IF-MAP Use Cases: Real-Time CMDB, and More
|
|
- Ashlee Casey
- 8 years ago
- Views:
Transcription
1 IF-MAP Use Cases: Real-Time CMDB, and More Richard Kagan EVP / General Manager Orchestration Systems Business Unit
2 IF-MAP: A Powerful New Standard IF-MAP = Interface to Metadata Access Points An open protocol standard published (free) by the Trusted Computing Group Available since April, 2008 Version 2.0 released August, 2010 Pub/sub database - Like Facebook for IP devices and systems Supports a wide array of applications: Multi-Vendor Network Security (NAC) Compliance Management Asset Management Smart Grid Network Automation / Cloud Computing Could do for data sharing what IP did for connectivity
3 The Integration Challenge Supply Chain Mgmt Smart Grid CMDB AAA SIEM Network Location Switches Routers ERP Building Controls Factory Controls Infrastructure Management Network Security DNS, DHCP Asset Mgmt IPAM CRM HR Applications SNMP, Syslog, Netflow Custom Integration API s, Scripts Complex Costly Brittle High Maintenance 2010 Infoblox Inc. All Rights Reserved.
4 From Integration to Orchestration with IF-MAP Supply Chain Mgmt Smart Grid CMDB SIEM Switches AAA Routers Network Location ERP Building Controls Factory Controls Infrastructure Management Network Security DNS, DHCP Asset Mgmt IPAM CRM HR IF-MAP Protocol (Publish, Subscribe, Search) Applications IF-MAP Server Automatically aggregates, correlates, and distributes data to and from different systems, in real time 2010 Infoblox Inc. All Rights Reserved.
5 IF-MAP Doesn t Replace Existing Systems & Applications It Enables Them to Easily Share Data Network Security Physical Security Network Location Provisioning, Visualization & Analytics (Management) IF-MAP Server Decisions (Control) Sensors & Actuators
6 IF-MAP Protocol Overview
7 IF-MAP Components IF-MAP Client(s) IF-MAP Server employeeattribute = active User Name = John Doe distinguishedname = C=US, O=myco, OU=people, CN=12534 Department = Sales failed-login-attempts = 3, login-status = allowed role = access-finance-serverallowed 3 MAP Client Operations: Publish Subscribe Search 3 MAP Server Objects: Identifiers Links Metadata
8 IF-MAP Access Operations Publish: Tell others that <metadata > Clients store metadata into MAP for others to see Example: Authentication server publishes when a user logs in (or out) Search: Tell me if match(metadata pattern) Clients retrieve published metadata associated with a particular identifier and linked identifiers Example: An application can request the current physical location of the user Subscribe: Tell me when match(metadata pattern) Clients request asynchronous results for searches that match when others publish new metadata Example: Tell me when any user s status goes from employee to terminated
9 IF-MAP Server Objects Identifiers Links All objects are represented by unique identifiers Connote relationships between pairs of identifiers Metadata Attributes attached to Identifiers or Links Typical Data Types: Identifiers: Identity, IP address, MAC address, Session ID, Device Metadata: AAA info (authenticated, role, capabilities/policies) Device info (AV running, OS level, screen size, etc.) Event info (unauthorized access attempt, etc.), Layer 2 info (port, VLAN), location, etc. Many others, plus user-defined
10 Basic Components of MAP Content Identifiers Metadata Link
11 IF-MAP Use cases
12 CMDB Objectives Provide an up-to-date repository of IT assets, configuration, and state Automate reporting and compliance Enable dynamic reconfiguration Better utilize assets Minimize downtime 12
13 Typical CMDB Discovery Process MANAGED NETWORK DISCOVERY SENSORS / AGENTS Discovery Results Discovery Engine Topology Builder - Discoveries take: ~2 Hrs to 24 hrs - Some devices and configurations are never discovered - Discoveries create extensive network loads CMDB CMDB
14 IF-MAP for CMDB IF-MAP Can Address Many Shortcomings of Conventional CMDBs Real-Time CMDB enabled by IF-MAP CMDB Federation (CMDBf) enabled by IF-MAP - Share data across independent CMDBs - Increase Scalability 14
15 Use Case: Real-Time CMDB MANAGED NETWORK MAC = 00:11:22: 33:44:55 IP-MAC DISCOVERY SENSORS / AGENTS Infoblox DHCP Server Publish IP= IP= IP-MAC Discovery Engine Topology Builder CMDB SERVER Discovery Results Update CMDB Invoke Discovery CMDB MAP Client Infoblox MAP Server MAP Database MAC = 00:11:AA: 33:44:55 IP-MAC MAC = 00:11:11: 33:44:55 IP=
16 Use Case Solution for Policy-Based Remote Access User= John Windows 802.1X Client 00:11:22:33:44:55 1- Endpoint plugs-in 2- SW sends EAP Start 3- Supplicant sends credentials 9- SW opens port Endpoint requests DHCP 14- Endpoint generates traffic Infobox HA Pair DHCP/DNS Appliance 11-DHCP sends MAC-IP metadata to MAP identity = John MAP Database Accessrequestmac MAC = 00:11:22: 33:44:55 IP-MAC Cisco 3750 Switch 8- UAC sends RADIUS accept to SW Juniper SSG Firewall 4- SW sends RADIUS Credential to UAC 13- UAC activates L3 access on FW. Private Applications Juniper IC 4000 UAC 5- UAC does Auth. Lookup IF-MAP 6- UAC publishes To MAP Infobox HA Pair MAP Server 7- UAC subscribes to MAP 12-MAP sends IP- MAC to UAC AAA Authenticatedas CHANGE? CHANGE! Accessrequest = 113:3 Capability = access-privateapplications IP=
17 Use Case Integrated Network / Physical Security Solution Secure Zone 1 Zone 2 location = Zone 12 MAP Database Access Request Hirsch System (Physical Sensor) Publish: John in Zone 1 Publish: John in Zone 2 identity = John authenticated Cisco 3750 Switch Juniper SSG Firewall Policy Violation: Access Cut Off Classified Network Grants Access Request Juniper IC 4000 UAC Appliance Infoblox MAP Server Publish: John is Authenticated; Session ID 113:3 Subscribe: Changes to Session 113:3 Subscription Update: John in Zone 2 Publish (delete): John is Authenticated Hirsch UAC Employee Card MAP publishes Subscribes grants reader updates system (John) requests connects leaves access publishes firewall UAC to the to enters Zone the the for about to update policy the 1, access MAP zone to while corporate the update classified to the server to 1 location the to still MAP block the to MAP logged the network server access change MAP in CHANGE? CHANGE! Accessrequest = 113:3
18 Use Case: Federated IF-MAP Servers for UK EDUROAM Service Enables login at remote universities / research centers using home login credentials Serves 1.9 million users across 850 locations Enabled today using RADIUS Proxy Service provider (JANET) maintains database of roaming activity Univ A JANET Univ B Bbaker, Roaming from University D OK! Radius Server Radius Server Radius proxy Radius Server Radius Server Univ C Roaming Users Jsmith@univB.edu Bbaker@univD.edu Univ D
19 IF-MAP Federation for Next Gen EDUROAM Service Local RADIUS servers replaced by RADSEC servers RADSEC servers communicate directly no need for proxy JANET no longer sees RADIUS transactions, no view of roaming activity IF-MAP Federation provides a solution: -Local RADSEC servers publish user/location data to local MAP server -JANET s central MAP server subscribes to changes on university MAP servers Univ A Univ B Jjames, Roaming from University B OK! RADSEC IF-MAP Client Jjames@ Jjames@ univb.edu univb.edu JANET Local IF-MAP Server RADSEC RADSEC RADSEC Univ C Local IF-MAP Server Central IF-MAP Server Federation Subscriptions Local IF-MAP Server Univ D
20 Infoblox NIOS Appliances Support IF-MAP Publishes DHCP lease information to any compliant IF-MAP server Other systems can subscribe to updates Infoblox NIOS Appliance (DNS, DHCP, IPAM) Enables real-time orchestration IF-MAP DHCP Lease Information (IP, MAC, Start, Duration, etc.) IF-MAP Server
