1 6 7 8 9 10 Previous Next

Geek Speak

1,244 posts

Last time I explained how quantum computing relies on the phenomenon of 'superposition'. And though this year the NSA is spending $79.7 million on quantum computing research and development projects, the recent award-winning achievements in particle physics tell us that a quantum computing platform would most likely take years if not decades to engineer.


At stake in the effort, besides a new era of computing with mind-boggling power and scale, would be a breakthrough in code-breaking, enabling access to AES encrypted data already being warehoused in Bluffdale, Utah. Since the value of that data decreases based on the time it takes to break the cipher protecting it, a quantum computing platform that takes decades to complete would be of decreasing value with regards to data warehoused now. In short, assuming you use an AES cipher to protect the privacy of your data now, how much would you care if the NSA gained access to 2014 data sometime between 2034 and 2064?


Generating Encryption Keys


The National Institute of Standards and Technology (NIST) publishes a series Federal Information Processing Standards (FIPS) documents related to information security. FIPS PUB 140-2 lays out criteria for accrediting cryptographic modules. If you adhere to FIPS 197 in implementing AES within a computer application, for example, then NIST's Cryptographic Module Validation Program (CMVP), using criteria in FIPS 140-2, validates your application as FIPS-compliant.


If encryption software does not generate random keys and protect those keys from interception, then the software only guarantees that its ciphered data is secure from those who do not know how to exploit its key management flaws. You can imagine the trouble with CMVP's integrity were they to certify a non-secure key generation module--which, yes, they seem to have done with RSA Corporation's BSAFE cryptographic system. Since 2004 BSAFE has been generating keys that are accessible to the NSA via an engineered backdoor.


Worse than CMVP's implied incompetence in validating BSAFE is its possible collusion with the NSA in getting BSAFE's Dual_EC_DRBG key generation backdoor into circulation as  part of a trusted cipher system. And in any case, the verifiability of any cryptographic system is a sorely open issue. If we can't trust NIST, then who can we trust to verify the cryptography we use but do not create ourselves?


The Cost of RSA's Profitability


Security experts have been aware of the flaws in BSAFE's key generation since 2007, two years after the BSAFE specification was published. Only with a recent Snowden-sourced story did we learn that the NSA paid RSA $10 million to make the rigged Dual_EC_DRBG component the default random number generator for BSAFE.


Among other things, we have another confirmation that verifiably AES-based key generation and data encryption are the only truly secure cryptopgraphy options in our contemporary context. Trusting the source of your software for monitoring network devices is more important than you may have thought.

What we are going to learn today: Kiwi logo 2.png needn’t always be a bird or a fruit. For IT pros, it can also be a Syslog Server.


If you don’t know this already, Kiwi® Syslog Server is a log management software for Windows® platform that collects, consolidates, displays, stores, alerts and forwards syslog and SNMP trap messages from network devices, such as routers, switches, Linux® and Unix® hosts, and other syslog and trap-enabled devices. Let’s look at 5 MOST USEFUL LOG MANAGEMENT OPERATIONS you can perform with Kiwi Syslog Server.


#1 Monitor Syslog Messages & SNMP Traps from Network Devices & Servers

Kiwi Syslog Server listens to syslog messages and SNMP traps from routers, switches, firewalls, servers and other syslog and trap-enabled devices. Kiwi Syslog Server collects these messages from various sources and displays them on a centralized Web console for easy and secure access. You can also

  • Filter messages by host name, host IP address, priority, message text keyword, or time of day
  • Generate graphs of syslog statistics over specific time periods


#2 Automate Alerts for Incoming Syslog Messages

Kiwi Syslog Server provides an intelligent alert functionality to help you get notified when a syslog with a predefined criteria is met (based on time, type of syslog message, syslog source, etc.). By default, Kiwi has the following syslog priority levels which helps you immediate understanding of the syslog message for any follow-up action.


Level 0


System is unusable

Level 1


Action must be taken immediately

Level 2


Critical conditions

Level 3


Error conditions

Level 4


Warning conditions

Level 5


Normal but significant condition

Level 6


Informational messages

Level 7


Debug-level messages


Based on the type/priority of syslog message received, you can schedule an email notification, or play a sound to alert you, or run an external program, forward the alert as a syslog message to another server or database.


