• Best VPN Service for 2017

    Top VPNs that Unlock Netflix, provide Secure Torrenting, Strong Encryption, Fast Downloads, DNS Leak Protection, Identity Protection and have Cheap VPN prices.

    read more

    Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

Hot Downloads

Network Management Systems Help Businesses Accurately Monitor Important Application Performance, Infrastructure Metrics, Bandwidth, SLA Breaches, Delay, Jitter and more

Posted in OpManager - Network Monitoring & Management

Network Management Systems Help Businesses Accurately Monitor Important Application Performance, Infrastructure Metrics, Bandwidth, SLA Breaches, Delay, Jitter and more - 5.0 out of 5 based on 2 votes

Accurately monitoring your organization’s business application performance, service provider SLA breaches, network infrastructure traffic, bandwidth availability, Wi-Fi capacity, packet loss, delay, jitter and other important metrics throughout the network is a big challenge for IT Departments and IT Managers. Generating meaningful reports for management with the ability to focus on specific metrics or details can make it an impossible task without the right Network Management System.

The continuous demand for businesses network infrastructure to support, uninterrupted, more applications, protocols and services has placed IT departments, IT Managers and, subsequently, the infrastructure they manage, under tremendous pressure. Knowing when the infrastructure is reaching its capacity and planning ahead for necessary upgrades is a safe strategy most IT Departments try to follow.

The statistics provided by the Cisco Visual Networking (CVN) Index Forecast predict an exponential growth in bandwidth requirements the coming 5 years:

cisco visual networking index forecast

These types of reports, along with the exponential growth of bandwidth & speed requirements for companies of all sizes, raises a few important questions for IT Managers, Network Administrators and Engineers:

  • Is your network ready to accommodate near-future demanding bandwidth requirements?
  • Is your current LAN infrastructure, WAN and Internet bandwidth sufficient to efficiently deliver business-critical applications, services and new technologies such as IoT, Wi-Fi - 802.11n and HD Video?
  • Do you really receive the bandwidth and SLA that you have signed for with your internet service provider or are the links underutilized and you are paying for expensive bandwidth that you don’t need?
  • Do you have the tools to monitor network conditions prior to potential issues becoming serious problems that impact your business?

All these questions and many more are discussed in this article aiming to help businesses and IT staff understand the requirements and impact of these technologies on the organization’s network and security infrastructure.

We show solutions that can be used to help obtain important metrics, monitor and uncover bottlenecks, SLA breaches, security events and other critical information.

Let’s take a quick look at the topics covered in our article:

Finally, we must point out that basic knowledge of the Networking and Design concepts is recommended for this article.

Click to Discover how a Network Management System can help Monitor your Network, SLAs, Delay Jitter and more.

Network Performance Metrics and their Bandwidth Impact

Network performance metrics vary from business to business and provide the mechanism by which an organization measures critical success factors.

The most important performance metrics for business networks are as follows:

  • Connectivity (one-way)
  • Delay (both round-trip and one-way)
  • Packet loss (one-way)
  • Jitter (one-way) or delay variation
  • Service response time
  • Measurable SLA metrics

Bandwidth is one of the most critical variables of an IT infrastructure that can have a major impact to all the aforementioned performance metrics. Bandwidth over saturated links can cause poor network performance with high packet loss, excessive delay, and jitter which can result in lost productivity and revenue, and increased operational costs.

New Applications and Bandwidth Requirements

This rapid growth for bandwidth affects the Enterprises and Service Providers which are continually challenged to efficiently deliver business-critical applications and services while running a network at optimum performance. The necessity for more expensive bandwidth solutions is one of the crucial factors that may have a major impact on a network and applications performance. Let’s have a quick look at the new technologies with high bandwidth needs which require careful bandwidth and infrastructure planning:

High Definition (HD) Video Bandwidth Requirements

This surpassed standard definition by the end of 2011. User demand for HD video has a major impact on a network due to the demanding bandwidth requirements as clearly displayed below:

dvd 720 1080p bandwidth requirements

DVD, 720p HD and 1080p HD bandwidth requirements:

  • (H.264) 720p HD video requires around 2,5 Mbps or twice as much bandwidth as (H.263) DVD
  • (H.264) 1080p HD video requires around 5Mbps or twice as much bandwidth as (H.264) 720p
  • Ultra HD 4320p video requires around 20Mbps or four times as much bandwidth as (H.264) 1080p

BYOD and 802.11ac Bandwidth Requirements

802.11ac is the next generation of Wi-Fi. It is designed to give enterprises the tools to meet the demands of BYOD access, high bandwidth applications, and the always-on connected user. The 802.11ac IEEE standard allows for theoretical speeds up to 6.9 Gbps in the 5-GHz band, or 11.5 times those of 802.11n!

