DCENT Networking

05/05/2026

In Cisco ACI, there are three ways to advertise a bridge domain subnet. Note that in all cases you need to mark the subnet as "Advertise Externally"

1. Associate a L3OUT in BD
In this way you can if a subnet is advertised to outside within each BD, however under the L3OUT you won't be able see what are the subnets you are advertising.

2. Add each subnet within the L3OUT External EPG and mark as "Export Route Control Subnet"
In this way L3OUT can decide which subnet it will advertise. The problem with this method is you won't be able to differenciate BD subnets and transit routes. Using a description may help there.

3. Use a route-map with the L3OUT
Gives better flexibility. But maintaing this configuration may be overwhelming depeding on you setup.

There is no recommendation to use which option. It is suggested that stick to only one of the given options.

17/09/2024

මෙන්න networking කරන අයට වැදගත් වෙයි කියල හිතෙන පොඩි tip එකක්...

Networking කරන අයට මේ tip එක වැදගත් වෙයි කියල හිතනවා . ඔයාලට ඕන උනොත් Cisco device එකකට වෙන vendor කෙනෙක්ගේ (උදාහරණ : Finisar , Fortine...

17/09/2024

Information Security, IT Security සහ Cybersecurity අතර වෙනස දැනගන්න මේ article එක කියවන්න...

මේක ලියන්න හේතුව තමයි මම දැකලා තියනවා සමහර අලුතෙන් industry එකට එන අයට මේ terms ගැන හරි තේරුමක් නැතිකම . Information Security මෙතනදි අපි ස...

10/07/2024

Master Cisco ACI Like a Pro - Personalized Training!

Struggling to navigate the complexities of Cisco ACI? Take your skills to the next level with one-on-one, personalized training tailored to YOUR needs and schedule!

Here's what you'll get:

Flexible training times and duration to fit your busy schedule.
In-depth coverage of all things Cisco ACI, from fundamentals to advanced configurations.
A dedicated instructor to answer your questions and guide you every step of the way.
Hands-on labs to solidify your understanding and get practical experience.
Accelerate your career and become a Cisco ACI guru!

Limited slots available! ⏰

Message us today to discuss your training goals and claim your spot!

09/07/2024

The 7 Laws of Identity are a set of principles defined by Kim Cameron, a former Chief Identity Architect at Microsoft, to guide the design and implementation of digital identity systems. These laws aim to ensure that identity systems are secure, user-friendly, and respect privacy. Here they are:

# # # 1. **User Control and Consent**
- **Principle:** Digital identity systems must be designed so that the user is in control of their identities and personal data.
- **Explanation:** Users should be able to manage their identities and control how their personal information is used and shared, with explicit consent required for any action.

# # # 2. **Minimal Disclosure for a Constrained Use**
- **Principle:** The amount of personal information disclosed should be the minimum necessary for the purpose.
- **Explanation:** Identity systems should only share the least amount of information required for a transaction or interaction, protecting user privacy.

# # # 3. **Justifiable Parties**
- **Principle:** Digital identity systems should ensure that only parties with a legitimate need have access to the user’s identity data.
- **Explanation:** Access to personal information should be limited to entities that have a justifiable reason, ensuring trust and reducing unnecessary exposure.

# # # 4. **Directed Identity**
- **Principle:** Digital identity systems should support both "omni-directional" (public) and "unidirectional" (private) identity interactions.
- **Explanation:** Users should be able to interact with systems in both public ways, where identity is shared broadly, and private ways, where identity is shared with specific parties.

# # # 5. **Pluralism of Operators and Technologies**
- **Principle:** Identity systems should not be dependent on a single operator or technology.
- **Explanation:** Multiple identity providers and technologies should be supported, fostering a diverse and resilient ecosystem that avoids monopolies and single points of failure.

# # # 6. **Human Integration**
- **Principle:** Digital identity systems should be designed to work seamlessly with human intuition and usability.
- **Explanation:** Systems must be user-friendly and intuitive, aligning with how people naturally manage and think about their identities.

# # # 7. **Consistent Experience Across Contexts**
- **Principle:** Users should have a consistent identity experience across different contexts and platforms.
- **Explanation:** Identity systems should provide a coherent and predictable user experience, regardless of the context or platform in which they are used.

These principles provide a comprehensive framework for designing identity systems that are secure, privacy-preserving, and user-centric.

03/07/2024

For a CISSP student, grasping the difference between classification and categorization of assets is essential for effective security management. They might sound similar, but they serve distinct purposes:

Classification
- Think "labeling by value"
- Involves establishing a system of categories that differentiate assets based on their sensitivity and criticality to the organization.
- These categories typically have different levels of security controls applied to them.

Example: A company might classify data as "Top Secret," "Confidential," "Internal Use Only," or "Public."

Categorization
- Think "assigning a label"
- Refers to the process of assigning a specific classification level to an individual asset based on its characteristics and the organization's classification system.
- This involves evaluating the potential impact (loss of confidentiality, integrity, or availability) if the asset is compromised.

Example: The human resources department's employee database might be categorized as "Confidential" based on the sensitive information it contains.

Here's an analogy to solidify the difference:
Imagine a library. Classification is like the different sections (fiction, non-fiction, reference). Categorization is like placing a specific book on the correct shelf within a section.

Key Differences:
Focus: Classification creates the framework (the library sections), while categorization applies that framework to specific assets (placing the book on the shelf).
Action: Classification involves designing the system, while categorization is the act of assigning a label.
Specificity: Classification defines broad categories, while categorization assigns a specific label to an individual asset.

By understanding both classification and categorization, CISSP professionals can ensure appropriate security controls are implemented for assets based on their importance. This helps prioritize resources and protects the organization's most valuable information.

03/07/2024

For a CISSP student, understanding due diligence and due care is crucial. They might seem interchangeable, but they represent distinct security practices:

Due Diligence
- Think "investigate before you act"
- Refers to the process of gathering information and taking steps to understand the risks involved in a situation before making a decision.
- In cybersecurity, this could involve:
Security assessments of new systems or vendors
Reviewing contracts for security clauses
Understanding legal and regulatory requirements

Example: A company considering using a cloud service provider would perform due diligence by evaluating their security practices, certifications, and potential vulnerabilities.

Due Care
- Think "acting with reasonable prudence"
- Represents the ongoing effort to take responsible actions to mitigate security risks.
- Involves following established security policies, procedures, and best practices.

Example: An employee practicing due care would keep their work computer password secure and avoid clicking on suspicious links in emails.

Here's an Analogy:
Imagine buying a house. Due diligence would be getting a home inspection to understand any potential problems. Due care would be locking the doors and windows before leaving for vacation.

Key Differences:
- Timing: Due diligence happens before an action, while due care is an ongoing practice.
- Focus: Due diligence focuses on understanding risks, while due care focuses on mitigating risks.
- Scope: Due diligence can be broad (e.g., evaluating a vendor), while due care is often specific to a particular task (e.g., handling sensitive data).

By understanding both due diligence and due care, CISSP professionals can make informed decisions and implement effective security practices.

Send a message to learn more

16/04/2020

Good News!!!!

13/04/2020

Order of BGP Best Path Selection Process