#3 Schedule Syslog Archive & Clean-Up Actions

Kiwi Syslog Server has an integrated scheduler that allows you to schedule and run automated archival and clean-up tasks.


  1. Scheduled Archival: Kiwi Syslog Server allows you to schedule archive options defining the source, destination, archive frequency and notification options. This tasks allows you to copy or move logs from one location to another, compress the files into individual or single archives, encrypt those archives, create multi-part archives, create file or archive hashes, run external programs, and much more.
  2. Scheduled Clean-Up: The clean-up task removes/deletes files from the source location that match a specified criteria. This task can be scheduled to occur over any interval or at any date and time desired, or at application/service start-up.


You can also easily customize and implement your organizational log retention policy to meet international compliance standards such as SOX, PCI-DSS, FISMA & more.


#4 Forward & Archive Windows Event Logs

Kiwi Syslog Servers offers the free Log Forwarder for Windows which allows you to forward all your event logs from your Windows servers and workstations to Kiwi Syslog Server and perform scheduled archive to one or more disks in the form of log files.


#5 Securely Transport Syslog Messages Across Any Network (LAN or WAN)

With the help of the free, optional, Kiwi Secure Tunnel, you can receive, compress and securely transport syslog messages from distributed network devices and servers to your instance of Kiwi Syslog Server. Kiwi Secure Tunnel is made up of a client and a server. The Tunnel Client gathers messages from one or more devices on a network and forwards the messages across a secure link to the Tunnel Server. The Server then forwards the messages on to your Kiwi Syslog Server instance.


As you can see, Kiwi Syslog Server can help you simplify most of your log management tasks for syslog messages. This is just a summary of some of the major and common operations that you can accomplish with Kiwi Syslog Server. To explore more features, do visit www.kiwisyslog.com.



(Yes, this title was inspired from Superman opening credits. If you want to watch the clip: https://www.youtube.com/watch?v=OjS6B4KuPY0)


Troubleshooting port blockage

Posted by cyrussw Jan 20, 2014

Sometimes when installing an application on a server, users will run into the issue where the desired port is being blocked by another application. Rather than installing 3rd party software to determine what application is blocking the port, we can use tools that already come standard with Windows. Here we will discuss one way of determining what application is using what port.


There are two tools we will need:

  • Command prompt
  • Windows Task manager


For example let’s assume that a syslog application was installed on a server only to find out that port 514 is already in use. To determine what application is blocking the port we must perform the following steps:


      1. First we notice that port 514 is already in use:




      2. Bring up a command prompt and run the command netstat –a –o –p udp | find “514”



    • -a displays all connections and listening ports
    • -o displays the process id (very important)
    • -p displays the desired protocol (here we are interested in UDP)
    • We can also specify the specific port of interest. Here we are interested in port 514



     3. Note that the Process ID (PID) associated with the blocked port is 6724. Now we need to find out what application owns PID 6724. To do this we bring up the Windows Task Manager and under “View” and     

        “Select Columns…” select the option for “PID (Process Identifier).”




     Next Click “Ok” and you will now see the PIDs displayed in Windows Task Manager.


     4. When I search for the application associated with PID 6724 we can see that SyslogService.exe*32 is using port 514.



     Our options are to either use the syslog server currently running or kill the PID which will make port 514 available.


What's New in LEM 5.7

Posted by DanaeA Jan 17, 2014

SolarWinds Log & Event Manager (LEM) v5.7 provides the following usability and performance enhancements:

  • nDepth Scheduled Searches
    • Schedule nDepth searches to run automatically once or on a recurring basis
    • Scheduled Searches can also be shared between users
    • Email search results as a CSV attachment, or generate an event notifying you of search completion
    • Agents are using Java 7 in this release
  • Agent Node License Recycling - Each time a VM desktop is created, an agent connects to LEM and a license is used. This continues to happen as desktops are created and destroyed, eventually causing all licenses to be used. License recycling allows you to collect and reuse licenses from nodes that have not sent an event to the LEM manager within a specified amount of time
      • Define a schedule to automatically recover unused agent licenses
      • Specify a virtual desktop and workstation devices where licenses can be recovered
  • Scalability Enhancements
    • Improved rules engine and appliance-side processing
  • FIPS Self-Certification
  • Additional Improvements
    • Create User-Defined Groups more easily with the new CSV import
    • Deploy LEM to Hyper-V® on Windows 2012 R2
    • New connectors for NetApp®, IBM®, Brocade, and more