Taking into consideration the growing trend and adoption of Bring-Your-Own-Device (BYOD) access, it won’t be long until multi-gigabit Wi-Fi speeds will become necessary.

Virtual Desktop Infrastructure (VDI) Bandwidth Requirements

Each desktop delivered over WAN can consume up to 1 Mbps bandwidth and considerably more when employees access streaming video. In companies with many virtual desktops, traffic can quickly exceed existing WAN capacity, noticeably degrading the user experience.

Cloud IP Traffic Statistics

The Annual global cloud IP traffic will reach 14.1 ZB (1.2 ZettaBytes per month) by the end of 2020, up from 3.9 ZB per year (321 ExaBytes per month) in 2015.
Annual global data center IP traffic will reach 15.3 ZB (1.3 ZB per month) by the end of 2020, up from 4.7 ZB per year (390 EB per month) in 2015. These forecasts are provided by the Cisco Global Cloud Index (GCI) which is an ongoing effort to forecast the growth of global data center and cloud-based IP traffic.

Application Bandwidth Requirements and Traffic Patterns

Bandwidth requirements and traffic pattern are not common among various applications and need careful planning as displayed below:

 Data, Video, Voice and VDI bandwidth requirements & traffic patterns

Data, Video, Voice and VDI bandwidth requirements & traffic patterns

An effective strategy is essential in order to monitor network conditions prior to potential issues becoming serious problems. Poor network performance can result in lost productivity, revenue, and increased operational costs. Hence, detailed monitoring and tracking of a network, applications, and users are essential in optimizing network performance.

Network Monitoring Systems (NMS) for Bandwidth Monitoring

The Complete Cisco Nexus vPC Guide. Features & Advantages, Design Guidelines, Configuration, Failure Scenarios, Troubleshooting, VSS vs vPC

Posted in Cisco Data Center

The Complete Cisco Nexus vPC Guide. Features & Advantages, Design Guidelines, Configuration, Failure Scenarios, Troubleshooting, VSS vs vPC - 5.0 out of 5 based on 10 votes

Cisco virtual Port Channel (vPC) is a virtualization technology, launched in 2009, which allows links that are physically connected to two different Cisco Nexus Series devices to appear as a single port channel to a third endpoint. The endpoint can be a switch, server, router or any other device such as Firewall or Load Balancers that support the link aggregation technology (EtherChannel). 

To correctly design and configure vPC one must have sound knowledge of the vPC architecture components (vPC Domain, vPC Peer, vPC Peer-Link, vPC Peer Keepalive Link, vPC Member Port, vPC Orphan Port etc) but also follow the recommended design guidelines for the vPC Peer Keepalive Link and vPC Peer-Link. Furthermore, understanding vPC failure scenarios such as vPC Peer-Link failure, vPC Peer Keepalive Link failure, vPC Peer Switch failure, vPC Dual Active or Split Brain failure will help plan ahead to minimise network service disruption in the event of a link or device failure.

All the above including verifying & troubleshooting vPC operation are covered extensively in this article making it the most comprehensive and complete Cisco Nexus vPC guide.

The diagram below clearly illustrates the differences in both logical and physical topology between a non-vPC deployment and a vPC deployment:

vPC Deployment Concept

vPC Deployment Concept

The Cisco Nexus vPC technology has been widely deployed and in particular by almost 95% of Cisco Data Centers based on information provided by the Cisco Live Berlin 2016. In addition, virtual Port Channel was introduced in NX-OS version 4.1(4) and is included in the base NX-OS software license. This technology is supported on the Nexus 900070005000 and 3000 Series.

Let's take a look at the vPC topics covered:

We must point out that basic knowledge of the Cisco NX-OS is recommended for this article. You can also refer to our Introduction to Nexus Family – Nexus OS vs Catalyst IOS for an introduction study on the Nexus Series switches family. Finally, a Quiz is included at the last section and we are waiting for your comments and answers!

