Archive for the ‘Windows Vista’ Category

If you are preparing to deploy and secure your network for IPv6 then this IPv6 training is for you. Erion brings you the best in IPv6 training. We have extensive experience with IPv6 having provided IPv6 training and consultancy services for over 18 years, longer than any other independent IPv6 training provider. Also, we are proud to have the world’s largest and most IPv6 training portfolio covering all aspects of IPv6 on all major platforms.

The course that you can attend in November, is one of our most popular IPv6 training courses. The course, Implementing and Securing IPv6, is a comprehensive technical course that is ideal for all technologists interested in learning how to both deploy and secure IPv6. It provides all that you need to understand the issues surrounding IPv6 deployment and security and includes comprehensive practical hands-on labs to allow you to gain experience with real-world scenarios.

This training is becoming increasingly relevant in 2016 with the announcements by all of the UK’s major ISPs that they will be turning on IPv6 for their customers this year. Now that over 50% of the world’s major content providers are IPv6 enabled and almost 100% of Internet transit providers are IPv6 enabled, end-users with both IPv6 and IPv4 find that over 70% of their traffic is over IPv6 rather than IPv4.

Deploying IPv6 not only future proofs your network but it also brings with it the opportunity for performance, functionality and operational improvements. For example, Facebook found that end users using IPv6 experience a 15% performance improvement over end users using IPv4. Also, in the long term, IPv6 is the only protocol suitable as a basis for the Internet of Things (IoT).

Furthermore, we already reaching the point where organisations are not only considering moving to IPv6-only networks but have already deployed such networks.

IPv6 is very different from IPv4. The common belief that IPv6 is IPv4 with longer addresses is wrong. IPv6 is made up of many new features and functions which are often widely and subtly different from those in IPv4. Even IPv6 addresses are significantly different from IPv4 addresses, not just in size, but in how they are structured, their types, their attributes, how many their are and how they are used. It is crucially important when deploying and securing IPv6 to move away from legacy IPv4 thinking and fully appreciate the differences from IPv4.

Erion is the world’s leading IPv6 training company. With over 18 years experience of providing IPv6 training and IPv6 consultancy services, Erion has the world’s most comprehensive portfolio of IPv6 training courses. Erion’s courses cover all aspects of IPv6 on all major operating systems and platforms.

All Erion’s IPv6 training courses are Gold certified by the IPv6 Forum. Our IPv6 security courses are also IPv6 Security certified from the IPv6 Forum.

This course will take place in our Edinburgh, UK venue which is situated in the city centre near to the world famous Edinburgh castle. There are many excellent facilities and hotels within walking distance. Edinburgh is easily reached via Edinburgh airport and by the UK rail and road network.

The training fee includes, access to excellent facilities and the provision of a complimentary breakfast, sit-down lunch and unlimited tea, coffee, biscuits and fruit throughout the day.

This course will be delivered by Erion’s chief consultant Dr David Holder.

Course Details

Course: Implementing and Securing IPv6
Duration: 5 days
Location: Edinburgh, UK
Dates: 7th to 11th November, 2016
Exercise platforms: Linux (default), Cisco IOS, Windows
Delegate Fee: £2,195.00 (GBP) + VAT if applicable

Please contact us for further details.

Erion is proud to announce the release of a new and comprehensive Samba course. This course covers all aspects of Windows and Linux/Unix integration focussing mainly on solutions based upon samba the Open Software world’s leading cross-platform integration solution. Not only does this course cover the latest versions and features of Samba it also is applicable to the most recent releases of Microsoft Windows including Windows Server 2012 R2 and Windows 8.1.

The first public run of this course is scheduled for February 2015 in London UK. Full details of the course and its current schedule can be found here.

Erion is pleased to announce that we are running several of our world-leading IPv6 training courses as public events in Edinburgh UK during March 2014. These include Erion’s Implementing IPv6, Securing IPv6 and Introduction to IPv6 IPv6 courses.

From the 17th to the 20th March 2014 we are running our flagship 4-day Implementing IPv6 course. Developed over 15 years, this course covers all aspects of IPv6 in comprehensive detail and is ideal for all technical staff wishing to learn more about IPv6. This course includes extensive practical hands-on IPv6 exercises. We will be running the Linux, Cisco IOS and Windows versions of this course in parallel. You have the option to chose to carry out hands-on exercises on Linux, Cisco IOS or Windows.

From the 24th to the 26th March 2014 we are running our 3-day Securing IPv6 course. This course includes a detailed analysis of the security risks associated with the introduction and deployment of the IPv6 protocol and how you should secure your network for IPv6. This course also includes extensive hands-on practical IPv6 exercises, where you are able to use a number of IPv6 vulnerability testing tools and implement a range of IPv6 security features.

On the 27th March 2014 we are running our 1-day Introduction to IPv6 which is a comprehensive technical overview of IPv6.

Our Edinburgh training location is situated in the city centre near to the world famous Edinburgh castle. There are many excellent facilities and hotels within walking distance. Edinburgh is easily reached via Edinburgh airport and by the UK rail and road network.

The training fee includes, access to excellent facilities and the provision of a complimentary breakfast, sit-down lunch and unlimited tea, coffee, biscuits and fruit throughout the day.

Erion is the world’s leading provider of IPv6 training. We have the largest portfolio of IPv6 training courses, suitable for all audiences, covering all aspects of IPv6 on all major operating systems and platforms. Erion’s courses are certified by the IPv6 Forum and are part of the Erion IPv6 Certified training programme. In addition to our public IPv6 training schedule, we also provide IPv6 training as on-site courses and we provide Erion Modular IPv6 Training which allows for a bespoke training programme to be created based on our hundreds of IPv6 training modules.For further information please contact us on +44 (0)1422 207000, or through our web-site contact form.

Copyright Erion Ltd 2014, all rights reserved. Permission to publish this article unchanged is hereby given.

Despite the imminent depletion of the IPv4 address pool and the serious consequences for the IPv4 Internet, there are still many organisations that continue to delay the implementation of IPv6. Whilst the need for IPv4 in some organisations is arguably less than in others, one area that cannot be ignored is the essential need to secure current IPv4 networks against attacks perpetrated through the use of IPv6 and IPv6 transition technologies.

It is undeniable that the vast majority of current TCP/IP networks already include not only IPv6 capability, but also have IPv6 traffic flowing over them. All modern operating systems include IPv6 dual stacks (which also provide backwards compatibility for IPv4). These operating systems, including Windows, Unix and Linux all use IPv6 by default when they can. As a result, current IPv4 networks must be secured against attacks via IPv6 and associated technologies even though they may not have explicitly deployed IPv6.

Whilst, IPv6 in and of itself is to a large extent neither more or less secure than IPv4, it’s existence in a network immediately increases the “attack surface” and therefore the security risks. Since the increased risk is not simply the sum of the two protocols but a complex interaction of IPv4, IPv6, transition mechanisms and other protocols, it is fair to say that the attack surface is somewhat more than doubled by IPv6. Furthermore, IPv6 includes many new features that make it significantly different from IPv4. This not only further increases the “attack surface” but it also means that many new mitigation and security techniques must be learned.

For those who might consider the “increased risk” a reason not to deploy IPv6; remember that IPv6 already exists whether you deploy it or not. Therefore you need to secure against IPv6 threats in your IPv4 networks.

It is essential that network security managers and others responsible for network and system security learn about IPv6 now and implement appropriate security measures as soon as they can. Erion provides the world’s most comprehensive range of IPv6 training. This includes in-depth IPv6 security training, for example, our 3-day Securing IPv6 course.

Copyright Erion Ltd 2010.

David Holder is to speak at this year’s Storage Developer Conference in Santa Clara. Erion has a long history of working to IPv6 enable networked storage solutions and in particular the Open Source Samba implementation of the CIFS/SMB protocols. This year, Dr Holder plans to give a presentation on how to IPv6 enabled storage applications. The full abstract is below.

IPv6 Enabling CIFS/SMB Applications

Today IPv6 is no longer the protocol of the future, it is being extensively deployed in production networks. The central pool of IPv4 addresses will be exhausted in 2010 to 2011. As a result, Governments and organisations world-wide have been mandating its use for a number of years. As a CIFS/SMB developer, the time has come where you can no longer ignore IPv6.

IPv6 is the default protocol in all major operating systems, including Windows Server 2008 and Windows 7. CIFS and Active Directory have had support for IPv6 for a number of years.

This paper will address the key issues facing CIFS/SMB developers when migrating their applications to IPv6. It will provide a review of the status of IPv6 in Samba and Windows and describe how CIFS/SMB applications should be migrated to IPv6. This presentation will also include a brief IPv6 API and porting tutorial presenting the key things that developers need to know about IPv6 and the IPv6 socket API in order to effectively use IPv6 in their applications.

Dr David Holder is closely involved in the migration of Samba to IPv6. He has worked with IPv6 for well over a decade and is a regular speaker at global IPv6 conferences.

Erion’s David Holder presented at the Global IPv6 Summit in Taiwan today. His talk entitled IPv6 Enabling Unix/Linux and Windows Integration provides a summary of the status of IPv6 in heterogeneous environments and included a case study on IPv6 enabling Samba the world’s leading Windows - Unix/Linux integration package.

Much progress has been made in the IPv6 enabling of Samba. However, many commercial integration products and products built on Samba technology (such as NAS boxes) remain IPv4 only.

The Global Summit included presentations from many of the leading players in IPv6 from around the world. It was particularly interesting to see the significant progress that has been made in the deployment of IPv6 in recent months.

Dr Vint Cerf (Google) gave a video presentation to the conference. Vint Cerf has famously likened the depletion of the IPv4 address space to running out of oil.

“Running out of IP addresses is like running out of oil”, Vint Cerf, 2004.

Tony Hain (Cisco) showed just how close we are to running out of IPv4 addresses. He and others predict the exhaustion of the central pool of IPv4 addresses will occur between 2009 and 2011. He showed that in the final stages of address exhaustion there will be a rush for the remaining address space thereby speeding up the process of address depletion.