21 Infoblox Orchestration Server (IBOS) Provides Robust IF-MAP Infrastructure Fully compliant with TCG standard Proven interoperability with other IF-MAP compliant products Unique Infoblox capabilities IF-MAP 2.0 compliant Lossless HA Fine-grained client authorization Data browser, extensive logging IF-MAP Federation Custom Identifiers Infoblox Orchestration Server Network Security Physical Security Network Location IF-MAP Client Systems
22 Resources Documentation & Freeware 3 minute video on IF-MAP on Orchestration/IF-MAP Solutions page on infoblox.com IF-MAP community Web site Includes links to open source IF-MAP servers and other resources Information about Infranet Controller: us/en/products-services/security/uac/#overview Complete protocol specs, information on TPM, TNC, Trusted Storage and related topics Infoblox IF-MAP Starter Kit (FREE) VMware IF-MAP appliance Client simulator Open-source client stacks (PERL, java, C++) Open-source SNMP-MAP Bridge
23 Calling All Innovators! Announcing the IF-MAP Innovation Awards The Goal: Demonstrate innovative uses of IF-MAP The Awards: 1st Prize: 5,000 GBP 2 nd Prize: 3,000 GBP 3 rd Prize: 2,000 GBP Proposals due 30 June, 2011 Submissions due 1 March, 2012 Offered to all students, faculty & researchers on the JANET (UK) Network Winners announced at Networkshop 2012 Questions: MAPinnovations@infoblox.com
IF-MAP Overview. Jan Ursi Technical Director EMEA. 2009 Infoblox Inc. All Rights Reserved.
IF-MAP Overview Jan Ursi Technical Director EMEA IF-MAP: A Powerful New Standard IF-MAP = Interface to Metadata Access Points An open protocol standard published (free) by the Trusted Computing Group Available
More informationSecurity Coordination with IF-MAP
Security Coordination with IF-MAP Matt Webster, Lumeta 28 Sept 2010 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Recap of TNC Explanation of IF-MAP What is IF-MAP?
More informationOrchestrated Security Network. Automated, Event Driven Network Security. Ralph Wanders Consulting Systems Engineer
Orchestrated Security Network Automated, Event Driven Network Security Ralph Wanders Consulting Systems Engineer Orchestrated Security Network! " TCG/ TNC Architecture! " IF-MAP! " Use cases of IF-MAP!
More informationInfoblox vnios Software for CISCO AXP
Summary Infoblox vnios for Cisco consolidates core network services such as DNS, DHCP and IPAM and others onto the Cisco Integrated Services Router (ISR) running the Application Extension Platform (AXP)
More informationSecurity Orchestration with IF-MAP
Security Orchestration with IF-MAP Gary Holland, Lumeta/IMRI 2 November 2011 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Trusted Network Connect Explanation of IF-MAP
More informationARCHITECT S GUIDE: Mobile Security Using TNC Technology
ARCHITECT S GUIDE: Mobile Security Using TNC Technology December 0 Trusted Computing Group 855 SW 5rd Drive Beaverton, OR 97006 Tel (50) 69-056 Fax (50) 644-6708 admin@trustedcomputinggroup.org www.trustedcomputinggroup.org
More informationNetwork Access Security It's Broke, Now What? June 15, 2010
Network Access Security It's Broke, Now What? June 15, 2010 Jeffrey L Carrell Network Security Consultant Network Conversions SHARKFEST 10 Stanford University June 14-17, 2010 Network Access Security It's
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationTNC: Open Standards for Network Security Automation. Copyright 2010 Trusted Computing Group
TNC: Open Standards for Network Security Automation Copyright 2010 Trusted Computing Group Agenda Introduce TNC and TCG Explanation of TNC What problems does TNC solve? How does TNC solve those problems?
More informationEnabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches
print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your
More informationWHITE PAPER. Infoblox IPAM Integration with Microsoft AD Sites and Local Services
WHITE PAPER Infoblox IPAM Integration with Microsoft AD Sites and Local Services Infoblox IPAM Integration with Microsoft AD Sites and Local Services Today s enterprise infrastructure is dynamic, with
More informationSecure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco
Secure Access into Industrial Automation and Systems Industry Best Practice and Trends Serhii Konovalov Venkat Pothamsetty Cisco Vendor offers a remote firmware update and PLC programming. Contractor asks
More informationPulse Policy Secure. RADIUS Server Management Guide. Product Release 5.1. Document Revision 1.0. Published: 2015-02-10
Pulse Policy Secure RADIUS Server Management Guide Product Release 5.1 Document Revision 1.0 Published: 2015-02-10 2015 by Pulse Secure, LLC. All rights reserved iii Pulse Secure, LLC 2700 Zanker Road,
More informationNetwork Access Control (NAC) and Network Security Standards
Network Control (NAC) and Network Security Standards Copyright 2011 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #1 Agenda Goals of NAC Standards What
More informationChallenges in Deploying Public Clouds
WHITE PAPER Ensuring Enterprise-grade Network Services for AWS Infoblox DDI for AWS increases cloud agility, supports consistent network policies across hybrid deployments, and improves visibility of public
More informationWhatsUpGold. v3.0. WhatsConnected User Guide
WhatsUpGold v3.0 WhatsConnected User Guide Contents CHAPTER 1 Welcome to WhatsConnected Finding more information and updates... 2 Sending feedback... 3 CHAPTER 2 Installing and Configuring WhatsConnected
More informationTechnical Note. ForeScout CounterACT: Virtual Firewall
ForeScout CounterACT: Contents Introduction... 3 What is the vfw?.... 3 Technically, How Does vfw Work?.... 4 How Does vfw Compare to a Real Firewall?.... 4 How Does vfw Compare to other Blocking Methods?...
More informationForeScout CounterACT. Device Host and Detection Methods. Technology Brief
ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...
More informationQuick Start Guide. for Installing vnios Software on. VMware Platforms
Quick Start Guide for Installing vnios Software on VMware Platforms Copyright Statements 2010, Infoblox Inc. All rights reserved. The contents of this document may not be copied or duplicated in any form,
More informationInfoblox Grid TM. Automated Network Control for. Unifying DNS Management and Extending the Infoblox Grid TM to the F5 Global Traffic Manager
Key Differentiators Application Layer Availability Minimizes downtime and improves the user experience by determining health at the application layer for every user. Management Automation: Provides automated
More informationConfiguring Infoblox DHCP
Copyright 2008 Sophos Group. All rights reserved. No part of this publication may be reproduced, stored in retrieval system, or transmitted, in any form or by any means electronic, mechanical, photocopying,
More informationUSING THE DNS/DHCP ADMINISTRATIVE INTERFACE Last Updated: 2012-3-5
USING THE DNS/DHCP ADMINISTRATIVE INTERFACE TABLE OF CONTENTS When is registration needed? What about the zoned network?... 3 What about guests?... 3 Explaining split horizon DNS... 3 Accessing the DNS/DHCP
More informationTrust: When Physical and Logical Security Worlds Collide
Trust: When Physical and Logical Security Worlds Collide Bob Beliles VP. Enterprise Business Development Hirsch Electronics Copyright 2009 Trusted Computing Group Copyright 2009 Trusted Computing Group
More informationSOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com
SOSPG2 Implementing Network Access Controls Nate Isaacson Security Solution Architect Nate.Isaacson@cdw.com Offer Pa Agenda The BYOD Challenges NAC terms The Big Picture NAC Solutions and Deployment What
More informationHow to Set Up Automatic Subnet Scan Using SolarWinds IP Address Manager. Share:
How to Set Up Automatic Subnet Scan Using SolarWinds IP Address Manager Share: How to Set Up Automatic Subnet Scan Using SolarWinds IPAM? SolarWinds IP Address Manager (IPAM) allows you to perform scheduled
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationIntegration with IP Phones
Copyright 2010 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in retrieval system, or transmitted, in any form or by any means electronic, mechanical, photocopying,
More informationPolicy Management: The Avenda Approach To An Essential Network Service
End-to-End Trust and Identity Platform White Paper Policy Management: The Avenda Approach To An Essential Network Service http://www.avendasys.com email: info@avendasys.com email: sales@avendasys.com Avenda
More informationWiNG5 CAPTIVE PORTAL DESIGN GUIDE
WiNG5 DESIGN GUIDE By Sriram Venkiteswaran WiNG5 CAPTIVE PORTAL DESIGN GUIDE June, 2011 TABLE OF CONTENTS HEADING STYLE Introduction To Captive Portal... 1 Overview... 1 Common Applications... 1 Authenticated