Additional related articles:

vPC Feature Overview & Guidelines

The Nexus 9000, 7000, 5000 and 3000 series switches take port-channel functionality to the next level by enabling links connected to different devices to aggregate into a single, logical link. The peer switches run a control protocol that synchronizes the state of the port channel and maintains it. In particular, the vPC belongs to the Multichassis EtherChannel (MEC) family of technology and provides the following main technical benefits:

  • Eliminates Spanning Tree Protocol (STP) blocked ports
  • Uses all available uplink bandwidth
  • Allows dual-homed servers (dual uplinks) to operate in active-active mode
  • Provides fast convergence upon link or device failure
  • Offers dual active/active default gateways for servers
  • Maintains independent control planes
  • Simplifies Network Design

The following general guidelines and recommendations should be taken into account when deploying vPC technology at a Cisco Nexus Data Center:

  • The same type of Cisco Nexus switches must be used for vPC pairing. It is not possible to configure vPC on a pair of switches consisting of a Nexus 7000 series and a Nexus 5000 series switch. vPC is not possible between a Nexus 5000 and Nexus 5500 switches. 
  • The vPC peers must run the same NX-OS version except during the non-disruptive upgrade, that is, In-Service Software Upgrade (ISSU).
  • The vPC Peer-Link must consist of at least two 10G Ethernet ports in dedicated mode. Utilizing Ethernet ports from two different modules will improve the availability and redundancy should a module fail. Finally the use of 40G or 100G interfaces for vPC links will increase the bandwidth of the vPC Peer-Link.
  • vPC keepalive link must be separate from the vPC Peer-Link.
  • vPC can be configured in multiple VDCs, but the configuration is entirely independent. In particular, each VDC for the Nexus 7000 Series switches requires its own vPC peer and keepalive links and cannot be shared among the VDCs.
  • The maximum number of switches in a vPC domain is two.
  • The maximum number of vPC peers per switch or VDC is one.
  • When Static routing from a device to vPC peer switches with next hop, FHRP virtual IP is supported.
  • Dynamic routing adjacency from vPC peer switches to any Layer3 device connected on a vPC is not supported. It is recommended that routing adjacencies are established on separate routed links.
  • vPC member ports must be on the same line card type e.g. M2 type cards at each end.

vPC Architecture Components – vPC Peer, Peer-Link, Keepalive Link, Domain, Member Port, Orphan Port & Member

vPC architecture consists of the following components:

vPC Peer

This is the adjacent device, which is connected via the vPC Peer-link. A vPC setup consists of two Nexus devices in a pair. One acts as the Primary and the other as a Secondary, which allows other devices to connect to the two chassis using Multi-Channel Ethernet (MEC).

 cisco nexus vpc architecture components

vPC Architecture Components

Everything You Need to Know About SQL Injection Attacks & Types, SQLi Code Example, Variations, Vulnerabilities & More

Posted in Web Application Vulnerability Scanners

Everything You Need to Know About SQL Injection Attacks & Types, SQLi Code Example, Variations, Vulnerabilities & More - 5.0 out of 5 based on 1 vote

sql injection introSQL Injection Attacks are one of the most popular attacks against web servers, websites and web applications. A fairly popular website can expect to receive anywhere between 80 and 250 SQL injection attacks on a daily basis and these figures can easily reach thousands when an SQL vulnerability is disclosed to the public.

This article aims to help network engineers, administrators, security experts and IT professionals understand what an SQL injection is by taking you step-by-step on how an HTTP SQL injection attack is executed using real code. 

Here is a list of topics we’ll cover:

Additional related articles:

SQL Injection Attacks - Basics

SQL Injection, or SQLi for short, refers to an attack vector that exploits a web application by abusing the inherent trust between the web application and the database. An SQL injection attack would allow an attacker to perform malicious actions on the database through the use of specially crafted SQL commands. SQL is the most commonly used database query language, making it ideal for an attacker to target.

Since SQL Injection attacks can be performed against a wide array of applications, this attack is one of the most widely common and most critical of web vulnerabilities. So much so that injection attacks, such as SQL Injection, have placed first in OWASP’s Top 10 list,  several times in a row.

SQL Injection attacks can allow an attacker to extract, modify, add and delete data from a database, in turn affecting data confidentiality, integrity and availability (since an attacker could potentially delete data and disrupt operations). In addition, an SQL Injection attack can be used as a springboard to escalate the attack.

Example of an SQL Injection Vulnerability

example of sql injectionA web application would typically communicate with a variety of back-end systems, including a database. Let’s take an HTML form, which inserts values into a database, as an example. 

Once the form is filled out and submitted, an HTTP request (usually a POST request) is sent to the web application, where the input values are directly included into the SQL statement that will insert these values into the database

The only way an SQL Injection vulnerability could occur is if the web application trusts the user’s input without parameterizing it and using prepared statements. This is done by instructing the database that a certain part of the query should be executed while the rest is to be treated as the user’s input. 

Prepared statements ensure that the database does not interpret certain characters in the user’s input as part of the SQL statement, therefore allowing the attacker to submit their own SQL statements

Register to download Acunetix and perform free network & web server vulnerability scans: https://www.acunetix.com/vulnerability-scanner/online-scanner/

SQL Injection example: The following pseudo code is a simple example showing how a user can be authenticated:

NEXUS NX-OS: Useful Commands, CLI Scripting, Hints & Tips, Python Scripting and more

Posted in Cisco Data Center

NEXUS NX-OS: Useful Commands, CLI Scripting, Hints & Tips, Python Scripting and more - 5.0 out of 5 based on 21 votes

cisco nexus configurationWhether you’re new to Cisco Nexus switches or have been working with them for years this article will show how to get around the Nexus NX-OS using smart CLI commands and parameters, create your own commands and more. Learn how to filter show command outputs, efficiently use include | begin | exclude search operators, Turn pagination on/off, redirect output to files, run multiple commands in one CLI line, capture specific keywords from show command output,  create custom CLI commands using alias, execute scripts, introduction of Python environment in the Nexus NX-OS, executing Python scripts and much more!

By the end of this article we’ll agree there’s no doubt the Cisco NX-OS has several interesting commands and powerful scripting capabilities that can improve and facilitate the day-to-day administration of CISCO Nexus network devices.  

While basic knowledge on the Cisco NX-OS, Linux and Python scripting is recommended, it is not mandatory in order to understand the topics covered.

Here’s a list of topics covered:

Additional related articles:

NX-OS Command Output Filtering – Search Operators

cisco nexus cli commands tips tricksThe output from NX-OS show commands can be lengthy and that makes it difficult to find the information we are looking for. The Cisco NX-OS software provides the means to search and filter the output to assist in locating the information we are after. 

Experienced Cisco users will surely be familiar with the IOS (Catalyst) include | begin | exclude search operators which are also offered in the Nexus NX-OS (see below). The NX-OS offers additional searching and filtering options, which follow a pipe character (|) at the end of the show command. This provides amazing flexibility and helps make administration of any Nexus device a great experience. The most “Linux-like” useful options are displayed below:

N5k-UP# show interface brief | ?
<…>
diff  Show difference between current and previous invocation (creates temp files: remove them with 'diff-clean' command and dont use it on commands with big outputs, like 'show tech'!)
egrep  Egrep - print lines matching a pattern
grep  Grep - print lines matching a pattern
less  Filter for paging
no-more  Turn-off pagination for command output
section   Show lines that include the pattern as well as the subsequent lines that are more indented than matching line
sort    Stream Sorter
source   Run a script (python, tcl,...) from bootflash:scripts
vsh   The shell that understands cli command
wc   Count words, lines, characters
xml   Output in xml format (according to .xsd definitions)
begin   Begin with the line that matches
count   Count number of lines
exclude   Exclude lines that match
include   Include lines that match 

Filtering Output From The ‘Show’ Command - ‘Show <command> | grep’ & ‘Show <command>egrep’ Parameters

Free Webinar: Migrating from Hyper-V to VMware

Posted in Windows Server 2016

Free Webinar: Migrating from Hyper-V to VMware - 5.0 out of 5 based on 1 vote

hyper-v vmware migration webinarIf your organization is planning to migration from a Hyper-V virtualization environment to VMware then this FREE webinar is just for you.

Aimed toward Hyper-V and VMware admins this webinar will cover critical topics such as:

  • vSphere basics and a crash course in HA, DRS, and vMotion
  • Management differences between vSphere and Hyper-V
  • How to migrate VMs from Hyper-V to VMware using the VMware vSphere Converter

The entire session will be geared towards Hyper-V admins who are looking to broaden their horizons by adding VMware know-how to their toolbox.

Webinar Date: Tuesday, June 27th 2017

Time: Time for US attendees: (10am PDT / 1pm EDT), Time for EU attendees: (2pm CEST)

Click here to register for this FREE Webinar

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup