Popular Posts

Saturday, 29 October 2016

Network Security Basic

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Network Security Basic


In this video below, you will learn about the basic of network security or the fundamentals of network security such know about types of attack.
You need to watch this video, this video is present by APNIC.


Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Sunday, 21 August 2016

Cisco Advises Simple Steps to Protect Business Environments

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Cisco Advises Simple Steps to Protect Business Environments



Cisco’s Talos researchers have observed that organizations that take just a few simple yet significant steps can greatly enhance the security of their operations,  including:
  • Improve network hygiene, by monitoring the network; deploying patches and upgrades on time; segmenting the network; implementing defenses at the edge, including email and web security, Next-Generation Firewalls and Next-Generation IPS.
  • Integrate defenses, by leveraging an architectural approach to security versus deploying niche products.
  • Measure time to detection, insist on fastest time available to uncover threats then mitigate against them immediately. Make metrics part of organizational security policy going forward.
  • Protect your users everywhere they are and wherever they work, not just the systems they interact with and when they are on the corporate network.
  • Back up critical data, and routinely test their effectiveness while confirming  that back-ups are not susceptible to compromise.
Source: Cisco Press Release: https://newsroom.cisco.com/press-release-content?type=press-release&articleId=1780586

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Saturday, 20 August 2016

Cisco Closes ‘Security Effectiveness Gap’ with New Services and Integrated Cloud-Based Solutions

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Cisco Closes ‘Security Effectiveness Gap’ with New Services and Integrated Cloud-Based Solutions

The Cisco Press Release:


Cisco’s architectural approach makes security more effective and simple for customers


LAS VEGAS, NV – July 11, 2016 – Cisco today announced new services and cloud-based security solutions built with Cisco’s threat-centric security architecture. With best of breed security solutions uniquely architected to be integrated, automated and simple to use, the Cisco® security portfolio provides companies with a more effective approach for securing their digital business models. From the network to the endpoint to the cloud, Cisco’s architectural approach detects more threats and helps customers on average reduce their time to detection to less than 17 hours — much faster than the industry standard of 100 days.
As digital transformation brings more users, devices and applications online, companies are challenged to protect an expanding attack surface. With more space to operate in and greater opportunities to generate a profit, active adversaries are relentlessly targeting businesses, organizations and people. In response, companies are deploying up to 70 disparate security products to address a variety of needs — a practice that is difficult to manage and often leaves businesses more vulnerable.
While potentially increasing capabilities, this conventional, niche-product approach to security can create unmanageable complexity that results in a security effectiveness gap for companies. Through its security architecture, the Cisco security portfolio increases capabilities but also decreases complexity — offering an alternative approach for customers that helps them close the gap and be more secure.
By combining unprecedented network visibility and its breadth of integrated products, Cisco makes it simple for distributed and mobile businesses to deploy effective security where needed from the branch office to headquarters or with the end user wherever they go. Cisco embeds security into the points of connection that users traverse so that the network, access points or endpoints are safe before a user even logs on. 
Announced today, Cisco is releasing the following solutions and services that make effective security simpler for customers:
  • Cisco Umbrella RoamingThis centralized, cloud-delivered protection is the simplest way to remove off-network blind spots, guarding roaming employees wherever they work. With Umbrella Roaming, now embedded as a module with AnyConnect® (Cisco’s VPN solution), organizations can add a new layer of off-network protection that blocks connections to malicious sites without needing to deploy another agent.
  • Cisco Umbrella Branch This cloud-delivered solution gives businesses more control over guest Wi-Fi use with easy content filtering. With Umbrella Branch, businesses can simply upgrade Integrated Services Routers (ISR) for simple, fast and comprehensive security at branch locations.
  • Cisco Defense Orchestrator: This cloud-based management application enables users to easily and effectively manage a large security infrastructure and policies in distributed locations across thousands of devices through a simple cloud-based console. It cuts through complexity to manage security policies across Cisco security products from ASA and ASAv firewalls to Cisco Firepower™ next-generation firewalls and ASA with FirePOWER™ Services featuring Firepower Threat Defense, and OpenDNS.
  • Cisco Meraki® MX Security Appliances with Advanced Malware Protection (AMP) and Threat GridThis completely cloud-managed unified threat management (UTM) solution simplifies advanced threat protection for the distributed enterprise, providing branch offices with malware protection that checks files against its cloud database to identify malicious content, blocking the files before users download them.
  • Cisco Stealthwatch Learning Network License: This component enables the Cisco ISR to act as a security sensor and enforcer for branch threat protection. It allows businesses to detect and track anomalies in network traffic, analyze suspicious network activity, and identify malicious traffic.
Additionally, Cisco Security Services for Digital Transformation enables organizations to build a strong security foundation, which is the key to successful business outcomes. The new service helps organizations examine core security fundamentals that identify their readiness to adopt digital technologies. Expert advisers recommend security strategies and provide tailored solutions based on industry trends and vital business needs to achieve agility, innovation and growth.
Cisco’s channel partners are playing a strategic role in helping customers build and manage their security infrastructures. The new security offerings, announced today, will help channel partners design simple, open and automated solutions for their customers around the industry’s most effective security portfolio. With enhanced cloud-based protection and solutions that simplify overall security management, Cisco is opening up new service opportunities for partners to manage their customers’ security services and tap into recurring revenues.
Read out more here on Cisco Press Release site: https://newsroom.cisco.com/press-release-content?type=press-release&articleId=1777284