More informationIP ADDRESS MANAGER 4.3 (IPAM)
REVIEWER S GUIDE IP ADDRESS MANAGER 4.3 (IPAM) REVIEWER S GUIDE CONTENTS Centralized IP address management 2 Automatic IPv4 subnet discovery 3 Active network scanning 4 IP address detail & history tracking
More informationManagement, Logging and Troubleshooting
CHAPTER 15 This chapter describes the following: SNMP Configuration System Logging SNMP Configuration Cisco NAC Guest Server supports management applications monitoring the system over SNMP (Simple Network
More informationTrusted Network Connect (TNC)
Trusted Network Connect (TNC) Open Standards for Integrity-based Network Access Control and Coordinated Network Security April 2011 Trusted Computing Group 3855 SW 153rd Drive, Beaverton, OR 97006 Tel
More informationReliable DNS and DHCP for Microsoft Active Directory
WHITEPAPER Reliable DNS and DHCP for Microsoft Active Directory Protecting and Extending Active Directory Infrastructure with Infoblox Appliances Microsoft Active Directory (AD) is the distributed directory
More informationCisco Application Networking Manager Version 2.0
Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager (ANM) software enables centralized configuration, operations, and monitoring of Cisco data center networking equipment
More informationEfficient and easy-to-use network access control and dynamic vlan management. Date: 4.12.2007 http:// F r e e N A C. n e t Copyright @2007, Swisscom
Efficient and easy-to-use network access control and dynamic vlan management Date: 4.12.2007 http:// F r e e N A C. n e t Copyright @2007, Swisscom 1 Connection to the enterprise LAN is often (too) easy
More informationACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Introduction to Network Security
More informationNAC Guest. Lab Exercises
NAC Guest Lab Exercises November 25 th, 2008 2 Table of Contents Introduction... 3 Logical Topology... 4 Exercise 1 Verify Initial Connectivity... 6 Exercise 2 Provision Contractor VPN Access... 7 Exercise
More informationCisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks
Cisco IT Article December 2013 End-to-End Security Policy Control Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks Identity Services Engine is an integral
More informationUsing Cisco UC320W with Windows Small Business Server
Using Cisco UC320W with Windows Small Business Server This application note explains how to deploy the Cisco UC320W in a Windows Small Business Server environment. Contents This document includes the following
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationInteroperability between Avaya IP phones and ProCurve switches
An HP ProCurve Networking Application Note Interoperability between Avaya IP phones and ProCurve switches Contents 1. Introduction... 3 2. Architecture... 3 3. Checking PoE compatibility... 3 4. Configuring
More informationWeb Authentication Application Note
What is Web Authentication? Web Authentication Application Note Web authentication is a Layer 3 security feature that causes the router to not allow IP traffic (except DHCP-related packets) from a particular
More informationNetwork Security Solutions Implementing Network Access Control (NAC)
Network Security Solutions Implementing Network Access Control (NAC) Tested Solution: Protecting a network with Sophos NAC Advanced and Switches Sophos NAC Advanced is a sophisticated Network Access Control
More informationInstalling and Using the vnios Trial
Installing and Using the vnios Trial The vnios Trial is a software package designed for efficient evaluation of the Infoblox vnios appliance platform. Providing the complete suite of DNS, DHCP and IPAM
More informationPassTest. Bessere Qualität, bessere Dienstleistungen!
PassTest Bessere Qualität, bessere Dienstleistungen! Q&A Exam : JN0-314 Title : Junos Pulse Access Control, Specialist (JNCIS-AC) Version : Demo 1 / 6 1.A customer wants to create a custom Junos Pulse
More informationLeveraging Best Practices for SolarWinds IP Address Manager
Leveraging Best Practices for SolarWinds IP Address Manager Share: Leveraging Best Practices for SolarWinds IPAM SolarWinds IP Address Manager (IPAM) is a comprehensive IP address management solution that
More informationMANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013
MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY EMEA Webinar July 2013 Protecting the Enterprise Full Footprint Mobile user Application access management & Application security Enterprise headquarters
More informationIP Address Management Solutions
White Paper IP Address Management Solutions Key Benefits Full integration with DNS & DHCP management Flexible and scalable IP Plan modeling Smart Graphical User Interface for better efficiency IP address
More informationSTARTER KIT. Infoblox DNS Firewall for FireEye
STARTER KIT Introduction Infoblox DNS Firewall integration with FireEye Malware Protection System delivers a unique and powerful defense against Advanced Persistent Threats (APT) for business networks.