For more information on using LEM, please visit the following fount of information on all that is LEM Log & Event Manager

Part of your role as a system administrator is to oversee the network infrastructure that supports your company’s critical business applications. Therefore, you likely devote most of your time keeping the network up and running and performing optimally. Nevertheless, there are still occasions where you experience unexpected network outages. That’s the reality of network management. So, what does it take to stay ahead of these unforeseen breakdowns? Here are some suggestions that will simplify your administration efforts and help you be better prepared for a ‘bad day’.

Maintain a Current Device Inventory List: Keep an updated device inventory list with details of your network components such as ports, interfaces in use, hardware details, servers, virtual machines, network storage, and so on. It’s important that you regularly monitor these pieces as they directly impact network performance. Having an up-to date asset database helps you track all of your IT equipment for device replacements, end-of-life information, device configuration changes, and the status of devices in use and not in use.

Configure SNMP and Flow Technologies: SNMP (Simple Network Message Protocol) fetches performance metrics from your network devices. There are different versions of SNMP available and you can configure an appropriate version based on your data requirements and the significance of the device. To enable SNMP for a Cisco® router or switch, you can telnet to the device, go to the configuration mode, and add a read-only or read-write community string. SNMP community strings are like passwords and enable monitoring on network devices. In addition, you can enable SNMP traps to receive unsolicited trap notifications or requests on the status of a network device.

Similarly, enabling flow technologies on routers and switches helps furnish data that can be used to analyze traffic and bandwidth usage. For this, you need to configure the flow-based packet analysis on the devices that need monitoring.

Perform Network Performance Baselining: Performance baselines are a standard set of metrics that define the normal working conditions of the network’s infrastructure. Baselining is a critical aspect of network performance monitoring. You accomplish this by running network baseline tests and determining the standard threshold values for networking hardware. Baselining helps determine and set alerting thresholds for situations where the network is experiencing performance slowdowns. It also aids in determining requirements for hardware upgrades and purchase.

Every organization should establish network monitoring policies according to the organization’s compliance level. Additionally, clearly define the scope of activities to match these standards.

Identify and Define Alerts and an Escalation Matrix: Depending on the thresholds you set, your network monitoring system will trigger alerts on various network issues and errors. It is important to clearly identify and define the point of contact or person designated to receive the alert. In the case of escalations, you need to decide how the alert will be routed based on its severity. Failure to attend to an alert on time is equivalent to not having any alerts configured at all. Delivering timely alerts to the right person significantly reduces network downtime and serious damage to business operations.

Finally, understand that your network will not remain the same. Be sure to plan for network expansions and technology advancements that will be necessary to accommodate monitoring.

See this whitepaper to learn more about streamlining enterprise network monitoring.

I just had a brief discussion with a dev co-worker and we discussed this very topic. We also provided some examples showing that no matter what policies are in place, security is only as good as the people who are responsible for enforcing it. At some point, you just have to trust your people. That said, let's move on to example numero uno.


Example #1

My co-worker used to work for the Department of Defense as a contractor (no, not him). Passwords were given to him in a vault and he was made to memorize them (as opposed to simply writing them on paper) all the while being watched by a government official whose job it was to ensure that no written record of the passwords existed. On the surface, my friend complied. He remembered the passwords alright...just long enough to write them down though (when no one was looking, of course).


The same employee at the same job was also to be watched by a government official as he worked to make sure data was not "misused." Believe it or not, even government officials are human. At some point they too take breaks, go to lunch, become friendly, and even gain your trust. Simply put, the opportunity will arise to compromise security because people are human.