In order to manage the final stages of the depletion of the IPv4 address pool regional registries (RIRs) are modifying their address policies. Miwa Fujii (APNIC) summarises the recent APNIC meeting in New Zealand and the key policy changes that were made there. In particular, two important polices seek to improve the management of IPv4 address space. One reserves an address block for the IPv6 transition. This policy seeks to avoid the situation where there are no IPv4 addresses left for use with IPv6 transition technologies making migration to IPv6 even harder. Another policy immediately reserves one block for each regional registrar so that each registrar will have at least one block assigned to it when all other blocks have been assigned.

One effect of both of these policies is that they allocate some of the remaining pool of IPv4 addresses. This means that the predicted date for the central address pool to be deleted has been brought nearer. Despite this, no one is likely to argue that these policies are anything other than a good idea.

The conference was a resounding success. It is clear that the take up of IPv6 is increasing and that the world is becoming aware of the need to migrate to IPv6 before all of the IPv4 addresses have finally been assigned.

At lot can happen in a year. This is certainly true of IPv6 and Samba. In this article, I summarise the progress made in IPv6 enabling Samba and review the current status of Samba and IPv6 support. Further details can be found in my presentation Configuring Samba 3/4 for IPv6 Operation with Windows Server 2008 and Windows Vista.

Last year in my presentation at SambaXP 2007 (see SambaXP IPv6 Presentation) I showed how important it was that Samba catch up with Microsoft Windows in supporting IPv6. Microsoft’s latest operating systems, Windows Vista and Windows Server 2008 (then codenamed Longhorn) are IPv6 enabled by default. The increasing drive to implement IPv6 in various parts of the world meant that Samba risked being kept out of, or dropped from, environments where IPv6 is required.

Since then a lot has changed. Here are some highlights from the last twelve months:

Erion is proud to have carried out each of these firsts and being involved with Jermey Allison in IPv6 enabling Samba 3.2.

Linux CIFS Client

The Linux CIFS client has full support for IPv6 in the Linux kernel. This kernel is now widely available in the latest releases of many Linux distributions. At present, the mount command mount.cifs does not support IPv6 name resolution and the IPv6 address must be specified using a mount option. However, my patch to mount.cifs enables IPv6 name resolution. During Samba XP, I worked with Steve French and Jelmer Vernooij to improve support for IPv6 in mount.cifs. Friday evening found Jelmer still working on rewriting mount.cifs to include IPv6 support.

Samba 3.2

As Samba 3.2 nears a production release, it has been fully IPv6 enabled. This was a result of my presentation at CIFS Engineering Workshop held at Google last year. Erion has carried out the IPv6 testing for Samba 3.2. This has gone well and very few bugs have been found. During SambaXP Jeremy Allison put in time to investigate and resolve IPv6 bugs in Samba 3.2. Further information on IPv6 enabling Samba 3.2 can be found in our presentations from the Google IPv6 Conference earlier this year.

Samba 4

Support for IPv6 in Samba 4 still relies on my hack (a new version of which can be found here). The interest in IPv6 shown by the Samba team is illustrated by the time I spent with Andrew Tridgell. Andrew was very keen to incorporate my patch into the standard build of Samba 4. This would mean that, where possible, Samba 4 would build with IPv6 support as standard. The work was not completed by the end of SambaXP, but I will be chasing Andrew to complete it over the next few weeks.

In conclusion, SambaXP 2008 was a very positive event for IPv6 support in Samba. Much work still has to be done, but in the very near future there will be a solution for those who wish to upgrade Samba 3.0 to Samba 3.2 in order to get IPv6 support. So far most of the IPv6 testing of Samba has been undertaken by Erion. I would be very interested to hear of anyone else who is testing or even using Samba over IPv6 in live environments. During the conference Jelmer migrated his use of the Linux CIFS client in his home network to operate over IPv6! Now for the rest of the world…

The Samba team have released a new preview version of Samba 3.2. This version includes the changes that Jeremy Allision made to enable IPv6 support in Samba 3.2.

At last year CIFS workshop at Google, Erion’s David Holder gave a presentation on how to IPv6 enable Samba. As a result Jeremy took up the challenge to IPv6 enable Samba 3.2 in “three weeks”. Jeremy succeeded.

Erion’s testing of the IPv6 enabled version of Samba 3.2 produced very good results. A few minor changes were required in order to allow Samba 3.2 to join a Windows Server 2008 domain. Finally, in January 2008, Erion’s David Holder made the first ever IPv6 join to a Windows Server 2008 AD domain using Samba 3.2.

The presentation on IPv6 in Windows given by Erion’s David Holder at Google’s IPv6 conference is now available for viewing on YouTube. This talk covers the status of IPv6 on Windows and some key things that you need to know if you are working with IPv6 on Windows Vista or Windows Server 2008.

You can view the talk at by clicking here.

This week Erion’s David Holder spoke at an IPv6 conference at Google. The presentation was enititled IPv6 on Windows. It covered the status of IPv6 on Windows Server 2008 and Windows Vista as well as pointing out some of the details that you need to be aware of as Windows administrators and developers.

The slides are available for download here IPv6 on Windows.