More informationAdRadionet to IBM Bluemix Connectivity Quickstart User Guide
AdRadionet to IBM Bluemix Connectivity Quickstart User Guide Platform: EV-ADRN-WSN-1Z Evaluation Kit, AdRadionet-to-IBM-Bluemix-Connectivity January 20, 2015 Table of Contents Introduction... 3 Things
More informationSecurity Policies Tekenen? Florian Buijs
Security Policies Tekenen? Florian Buijs Good Old Days: IP Address = User Application = Port/Protocol Today: IP Address! User Application! Port/Protocol What are ACL s? Firewall Rules? Real World example:
More informationInfoblox Integrated IP Address Management Solution Built-in, Appliance-based DNS/DHCP/IPAM for Real-time Data and Services Delivery
Infoblox Integrated IP Address Management Solution Built-in, Appliance-based DNS/DHCP/IPAM for Real-time Data and Services Delivery Integrated IP Address Management Solution An Introduction to IP Address
More informationMobility Task Force. Deliverable F. Inventory of web-based solution for inter-nren roaming
Mobility Task Force Deliverable F Inventory of web-based solution for inter-nren roaming Version 1.1 Authors: Sami Keski-Kasari , Harri Huhtanen Contributions: James
More informationbloxtools Installation and User Guide
bloxtools Installation and User Guide Copyright Statements 2011, Infoblox Inc. All rights reserved. The contents of this document may not be copied or duplicated in any form, in whole or in part, without
More informationOneFabric Connect. Overview. Extend the OneFabric architecture to 3rd party applications DATA SHEET BENEFITS BUSINESS ALIGNMENT
DATA SHEET OneFabric Connect Extend the OneFabric architecture to 3rd party applications BUSINESS ALIGNMENT Embrace BYOD by mixing and matching managed and unmanaged devices on the same infrastructure
More informationSOLIDserver IPAM for Microsoft
Solution Paper SOLIDserver IPAM for Microsoft The volume of hardware and virtual devices connecting to the internet and to corporate networks has led to exponential growth in the number of IP addresses
More informationHP PCM Plus v3 Network Management Software Series Overview
Overview HP PCM Plus Network Management is a Microsoft Windows -based network management platform that enables mapping, configuration, and monitoring. HP PCM Plus provides security and extensibility for
More informationJuniper Networks EX Series Ethernet Switches/ Cisco VoIP Interoperability Test Results. September 25, 2009
Juniper Networks EX Series Ethernet Switches/ Cisco VoIP Interoperability Test Results September 25, 2009 Executive Summary Juniper Networks commissioned Network Test to assess interoperability between
More informationSolarWinds Log & Event Manager
Corona Technical Services SolarWinds Log & Event Manager Training Project/Implementation Outline James Kluza 14 Table of Contents Overview... 3 Example Project Schedule... 3 Pre-engagement Checklist...
More informationCisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com. 2006 Cisco Systems, Inc. All rights reserved.