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Cisco Prepares Networking Industry for Transformation to Digital-Ready Networks

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Cisco Prepares Networking Industry for Transformation to Digital-Ready Networks

The Cisco Press Release:


Company also improves threat visibility and enforcement capabilities with new security technology embedded into the network


LAS VEGAS, July 11, 2016: Cisco today announced it will help engineers, developers, partners and customers embrace a monumental change in how networks are built and managed—preparing the industry for the transition to digital-ready networks. Cisco is also building on the intersection between security and networking with new technologies designed to simplify branch office security and make it more effective. 
In March, Cisco launched the Digital Network Architecture (Cisco DNA)—a radical new approach to networking designed for the digital era. As customers embrace mobility, cloud, analytics and the Internet of Things (IoT) to digitize their business, IT teams are struggling to keep up with the ever-increasing complexity of the network, sophistication of security attacks and growing customer expectations. Cisco realized that traditional networks simply could not scale to meet the increasing demands of the digital business. A new network was needed for the digital era. A network designed from the ground up to be flexible, programmable and open. Cisco DNA helps IT address these demands by moving networking from hardware-centric to software-driven, from manual to automated, and from reactive to adaptive.
"Organizations need to address the expanding threat landscape across mobility and cloud, while facing increasingly sophisticated security attacks,” says Jeff Reed, senior vice president, Networking Infrastructure and Solutions at Cisco. “With DNA, Cisco is reinventing how we secure networks for the digital era by embedding advanced security capabilities into a single network architecture. But technology alone isn’t enough. We are also preparing IT professionals with new skills, training network-savvy developers and helping customers navigate the journey to digital-ready networks."
Effective Security Starts with the Network
Using the network to elevate threat visibility and enforcement is one of the key tenants of Cisco DNA. Today, Cisco is introducing three new technologies that embed security into the branch office infrastructure to provide greater protection to the business:
  • Umbrella Branch gives organizations simple, fast and comprehensive security at their branches by putting them in control. After activating the software on Cisco’s popular branch office router, the Cisco ISR 4000 Series, IT can apply content filtering and block malware, phishing, and C2 callbacks before these threats can reach the network—even when offices connect directly to the Internet.
  • Stealthwatch Learning Network License extends Cisco’s market leading network as a sensor and enforcer capability for branch-level threat detection and response. The software resides on the Cisco ISR 4000 Series and offers new adaptive security anomaly detection technology. The solution works by analyzing data only available on the network device to identify malicious traffic and instantly protect branch network from immediate threats. 
  • Meraki MX Security Appliances with AMP and Threat Grid make it simpler than ever to deploy and manage advanced threat protection capabilities. This integration combines the streamlined cloud management of Meraki with best-in-class threat protection, enabling administrators to rapidly detect, contain, and remediate threats.
Beyond Technology Innovation
To turn the Cisco DNA vision into reality, Cisco is rallying its vast global ecosystem—from customers and engineers to partners and developers – to build the skills necessary to scale, secure, and innovate on digital-ready networks. 
  • Network Engineers: Cisco certified networking engineers build and operate the world’s most sophisticated networks. As the network becomes more automated and software-driven, these engineers must expand their programmability skills and deliver more value to the enterprise. Cisco is upgrading its career certification portfolio to help fill that rapidly growing need — including a new Cisco Certified Internetwork Expert (CCIE) framework that is being launched across all expert-level certifications along with a new Cisco Network Programmability Engineer Specialist Exam. (Read this blog for more details.)
  • Application Developers: As the network becomes more open and programmable, the developer community will become critical, unlocking the potential of Cisco DNA with a new generation of network-aware applications. DNA is a key element of DevNet—Cisco’s 300,000 strong development community. Here in Las Vegas, Cisco held a two-day event designed as a springboard for developers wanting to leverage the interfaces to rapidly program and pull analytics off of network controllers and devices. The event sold out almost immediately, and was viewed as a resounding success. Cisco plans to roll out similar events globally over the next year. (Read this blog for more details.)
  • Channel Partners: After years of building hardware-centric networks, Cisco’s 70,000 channel partners are evolving to flexible networks driven by software. Over the years, Cisco and its partners have evolved through numerous market transitions together. Now, Cisco is helping partners evolve their networking practices, develop new skills and open up business opportunities around automation, analytics and security. Cisco continues to offer partner incentive programs and has designed new software business roles within our existing Partner Ecosystem to help accelerate this transition. (Read thisblog for more details.)
The Journey to Digital-Ready Networks
Cisco is helping IT customers navigate the journey to a digital-ready network by introducing a network readiness model. The model identifies the five key elements of network readiness: automation, analytics, assurance, security, cloud and IoT. This model builds out a customer’s journey across the five phases, with a new tool helping customers to assess their current state, followed by recommended steps to better guide their network transformation.
Cisco-sponsored IDC research reveals that many customers are already embarking on the journey to a digital-ready network:
  • Four out of five of organizations surveyed have not yet aligned their business and networking strategies;
  • Those that have are seeing double the revenue growth compared to their non-aligned peers;
  • The percentage of customers who plan to implement software-delivered, automation-capable networks will more than triple over the next two years from 13 to 44 percent.
Read out more details on Cisco Press Release Website here: https://newsroom.cisco.com/press-release-content?type=press-release&articleId=1777470

