We recently had a chance to showcase the new ISR 4000 Series. ISR remains the acronym for this family as it stands in for ‘Integrated Services Router.’ I am sure we made this argument before, but one way to characterize this one is to see just how much the innovation swings towards the ‘I’ and the ’S’ these days. It makes sense.Read More
Auto-negotiation enables devices to automatically exchange information over a link about speed and duplex abilities. When it doesn't work, you need to resolve the problem quickly. Jimmy Ray Purser provides a few tips about how auto negotiation works and what to look for when you get the dreaded "my connection is slow" call.
There is so something intriguing about ‘secrets’ and the ability to communicate openly yet know that only your intended recipient can ‘decode’ your message. The concept is of course not a new one. Its the practice of this in our now digital age that has had to advance and withstand increasingly complex challenges to survive.
This show signals the new shift now happening as we move to the latest set of secure protocols needed for the next decade and beyond. We brought in Cisco’s NGE (Next Generation Encryption) expert, Dr. David McGrew. David is a Cisco Fellow who not only specializes in secure communications within our Router and Switch Security Group, but somewhere along the line got his Ph.D. In Theoretical Nuclear Physics. Geeez.
David was our sole guest on this show so that we could cover several aspects of NGE. He has some very good blog entries to review on this for further coverage. (Panos Kampanakis also covered NGE). Another good one to read for background here is David’s blog entry on the importance of the key…no matter how strong the cipher.
Secure communication includes encryption, message authentication, key establishment, digital signatures and hashing. Over the past 30 years, public key cryptography has become a mainstay for secure communications over the Internet and throughout many other forms of communications. They form the basis for key management and authentication for IP encryption (IKE/IPSEC), web traffic (SSL/TLS) and secure electronic mail.For digital signatures, public key cryptography is used to authenticate the origin of data and protect the integrity of that data.
Fascinating spy vs spy stuff for just about any audience - but also required knowledge for the networking geek. Why is that?
Two big reasons:
1. Moore’s Law - Moore’s law ensures that our crypto security gets just a little weaker every day. This means that we need to deploy cryptographic protocols that will remain secure for the NEXT 10 to 15 years. There is no way to know when an attacker has broken your cipher and is reading your traffic.
2. Mobility and Performance - New techniques have been developed which offer both better performance and higher security than these first generation public key techniques. The best assured group of new public key techniques is built on the arithmetic of elliptic curves and is ideal for our increasingly smaller devices.
Cisco Fellow, David McGrew has been instrumental in the development of GCM, or the Galois/Counter Mode algorithm which is also key to his work advancing Next Generation Encryption. With David’s help, we explore and explain what you need to know about cryptography from the basics to the advanced so you can properly prepare yourself and your network for the next 10 years and beyond.
1. Why We Need Cryptographic Awareness
Learn how and why encryption can be a challenging subject to master but valuable even at the beginning levels.
2. Introduction to Next Generation Encryption
Securing your communications data requires a 10 year plan and the time to start is now. Join TechWiseTV and Cisco Fellow David McGrew as we introduce the need for Next Generation Encryption by fully understanding the suite of cryptographic protocols in use today. Know what to watch for and where certain protocols make more sense than others.
3. Roadblocks to Next Generation Encryption
NGE or Next Generation Encryption has technically been around since the 1980’s. Couple this with our claim today that it is a superior encryption method and it begs the question - why is not in place already? Cisco Fellow and Cryptanalyst David McGrew returns to answer this question and more as we continue our cryptographic awareness series. What you really need for commercial grade communications and more.
4. Elliptic Curve Cryptography - Master Class
Public-key cryptography is based on the intractability of certain mathematical problems. Early public-key systems are secure assuming that it is difficult to factor a large integer composed of two or more large prime factors. For elliptic-curve-based protocols, it is assumed that finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is infeasible. The size of the elliptic curve determines the difficulty of the problem. The primary benefit promised by ECC is a smaller key size, reducing storage and transmission requirements. Watch this TechWiseTV segment to watch an Engineer from Tennessee simply these concepts with nothing but a whiteboard.
5. Cisco, NGE and You
Robb and Jimmy Ray wrap up the Next Generation Internet story with an important review of deployment techniques and best practices.
LINKS OF INTEREST:
Contributors: Emma Kilcoyne, David McGrew
Guest: Dr. David McGrew, Cisco Fellow
As always...thank you for watching!
Watch our fan film: Raiders of the Lost Ark
Keep up: techwisetv.com, fundamentals.techwisetv.com, blog.techwisetv.com
Episode 118, Project ID 1206
Taped July 10, 2012, Released August 3, 2012
Guests: Vasanth Raghavan, Manu Parbhakar, Adam Groudan
Don't leave the 'S' out of your ISR...
Are you getting all the value you can out of your router? Chances are high that you either have a high performance machine at the edge of your network that is just idling or you will soon. The value of this show applies equally to those of you who roll your own as well as leverage services from our service provider partners.
Don't miss the workshop!
Virtual AND Extensible
Episode 117, Project ID 1060
Taped May 15, 2012, Released June 13, 2012
Guests: Anurag Gurtu, Matt Bolick, Vijay Sagar, Prashanth Shenoy, Zeus Kerravala
As a fundamental and critical part of a successful cloud implementation, the network is poised for incredible leaps of intelligence. The WAN has been re-defined as Weak Area Network contributing to poor performance, inadequate security, lack of visibility and complex management. An intelligent network endows the WAN with the efficiency of cloud and and the confidence of a private network. This TechWiseTV episode is stuffed with incredible innovations that deliver on a cloud journey you can embrace.