Archive for the ‘Professional Development’ Category
Insider’s Guide to a SANS Conference – Day 2
Filed under: External Training, Industry Events, Professional Development, Uncategorized | Tags: SANS, SANS @night, Security Leadership
Leave a comment I’ll cut to the chase and give you the bottom line up front…
My favorite part of today’s conference were the SANS @night presentations. These are optional (and free) presentations that the SANS Institute supports on selected evenings of their conferences. One of today’s @night talks covered Web App Security and the other covered Man-in-the-Middle Attacks.
SANS @night Talk
Web App security was given by Rich Mogull (@rmogull) and the MitM Attack talk was given by Bryce Galbraith. Saying that they were *PACKED* with information is an understatement. There are many intangible benefits of attending a SANS conference, and the @night presentations definitely top that list!
I also enjoyed my “normal” course, “Security Leadership Essentials for Managers”. I particularly enjoyed the conversation around malware and endpoint security. My take-away is that white listing is the future in this area. I Tweeted about this realization on my Twitter timeline (@wifijedib).
There were also a few logistical challenges today – the first was that one of the instructors came down with bronchitis and lost his voice. The SANS conference staff were able to schedule temporary work-around and work in a backup instructor in an incredibly short amount of time. Also, there was an internet outage at the conference hotel. Again, the conference staff worked tirelessly to resolve and developed an immediate work around. I was impressed with their ability to handle these situations – how strong are your business continuity processes?
Related Posts:
Insider’s Guide to a SANS Conference – Day 1
Filed under: External Training, Industry Events, Professional Development | Tags: SANS, SANS Phoenix, Security Leadership Essentials
Comments (1) If you are reading this, it means that we both survived Day 1 of SANS Phoenix. 🙂
My favorite part of the day was helping everyone at the registration desk. It was fun meeting so many different people. There seemed to be a good mix of people returning to SANS as well as first time conference attendees.
Stephen Northcutt gave a short “Welcome to SANS” briefing this morning. I wasn’t able to attend as I was at the registration desk (see above).
Classes kicked off at 9AM and most ran until approx. 5:30-6:00PM. I know that we covered a TON of information in the MGMT 512 (Security Leadership Essentials for Managers) course. We talked about budgeting, project management, vulnerability management, and vendor selection processes.
Even though I am in a Management course, there was a great deal of technical information covered in Day 1. We discussed the TCP/IP header, ports/protocols, and packet analysis. At one point I felt like Neo in The Matrix – (paraphasing more than an exact quote…) “what do you see in the matrix? ones and zeros? I see a blonde. I see a brunette.”
Logistically, everything seemed to run smoothly. As always with big conference rooms and theaters, the temperature runs cold, so don’t forget to bring a sweater or light jacket with you tomorrow. 🙂
There was a SANS@night talk regarding Honeypots, which I missed. I am excited to see Rich Mogull’s SANS@night talk tomorrow night as he and I are connected on Twitter (@rmogull)
Speaking of Twitter, I “tweeted” about the conference at least a half dozen times today. You can search for the hashtag #SANS_PHX or follow me (@wifijedi) to see the updates.
Insider’s Guide to a SANS Conference – Setup
Filed under: blogging, Industry Events, Professional Development | Tags: SANS, SANS Phoenix, SANS Work-Study, Security Leadership Essentials
Comments (1) This is the first blog post in a series, “Insider’s Guide to a SANS Conference”. It corresponds to my attendance at the SANS Phoenix Conference March 23-30, 2009.
As a disclaimer, this “Insider’s Guide” will not provide you confidential information.
Also, you should know that I am “nobody special” within the organization. This is the third conference I have attended, all through their work-study (volunteer) program. I have Mentored the wireless course and taught a wireless Stay Sharp course in Dallas a couple years ago, but that’s it.
The series is meant to be detailed description of my participation and to hopefully encourage others to attend. (I am a big fan!) I am taking the “Security Leadership Essentials for Managers” course, which is being taught by Stephen Northcutt – the CEO of SANS.
I am also “micro-blogging” about the conference via Twitter. You can find my updates with the hashtag #SANS_PHX …better yet, you can “follow me” on Twitter @wifijedi to see all the updates in your own time line!
Today the conference organizers & volunteers set up the conference. Since this is a smaller, regional conference, there are only 5 volunteers (one for each course they are running). Setting up consisted of the following activities:
- Preparing name badges
- Preparing registration folders
- Recieving and sorting courseware (books)
- Stuffing totes with courseware and other inserts
- Sorting conference shirt by size
- Placing signage throughout facility directing attendees to registration, classrooms, internet cafe, etc.
- Setting up registration station
- Preparing course evaluation forms & folders
- A briefing regarding volunteer duties & expectations
- Etc.
I am looking forward to seeing all the attendees at the registration booth from 7:00 – 9:00 AM tomorrow morning!
Related Posts:
802.11e Quality of Service – Video
Filed under: 802.11e - Quality of Service, Professional Development, Speaking Engagements | Tags: 802.11e, Quality of Service, Wireless Training Video, WMM
Comments (1) This is a portion of some internal training that I delivered at the beginning of the year. Certainly not my best stuff, but the video was readily available (thanks to my friend Gary) and I thought that it was useful content about 802.11e, which is Quality of Service.
The video is approximately 5 minutes in length and discusses the media contention mechanism under 802.11e – Hybrid Coordination Function (HCF). There are two main parts to HCF (which I discuss in the video):
- Enhanced Distributed Channel Access (EDCA)
- Hybrid Controlled Channel Acccess (HCCA)
SANS Phoenix – Upcoming Interview
Filed under: External Training, Industry Events, Interviews | Tags: information security, SANS, SANS Phoenix, SANS Security Leadership Essentials, Stephen Northcutt
Leave a comment As many of you already know, I am taking the SANS Security Leadership Essentials course at the upcoming SANS Conference in Phoenix, Mar 23-30th. It is being taught by none other than Stephen Northcutt, President of the SANS Institute.
I caught up with Stephen earlier this week on LinkedIn and told him that I will be blogging and Tweeting about the event in near real time. I also asked if I could interview him for WiFiJedi.com, to which he agreed.
Please leave me a comment or send me an email, Tweet, etc. if you have something specific that you would like me to address in the interview.
Related Posts:
Optimize Your 802.11n Performance (Webinar Review)
Filed under: Industry Events, WLAN Vendors | Tags: 802.11n, AirMagnet Survey, AirMagnet WiFi Analyzer
Leave a comment Yesterday, I attended a webinar hosted by AirMagnet entitled “Optimize Your 802.11n Performance”.
It was an hour well spent, which isn’t always the case with webinars. The product sales pitch was kept to a minimum.
It really focused on educational aspects of 802.11n networking and security. Additionally, the webinar contained several live demos during the webinar, which were executed flawlessly.
The live demos were of the WiFi Analyzer and Survey programs. While I use the AirMagnet Survey product several times a week, it has been almost a year since I used the AirMagnet WiFi Anlyzer tool. They have instituted some really great features since I have last used it. Most of these features directly relate to 802.11n networks:
The first is an 802.11n Device Throughput Calculator. It calculates the throughput of a single device depending on a number of parameters – MCS, max frame size, channel bonding, block acknowledgement, etc. It also factors in the effect of the Least Common Denominator client (i.e. effect of adding an 802.11g client).
The second is a WLAN Throughput Simulator, which estimates the aggregate throughput of an entire WLAN. The tool takes actual meaurements from the existing WLAN, and then allows users to add simulated APs or Clients. This allows users to consider an infinite number of “what if” scenarios with regards to how to optimize the WLAN.
The webinar wasn’t limited to exploration of the cool features of the WiFi Analyzer. A good portion of the presentation talked about the importance of live/active site surveys and how using real meaurements of the uplink and downlink rates is valueable to network administrators. It was also exciting to see that the iPerf throughput testing tool is now integrated directly into AirMagnet Survey.
