Have you noticed that SNMP statistics are not very interesting? Me
too. I want network events. And only interesting network event need
apply.
Why don't more servers send SNMP traps? It seems like the only thing
which will cause a trap on my network is the T1 going down. Thats like
the little red light on my dashboard lighting up when a wheel falls off
the car. I would like some traps from servers when problems happen.
DHCP, ARP and the Integrity of the LAN
Is it just me or is ARP a huge security problem on the LAN? It seems to me that anyone with Linux or FreeBSD can take down an entire segment just by publishing the IP address of the local router in their arp cache. Hummm... Perhaps what I want is an ARP server tightly coupled with my DHCP server. Perhaps the DHCP server should populate the ARP caches.
But then, I'll want authentication in my DHCP server. I'd like the DHCP servers to have a X.509 certificate and have the clients verify out before believing the server.
Between routing and the workstation is the corporate identity
I see an emerging layer of control in large network architectures (don't get me started on the topic of out of band signalling of routing information - I'll get to that next time). There's routing on the bottom and workgroups on the top. Cisco owns the routing and Microsoft (OK, I took the pill) owns the workgroup. But in the middle there's this notion of one's "corporate identity". Like, how does your email get from the Internet to your desktop? And who are you anyway?Microsoft does not do well here and neither does Cisco. It's a whole new market to me.