Example #2

For years I worked at the SolarWinds headquarters in Austin, TX. Part of my daily routine was to download a podcast via Bittorrent over the wifi connection straight to my phone. This past August, I moved to the Salt Lake City office and quickly realized they plugged the torrent hole in the firewall here. How would I get my show onto my phone? Oh, the perils of security! Puh-lease. All I did was RDP into my laptop, download my show there, then put it in my Dropbox. Presto! Five minutes later I was enjoying the show.


The Moral

Like I said earlier, "...security is only as good as the people who are responsible for enforcing it. At some point, you just have to trust your people." If you don't trust those around you, you may have bigger issues that need addressing. That's just my 2¢.


Do you have an example?

If you do, tell me about it in the comment section below. Now if you'll excuse me, I need to find some black tape to put over my webcam.

We heard you wanted more deep dive, technical training on your SolarWinds products, and we listened! We're pleased to announce the brand-spanking new Customer Training Program for current (in maintenance customers). This is a totally free program that we are delivering as part of your maintenance (who else does that?!). Even though our products are very easy to use, we want to ensure every customer gets the most out your products. Initially launching with four NPM classes, we're planning to grow this program substantially in 2014 to offer more topics on more products very soon.


All classes consist of both lab and lecture - so the lessons are very applicable and transferable to what you're doing on a day to day basis. Classes are hosted by a professional trainer and class sizes are limited to ensure a quality learning experience.


To sign up for a class, you must be current on maintenance for at least one product - but it doesn't have to be the product you're taking the class on. So, (for example) feel free to sign up for an NPM class if you are a Toolset customer interested in learning more about NPM.


Where to Sign Up


You can sign up in the Customer Portal.



Current Classes


Currently, we have four NPM classes offered at various times on various dates. If the class you want is full, feel free to write us at CustomerVoice@solarwinds.com and we'll let you know as soon as we add new classes to the schedule.

SolarWinds NPM 201: Advanced Monitoring – Universal Device Poller, SNMP traps, Syslog Viewer

NPM 201 digs into some of the more advanced monitoring mechanisms available. We’ll get away from the “out-of-the-box” object configs and default monitoring settings to create a customized monitoring environment. If you have a good understanding of MIBs, OIDs, and SNMP (or would like to), this is probably the class for you.


SolarWinds NPM 202: Performance Tuning –Tuning, Remote Pollers, License Management

NPM 202 focuses on maximizing performance. This means tuning your equipment to optimize its capabilities, tuning your polling intervals to capture the data you need without bogging down the database with less critical data, and adding additional pollers for load balancing and better network visibility.  This class is great if your NPM could use a tuneup, or if you are considering expanding your deployment with additional licenses, polling engines, or web servers.


Solarwinds NPM 101: Getting Started – Maps, Users, Custom Views

NPM 101 will take a user from the initial install through customization and daily use. We cover the Orion core platform (getting used to NPM’s web interface), network discovery and adding devices, creating maps, adding users, and creating custom views.


Solarwinds NPM 102: Digging In – Advanced Alerts, Reporting, and More

NPM 102 dives into advanced alerts and reporting. We cover creating and managing custom alerts, alert suppression, device dependencies, and custom properties. We create and automate reports, and also show how to integrate those reports into custom views for easy, real-time access.

Comments by Training Participants

“This class was definitely worth my time. It provided me with lots of information and tactics to better manage my network. I look forward to the evolution of this training program because my job is always changing and I want to stay up-to-date with how SolarWinds NPM can help me with my network.”

Corinne Johnson


“The training program has definitely been worth my time. It has provided me with in-depth product information and tactics to help me monitor my network. I am looking forward to taking more classes from SolarWinds and exploring other products. My job is continually evolving and this new training program that SolarWinds has put together is helping me to maintain a competitive edge.”

Will Luther



“Like many others who took the class, Solarwinds NPM was an inherited product for me so it was great to have this training course offered.  The product is large and has a lot of great tools that my team and I were not using.  We didn’t even know that Solarwinds NPM allowed you to map the network – we are definitely putting that to good use now thanks to this training program.”

