Skip to content

Open EIGRP…Why Bother?

Open EIGRP…Why Bother? published on No Comments on Open EIGRP…Why Bother?

So Cisco apparently is releasing Open Standards based EIGRP.

Of course there is a catch…if you want certain functions (stub, areas, etc…) you have to go Cisco for said enhancements.

Anyways would love to hear what people think here.

Is another routing protocol worth it? How much effort do you think the industry will put into place to have things just work nicely?

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

BYOD & Consumerization of the workplace: A progressive idea for the future

BYOD & Consumerization of the workplace: A progressive idea for the future published on No Comments on BYOD & Consumerization of the workplace: A progressive idea for the future

So recently the buzz around the cloud conventions, vendors, and corporations has been around the utilization of BYOD and user freedom.

The challenges many corporations claim is that it is a “security risk”.

I was on in agreement with this particular train of thought until I was recently hit with an epiphany: As much as IT hates the idea of losing control, consumerization of the workplace is happening and we either need to get on board or we will eventually be forced down that path.

We no longer live in a world that IT tells people what’s best for them; we now live in a world that the user is educated enough and tells IT what they want in order to get the job done in a more productive manner. The problem is is that IT needs to open its ears and start listening and providing the services. It is therefore my great honor to share an idea to the reader.

With people utilizing MDM solutions that sandbox mobile data, I will argue that, with time, will see a similar containerization/sandbox environment for Desktop/Laptop Operating Systems. One can argue that with the latest Mountain Lion and Windows 8 releases, we are coming ever closer the merger of Mobile OS to Desktop/Laptop OS Platforms.

The New Age Staff Member
Todays staff members looks at company time as “their own time”. They have played with cooler technologies than what the workplace can offer. They know exactly what they need to get the job done.

The new employee is not going to change so it’s easier for IT to accept the fact and work on coming to a solution that will allow for a more collaborative, productive, happy end staff member.

Enter the new BYOD:
So you ask…what is the new BYOD? It’s the ability to bring in any of their personal technologies (laptop, phone, etc…) that they deem an item that will make work better. Not just a mobile phone solution. While there are solutions that offer this in the mobile world via Mobile Device Mangers (MDM), they simply are too focused on mobile devices.Instead I will dub a new term called Corporate Device Manager (CDM) as a more comprehensive solution. One can think of it as VMWare but with less overhead and a much more secured approach. To give you an idea of a CDM see the image below:

Figure 1-1:


Benefits giving users freedom and the ability to BYOD:

  • Higher Productivity
    • A user will always be more comfortable with their own devices
    • Less lock downs on the devices but maintain corporate data compartmentalized and freely wipable
  • Allowing staff members choice is a sure way to improve loyalty and happiness
  • Staff members will become more accessible
    • Will always carry around their own personal devices (even on vacation) over corporate devices
  • More focused security
    • Having a containerized sandbox in the users environment means that you no longer have to worry about the entire devices. Instead you can focus on all security technologies (DLP, etc…) running on only the sandboxed resource itself
  • Companies lower cost
    • If a company lets users purchase their own devices they have a cost saving
      • The company can also really make a bigger impact by paying a certain fee $1000 every x years out of their own pocket that allows users a choice
Security will always be a catch up game. As much as we block, intercept, etc…the end user will always, in the end, find a way to bypass it if corporate technology is not allowing them to do their job and in the end security will always be a reactionary follow up. A CDM will offer best of both worlds.
It is therefore my opinion to have a corporate policy that encourages CDM style BYOD and gives freedom to the users while also offers a proper sandboxing environments to do it in. It’s the best trade off for both: Finance, IT, Security, and the end user in which everybody wins.

However, time and technology, may need to catch up as I write this today.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Palo Alto (PA-200) Initial Thoughts

Palo Alto (PA-200) Initial Thoughts published on No Comments on Palo Alto (PA-200) Initial Thoughts
I got my PA-200 at home last night and played around with it.
To me it feels like the GUI intuition of an ASA and the CLI of JunOS combined into one (best of both worlds).
So granted I turned on all functionality in the lab but that’s running for a total of 4 people so I can’t see load stress tests but it works really well!
Pros I can see right off the bat in the environment:
  • Does URL Filtering (Cost Savings and management savings overhead reduction)
  • USER-ID gives you much more granularity about user utilization
  • APP-ID gives you information about app signatures and security utilization.
  • Spyware/Malware/AV/URL protection at the network level
  • Simple to figure out if you know ASA/JunOS configurations
  • IPS capabilities
  • Simplifying management can give you a great ROI potential
  • Many other features
Concerns are:
  • All in one devices…I have yet to have “good luck” with all in one devices. I’ll be trying to generate a packet flood scenario in the home lab to see what load looks like with all features turned on shortly. It won’t be 100% real world but with the tools I have it’s the closest I can get. I’ll also try to find some lab results accordingly.
I will be setting up a new lab between my ASA, SRX, and PA shortly to do some testing and configuration example during my free time…and of course will be sharing it out to followers accordingly.
Stay tuned!
FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather