Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.

Computing Systems

Computing Systems

Informatics Computing Staff jottings

Network security and robustness enhancements

New versions of network switch firmware often bring additional facilities along with bug-fixes.  We have recently been evaluating some security and robustness enhancements, with a view to rolling them out across the Informatics network.  In particular:

  • DHCP protection, which will prevent rogue machines purporting to be DHCP servers on the self-managed subnets.  We occasionally see this, it can be very hard to track down, it is disruptive to everyone else on the subnet, and is almost always some portable piece of kit which has been configured for a home situation and then not reconfigured appropriately for the Informatics network.
  • ARP protection, which will prevent a machine from claiming an IP address which has not been allocated to it.  This usually results in a large drop in throughput for both machines, as packets are mis-directed or dropped.  Again, this is often due to misconfiguration, though we have also seen an increase recently as a result of misfeatures in some of Apple’s protocols.
  • Dynamic IP lockdown, which will prevent a machine from using an IP address which has not been allocated to it.  There is almost never a good reason for this to happen.

None of these should have any effect on a machine which is properly configured and working normally.  We have been testing the mechanisms for several weeks now and they do appear to work as advertised, and we will therefore be rolling them out across the Informatics network as appropriate.

Network security and robustness enhancements / Computing Systems by is licensed under a

Posted by

Categories

Uncategorized

Tags

No tags have been added to this post.

Previous post

Next post

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Network security and robustness enhancements / Computing Systems by is licensed under a
css.php

Report this page

To report inappropriate content on this page, please use the form below. Upon receiving your report, we will be in touch as per the Take Down Policy of the service.

Please note that personal data collected through this form is used and stored for the purposes of processing this report and communication with you.

If you are unable to report a concern about content via this form please contact the Service Owner.

Please enter an email address you wish to be contacted on. Please describe the unacceptable content in sufficient detail to allow us to locate it, and why you consider it to be unacceptable.
By submitting this report, you accept that it is accurate and that fraudulent or nuisance complaints may result in action by the University.

  Cancel