Diana Teoh


We're ramping up this program, so watch this blog and the training page in the portal for more classes, on more products, at more times all throughout 2014 and beyond. And as always, let us know your requests at CustomerVoice@solarwinds.com.


Don't Forget About Customer-Only Trials!


And... don't forget about the benefits of downloading customer trials from the customer portal. You have access to every SolarWinds product with a streamlined evaluation experience including:


  • No need to fill out a registration form.
  • The download will not trigger emails about other products or offers.
  • Unless you reach out us, we will only contact you at the beginning and midway through your trial.
  • If you have questions or need assistance with your evaluation contact customersales@solarwinds.com.
Meryl Wilk

WiFi with 3D Vision

Posted by Meryl Wilk Jan 15, 2014

First, came WiFi, that essential technology that keeps us online – provided we have the one PC hooked up to the cable modem and router, and the another PC with a wireless networking card.


Then came WiVi, which uses WiFi technology to “see” through walls to detect motion. According to www.popsci.com, the US Navy discovered radar when they noticed  that a plane going past a radio tower reflected radio waves. Much more recently, Massachusetts Institute of Technology (MIT) scientists applied this same idea to create devices that can monitor human (or possibly other) movement by tracking the WiFi signal frequency changes in buildings or behind walls.


And now, we have WiTrack. MIT scientists have taken the WiVi idea a step further. The MIT article, WiTrack: Through-Wall 3D Tracking Using Body Radio Reflections, describes WiTrack as “…a device that tracks the 3D motion of a user from the radio signals reflected off her body…WiTrack does not require the user to carry any wireless device, yet its accuracy exceeds current RF localization systems, which require the user to hold a transceiver. It transmits wireless signals whose power is 100 times smaller than Wi-Fi and 1000 times smaller than cellphone transmissions.”


Applications for WiTrack


Applications for WiTrack are really varied, and include:


  • Security and law enforcement, from detecting intruders to avoiding or minimizing potentially violent situations, such as in battle or at a crime scene.
  • Rescue operations, for detecting motion inside hard-to-get-to places, such as collapsed buildings or avalanche sites.
  • Gaming, in which you can freely move about your home to participate in the fun. Imagine running down the hall and up the stairs as part of the gaming experience…
  • Monitoring, any three-dimensional being  who might need to be checked in on - from your new puppy, to your kids, to your great grandmother. MIT points out that a WiTrack monitoring system can do what current camera-based monitoring systems do without using cameras to invade anyone’s privacy. 


Find Out More


For even more details on WiTrack, check out the video, WiTrack: 3D Motion Tracking Through Walls Using Wireless Signals And for all the details on how WiTrack works, see the MIT paper, 3D Tracking via Body Radio Reflections.

It was recently found by CERT that there’s a new type of DDOS botnet that is infecting both Windows® and Linux® platforms. This is a highly sophisticated cross-platform malware which impacts computers by causing DNS amplification.



A DNS Amplification Attack is a Distributed Denial of Service (DDOS) tactic that belongs to the class of reflection attacks in which an attacker delivers traffic to the victim of their attack by reflecting it off of a third party so that the origin of the attack is concealed from the victim. Additionally, it combines reflection with amplification: that is, the byte count of traffic received by the victim is substantially greater than the byte count of traffic sent by the attacker, in practice amplifying or multiplying the sending power of the attacker.[1]



In Linux systems, this botnet takes advantage of the systems that allow remote SSH access from the Internet and have accounts with weak passwords. The attacker uses dictionary-base password guessing to infiltrate into the system protected by SSH. While executing an attack, the malware provides information back to the command and control server about the running task, the CPU speed, system load and network connection speed.

Malware Attack.png


The Windows variant of the botnet installs a new service in the target systems in order to gain persistence.  First, the C:\Program Files\DbProtectSupport\svchost.exe file is installed and run. This file registers a new Windows service – DPProtectSupport, which starts automatically at the system startup. Then, a DNS query is sent to the server, requesting the IP address of the .com domain. This domain is the C&C server and the bot connects to it using a high TCP port, different than the one used in Linux version. And, in the Windows version of the malware, OS information is sent to the C&C server in a text format.