Lastly, I wanted to point out that one of the five main points of the webinar was that channel bonding in 2.4 GHz is not suggested. This is something that I blogged about in a post regarding 5 GHz vs. 2.4 GHz in 802.11n networks on CWNP.com I seemed to take a decent amount of “heat” in the comments, primarily from advocates of channel blankets, so I am glad to see that the fine folks at AirMagnet agreed with me. 🙂
Related Posts:
Gartner Wireless & Mobile Summit… In Review (Part #2 of 2)
Filed under: Industry Events, Interesting Articles | Tags: Gartner Wireless & Mobile Summit, online society 2020, reputation management
Leave a comment I recently reviewed the Next-Generation WLAN presentation given at the Gartner Mobile & Wireless Summit that took place Feb 23-25, 2009. I said the authors hit a home run with that presentation.
This go-around, I am reviewing the “Online Society 2020” presentation which, to me, is more of a ground rule double than a home run. The ball still went over the center field fence, it just wasn’t as satisfying as a pure home run…
The presentation started with a high level overview of some of the factors affecting online society in 2020. These factors were logical based on the information available today:
- Technology
- Social Attitudes
- New Jobs/Hobbies
- External Factors
From there, the discussion turned to networked Healthcare, Personal Communications & Collaboration, Education, Entertainment, and Financial Services.
Some of the predictions seemed rather straight-forward:
(In 2020… “Division between personal and professional life has blurred”)
Other predicitions were insightful (even downright brilliant):
(In 2020… “Reputation management will be a billion dollar business”)
Personally, I would have liked to see a tighter focus on Wireless & Mobile technologies, which was the theme of the conference. That being said, I applaud the presenters (Nick Jones, Jackie Fenn, and Monica Basso) for attempting to predict society a decade from now. Futhermore, I would suspect the audience discussion in this session significantly contributed to the overall quality of the presentation.
Related Posts:
- Gartner Wireless & Mobile Summit… In Review (Part #1 of 2)
- Requesting Press Access to the Gartner Wireless & Mobile Summit?!?
Gartner Wireless & Mobile Summit… In Review (Part #1 of 2)
Filed under: Industry Events | Tags: all wireless enterprise, fewer devices, Gartner Magic Quadrant, Gartner Wireless & Mobile Summit
Comments (3) I was able to get a copy from a couple of the applicable sessions delivered at Gartner’s Mobile and Wireless Summit this past week. However, I didn’t attend in person – see my rant “Can IT Vendors be Objective?”
The first session I reviewed is entitled “The Next Generation WLAN: Time to Throw Out the Rule Book?” It was delivered by Michael King and Timothy Zimmerman, who as you may know, create the Gartner Magic Quadrant for WLAN Infrastructure.
For me, here are the most interesting observations:
- The presentation starts off saying that 802.11n networks are faster, cheaper, and better managed than the wired infrastructure deployed in most enterprises today. Additionally, they said WLANs are more secure and more reliable.
- The speakers predicted that 70% of new access layer switch ports will be WLANs within the next three to five years.
- In the notes to the slide containing the Gartner “Magic” Quadrant was the following advice: “To evaluate vendors is the leader’s quadrant and ignore those in other quadrants is risky, and thus discouraged.”
- There were two excellent points in the action plan (conclusion):
- For near future, there is not a dominant architecture for wireless offices. Enterprises should standardize networks on a few device models to keep support cost down.
- Enterprises should align networking investments to an all-wireless office, plan for the deployments in the next 12 to 24 months.
Personally, I think the authors hit a home-run with this presentation. The points above really hammered home the need for an all wireless enterprise with fewer devices. What do you think the wireless landscape will look like in the next three to five years? What do you see as the prevailing WLAN architecture?
Part #2 of 2 will focus on a presentation given by Nick Jones, Jackie Fenn, and Monica Basso entitled “Online Society 2020”.
Related Posts:
*Speaking Engagement* – FREE Webinar March 24th
Filed under: Professional Development, Speaking Engagements | Tags: BrightTALK, Enterprise Mobility, Ethernet replacement
Leave a comment I am giving a Webinar on Replacing Ethernet Switching to the Desktop with Wireless on March 24th, 2009 4PM Pacific Time.
Below is information about the presentation, including the link to attend along with a session description.
Webcast Title: Is WiFi Really Ready to Replace Ethernet to the Desktop?
Webcast Live Date & Time: 4:00pm MAR 24 2009 United States – Los Angeles
Duration: 45 mins
http://www.brighttalk.com/webcasts/2805/attend
Session Description – Is WiFi Really Ready to Replace Ethernet to the Desktop?
