. Imagine a single specialist doctor in Canada treating patients in Haiti via telepresence. Robots in space doing the actual work while the telepresence operator dons his telepresence helmet and gloves at his workstation in Texas. Meeting your Russian company vice president while you’re in the executive telepresence room at the office in Denver. Just a few…
What are “real” savings of Telepresence?
Your imagination still working on the last answer? Don’t let up yet! What carbon footprint? Don’t need that airplane ticket to go check on your staff in Russia now do you? What lost life in the Iraqi war? Unmanned drones and soldiers via telepresence. Military and combat cost savings? Immeasurable. Less travel costs, airline frustration, fuel, lost time, carbon emissions, etc. Those are tangible, real savings to name just a very limited few.
You starting to see what telepresence can do that video conferencing can’t? We hope you see what we’re seeing! Telepresence – its time has arrived!
Check out the video thread in Section 8 of the Telepresence Forum where you can watch some Telepresence YouTube videos! If a picture is worth a thousand words, a video must be worth a million!
Ride on the "Next Plane of Existence" TM
 
Telepresence Forum
Free user discussion forum for anything & everything telepresence related. Learn about this new state-of-the-art immersive technology, view new product videos, and keep up to date on relevant 24/7 breaking telepresence news on the Telepresence Forum.
300+ Telepresence Industry Domain Names for Sale or Lease
300+ high-traffic, quality "telepresence" related domain names for sale or lease. Developed websites included. Single domain or multiple "bundled" options available from L II, Inc.
CBAC Overview The Cisco IOS Firewall Feature Set is a module that can be added to the existing IOS to provide firewall functionality without the need for hardware upgrades. There are two components to the Cisco IOS Firewall Feature Set in Intrusion Detection (which is an optional bolt-on) and Context-Based Access Control (CBAC). CBAC maintains a state table for all of the outbound connections on a Cisco router by inspecting tcp and udp connections at layer seven of the OSI model and populating the table accordingly. When return traffic is received on the external interface it is compared against the state table to see if the connection was originally established from within the internal network, and then either permitted or denied. Although basic this is a very effective mechanism to prevent unauthorized access to the internal network from external sources such as the internet.
CBAC Application-specific support
Cisco have also built in some additional functionality into CBAC in terms of application-specific inspection that enables the router to recognize and identify application specific data flows such as HTTP, SMTP, TFTP, and FTP. Understanding these applications and their data flows empowers the router to identify malformed packets or suspect application data flows and permit or deny accordingly. CBAC also provides the flexibility of downloading Java code from trusted sites, but it denying untrusted sites.
CBAC and Denial of Service (DOS) Attacks
Denial-Of-Service (DOS) attack protection is also in-built with real-time logging of alerts as well as pro-active responses to mitigate the threat. To do this CBAC can be configured to manage half-open TCP connections which are used in TCP SYN flood attacks to overload a targets resources resulting in a denial of service to legitimate users. To do this CBAC uses timeouts and thresholds, which are configurable, to determine how long state information for each connection should be kept for sessions and when to drop them. Note that UDP and ICMP require that an idle-timer limit is used to determine when a connection should be terminated. A very useful command to identify a DOS attack is �ip inspect audit-trail� which logs all DOS connections including source and destination IP address and TCP or UDP ports allowing you to pin-point the exact source and destination of the attack.
Configuring CBAC
There are five steps to configuring CBAC on a Cisco router in order for it to function correctly. These are as follows: 1. Choose an interface to which inspection will be applied. This can be an internal or external interface as CBAC is only concerned with the direction of the first packet initiating the connection which is identified when applying CBAC to an interface. 2. Configure an IP access list in the correct direction on the selected interface to allow traffic through for CBAC to inspect. 3. Configure global timeouts and thresholds for established connections or sessions. 4. Define an inspection rule specifying exactly which protocols will be inspected by CBAC. 5. Apply the inspection rule to the interface in the correct direction.
Nicholas Evra is a Senior IT Consultant for a Professional Services IT Organisation based in London, UK. As well as designing and developing network and security solutions for clients, Nicholas also regularly contributes technical tips and articles on Networkblue.net. Networkblue.net is a technical resource for novices and expert�s alike providing free articles and tips on numerous cisco topics such as Cisco�s CBAC and other network security topics. For more visit http://www.networkblue.net and http://www.networkblue.net/cisco/security
|
