If you have noticed that your Blue Coat ProxySG inserts a HTTP header in every transaction, you might want to delete this to reduce information leakage to public networks
Archives for February 2008
F5 BigIP LTM and GTM does not have any user authorisation capability for administration by Radius or TACACS. Can you believe that? They have been producing F5 BigIP software for more than a decade and I cannot believe that customers have not been asking to provide external user authorisation. To compare, I have just been […]
No doubt that the Cisco Nexus 7000 switch is a fine piece of technology. The performance and throughput is welcome, and clearly offers some fine new capabilities such as virtualisation, ISSU, better OOB and so on. I am sure that everyone can perceive the positive messages, lets face it, Cisco isn’t going to be shy in telling us about them.
However, lets consider the issue from the perspective of the architect/designer and how Cisco has positioned this in the marketplace. From an architecture perspective, I will need to commit a substantial capex to the product and a much larger amount of resource cost to transition a network to use the product. Even if I am building new data centres (and thus have no legacy), changes to operating standards, procedures, management tools and other orchestration issues present substantial barriers to adoption.
Dynamips and dynagen are well behaved programs most of the time. Occasionally I am configuring a feature or two that causes IOS to crash (most recently I was configuring MPLS and redistribution on c2600 IOS which got really busted).
Then I noticed that my hard drive didn’t have a lot of free space….
A very simple tool in your Proxy SG to check that you can access resources. It only works for HTTP but it provides a good check. I use this a lot in networks where ICMP has been disabled for security.