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Cisco Launches $10 Million Global Cybersecurity Scholarship to Increase Talent Pool; Introduces New and Updated Certifications

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Cisco Launches $10 Million Global Cybersecurity Scholarship to Increase Talent Pool; Introduces New and Updated Certifications



Cisco Press Release:

Company Bolsters Ongoing Efforts to Equip IT Security Industry with Needed Technical Talent to Keep Organizations Secure and Productive in the Digital Age


SAN JOSE, Calif., June 14, 2016 – Cybersecurity provides the critical foundation organizations require to protect themselves, enable trust, move faster, add greater value and grow. However, research indicates there will be a global shortage of two million cybersecurity professionals by 2019. To help close this security skills gap, Cisco is introducing a $10 million Global Cybersecurity Scholarship program and enhancements to its security certification portfolio.
The Global Cybersecurity Scholarship Program
  • To address the shortfall of security talent, Cisco will invest $10 million in a two-year Global Cybersecurity Scholarship program to increase the pool of available talent with critical cybersecurity proficiency.
  • Cisco will offer training, mentoring and certification that align with the Security Operations Center Analyst industry job role.
  • Cisco will deliver the program in partnership with key Cisco Authorized Learning Partners. This training is designed to address the critical skills deficit, providing on-the-job readiness needed to meet current and future challenges of network security.
Certification Portfolio Updates
  • Cisco is introducing a new Cyber Ops Certification to its portfolio of security certifications and revising its CCIE Security Certification.
  • CCNA Cyber Ops focuses on the role of the security analyst working in a Security Operations Center (SOC) which monitors systems and detects attacks. It introduces IT personnel to some of the skills needed in a SOC, giving them an understanding of how responses are coordinated.
  • The CCNA Cyber Ops expands Cisco’s existing associate-level certification offerings, which includes the CCNA Securitydesignation, which focuses on the network security administrator role.
  • The CCIE Security revision addresses new expert-level skills and education needed to prepare security personnel for evolving technologies and security threats. This revision includes assessments on the latest security technologies, including Advanced Threat Protection, Advanced Malware Protection, Next-Generation IPS, Virtualization, Automation and Information Exchange. It also includes a new assessment approach focused on ensuring that candidates demonstrate knowledge and skills with evolving technologies, such as Network Programmability, Cloud and IoT.
Read More Here on Cisco Press Release: https://newsroom.cisco.com/press-release-content?type=press-release&articleId=1772385

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

IP Traffic Will be Tripled by 2020?