Cisco Secure ACS Overview By Igor Koudashev, Systems Engineer, Cisco Systems Australia ivk@cisco.com 2006 Cisco Systems, Inc. All rights reserved. 1 Cisco Secure Access Control System Policy Control and
More informationHow to Configure Web Authentication on a ProCurve Switch
An HP ProCurve Networking Application Note How to Configure Web Authentication on a ProCurve Switch Contents 1. Introduction... 2 2. Prerequisites... 2 3. Network diagram... 2 4. Configuring the ProCurve
More informationvcloud Director User's Guide
vcloud Director 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of
More informationSecret Server Qualys Integration Guide
Secret Server Qualys Integration Guide Table of Contents Secret Server and Qualys Cloud Platform... 2 Authenticated vs. Unauthenticated Scanning... 2 What are the Advantages?... 2 Integrating Secret Server
More informationApache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, 2013 2:32 pm Pacific
Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide Revised February 28, 2013 2:32 pm Pacific Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide
More informationAutomated Network Control for
Key Differentiators Application Layer Availability: Minimizes downtime and improves the user experience by determining health at the application layer for every user. Management Automation: Provides automated
More informationBelnet Networking Conference 2013
Belnet Networking Conference 2013 Thursday 12 December 2013 @ http://events.belnet.be Workshop roaming services: eduroam / govroam Belnet Aris Adamantiadis, Nicolas Loriau Bruxelles 05 December 2013 Agenda
More informationDatasheet iscsi Protocol
Protocol with DCB PROTOCOL PACKAGE Industry s premiere validation system for SAN technologies Overview Load DynamiX offers SCSI over TCP/IP transport () support to its existing powerful suite of file,
More informationPaul Cochran - Account Manager. Chris Czerwinski System Engineer
Paul Cochran - Account Manager Chris Czerwinski System Engineer Next-Generation NAC Fast and easy deployment No infrastructure changes or network upgrades No need for endpoint agents 802.1X is optional
More informationTABLE OF CONTENTS NETWORK SECURITY 2...1
Network Security 2 This document is the exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors
More informationHosting more than one FortiOS instance on. VLANs. 1. Network topology
Hosting more than one FortiOS instance on a single FortiGate unit using VDOMs and VLANs 1. Network topology Use Virtual domains (VDOMs) to divide the FortiGate unit into two or more virtual instances of
More informationHP E-PCM Plus Network Management Software Series
Data sheet Product overview HP E-PCM Plus Network Management is a Microsoft Windows -based network management platform that enables mapping, configuration, and monitoring. HP PCM Plus provides security
More informationUNDERSTANDING IDENTITY-BASED NETWORKING SERVICES AUTHENTICATION AND POLICY ENFORCEMENT
UNDERSTANDING IDENTITY-BASED NETWORKING SERVICES AUTHENTICATION AND POLICY ENFORCEMENT John Stone CTO Cisco Systems Internetworking Ireland jstone@cisco.com 2005 Cisco Systems, Inc. All rights reserved.
More informationAsynchronous Provisioning Platform (APP)
Service Catalog Manager - IaaS Integration Asynchronous Provisioning Platform (APP) 0 Overview Implementing an asynchronous provisioning service (e.g. for IaaS) most often requires complex implementation
More informationIF-MAP Driving IT Agility through an Infrastructure Revolution
IF-MAP Driving IT Agility through an Infrastructure Revolution COMPANY OVERVIEW OVERVIEW AT A GLANCE IF-MAP does for coordination & collaboration what IP has done for connectivity. Effective use of information
More informationWHITEPAPER. Achieving Network Payment Card Industry Data Security Standard (PCI DSS) Compliance with NetMRI
WHITEPAPER Achieving Network Payment Card Industry Data Security Standard (PCI DSS) Compliance with NetMRI About PCI DSS Compliance The widespread use of debit and credit cards in retail transactions demands
More informationHOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES
HOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES Brian Levy CTO SERVICE PROVIDER SECTOR EMEA JUNIPER NETWORKS CIO DILEMA IT viewed as cost center
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationUsing WhatsUp IP Address Manager 1.0
Using WhatsUp IP Address Manager 1.0 Contents Table of Contents Welcome to WhatsUp IP Address Manager Finding more information and updates... 1 Sending feedback... 2 Installing and Licensing IP Address
More informationThe self-defending network a resilient network. By Steen Pedersen Ementor, Denmark
The self-defending network a resilient network By Steen Pedersen Ementor, Denmark The self-defending network - a resilient network What is required of our internal networks? Available, robust, fast and
More informationSavvius Insight Initial Configuration
The configuration utility on Savvius Insight lets you configure device, network, and time settings. Additionally, if you are forwarding your data from Savvius Insight to a Splunk server, You can configure
More informationNXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation
NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note Captive Portal with QR Code Copyright 2015 ZyXEL Communications Corporation Captive Portal with QR Code What is Captive Portal with QR code?