This botnet was discovered in December 2013, and after many tests, the anti-virus software used was able to detect it more in Windows compared to Linux – putting Linux at higher risk of security compromise.


Its best to always gain real-time actionable intelligence from your system and network logs so that you will be able to detect any suspicious and unwarranted activity – which might be indicators of a security breach!

With the continuous increase in the number of security breaches every year, it would we critical for you to take a closer look at the few things that you can do from an IT security standpoint, to minimize the risks.  One of the key steps towards this complying with industry specific regulations like SOX and HIPAA/HITECH and having third-party organizations to conduct audits for key systems and controls.


Why do audits matter?

Compliance with data security standards can bring major benefits to businesses of all sizes, while failure to comply can have serious and long-term negative consequences. This involves identifying and prioritizing the strategic objectives and managing the business across people, processes, information and technology to realize those objectives. It also impacts day-to-day operations, which in turn affects troubleshooting and system availability.


Being in line with IT compliance regulations such as PCI DSS, GLBA, SOX, NERC CIP, and HIPAA require businesses to protect, track, and control access to and usage of sensitive information. Let us have a look at some of the top reasons as why to audit:



You may be working with clientele spread across industries and these audit reports really matter to them. For example, financial services organizations these tend to request these reports at the beginning of every year, whereas healthcare groups would need their audit reports later in the year for their own auditing purposes. These reports have a direct impact on their productivity, sales and reputation.



Let us consider HIPAA compliance for example. The core of HIPAA compliance is to ensure protection of patient and employee data, while giving access to the right persons at the right times to do their day-to-day tasks.  Failure to comply with new regulations carries serious consequences for healthcare providers, including criminal sanctions, civil sanctions, financial fines and even possible prison sentences. The guidelines on violations include up to $1.5 million in penalties for breaches.



You need to have visibility over security & compliance, and protection of your data. To ensure this, you need to collect and consolidate log data across the IT environment and correlate events from multiple devices and respond to them in real-time. Conducting audits in a way sets up a benchmark to implement best practices and also ensures that your organization is in line with the latest technology trends.


As an interesting statistic, it is expected that the number of targeted attacks is likely to increase in 2014 and this forecast is based on the continuously growing number of DDoS attacks over the last couple of years. Hackers might move away from high-volume advanced malware because the chances of it being detected are high. Still, the lower-volume targeted attacks are expected to increase, especially with the intent of accessing financial information and stealing identities or business data.


With all these set to happen, it is advisable that you ensure more visibility on the devices on your network as a part of your information security measure. Compliance and compliance audit will definitely come in handy as you head further into 2014.


Stay secure my friends!!

How to Migrate Kiwi CatTools to Another Computer Along with Activities & Devices

1. From Start > All Programs > Solarwinds CatTools > click CatTools

2. Now, go to File > Database > Export and export the devices and activities using the options highlighted in the screen shown below:

3.Save the exported files, which are in '.kbd' format.

4. Save the 'Variations' folder from:<directory>\CatTools\

5. If you are using CatTools 3.9 or higher, deactivate the current license, using Licence Manager, which can be downloaded from here.

6. Install CatTools on the new system and license it.

7. Copy the following from the old system to the new system:

  • exported .'kbd' files &
  • 'Variations' folder

8. Open the Activities file and ensure that all paths are valid. For e.g., if CatTools was previously installed to c:\program files\ and is now installed to c:\program files (x86)\, you will need to reflect this within the INI file.

9. Open the CatTools Manager > File > Import > import the two '.kbd' files.

10. Copy the 'Variations' folder to the new CatTools installation directory.

11. Restart the CatTools service.

For more information about CatTools visit: Configuration Management and Network Automation | Kiwi CatTools


Wafer-thin flash drives

Posted by LokiR Jan 13, 2014

There's a new design concept out there for flash drives the thickness of a sticky note. The company, called dataSTICKIES, uses a relative newcomer material called graphene and a proprietary wireless data transfer protocol to get achieve this wafer-thin thickness.



Now, graphene is my favorite new material; I've been waiting for close to 10 years for someone to come out with a viable commercial application, and this is a pretty cool proto-product. Graphene is a form of crystalline carbon (essentially atom-think graphite) that is super strong and an excellent conductor. Research using graphene has taken place anywhere from medicine to energy to quantum science.



The dataSTICKIES company is using graphene to store data. Because graphene is an atom thick, the hard drive becomes a flat sheet. Instead of using USB to transfer the data, the company developed an optical data transfer surface to take advantage of the super thin material. This also makes transferring data easier since you no longer have to deal with the USB superposition effect (i.e., it takes at least three tries to connect the USB cable) or moving computers around to get to the USB ports.



Another cool thing with the dataSTICKIES is that it looks like you can increase the data capacity by stacking stickies. I'm not sure how that's supposed to work though, since you are supposed to be able to stack stickies as discrete drives.



These would be pretty awesome anywhere, but especially for people on restricted networks. Need to install some more pollers or every SolarWinds product you bought? Just slap a sticky on the computer.

Today is the last day of that annual ritual celebration of all things technological we know simply as CES. Thanks to CES, we can all be supremely disappointed in the otherwise simply amazing capabilities of the gadgets we all got just last month. You may even be reading this post on a device that was a star of a past CES. Ain't tech grand?


So, What Was at CES 2014?


As your humble docs writer for SolarWinds NPM, among other things, attending CES is not remotely related to my listed job requirements. As a SolarWinds geek, though, I do have a keen personal interest in the latest whiz-bangery showing up out in Vegas.


And a lot of whiz-bangery there is: 4K HDTV, 3D printers, 2-way hybrid "laptabs", and 1TB wireless hard drives. It's all stuff we should expect to see on our networks or in our homes soon. Thankfully, Network World has the rundown for those of you who, like me, weren't able to make it. I'm not sure I need a Bluetooth-connected toothbrush, but the personal hydrogen reactor and the robot drones look like a lot of fun. Of course, wearable tech was the thing this year, so I expect to be ordering my very own Dick Tracy watch in the very near future.


For those of you who were able to make it, what have you seen that the rest of us network-oriented geeks would find fascinating?

Network admins constantly face challenges when implementing security procedures and bandwidth optimization processes in their network. Using a Virtual Local Area Network (VLAN) is one smart solution to effectively managing workstations, security, and bandwidth allocation. Although VLANs can be very useful, they can also present a lot of issues when managing them in huge enterprise networks. In this blog we’ll discuss some of the common challenges admins face when implementing VLAN’s and best practices to manage them. Before we dive into that though, let’s take a look at the basics of VLANs and how they work.


What is VLAN?

A VLAN is a logical group of workstations, servers, and network devices in a Local Area Network (LAN). A VLAN can also be referred to as a network implementation where users access a proprietary, private network from the Internet. It allows communication among users in a single LAN environment who are sharing a single broadcast or multicast domain.


Why Do We Need VLAN?

The purpose of implementing a VLAN is to utilize security features and to improve the performance of a network. Assume you have two different departments: finance and sales. You want to separate them into VLAN groups for reasons such as tighter security (limited visibility to financial data), better bandwidth allocation (for VoIP calls in sales), and load balancing. In this case, VLAN would allow you to optimize network usage and map workstations based on department and user accounts.


Typical Challenges in VLAN and How to Manage them!

Although there are many benefits of implementing VLAN, there are also certain disadvantages. In a logically connected network, a high-risk virus in one system can infect other users in the same network. If you want users to communicate between two VLANs, you might need additional routers to control the workload. Controlling latency can be a bit more ineffective within a LAN than within a WAN. Network administrators and managers can run into problems even after implanting a VLAN properly and efficiently. In a traditional LAN, it’s easy to find out if the network device is performing or not. However, understanding what’s causing your network to run slowly in VLANs with virtual trunks or paths is a more difficult process. For instance, assume you want to configure a VLAN in your network. You can choose to separate users based on departments and enable security, but if you’re creating networks within your physical switches you also have to think about routing, DHCP, DNS, etc.


