Opengear alternatives that support 5g?
Curious if anyone has particular hardware they like for OOB / serial management, similar to OpenGear, but preferably with 5G support, maybe even T-Mobile support? It’s becoming increasingly difficult to get static IP 4g machine accounts out of Verizon, and the added speed would be nice too. Or do you separate the serial from the access device (cell+firewall, etc.)? Thanks!
Monitoring service that has a human component?
Hey all, was curious if anyone knows of a website monitoring service that has the option to incorporate a human component into the decision and escalation tree? I’m trying to help a customer find a way around false positives bogging down their NOC staff, by having a human determine the difference between a real error, desired (but different) content, or something in between like “Hey it’s 3am and we’ve taken our website offline for maintenance, we’ll be back up by 6am.” Automated systems tend to only know if test A, or steps A through C, are failing, then this is ‘down’ and do my preconfigured thing, but that ends up needlessly taking NOC time if the customer themselves is performing work on their own site, or just changed it and whatever content was being watched, is now gone. So, the goal would be to have the end user be the first point of contact if it looks like more of a customer-side issue. If they can’t be reached to confirm, THEN contact NOC, and unlike email alerts, keep contacting until a human acknowledges receipt of the alert. Thanks
Advice re network compromise and "law enforcement" (PCI certification)
Hi all, I figure there's probably some folks on the list that have hands in environments that touch credit cards. Unlike HIPAA compliance, or even social security numbers, PCI is very ambiguous about what must occur if a network/systems breach occurs that exposes credit card data. PCI, and its auditors, don't seem to want to tell you what your security policy should state with regard to what constitutes an event worthy of 'law enforcement' contact, nor what agency is appropriate, yet they require you to have such a policy in place. Anyone have pointers/advice on what you came up with for a reasonable definition of events that warrant involving law enforcement, and then what agency/agencies would be contacted? We're obviously not going to waste the time, on either side, of calling the FBI if one credit card number is stolen since they won't care, nor would the local police, who don't even have a cybercrime section. Generic policies covering network breaches and law enforcement would be welcome too; may be able to work it into something that is appropriate for our environment and credit card data. Thanks, David
Opinions on Cologix data centers?
Hello; was curious if anyone has opinions on Cologix? Any aspect would be of interest; management, financials, colo quality (power, a/c, etc). The specific facility I'm looking at is their Lakeland FL building which began life under a company called Colo 5 that they purchased; it's only two years old. They seem to have been on a buying spree recently with other colo buildings. Thanks, David
Inexpensive software bgp router that supports route tags?
Hi all, I was wondering if anyone can recommend a software (preferable), or hardware-based router with an API, that supports BGP with tags on advertised routes? I want to use it for a RTBH feed and having it in software would make certain things easier to automate. I tried Quagga/Zebra but it doesn't support tags. I see Mikrotik hardware routers have an API, but I can't tell if the API supports adding BGP networks, so I need to investigate that further. I can go hardware if I have to, with some ssh/expect scripts, but thought there may be other options that are easier. Thanks, David
Re: Inexpensive software bgp router that supports route tags?
Sorry I wasn't clear on that. Traditionally on a hardware, e.g. cisco/brocade, router performing the RTBH role, I'd add blackhole routes by way of static routes with a particular tag; one tag for block this source, one tag for block this destination. Redistribute static would let route maps operate against those tags to turn into bgp communities being applied to the announcements, and then the real routers can do what they need to do. When I tried out Quagga/Zebra as an alternative, it doesn't work this way, so while it was nice that it could pick up static routes from the OS, or have them added manually just like a hardware router, there was no concept of the route tag getting to Zebra for it to do the rest of the work on the BGP side. I'll check out Bird too; thanks. On Wed, Jul 1, 2015 at 3:41 PM, Job Snijders j...@instituut.net wrote: On Wed, Jul 01, 2015 at 11:19:45AM -0400, David H wrote: I was wondering if anyone can recommend a software (preferable), or hardware-based router with an API, that supports BGP with tags on advertised routes? I want to use it for a RTBH feed [ ... ] Did you look at BIRD? It is one of the most beautiful open source BGP speakers: http://bird.network.cz/ BIRD does not have anything like an restful API, but you can just generate the config file and reload it on the fly to accomplish the same. Can you elaborate on what you mean with 'tags'? Could you use BGP communities instead? Kind regards, Job
Re: Inexpensive software bgp router that supports route tags?
Thanks all; I'll check out ExaBGP and the software version of Mikrotik; didn't realize it wasn't tied to hardware. On Wed, Jul 1, 2015 at 11:19 AM, David H ispcoloh...@gmail.com wrote: Hi all, I was wondering if anyone can recommend a software (preferable), or hardware-based router with an API, that supports BGP with tags on advertised routes? I want to use it for a RTBH feed and having it in software would make certain things easier to automate. I tried Quagga/Zebra but it doesn't support tags. I see Mikrotik hardware routers have an API, but I can't tell if the API supports adding BGP networks, so I need to investigate that further. I can go hardware if I have to, with some ssh/expect scripts, but thought there may be other options that are easier. Thanks, David