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

IP Traffic Will be Tripled by 2020?


As we already know, devices like smart phones, computers and many more using IP is increasing daily. So, how the IP traffic will be tripled by 2020?

Base on Cisco Press Release:

Growth Driven by More Than One Billion New Internet Users and 10 Billion New Devices and Connections Over the Next Five Years


SAN JOSE, Calif. – June 7, 2016— According to today’s release of the Cisco Visual Networking Index™ (VNI) Complete Forecast for 2015 to 2020, global IP traffic will nearly triple at a compound annual growth rate (CAGR) of 22 percent over the next five years.  More than one billion new Internet users are expected to join the global Internet community, growing from three billion in 2015 to 4.1 billion by 2020. The global digitization transformation, based on the adoption of personal devices and deployment of machine-to-machine (M2M) connections will have an even greater impact on traffic growth. Over the next five years, global IP networks will support up to 10 billion new devices and connections, increasing from 16.3 billion in 2015 to 26.3 billion by 2020. There are projected to be 3.4 devices and connections per capita by 2020—up from 2.2 per capita in 2015.
Advancements in the Internet of Things (IoT) are continuing to drive IP traffic and tangible growth in the market. Applications such as video surveillance, smart meters, digital health monitors and a host of other M2M services are creating new network requirements and incremental traffic increases. Globally, M2M connections are calculated to grow nearly three-fold from 4.9 billion in 2015 to 12.2 billion by 2020, representing nearly half (46 percent) of total connected devices. The connected health consumer segment will have the fastest growth (five-fold) of M2M connections from 2015 (144 million) to 2020 (729 million).The connected home segment will have the largest volume of M2M connections over the forecast period with 2.4 billion in 2015, growing to 5.8 billion by 2020—nearly half of all M2M connections.
Video services and content continue to be the dominant leader compared with all other applications. Internet video will account for 79 percent of global Internet traffic by 2020—up from 63 percent in 2015. The world will reach three trillion Internet video minutes per month by 2020, which is five million years of video per month, or about one million video minutes every second. HD and Ultra HD Internet video will make up 82 percent of Internet video traffic by 2020—up from 53 percent in 2015.
With the growing dependence on mobile and fixed broadband networks, security concerns are increasingly becoming top of mind for service providers, governments, businesses and consumers. For the first time in this forecast, Cisco collaborated with Arbor Networks to help quantify the current and future threats of DDoS (Distributed Denial of Service) attacks. DDoS incidents can paralyze networks by flooding servers and network devices with traffic from multiple IP sources. The new DDoS analysis suggests that these types of breaches can represent up to 10 percent of a country’s total Internet traffic while they are occurring. Over the next five years, DDoS attacks are projected to increase from 6.6 million to 17 million attacks. These initial findings underscore the need for more comprehensive security measures to protect data and reduce network exposure to such risks.
“The digital transformation is happening now for billions of consumers and businesses users across the globe,” said Doug Webster, vice president of service provider marketing, Cisco. “Innovation is imperative for Cisco and its service provider customers to deliver scalable, secure, high-quality services and experiences over all types of broadband network infrastructures.”
Read More here on Cisco Press Release: https://newsroom.cisco.com/press-release-content?type=press-release&articleId=1771211

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Sunday, 14 August 2016

Safe Online Surfing for Your Children

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Safe Online Surfing for Your Children



Based on FBI(Federal Bureau of Investigation): The FBI Safe Online Surfing (FBI-SOS) program is a nationwide initiative designed to educate children in grades 3 to 8 about the dangers they face on the Internet and to help prevent crimes against children.
It promotes cyber citizenship among students by engaging them in a fun, age-appropriate, competitive online program where they learn how to safely and responsibly use the Internet.
The program emphasizes the importance of cyber safety topics such as password security, smart surfing habits, and the safeguarding of personal information.
For more information, visit the Safe Online Surfing website.