Network administrators effectively manage VLANs by taking a step back and understanding whether the number of VLANs is appropriate for the number of endpoints in the network. It’s also important to understand what data needs to be protected from other traffic using a firewall. In addition, VLANs can become more efficient when combined with server virtualization. In a virtualized data center environment, the VLAN brings the physical servers together and creates a route. By allowing virtual machines to move across physical servers in the same VLAN, administrators can keep tabs on the virtual machines and manage them more efficiently.


Managing a VLAN becomes much easier for network administrators when network traffic, user access, and data transfers are isolated and routed separately. It’s also highly recommended to ensure primary network devices work properly before troubleshooting VLANs.

Since I revisited the topic of AES encryption and NSA surveillance the Washington Post published information sourced through Edward Snowden that the NSA is spending $79.7 million to pursue a quantum computer capable of running Schor's algorithm. If and when the NSA succeeds, all the currently-unreadable AES-encrypted data they routinely capture en masse from internet backbones and stored in the Bluffdale, Utah computing center would become readable.

To give some sense of the agency's ambition we need to talk about Schrödinger's cat.


Quantum Smearing


In Erwin Schrödinger's famous thought experiment a cat sits inside a Faraday Cage--a steel box from which electromagnetic energy cannot escape. Also in the box and inaccessible to the cat is a machine that contains: 1) some material whose probability of releasing radiation in an hour is exactly 50%; 2) a Geiger counter aimed at the material and rigged to release a hammer upon detecting any release of radiation; 3) a flask of poison positioned under the hammer. If the radioactive material releases radiation, the hammer smashes the flask, killing the cat.


In this box, however, as a quantum system, it is always equally probable that radiation is released and not released. Says the Copenhagen interpretation of quantum systems, with the idea of superposition, the cat in the box exists as a smear of its possible states, simultaneously both alive and dead; an idea Schrödinger along with Einstein ridiculed for being absurdly at odds with everyday life. Nobody has ever seen the material smear that is a Schrödinger cat*.


Qubits, or Herding Schrödinger Cats


David Wineland and team received their Nobel Prize in Physics in part for creating a very small Schrödinger cat. "They created 'cat states' consisting of single trapped ions entangled with coherent states of motion and observed their decoherence," explains the the Nobel Prize organization in making their 2012 award.


Wineland developed a process to trap a mercury ion, cause it to oscillate within the trap, and then use a laser to adjust its spin so that the ion's ground state aligns with one side of its oscillation and its excited state aligns with the other side. On each side of the oscillation the ion measures 10 nanometers; the ion's two resting points in the oscillation are separated by 80 nanometers. And in effect, the mercury ion is guided into a "cat state" of superposition.


In this state the ion has both a ground and excited charge and so meets the physical requirement for serving as a quantum computing "qubit"; using the difference in spin, superposition allows the ion to be both 0 and 1 depending on where in its oscillation it is "read".


A quantum computer would be capable of breaking AES because a qubit is an exponential not a linear quantity. For example, in linear binary computing, using electrical current transistors, 3 bits of data can give you 1 binary number--101, 001, 110, etc.; but in quantum computing, 3 qubits represent a quantity that is 2 to the 3rd.


So, to extrapolate how qubits scale, Wineland (43:00) offers this example: while 300 bits in linear computer memory may store a line of text, 300 qubits can store 2 to the 300th objects, holding a set that is much larger than all the elementary particles in the known universe. And qubit memory gates would allow a parallel processing quantum computer to operate on all of its 2 to the nth inputs simultaneously, making trivial the once-untouchable factoring problems upon which all currently known encryption schemes are based.


Big Black Boxes


The NSA project is underway in Faraday cages the size of rooms. Could that work proceed without the direct involvement of Wineland's award-winning NIST team? Even presuming that involvement, the technical challenges of going from an isolated and oscillating mercury ion to a fully developed quantum computing platform would seem to imply years not months of work.


This time next year we may know the answer to how long the project will take. In the meantime, we continue assuming that AES-encrypted data remains secure and that the SNMPv3-enabled tools for monitoring systems with secure data do not introduce breaches in the systems themselves.


* Schrodinger implicitly formalized his own feline paradox with a differential equation that calculates the state and behavior of matter within quantum systems as a wave function (Ψ) that brings together mutually exclusive possibilities.

Filter Blog

By date:
By tag: