Cisco ASA SSL VPN Bug – CSCug23031

Just come across a nasty bug in version 8.4(6) that stops clientless VPN sessions from working.

Basically any session that needs to use extended plugins such as RDP won’t work following an upgrade – with a simple blank screen being displayed when clicking on the link.

Solution is to downgrade to 8.4(5) or upgrade to 9.1(2) or higher.

Cisco bug ID is CSCug23031

Barry Hesk
Intrinsic Network Solutions

Huawei Faces Uphill Battle In Enterprise IT Market

 

If you follow network and telecom industry news in the U.S., most of what you hear about Huawei, the Chinese maker of IT infrastructure equipment, is negative. Articles have detailed how various governments and private entities worldwide have placed restrictions on Chinese infrastructure technology in general or on Huawei in particular. The claims against Huawei range from it being a quasi-private extension of China’s army to an intellectual property thief to a maker of poor-quality products.

What you rarely hear is that the 25-year-old company is the world’s second-largest producer of telecom gear, generating $35.5 billion in revenue worldwide last year. Its main markets outside of China are Africa, Latin America and the Middle East, where its value proposition is to offer solid, low-cost infrastructure equipment. Almost three-fourths of its revenue comes from telecom gear, about 22% from consumer phone handsets and 5% from enterprise IT.

The negative rhetoric is so damning that it seems inconsistent with Huawei’s success. Could a company with annual revenue of more than $35 billion, most of it from outside of China, be run or influenced by shadowy military figures? Would the presence of Huawei on the world stage as a respected provider of complex and critical technology be worth as much or more to the Chinese government than what could be stolen through cyber espionage performed on the back of Huawei products?

Yet it’s true that Huawei’s founder, Ren Zhengfei, was a major in the Chinese army, where he served with distinction, and there can be no doubt that his military experience and connections helped the company’s initial success in China. And Huawei and the Chinese government haven’t provided enough transparency to prove it’s an independent company.

Many governments are unconvinced that the security of Huawei’s products can be trusted. India, Australia, the U.S. and others have worked to ban Huawei and ZTE (a smaller, more obviously state-owned company that deals in telco equipment and handsets) from national core networks.

Huawei Faces Uphill Battle In Enterprise IT Market
Wed, 29 May 2013 14:45:00 GMT

Barry Hesk

Intrinsic Network Solutions

Copying System Log on Cisco Devices

28 May 2013

Copying System Log on Cisco Devices

Small amount of geekieness on a wet Tuesday.

To copy the running log off a Cisco device, do the following:

show log | redirect ftp://_ip_address_/_file_name_

You can actually do this to redirect the output of any command.

Barry Hesk
Intrinsic Network Solutions

Genesco Lawsuit Could Shake PCI Compliance Regime To Its Core

A repost of a very interesting article from Network Computing. World-wide, business have spent millions in achieving compliance to the PCI standard. If it transpires that the fines levied by the credit card companies are not legal, then the implications will be far reaching and will touch the whole ecosystem that has sprung up around PCI and compliance. Hundreds of companies and thousands of employees provides services and products in the PCI compliance sector and this judgement could have a significant impact on them.

Barry Hesk
Intrinsic Network Solutions

As the security industry digests the news that for the first time a merchant is taking a major card brand and its payment processor to court over PCI noncompliance fines, speculation has started to fly about the long-range impact the case could have on the PCI compliance ecosystem.

On its face, the $13 million complaint from Tennessee-based retailer Genesco against Visa seems like pretty standard business litigation. But according to some, the suit has the potential to disrupt PCI’s influence in the merchant community.

“It really doesn’t look on the first account to be a very big case, but it’s the first retailer that kind of goes up against the establishment,” says Torsten George, vice president of worldwide marketing, products, and support for Agiliance. “If the court would decide to reverse the penalties imposed on Genesco, it would really shake the foundation of the PCI Security Standards Council to its core.”

Last week, Genesco petitioned the court in Tennessee to order to reimburse the company for more than $13.3 million in penalties collected on behalf of the card brand by payment processors Wells Fargo And Fifth Third Financial Corp. following a 2010 data breach at the sports retailer. The heart of the case revolves around Visa’s contractual language about what constitutes noncompliance for the sake of the levying of fines. In its suit, Genesco contends that it was in compliance with PCI rules at the time of the breach.

Genesco Lawsuit Could Shake PCI Compliance Regime To Its Core
Fri, 22 Mar 2013 14:02:00 GMT

New Cisco Branch Office hardware announced

New Cisco Branch Office hardware announced

13 March 2013

Cisco Systems have announced the latest generations of their ISR G2 routers. The key difference this time around is that the platforms will be bundled with security, application performance and WAN optimization technology.

Cisco claim this will be at a significantly lower price point that existing ISR G2 bundles. Whether this will be offering steep discounts on the ISR G2 hardware platforms and then clawing the money back on additional licensing for the bundled applications we will just have to wait to see.

More details are available here

Barry Hesk
Intrinsic Network Solutions