Since the launch of our Systrax community website, we have written over three hundred blogs and generated two unique cases of Carpal Tunnel to bring you informative and sometimes quasi entertaining content.

I think its time though to lasso in some of the highlights over the year into one summary blog for quick and easy reference. This blog will link to others that have answered some of the more commonly asked questions. We hope you enjoy it.

Read more »

No matter what Cisco NetFlow collector software you may be running, you may have noticed that when your firewall NATs an address, it becomes the source or destination within your flows, and thus makes NetFlow a lot less useful.

Let me provide you with an example in Scrutinizer.

Note the series of conversations coming in from the web, as shown above, and how the destinations all show the NAT address of 66.186.x.x.

Let’s look at the traffic coming from host vs.mcafeeasap.com. How can we find out who the destination host is within our network that is generating this traffic?

First things first; these conversations are from records generated by the Internet router. Since the traffic by this time has already been NATTED, we should find this traffic before it hits the router…

So let’s go to my internal switch.

Read more »

If you’re a regular follower of this blog, you’ll know that Plixer is working on adding IPv6 support to Scrutinizer v7.0, but where is IPv6 on your radar?

We’ve all read articles about the growing shortage of IPv4 addresses and that’s why we need to move to IPv6, but when will that be and when should we start worrying?

If you do work for the federal government you’ll know that, according to the government’s 2005 mandate, everything on its network was required to be IPv6-ready by June 2008.

The government’s mandate helped to remind other organizations that they too needed to start thinking about moving to IPv6, but unless you do work for the government, the urgency to move isn’t so great.

Right now, large service providers are working on (or are begining to think about) transitioning their networks to IPv6. As their customers add cool devices such as smart phones and gaming devices onto the network, each of these need a new IP address. Experts say IPv4 address will be depleted by 2012. The world won’t stop when that happens but unless they have support in place, service providers won’t be able to add new devices to their networks.

As a stopgap, some organizations are using network address translation (NAT), which puts private network addresses behind a single IP address. Some carriers are investigating carrier-grade NAT. NAT could be the reason why the move to IPv6 has been slow for organizations other than government agencies.

One recent survey of companies including service providers, network equipment vendors and enterprises suggest that there is no business case for IPv6. Customer demand is the biggest driving force for those that are implementing IPv6. These folks are using a dual-stack approach, which allows IPv4 and IPv6 to run side-by-side.

The report also suggests that the biggest challenge for organizations is the lack of IPv6 technical expertise on staff. If you’re looking to find your next career move, this could be it. A quick hit of the Indeed job listings aggregator site netted 297 IPv6 jobs. Not a huge number, but if the survey results are to be believed, there would be less competition for jobs.

How far along is your company in transitioning to IPv6?