Ratification of the next generation IEEE wireless standard, 802.11n, is just around the corner. 802.11n brings data rates of several hundred megabits per second, which many analysts say is instrumental in WiFi replacing Ethernet switching to the desktop. But is wireless really a capable replacement? Our speaker, Mr. Douglas Haider, will explore the performance, security, scalability, and reliability of next generation wireless LANs. Mr. Haider will address both the technical and business requirements of the audience. The presentation is built around a case study and is packed with specific recommendations, suggested tools, and information on where to find additional resources.
Can IT Vendors be Objective?
Filed under: blogging, Industry Events, WLAN Vendors | Tags: blogging, IT Vendors, rant
Comments (6) Here is another guest post that I wrote for An Information Security Place. This is something that I am worked up about, so I am re-publishing it here to maximize the audience. 🙂
————————————————————————————
Can IT Vendors truly be objective? Or does everything they say have to be viewed through a lens of “they are trying to sell me something”?
Join me while I rant…
Personally, I think IT vendors can be objective.
Sure, we manufacture and sell things…
*Gasp* – We even profit from selling.
But that doesn’t mean we can’t be objective.
i.e. – I try to provide solid vendor-neutral information to the wireless community through my blog, http://wifijeidi.com.
(In fact, only 2 of the nearly 40 blog posts I have completed to-date have been about my employer, Xirrus.)
However, not everyone sees it that way.
Let me give you an example…
I requested press access to an industry event as a blogger.
However, I was told that I can’t get a pass of this nature because I work for a vendor.
Furthermore, I was told that bloggers of major publications (ComputerWorld, Network World, ZDNet, etc.) would qualify.
So I went out seeking a spot with one of these publications as one of their bloggers.
(I even had a solid lead directly to an editor with a reference from another well know blogger at one of these publications.)
However, I was turned down again. Because I work for a vendor.
My “commentary”…
Presumably, working for a vendor means that I can’t be objective. Which I personally think is %^&$*&!
Let’s take a look at some profiles of bloggers who have been picked up by these publications. I would like to take a closer look at two common blogger profiles: Value Added Resellers (VARs) and Independent Consultants.
I have noticed that if you work for a VAR, you can blog for major publications. Correct me if I am wrong – as a VAR, don’t you sell some vendor’s equipment, but not others? It would seem to me, in that position, it is possible to have nuances or conflicting agendas. At least working for a manufacturer, you know where my “official” loyalties are.
Other common profile for bloggers on these publications is that of an “independent” consultant. I would think a large portion of their livelihood depends on their ability to provide consulting services. If that’s the case, don’t you think they would blog about things that (at least indirectly) drive their own business? After all, their financial success is directly tied to the success of a single person – themselves. Working for a manufacturer (or any large organization) mitigates this factor because my financial situation is determined by the success of the group, and not by what I do or say to drive my own consulting business.
This isn’t intended as an attack on publications or their bloggers, just an honest discussion of how they can be objective, but somehow it is perceived that I can’t. What about my credentials?!?
Besides working for a vendor (for several months), I have also worked as a consultant and auditor (for many years). I hold over a dozen IT certifications, ALL of which are vendor-neutral. On my LinkedIn profile, I have the coveted “500+ connections”, many of who are employed by my competition – Aruba, Meru, Motorola, etc. I started my blog to serve as a thought leader and I am a frequent speaker at industry events, professional organization meetings, and universities.
If you know someone at an IT publication that is willing to have me as a wireless networking and security blogger, have them contact me at douglas.haider@xirrus.com
Wait, I had better not use my corporate email address. That might signal I can’t be objective. 🙂
Instead, have them contact me at douglashaider@hotmail.com
![[LinkedIn]](https://i0.wp.com/farm4.static.flickr.com/3477/3463037125_247575d1f3_m.jpg)
![[LinkedIn]](https://i0.wp.com/farm4.static.flickr.com/3598/3463037145_924738ec38_m.jpg)
![[del.icio.us]](https://i0.wp.com/images.del.icio.us/static/img/delicious.small.gif){kind=small}
WiFi Jedi.com 
You must be logged in to post a comment.