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

How to Protect Your Computer from intrusion

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

How to Protect Your Computer from intrusion

Everyone may have own computer to access and connecting to Internet. Talking about Internet, Internet is a big network. So, computer is an element or a part of a network. To have a network with security, at first you must think about to secure or to protect your computer.


Below are some key steps to protecting your computer from intrusion:
Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.
Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users. //Source: FBI
Below is the brief step by Comodo:
Here are five simple, but critical steps to protect your computer,
  1. Install Firewall.
  2. Install Antivirus Software.
  3. Install Anti-Spyware Software.
  4. Use Complex and Secure Passwords.
  5. Check on the Security Settings of the Browser.

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Saturday, 4 June 2016

Learn BGP Protocol: First Basic About BGP You Should Know

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Learn BGP Protocol: First Basic About BGP You Should Know

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet.



Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. The protocol is often classified as a path vector protocol but is sometimes also classed as a distance-vector routing protocol. The Border Gateway Protocol makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator and is involved in making core routing decisions.
BGP may be used for routing within an autonomous system. In this application it is referred to as Interior Border Gateway Protocol, Internal BGP, or iBGP. In contrast, the Internet application of the protocol may be referred to as Exterior Border Gateway Protocol, External BGP, or EBGP.

- The current version of BGP is version 4 (BGP4 or BGP-4) codified in RFC 4271 since 2006.
- Version 4 of BGP has been in use on the Internet since 1994. The major enhancement in version 4 was support for Classless Inter-Domain Routing and use of route aggregation to decrease the size of routing tables.

- Most Internet service providers must use BGP to establish routing between one another (especially if they are multihomed). Compare this with Signaling System 7 (SS7), which is the inter-provider core call setup protocol on the PSTN.
- Very large private IP networks use BGP internally. An example would be the joining of a number of large OSPF (Open Shortest Path First) networks where OSPF by itself would not scale to size. Another reason to use BGP is multihoming a network for better redundancy, either to multiple access points of a single ISP or to multiple ISPs.

- BGP neighbors, called peers, are established by manual configuration between routers to create a TCP session on port 179. - When BGP runs between two peers in the same autonomous system (AS), it is referred to as Internal BGP (iBGP or Interior Border Gateway Protocol). When it runs between different autonomous systems, it is called External BGP (EBGP or Exterior Border Gateway Protocol). Routers on the boundary of one AS exchanging information with another AS are called border or edge routers or simply eBGP peers and are typically connected directly, while iBGP peers can be interconnected through other intermediate routers. Other deployment topologies are also possible, such as running eBGP peering inside a VPN tunnel, allowing two remote sites to exchange routing information in a secure and isolated manner. The main difference between iBGP and eBGP peering is in the way routes that were received from one peer are propagated to other peers. For instance, new routes learned from an eBGP peer are typically redistributed to all other iBGP peers as well as all eBGP peers (if transit mode is enabled on the router). However, if new routes were learned on an iBGP peering, then they are re-advertised only to all other eBGP peers. These route-propagation rules effectively require that all iBGP peers inside an AS are interconnected in a full mesh. Filtering routes learned from peers, their transformation before redistribution to peers or before plumbing them into the routing table is typically controlled via route-maps mechanism. These are basically rules which allow the application of certain actions to routes matching certain criteria on either ingress or egress path. These rules can specify that the route is to be dropped or, alternatively, its attributes are to be modified. It is usually the responsibility of the AS administrator to provide the desired route-map configuration on a router supporting BGP.

