Whispers & Screams
And Other Things
Vastly experienced, versatile senior technical asset with a broad range of highly evolved skills from team building to high-level technology solution implementations. A courageous and tenacious leader with proven experience in business development, organisational visioning, cutting edge information technology deployments, and as a senior management liaison. Experienced at working at all levels from Start-up to Corporate, I thrive on change and take the lead to engage and drive the engineering landscape in any business An outgoing personality, with high energy levels who is customer focused but understands the need for a structured approach to business. A mature and collaborative style provides excellent communication and presentation skills and, drawing on past experience, gives the credibility to build trust. A strategic thinker, who is innovative and creative and makes technically 'savvy' decisions and encourages others to do so, whilst totally focused on success and how this drives results.

How to recognise security vulnerabilities in your IT systems

As IT systems continue to extend across multiple environments, IT security threats and vulnerabilities have likewise continued to evolve.

Whether from the growing insider threat of rogue and unauthorised internal sources, or from the ever increasing number of external attacks, organisations are more susceptible than ever to crippling attacks. It's almost become simply a matter of "when it will happen" rather than "if it will happen."

For IT resellers, security issues have always persisted as critical to all communications for an organisation's IT department.

However, with the increase in the levels of access to a company's network compounded by these maturing threats, it is no longer feasible to merely recognise the existence of more simplistic, perimeter threats.

Resellers must be able to provide customers with a comprehensive risk assessment of the entirety of an organisation's IT assets to their vulnerabilities--inclusive of both software and hardware.

This risk assessment must incorporate an understanding of external threats and internal vulnerabilities and how the two continue to merge to create increasingly susceptible IT environments.

At the most basic level, organisations and resellers alike must understand the different types of threats. Malware, a generic term for malicious software, such as trojan horses, worms, and viruses, is the most common form of attack that is originated by an external hacker. Malware attacks have persisted for years - from the infamous Morris worm to common spyware attacks - and they remain the easiest and most damaging tactic deployed by malicious hackers.

With enterprises extending to the cloud, and more organisations adopting SaaS-based applications, social media and other Web 2.0 tools, damaging malware attacks and viruses can now originate through simple SPAM messages and emails.

Internally, organisations are typically susceptible to threats from either authorised rogue users who abuse privileged accounts and identities to access sensitive information, or unauthorised users who use their knowledge of administrative credentials to subvert security systems. It is this type of vulnerability - unauthorised internal access - that has continued to emerge as the most volatile and disruptive.

To truly understand the risks involved with these "insider threats", organisations and resellers need to understand the root of the vulnerabilities.

Most commonly, the risks lie with the use of embedded credentials, most notably hard coded passwords, a practice employed by software developers to provide access to administrators during the development process. The practice occurs frequently since application developers tend to be more focused on the development and release cycle of the application, rather than any security concerns. While it may appear harmless at first glance, it is extremely risky as it can potentially provide unauthorised users with powerful, complete access to IT systems.

To compound the matter, by hardcoding passwords to cover embedded credentials, vendors create a problem that cannot be easily fixed nor assuaged by tools such as Privileged Identity Management systems. Once embedded into an application, the passwords cannot be removed without damaging the system. At the end of the day, the passwords provide malicious outsiders with a bulls eye target - a key vulnerability to leverage to help them gain powerful access and control on a target device, and potentially throughout the entire organisation.

One of the most well known examples is the Stuxnet virus. We've all been blown away by the design of Stuxnet, and were surprised by the pathway the virus took in targeting SCADA systems. Reflection shows that the virus used the hard coded password vulnerability to target these systems - which should serve as a lesson for all businesses.

The existence of vulnerabilities embedded within these types of systems is not necessarily new, but the emergence of new threats continues to shed light on the ease with which they can be leveraged for an attack. While malicious outsiders and insiders have focused often on the administrative credentials on typical systems like servers, databases and the like, in reality, IT organisations need to identify every asset that has a microprocessor, memory or an application/process. From copiers to scanners, these devices all have similar embedded credentials that represent significant organisational vulnerabilities.

While steps can be taken to proactively manage embedded credentials without hardcoding them in the first place - Privileged Identity Management tools can help - the onus is on the organisation, and the reseller, to ensure that a holistic view of all vulnerabilities and risks has been taken.
Continue reading
603 Hits
0 Comments

An examination of DHCP Snooping with option 82 on Cisco.

DHCP snooping is a DHCP feature that provides security by filtering untrusted DHCP messages from hosts or other devices on the network. DHCP snooping accomplishes this level of security by building and maintaining a DHCP snooping binding table.

