Juniper Patent Routing device having multiple logical routers from 2016

Just did found at last year by hearing from people we work with that at that time it was impossible to connect two endpoints

with expensive and top Fortigate at a certain layer and transparent mode. A high valued long year Fortigate Partner had to use Cisco for this.

Just noticed that Juniper network finally for through a patent in 2016 which they had long submitted.

 

If it's possible or a good idea to use patents in IT? Is it possible to patent a class or code? IBM does nothing else the last 20 year we think.

Does the patent below mean that only JUNIPER Networks or people who pay them will be able to do do complex routing?

https://www.google.ch/patents/US9485149

https://www.google.ch/patents/US9032095?hl=de

https://patents.justia.com/assignee/juniper-network-inc

 

Patent

Veröffentlichungsnummer        US9485149 B1

Publikationstyp             Erteilung

Anmeldenummer            US 14/705,771

Veröffentlichungsdatum        1. Nov. 2016

Eingetragen             6. Mai 2015

Prioritätsdatum            6. Jan. 2004

Auch veröffentlicht unter     US9032095

Ursprünglich Bevollmächtigter    Juniper Networks, Inc

Techniques are described for implementing one or more logical routers within a single physical routing device. These logical routers, as referred to herein, are logically isolated in the sense that they achieve operational and organizational isolation within the routing device without requiring the use of additional or redundant hardware, e.g., additional hardware-based routing controllers. The routing device may, for example, include a computing platform, and a plurality of software process executing within the computing platform, wherein the software processes operate as logical routers. The routing device may include a forwarding component shared by the logical routers to forward network packets received from a network in accordance with the forwarding tables.

Meltdown und Spectre Mcafee ENS sets MS-Registry key 10.01.2018

Das Spiel geht weiter und das Risiko bleibt bei den IT'lern und Kunden?

  1. Microsoft sagt die Antivirus Software muss den Registry key setzen damit der Microsoft Patch kommt.
  2. Mcafee z.B. setzt diesen nicht sondern stellt ein EXE zur Verfügung welches den KEY setzt (Alle Produkte von Mcafee sind kompatibel zu dem MS patch). Dies war wohl MS dann doch zu lasch und so hat Mcafee am 10.01.2018 entschieden den MS-Registry key via DAT Update 3221 zu verteilen.
  3. Das Risiko bis hin zum Blue Screen bei AMD CPU bleibt somit beim Kunden. Ab dem 10.01.2018 wird MCAFEE den KEY automatisch verteilen.
  4. Derzeit Lücken offen in Office welche mit dem Patchday Januar 2018 geschlossen werden und KRITISCH sind
  5. Check this list from Kevin Beaumont to see what Anti-virus-products are compatible except Mcafee
  6. HP is rolling out Firmware Updates for Server and Clients. Not all are listed some with release dates Middle January

     

     

 

https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/edit#gid=0

 

 

 

HP Firmware Patche

HP Server:

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us

HP Clients:

https://support.hp.com/us-en/document/c05869091Mcafee

 

 

 

Sets the key

 

 

 

 

Meltdown und Spectre Mcafee ENS sets MS-Registry key 10.01.2018

Spectre – Meltdown - MS Bluescreen - Microsoft says AV producer has to Set Registry Flag

06.01.2018, 01:33 CET, Europe

Do not set the specific Registry key that Microsoft announced a few days ago manual until you checked 100% and understood what it does. This was wrongly interpreted and understood by several blogs and even larger news agencies. The way it should be done (As seen by Microsoft on Friday) is that the Antivirus producer will set the specific registry flag key which will make the Update available to you by download from Windows Update direct. You can also download from Windows Update catalog if you did this THEN (This weekend) on one machine. We recommend waiting with patching W7/W10 until Monday and this is clearer.

From our point of view it's unclear as example what people with W10, 1709 Fall Creators Update with Edge in Hypervisor Sandbox and Windows Defender should do (And thus no other AV software)?

There all comes from Microsoft? Anybody seen that update there?

