If you have noticed that your Blue Coat ProxySG inserts a HTTP header in every transaction, you might want to delete this to reduce information leakage to public networks
Rant: F5 LTM and GTM Doesn’t Do External AAA Authorization
27 February 2008 By 3 Comments
F5 BigIP LTM and GTM does not have any user authorisation capability for administration by Radius or TACACS. Can you believe that? They have been producing F5 BigIP software for more than a decade and I cannot believe that customers have not been asking to provide external user authorisation. To compare, I have just been [...]
Is the Cisco Nexus 7000 Needed Today – Or Tomorrow ?
25 February 2008 By 1 Comment
No doubt that the Cisco Nexus 7000 switch is a fine piece of technology. The performance and throughput is welcome, and clearly offers some fine new capabilities such as virtualisation, ISSU, better OOB and so on. I am sure that everyone can perceive the positive messages, lets face it, Cisco isn’t going to be shy in telling us about them.
However, lets consider the issue from the perspective of the architect/designer and how Cisco has positioned this in the marketplace. From an architecture perspective, I will need to commit a substantial capex to the product and a much larger amount of resource cost to transition a network to use the product. Even if I am building new data centres (and thus have no legacy), changes to operating standards, procedures, management tools and other orchestration issues present substantial barriers to adoption.
Caring for Your Dynamips Install – Deleting Unwanted Files
24 February 2008 By 2 Comments
Dynamips and dynagen are well behaved programs most of the time. Occasionally I am configuring a feature or two that causes IOS to crash (most recently I was configuring MPLS and redistribution on c2600 IOS which got really busted).
Then I noticed that my hard drive didn’t have a lot of free space….
Checking Connectivity on Your Blue Coat ProxySG
24 February 2008 By Leave a Comment
Single Internet Connection but HA Infrastructure – Using Bridging Instead of Routing
20 February 2008 By 1 Comment
The customer had decided to build a hosting platform, but could only arrange for a single internet connection to that site due to location. However, all other hardware was duplicated for high availability. After considering the options the following diagram was prepared showing the first pass at the design. This was the Internet Connection (100Mb Ethernet) connected to the router, then connected to a switch, which was interconnected by trunk to a second switch. The first layer of firewalls is then connected.
Cisco ASA and IOS Command Tip – Test Aaa-Server
18 February 2008 By Leave a Comment
Installing Tun Tap Driver on Leopard
13 February 2008 By 16 Comments
First, I read about what TunTap is at Wikipedia and VTUN Sourceforge. From what I read, TunTap was written for the VTUN project to specifically encapsulate Ethernet packets (TAP driver), whereas the TUN driver encapsulated IP packets. The driver is used by other popular software so it looks like it is here to stay. It [...]
Network Tools, Craftsmen and Why My Mac Is a Good Hammer
12 February 2008 By Leave a Comment
Is a laptop a Hammer ? I always perceived that my laptop is a special type of toolkit, in the same way that a tradesman has his toolbox of hammers and screwdrivers, I had a laptop with Windows and various pieces of software that are my tools. A TFTP server, notepad for manipulating text files, [...]
Performance of Blue Coat BCAAA Agent for Authentication
11 February 2008 By Leave a Comment
Loading Policy Configuration in the Local File
10 February 2008 By 4 Comments
A common question in the Blue Coat forums is “how do I load this config snippet into configuration. The question most often comes from people who are new to SGOS and have been using the Virtual Policy Manager. This quick note shows you how to load a config snippet that removes the X-Bluecoat-Via header
Network Dictionary – Reassuringly Expensive
8 February 2008 By 2 Comments
Introducing the Network Dictionary
7 February 2008 By Leave a Comment
In this technically surreal, mystical world of Networking, we are often fabricating new words, coining new terms or adapting old language to new requirements. Our profession is not the first to do this, but our language is our own. How many people can conduct a 15 minute conversation without a single coherent sentence ? Can [...]
SOCKS Clients That Are Available for Your Blue Coat ProxySG – Update
6 February 2008 By 3 Comments
ICANN | IPv6 Address Added for Root Servers in the Root Zone
5 February 2008 By Leave a Comment
Reserved IP Address Range for Testing – RFC 2544
5 February 2008 By 1 Comment
I have been looking at a multi host data centre and am using MPLS to securely share certain resources and considering what architecture considerations for Network Management. Lets define the problem. Network Management is software and servers that collect data from my network equipment and presents it to me in some useful form. Add to [...]
UDLD – To Global or Per Port
3 February 2008 By 2 Comments