An untrusted DHCP message is a DHCP message that the switch receives from outside the network or firewall or from an unauthorised DHCP server that can cause security attacks within a network. DHCP snooping is used along with the interface tracking feature, which inserts option 82 in the DHCP messages by the switch. Option 82 is the Relay Agent Information Option as described in RFC 3046.

The use of DHCP snooping extends existing security capabilities, including the capability to trust a port as a DHCP server and prevent unauthorised DHCP server responses from untrusted access ports. Another DHCP snooping supported feature is per-port DHCP message rate limiting, which is configurable in packets per second (pps) and is used to prevent DoS attacks. The DHCP snooping feature is useful in ISP networks, university campuses and Long Range Ethernet (LRE) network scenarios to prevent misconfigured or malicious DHCP servers from causing user-connectivity problems (such as giving out bogus DHCP addresses).

DHCP snooping builds a DHCP binding table that contains client IP addresses, MAC addresses, ports, VLAN numbers, leases and binding types. Switches support the enabling of the DHCP snooping feature on a per VLAN basis. With this feature the switch intercepts all DHCP messages within the layer 2 VLAN domain. With option 82 enabled, the Supervisor Engine adds the ingress module, port, VLAN and switch MAC address to the packet before forwarding the DHCP request to the DHCP server. The DHCP server can track the IP address that it assigns from the DHCP pool.

With this feature the switch restricts end-user ports (untrusted ports) to sending only DHCP requests, while all other types of DHCP traffic, such as DHCP offer responses, are dropped by the switch. DHCP snooping trusted ports are the ones connected to the known DHCP servers or uplink ports to the distribution switch that provide the path to the DHCP server. Trusted ports can send and receive any DHCP message . In this manner the switch allows only trusted DHCP serves to give out DHCP addresses via DHCP responses. Therefore this feature prevents users from setting up their own DHCP servers and providing unauthorised addresses.

In summary, DHCP snooping with option 82 provides an excellent mechanism to prevent DHCP DoS attacks or misconfigured clients from causing anomalous behaviour in the network.

Continue reading
335 Hits
0 Comments

The dawn of the networked remote control

Remote controls have been an indispensible, and frequently annoying, part of television watching since Zenith introduced the Space Commander, the first practical wireless remote, 55 years ago. But the days of the familiar clicker may finally be numbered as smartphones and tablets take over the duties of remotes.

The disadvantages of traditional remotes are many. Each device comes with its own remote, leading to couches and coffee tables littered with multiple remotes. Many of the remotes have 50 or more buttons and the lack of any real standardization makes them confusing to use. Most of them use infrared light for communications, meaning they need a clear line of sight to work. And while there have been universal remotes on the market for some years, their cost and the difficulty of programming them has relegated them to niche markets.

The fact that many new consumer electronics devices, including cable set top boxes, televisions, Blu-ray players, and game consoles, can now be connected to home networks and the internet means that they can be controlled over the network. And the latest smart phones and tablets are ideally suited for the job. Large displays present the user with more and clearer information that the usual profusion of buttons and touch screens make using the devices simple. And individual apps allow a phone or tablet to morph into a controller customized for the job at hand.

One of the first companies to take advantage of this was Sonos, maker of wireless home music systems. Sonos started out using a dedicated touchscreen controller. But once the company released apps for the iPhone, iPod Touch, and iPad (an Android version is due shortly) the $349 Sonos Controller 200 became superfluous for many customers; the app provides the same functionality at no additional cost.

Cable TV operators are now jumping on the bandwagon. A modern set top box, especially one equipped with a digital video recorder, is a complex device and controlling it requires the often awkward combination of a multi-button remote and a large assortment of on-screen displays. Cable operators first made it possible to schedule recordings over the internet and now are making full control available on handheld devices. Comcast's Xfinity, Verizon FiOS, and AT&T uVerse all let you use an iPhone or iPad as a remote. Other operators have similar plans in the works and apps are being written for other platforms, especially Android. (An AT&T uVerse app comes preinstalled as part of Microsoft's Windows Phone 7.) In the UK, Sky is making similar moves in this respect.

These devices, especially tablets with their big screens, are more than just replacements for standard remotes. When you use an iPad as a remote, the program guide, DVR content, or on-demand listings appear on the tablet display, leaving the TV screen free for you to go on watching programming. Searching for content is easier because it is much simpler to enter search terms on the tablet's keyboard than hunting and pecking through an onscreen keyboard with a regular remote.

The next phase will get even more interesting. Major cable operators want to make it possible for subscribers to stream video content to mobile devices. Offerings have been in the works for some time but have been slow to roll out mainly, it appears, because of the complexity of getting the necessary rights from content owners. AT&T offers a limited selection of shows for download to mobile devices and Comcast and Verizon expect to launch streaming services soon.

Another change could someday eliminate the remote altogether. Microsoft's Kinect uses a camera and infrared sensors to detect motion for no-controller gaming. But it also lets you control the functions of an Xbox simply by pointing at the screen. The use of the Kinect, or Kinect-like sensors could let you become a remote that will never disappear into the couch.
Continue reading
610 Hits
0 Comments

Femtocells & Relays in Advanced Wireless Networks

With the huge growth of mobile phones complementing a revolution wireless network technologies there has been a huge change in the consumer’s lifestyle and dependence on mobile phones. With the emergence of smart phones (mobile web) consumers are replacing not only their fixed lines but have started downsizing the number of PC's in the home. Fundamentally, consumers want great voice quality, reliable service, and low prices. But today’s mobile phone networks often provide poor indoor coverage and expensive per-minute pricing. In fact, with the continued progress in broadband VoIP offerings such as Vonage and Skype, wireless operators are at a serious disadvantage in the home.

Hence the wireless operators are looking to enhance their macro-cell coverage with the help of micro-cell coverages(indoor) by deploying small base stations such as Femtocells or with the help of Relay technology. These miniature base stations are the size of a DSL router or cable modem and provide indoor wireless coverage to mobile phones using existing broadband Internet connections.

Pointing out some key advantages of Femtocells and Relays we will then focus on their adoption in advanced wireless networks(WiMAX and LTE)

fnr-femtocells1

 

 

 

 

 

FEMTOCELLS

Technical Advantages:

Low Cost: The Business Model would be initially by offering Femtos as a consumer purchase through mobile operators

Low Power: around 8mW- 120 mW lower than Wi-Fi APs.

Easy to Use: Plug-and-Play easily installed by consumers themselves

Compatibility & Interoperability: Compatibility with UMTS,EVDO standards and WiMAX,UMB & LTE standards

Deployment: In Wireless Operator owned licensed spectrum unlike WiFi

Broadband connected: Femtocells utilize Internet protocol (IP) and flat base station architectures, and will connect to mobile operator networks via a wired broadband Internet service such as DSL, cable, or fibre optics.

Customer’s point of view:

Increased Indoor Coverage: Coverage radius is 40m – 600m in most homes providing full signal throughout the household

Load sharing: Unlike in macro cells which supports hundreds of users, Femtos will support 5-7 users simultaneously  enabling lesser contention in accessing medium delivering higher data rates/user.

Better Voice Quality: As the users will be in the coverage envelope and closer to Femtos, they will definitely be supported with a better voice and sound quality with fewer dropped calls

Better Data/Multimedia Experience: It will deliver better and higher data performance with streaming musics, downloads and web browsing with lesser interruptions and loss of connections compared to a macro-cell  environment.

Wireless Operator’s point of view:

Lower CAPEX: Increased usage of femtocells will cut down huge capital costs on macro cell equipments & deployments. This includes costs savings in site acquisitions, site equipments, site connections with the switching centers.

Increased network capacity: Increased usage of femtocells will reduce stress on macro cells increasing overall capacity of mobile operators

Lower OPEX: With lesser macro cell sites it reduces the overall site maintenance, equipment maintenance and backhaul costs.

Newer Revenue Opportunities: With provision of excellent indoor coverage and superior user experience with voice and multimedia data services operators has an opportunity of raising its ARPU with more additions to family plans

Reduced Churn: Due to improved coverage, user multimedia experience and fewer dropped calls, will lead to a significant reduction in customer churn

Technical hurdles:

Spectrum: Femtocells works on licensed spectrum and as the spectrum is the most expensive resource it will be a major technical hurdle for the wireless operator for frequency planning.

RF Coverage Optimization: Radio tuning and optimization for RF coverage in macro cells is manually done by technicians which is now not possible at each femtocell level, henceforth self optimization and tuning over time according to the indoor coverage map has to be done either automatically or remotely which is a technical challenge.

RF Interference: Femtocells might be prone to femto-macro interference and also femto-femto interference in highly dense macro or micro environments which might affect the user experience.

Automatic System Selection: When an authorized user of a femto cell moves in or out of the coverage of the femto cell – and is not on an active call – the handset must correctly select the system to operate on. In particular, when a user moves from the macro cell into femto cell coverage, the handset must automatically select the femto cell, and visa versa.

Handoffs: When an authorized user of a femto cell moves in or out of coverage of the femto cell – and is on an active call – the handset must correctly hand off between the macro cell and femto cell networks. Such handoffs are especially critical when a user loses the coverage of a network that is currently serving it, as in the case of a user leaving the house where a femto cell is located.

Security & Scalability: A femto cell must identify and authenticate itself to the operator’s network as being valid. With millions of femto cells deployed in a network, operators will require large scale security gateways at the edge of their core networks to handle millions of femto cell-originated IPsec tunnels.

Femto Management: Activation on purchase and plug and play by end user is an important step and with a proper access control management allowing end-user to add/delete active device connections in the household. In addition, operators must have management systems that give first-level support technicians full visibility into the operation of the femto cell and its surrounding RF environment.

RELAYS:

Relay transmission can be seen as a kind of collaborative communications, in which a relay station (RS) helps to forward user information from neighboring user equipment (UE)/mobile station (MS) to a local eNode-B (eNB)/base station (BS). In doing this, an RS can effectively extend the signal and service coverage of an eNB and enhance the overall throughput performance of a wireless communication system. The performance of relay transmissions is greatly affected by the collaborative strategy, which includes the selection of relay types and relay partners (i.e., to decide when, how, and with whom to collaborate).

Relays that receive and retransmit the signals between base stations and mobiles can be used to effectively  increase throughput extend coverage of cellular networks. Infrastucture relays do not need wired connection to network thereby offering savings in operators’ backhaul costs. Mobile relays can be used to build local area networks between mobile users under the umbrella of the wide area cellular networks



Advantages:

Increased Coverage: With multi-hop relays the macro cell coverage can be expanded to the places where the base station cannot reach.

Increased Capacity: It creates hotspot solutions with reduced interference to increase the overall capacity of the system.

Lower CAPEX & OPEX: Relays extending the coverage eliminates the need of additional base stations and corresponding backhaul lines saving wireless operators deployment costs and corresponding maintenance costs. The relays can be user owned relays provided by operators and can be mounted on roof tops or indoors.

Better Broadband Experience: Higher data rates are therefore now available as users are close to the mini RF access point.

Reduced Transmission power: With Relays deployed there is a considerable reduction in transmission power reducing co-channel interference and increased capacity.

Faster Network rollout: The deployment of relays is simple and quickens the network rollout process with a higher level of outdoor to indoor service and leading to use of macrodiversity increasing coverage quality with lesser fading and stronger signal levels.

As a hot research topic with great application potential, relay technologies have been actively studied and considered in the standardization process of next-generation mobile communication systems, such as 3GPP LTE-Advancedand IEEE 802.16j (multihop relays for WiMAX standards).
Relay Types




Two types of RSs have been defined in 3GPP LTE-Advanced and 802.16j standards, Type-I and Type-II in  3GPP LTE-Advanced, and non-transparency and transparency in IEEE 802.16j.



Specifically, a Type-I (or non-transparency) RS can help a remote UE unit, which is located far away from an eNB (or a BS), to access the eNB. So a Type-I RS needs to transmit the common reference signal and the control information for the eNB, and its main objective is to extend signal and service coverage.Type-I RSs mainly perform IP packet forwarding in the network layer (layer 3) and can make some contributions to the overall system capacity by enabling communication services and data transmissions for remote UE units.



On the other hand, a Type-II (or transparency) RS can help a local UE unit, which is located within the coverage of an eNB (or a BS) and has a direct communication link with the eNB, to improve its service quality and link capacity. So a Type-II RS does not transmit the common reference signal or the control information, and its main objective is to increase the overall system capacity by achieving multipath diversity and transmission gains for local UE units.

Pairing Schemes for Relay Selection

One of the key challenges is to select and pair nearby RSs and UE units to achieve the relay/cooperative gain. The selection of relay partners (i.e., with whom to collaborate) is a key element for the success of the overall collaborative strategy. Practically, it is very important to develop effective pairing schemes to select appropriate RSs and UE units to collaborate in relay transmissions, thus improving throughput and coverage performance for future relay-enabled mobile communication networks.

This pairing procedure can be executed in either a centralized or distributed manner. In a centralized pairing scheme, an eNB will serve as a control node to collect the required channel and location information from all the RSs and UE units in its vicinity, and then make pairing decisions for all of them. On the contrary, in a distributed pairing scheme, each RS selects an appropriate UE unit in its neighborhood by using local channel information and a contention-based medium access control (MAC) mechanism. Generally speaking, centralized schemes require more signaling overhead, but can achieve better performance

Relay Transmission Schemes

 

Many relay transmission schemes have been proposed to establish two-hop communication between an eNB and a UE unit through an RS

Amplify and Forward — An RS receives the signal from the eNB (or UE) at the first phase. It amplifies this received signal and forwards it to the UE (or eNB) at the second phase. This Amplify and Forward (AF) scheme is very simple and has very short delay, but it also amplifies noise.

Selective Decode and Forward — An RS decodes (channel decoding) the received signal from the eNB (UE) at the first phase. If the decoded data is correct using cyclic redundancy check (CRC), the RS will perform channel coding and forward the new signal to the UE (eNB) at the second phase. This DCF scheme can effectively avoid error propagation through the RS, but the processing delay is quite long.

Demodulation and Forward — An RS demodulates the received signal from the eNB (UE) and makes a hard decision at the first phase (without decoding the received signal). It modulates and forwards the new signal to the UE (eNB) at the second phase. This Demodulation and Forward (DMF) scheme has the advantages of simple operation and low processing delay, but it cannot avoid error propagation due to the hard decisions made at the symbol level in phase one.

Comparison between 3GPP LTE Advanced and IEEE 802.16j RSs

Below shows comparison between Type I(3GPP- LTE Advanced) and Non-Transparency(IEEE -802.16j) RSs



Technical Issues

Practical issues of cooperative schemes like signaling between relays and different propagation delays due to different locations of relays are  often overlooked.  If  the difference in time of arrival between the direct path from source to destination and the paths source-relay-destination is constrained then relays must locate inside the ellipsoid as depicted below. Thus,  in practice, such a cooperative system shoiuld be a narrow band one, or guard interval between transmitted symbols should be used to avoid intersymbol interference due to relays.

In band relays consume radio resources and Out of band relays need multiple transceivers.
Continue reading
737 Hits
1 Comment

Technology Does Not Equal Innovation

I had the opportunity to speak to a group at a university recently about innovation. In fact, I've spoken to four universities about innovation in the last few months. There's a growing awareness that innovation needs to happen in university settings. This would include innovation on the administration of the university, in the teaching methods and in what is taught. But that's a sideline to this post.

One of our customers, a senior faculty member argued that all this talk about "innovation" was pointless, and missed the main target, which was that we needed more focus on science and engineering education. In his mind, innovation was equated to technology, and only scientists and engineers could bring new technologies to life. While we agree that scientists and technologists can bring innovations to market, we'd argue that that definition of innovation is awfully narrow. It seems that innovation can occur in many avenues that have little or nothing to do with technology, engineering or science.

In fact we have recently worked with a financial services institution, a health care insurance firm, a life insurance firm and several other firms in the services industries where there are no physical products developed and few if any engineers or scientists. Yet these firms are innovating. Innovating their service models, customer experiences, processes and business models. Apple, held up as the ultimate innovator, is a technology firm but innovates instead more around user experience, linkages, partnerships and content.

There are a number of firms that innovate around technology and science, so we don't want to downplay the importance of technology in innovation. However, we do need to understand the balance between product innovation and all other kinds of innovation, and the importance of engineering and science to innovation. It's really a question of set theory. Technology innovation is a subset of innovation generally, and while all technology innovation is innovation, all innovation is not technology innovation. As much as it may pain my engineering friends to say it, there's a lot of innovation happening that has little or nothing to do with technology. Conversely, there's a lot of technological research that will impact our lives through new innovations as products and services. The key to this reasoning is to understand how technology neednt be the innovation but can more often than not enable the whole spectrum of innovation subsets. But reducing investment in these areas doesn't mean we are less innovative, it just spreads out the responsibility for innovation more broadly. But that had already happened in the 70s and 80s, as private enterprise took on more direct research and investment and the traditional nationalised style government's role declined.

OK, enough of the tangent. Innovation depends on creating and developing new ideas. Some of those insights are based on new technologies or improvements to existing technologies. Some innovation, however, is based on insights about services, processes or business models, and don't rely on technologists or engineers for insights. To claim that all innovation is technology innovation, and that without engineers and scientists no "real" innovation can be accomplished is to view the world of innovation with a very narrow lens.
Continue reading
713 Hits
0 Comments