 

Attention:

Microsoft clearly states that there have been Bluescreen on some machines. A thing most of you forgot and did not see since years. Several blogs the specific update caused problems even while installing. They only way to install it via wusa.exe and command line PLUS at the end kill server hanging tasks with scripts.

 

Note Customers will not receive the January 3, 2018, security updates and will not be protected from current security vulnerabilities unless their antivirus software sets the following registry key:

Microsoft has identified a compatibility issue with a small number of antivirus software products.

The compatibility issue arises when antivirus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent stop errors that are caused by incompatible antivirus applications, Microsoft is only offering the Windows security updates that were released on January 3, 2018, to devices that are running antivirus software that is from partners who have confirmed that their software is compatible with the January 2018 Windows operating system security update.

If you have not been offered the security update, you may be running incompatible antivirus software, and you should consult the software vendor.

Microsoft is working closely with antivirus software partners to ensure that all customers receive the January Windows security updates as soon as possible.

More Information

Note Customers will not receive the January 3, 2018, security updates and will not be protected from current security vulnerabilities unless their antivirus software sets the following registry key:

Do not set the Specific Registry key that Microsoft announced a few days ago manual and if so ONLY if you validated that all your security products are compatible and listed on producer special KB or blog entry.

As per MS the producer of the AV Software has to do so after final testing

Key=HKEY_LOCAL_MACHINE

key=SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat

Value=cadca5fe-87d3-4b96-b7fb-a231484277cc

Type=REG_DWORD

 

Since we recommend Mcafee here is there actual list which runs fine with the Update.

Mcafee 06.01.2018

The following products have been tested and are confirmed as compatible

Testing is ongoing for all McAfee products and no compatibility issues with the Microsoft update have been found so far. We expect all of our testing to be complete on endpoint products by End of Day Monday, January 8th.

 

* Data Exchange Layer (DXL) 3.1.0 and later

* Data Loss Prevention 9.4 and later

* Drive Encryption 7.0 and later

* ePolicy Orchestrator 5.9 and later (Sadly no Enterprise runs 5.9 ;-)

* Endpoint Security 10.2 and later

* File and Removable Media Protection 5.0.4 and later

* Host IPS 8.0 Patches 4, 7, 9, 10

* McAfee Active Response 1.1 and later

* McAfee Agent 4.8 Patch 3 and later

* McAfee Application Control 6.2.0 and later

* McAfee Client Proxy 1.2 and later

* MOVE 4.5 and later

* Native Encryption (MNE) 4.0 and later

* SiteAdvisor Enterprise 3.5 Patch 5 and later

* System Information Reporter (SIR) 1.0.1 and later

* Threat Intelligence Exchange (TIE) Client for VSE 1.0.2 and later

* VirusScan Enterprise 8.8 Patches 4, 8, 9, and 10

* VirusScan Enterprise for Storage 1.2 and later

Certificates, PKI, Certificate Transparency tools to check

   

With the Website crt.sh you can search what Google and other API providers know about a DOMAIN related to issue Certificates.

You can Wildcard search for a Domain you want to get a quick overview of the Certificates they used. (If the customer or internal IT does not know even know they have Certs as example).

Query: https://crt.sh/?q=%25.computerladen.ch

Related site which explains it:

https://www.certificate-transparency.org/what-is-ct (text below from that website)

What is Certificate Transparency?

Certificate Transparency aims to remedy these certificate-based threats by making the issuance and existence of SSL certificates open to scrutiny by domain owners, CAs, and domain users. Specifically, Certificate Transparency has three main goals:

  • Make it impossible (or at least very difficult) for a CA to issue a SSL certificate for a domain without the certificate being visible to the owner of that domain.
  • Provide an open auditing and monitoring system that lets any domain owner or CA determine whether certificates have been mistakenly or maliciously issued.
  • Protect users (as much as possible) from being duped by certificates that were mistakenly or maliciously issued.

Certificate Transparency satisfies these goals by creating an open framework for monitoring the TLS/SSL certificate system and auditing specific TLS/SSL certificates. This open framework consists of three main components, which are described below. Sample which shows usage of crt.sh