Twenty five years ago TCP/IP (Transmission Control Protocol / Internet Protocol) these two protocols were the first networking protocols to be defined. Together they define reliable network communications. One popular saying has it that TCP/IP will run over “two tin cans and a string.”
Listen to an NPR interview with Vinton Cerf, one of the fathers of the Internet.
…John
The ComputerWorld posting Opinion: VoIP security industry — Guilty as charged - VoIP is, in essence, a time bomb, poised for a massive exploit by Paul Simmonds is quite explosive.
“We’ve known for years that only “secure out of the box” should be the default. Yet VoIP is not only insecure by default, it’s almost impossible to make natively secure…The return-on-investment claims made for moving to VoIP rarely stand up to proper scrutiny. The phones cost more than a standard “business” phone, and have a reduced replacement cycle. Gartner says in its November 2006 report “IP telephony technology, in many cases, can be more expensive than equivalent TDM-based PBX Systems.” …
The 10 nasty questions to ask your VoIP supplier:
1. Do all phones and the central infrastructure use 100% secure protocols?
2. Will you warrant this system to operate on the raw Internet with no further add-on devices?
3. Can you manage all VoIP devices automatically, simply, with a scalable, easy-to-manage application that will support all VoIP end clients, including soft phones and end devices that are connected on the Internet?
4. Explain how phones are, by default, securely provisioned. Including devices that you do not have physical possession of during the provisioning process.
5. Explain how you can conclusively prove that a phone using your system was provisioned by you.
6. Explain how you can conclusively prove that when I make a call, (say from my hotel room) I can be 100% assured that my phone is connecting to the corporate exchange (without using extra security devices such as IPSec).
7. Explain how users are strongly authenticated when connecting their devices. Ideally, both device and user should authenticate.
8. Will your system allow federation of identities so we do not need to maintain (yet another) autonomous authentication system?
9. Is there segregation of duties? For example: Can the administrator access voice mail and set passwords without the user being aware.
10. Are voice mail systems encrypted, and are all backups encrypted (voice mail, usernames, configuration, passwords)?”
Read the article for more shocking details.
…John
The InfoWorld posting NAC industry at a crossroads is reporting Network Admission Control (NAC) device authentication technology is failing to deliver on its promise, or one might say the networking industry is returning a Negative-Acknowledge Character (NAK) as a negative response to the technology.
“Companies like Juniper, Cisco, and a long list of point providers may have already sold thousands of NAC systems to enterprise customers looking to shore up their network defenses, Hanna said, but that doesn’t change the fact that the technology hasn’t lived up to its original expectations.
NAC was supposed to become a comprehensive method for both inspecting the health of any device that attempts to log onto a network and for keeping electronic eyes trained on those machines to help manage their access to internal resources and prevent potential attacks after they’ve been granted admittance, said Hanna.
Instead, Hanna said, having been confused by contradictory marketing messages about a sea of different technologies that have been labeled as some form of NAC, many of which do not work together, most customers have relied on the technology merely to grant network access to guest users and remote workers — it’s most basic form of functionality.”
…John
The internet.com posting Don’t Bet Against Ethernet discusses some futures for the 30-year-old technology.
Among the standards that the Ethernet Alliance is promoting is 10GBASE-T, which provides for 10GbE speeds over existing Category 6 cabling up to a distance of 55 meters.Another new key Ethernet technology that the alliance is talking about is the PoE Plus standard. PoE, or power over Ethernet, provides low levels of power over a regular Ethernet connection. PoE Plus aims to provide more power, with the goal being to power a thin client or even a notebook over Ethernet.
“It’s an IP-based world now; everything is going that way,” Booth said. “The one technology that has existed for so long carrying IP has been Ethernet. It’s very hard to compete against that and that’s what a lot of companies realize.”
…John
The EETimes posting Slaking the thirst for bandwidth is an interesting read. Mr. Fred Brigs it the Verizon executive vice president of network operations and technology. He discusses where Verizon is with supplying bandwidth today and what Verizon is planning to deliver.
This Verizon graphic is a most excellent view of bandwidth:
Click on the graphic for a larger image.
…John
RSS Feed