More informationCase Study - Configuration between NXC2500 and LDAP Server
Case Study - Configuration between NXC2500 and LDAP Server 1 1. Scenario:... 3 2. Topology:... 4 3. Step-by-step Configurations:...4 a. Configure NXC2500:...4 b. Configure LDAP setting on NXC2500:...10
More information» WHITE PAPER. 802.1X and NAC: Best Practices for Effective Network Access Control. www.bradfordnetworks.com
» WHITE PAPER 802.1X and NAC: Best Practices for Effective Network Access Control White Paper» 802.1X and NAC: Best Practices for Effective Network Access Control 1 IEEE 802.1X is an IEEE (Institute of
More informationPOLICY SECURE FOR UNIFIED ACCESS CONTROL
White Paper POLICY SECURE FOR UNIFIED ACCESS CONTROL Enabling Identity, Role, and Device-Based Access Control in a Simply Connected Network Copyright 2014, Pulse Secure LLC 1 Table of Contents Executive
More informationUnified Security TNC EVERYWHERE. Wireless security. Road Warrior. IT Security. IT Security. Conference Room. Surveillance.
Corporate Governance Employee Cube Road Warrior Surveillance Surveillance IT Security Data Center IT Security Conference Room Wireless security Manufacturing and Control TNC EVERYWHERE Unified Security
More informationUser Identification (User-ID) Tips and Best Practices
User Identification (User-ID) Tips and Best Practices Nick Piagentini Palo Alto Networks www.paloaltonetworks.com Table of Contents PAN-OS 4.0 User ID Functions... 3 User / Group Enumeration... 3 Using
More informationThe Importance of Standards to Network Access Control
White Paper The Importance of Standards to Network Access Control Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408.745.2000 1.888 JUNIPER www.juniper.net Part Number:
More informationCisco UCS Central Software
Data Sheet Cisco UCS Central Software Cisco UCS Manager provides a single point of management for an entire Cisco Unified Computing System (Cisco UCS) domain of up to 160 servers and associated infrastructure.
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationUser-ID Best Practices
User-ID Best Practices PAN-OS 5.0, 5.1, 6.0 Revision A 2011, Palo Alto Networks, Inc. www.paloaltonetworks.com Table of Contents PAN-OS User-ID Functions... 3 User / Group Enumeration... 3 Using LDAP Servers
More informationIT Agility that Drives Business Forward
IT Agility that Drives Business Forward Richard Stiennon Chief Research Analyst Introduction There are six factors that drive the ever changing information technology space: Growth in Users Bandwidth Processing
More informationCisco Data Center Network Manager Release 5.1 (LAN)
Cisco Data Center Network Manager Release 5.1 (LAN) Product Overview Modern data centers are becoming increasingly large and complex. New technology architectures such as cloud computing and virtualization
More informationWHITE PAPER. Automating Network Provisioning for Private Cloud
WHITE PAPER Automating Network Provisioning for Private Cloud Executive Summary Roughly 80 percent of all enterprise IT today is virtualized. Virtualization is a key enabler in deploying private clouds
More informationIntegrated IP Address Management Solution WHITEPAPER. Private Cloud Without Network Automation. Can it be done?
Integrated IP Address Management Solution WHITEPAPER Private Cloud Without Network Automation Can it be done? WHITEPAPER The Advent of Private Cloud The motivations for adopting new technology like Private
More informationWildFire Cloud File Analysis
WildFire Cloud File Analysis The following topics describe the different methods for sending files to the WildFire Cloud for analysis. Forward Files to the WildFire Cloud Verify Firewall File Forwarding
More informationNetwork-in-a-Box Solution. Services already integrated in the core switch Ideal concept for branch offices, schools or other small business networks
Network in a Box Network-in-a-Box Solution Services already integrated in the core switch Ideal concept for branch offices, schools or other small business networks Network-in-a-Box Solution The switch
More informationWhatsUp Gold vs. Orion
Gold vs. Building the network management solution that will work for you is very easy with the Gold family just mix-and-match the Gold plug-ins that you need (WhatsVirtual, WhatsConnected, Flow Monitor,
More informationConfiguring SSL VPN on the Cisco ISA500 Security Appliance
Application Note Configuring SSL VPN on the Cisco ISA500 Security Appliance This application note describes how to configure SSL VPN on the Cisco ISA500 security appliance. This document includes these
More informationDMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
More information