In order to make decisions in its operations with peers, a BGP peer uses a simple finite state machine (FSM) that consists of six states: Idle; Connect; Active; OpenSent; OpenConfirm; and Established. For each peer-to-peer session, a BGP implementation maintains a state variable that tracks which of these six states the session is in. The BGP defines the messages that each peer should exchange in order to change the session from one state to another. The first state is the "Idle" state. In the "Idle" state, BGP initializes all resources, refuses all inbound BGP connection attempts and initiates a TCP connection to the peer. The second state is "Connect". In the "Connect" state, the router waits for the TCP connection to complete and transitions to the "OpenSent" state if successful. If unsuccessful, it starts the ConnectRetry timer and transitions to the "Active" state upon expiration. In the "Active" state, the router resets the ConnectRetry timer to zero and returns to the "Connect" state. In the "OpenSent" state, the router sends an Open message and waits for one in return in order to transition to the "OpenConfirm" state. Keepalive messages are exchanged and, upon successful receipt, the router is placed into the "Established" state. In the "Established" state, the router can send/receive: Keepalive; Update; and Notification messages to/from its peer.
- Idle State: Refuse all incoming BGP connections. Start the initialization of event triggers. Initiates a TCP connection with its configured BGP peer. Listens for a TCP connection from its peer. Changes its state to Connect. If an error occurs at any state of the FSM process, the BGP session is terminated immediately and returned to the Idle state. Some of the reasons why a router does not progress from the Idle state are: TCP port 179 is not open. A random TCP port over 1023 is not open. Peer address configured incorrectly on either router. AS number configured incorrectly on either router.
- Connect State: Waits for successful TCP negotiation with peer. BGP does not spend much time in this state if the TCP session has been successfully established. Sends Open message to peer and changes state to OpenSent. If an error occurs, BGP moves to the Active state. Some reasons for the error are: TCP port 179 is not open. A random TCP port over 1023 is not open. Peer address configured incorrectly on either router. AS number configured incorrectly on either router.
- Active State: If the router was unable to establish a successful TCP session, then it ends up in the Active state. BGP FSM tries to restart another TCP session with the peer and, if successful, then it sends an Open message to the peer. If it is unsuccessful again, the FSM is reset to the Idle state. Repeated failures may result in a router cycling between the Idle and Active states. Some of the reasons for this include: TCP port 179 is not open. A random TCP port over 1023 is not open. BGP configuration error. Network congestion. Flapping network interface.
- OpenSent State:BGP FSM listens for an Open message from its peer. Once the message has been received, the router checks the validity of the Open message. If there is an error it is because one of the fields in the Open message does not match between the peers, e.g., BGP version mismatch, the peering router expects a different My AS, etc. The router then sends a Notification message to the peer indicating why the error occurred. If there is no error, a Keepalive message is sent, various timers are set and the state is changed to OpenConfirm.
- OpenConfirm State: The peer is listening for a Keepalive message from its peer. If a Keepalive message is received and no timer has expired before reception of the Keepalive, BGP transitions to the Established state. If a timer expires before a Keepalive message is received, or if an error condition occurs, the router transitions back to the Idle state.
- Established State: In this state, the peers send Update messages to exchange information about each route being advertised to the BGP peer. If there is any error in the Update message then a Notification message is sent to the peer, and BGP transitions back to the Idle state. If a timer expires before a Keepalive message is received, or if an error condition occurs, the router transitions back to the Idle state.

- The BGP standard specifies a number of decision factors, more than are used by any other common routing process, for selecting NLRI (Network Layer Reachability Information) to go into the Loc-RIB (Routing Information Base). The first decision point for evaluating NLRI is that its next-hop attribute must be reachable (or resolvable). Another way of saying the next-hop must be reachable is that there must be an active route, already in the main routing table of the router, to the prefix in which the next-hop address is reachable. Next, for each neighbor, the BGP process applies various standard and implementation-dependent criteria to decide which routes conceptually should go into the Adj-RIB-In. The neighbor could send several possible routes to a destination, but the first level of preference is at the neighbor level. Only one route to each destination will be installed in the conceptual Adj-RIB-In. This process will also delete, from the Adj-RIB-In, any routes that are withdrawn by the neighbor. Whenever a conceptual Adj-RIB-In changes, the main BGP process decides if any of the neighbor's new routes are preferred to routes already in the Loc-RIB. If so, it replaces them. If a given route is withdrawn by a neighbor, and there is no other route to that destination, the route is removed from the Loc-RIB, and no longer sent, by BGP, to the main routing table manager. If the router does not have a route to that destination from any non-BGP source, the withdrawn route will be removed from the main routing table.

==>More to come about BGP protocol,Don't forget to check back later,thanks!

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!