How to make your site HTTPS-only

How to make your site HTTPS-only

The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services. Last year, Mozilla reported that the percentage of requests made by Firefox using encrypted HTTPS passed 50% for the first time. HTTPS has numerous benefits that are not available over unencrypted HTTP, including improved performance with HTTP/2, SEO benefits for search engines like Google and the reassuring lock icon in the address bar.

How to make your site HTTPS-only

So how do you add HTTPS to your site or service? That’s simple, Cloudflare offers free and automatic HTTPS support for all customers with no configuration. Sign up for any plan and Cloudflare will issue an SSL certificate for you and serve your site over HTTPS.

HTTPS-only

Enabling HTTPS does not mean that all visitors are protected. If a visitor types your website’s name into the address bar of a browser or follows an HTTP link, it will bring them to the insecure HTTP version of your website. In order to make your site HTTPS-only, you need to redirect visitors from the HTTP to the HTTPS version of your site.

Going HTTPS-only should be as easy as a click of a button, so we Continue reading

Leading Into Prime Day, Amazon Offers 4 Months of Music Unlimited for $0.99 – Deal Alert

Amazon's Music Unlimited service is typically offered at $9.99/month, but Amazon has activated a special promotion as a teaser to their upcoming Prime Day on July 11. The promotion just dropped today and gets you 4 months of their Music Unlimited service for just $0.99, if you're a Prime member (or have a 30 day Prime free trial: get one here). Music Unlimited offers tens of millions of songs, with new releases from today's most popular artists. Listen ad-free with unlimited skips on all of your devices, and download for offline listening. Learn more about the very competitive streaming music service from Amazon, and take advantage of the $0.99 subscription offer, at Amazon's Music Unlimited page located here.To read this article in full or to leave a comment, please click here

Automation or Orchestration?

Have you ever wondered what the difference between automation and orchestration is?

Wikipedia defines automation as use of various control systems for operating equipment. The definition I prefer (because it’s easier to understand in network automation environment) is elimination of well-defined repeatable manual tasks – the emphasis being on well-defined and repeatable.

Read more ...

How To: Setting up VPN (IPSec tunnel) to an AWS VPC

Recently I've had to set up an VPN tunnel (IPSec) between a private data center and a private Amazon VPC. There are two ways to set this up:

  1. Amazon's VPN connection service that uses the customer gateway and virtual private gateway.
  2. Using a VPN appliance that acts as a gateway terminating IPSec tunnel.
This post will describe method 1. Note that Amazon's VPN offering costs extra money like most other services. 

AWS side configuration


  1. Create a Virtual Private Gateway. This does not take any settings except a tag/name
  2. Create a Customer Gateway.
  3. Make sure the Customer Gateway mimic’s your external / gateway router in your infrastructure. (WAN IP). Select BGP or non-BGP according to your router config.
  4. Create a new VPC, say 10.0.0.0/16
  5. Connect the Virtual Private Gateway to this VPC. (VPG -> Attach VPC -> Select your vpc)
  6. Open the route table for this VPC and enable route propagation (VPC -> Route table -> Route Propataion -> Yes)
  7. Create new VPN 
    1. Choose specific VPG to associate along with Customer Gateway. You can create a Customer Gateway when creating a VPN if you haven't already done step 1).
    2. Set routing options. Dynamic if your gateway router Continue reading

Packet Tracer in Firepower Threat Defense

I wanted to share a quick post on a feature that I have found incredibly useful on the ASA and has been extended to Firepower Threat Defense. The feature is called Packet Tracer and is an easy way to apply “packet walk” logic to a flow that would be initiated through the platform. Like most things FTD, the Firepower Management Console is the point of contact for initiating the process.

To initiate Packet Tracer in FTD, open the Firepower Management Console and choose ‘Devices‘ then ‘Device Management‘. Next, select the device that you want to perform the operation and select the icon that looks like a screwdriver and wrench.

DevDevMgmt

This will produce the screen that provides health monitoring and troubleshooting for the device. Selecting “Advanced Troubleshooting” will change the view to a multi-tab troubleshooting screen.

AdvTroubleshoot

Selecting the Packet Tracer tab will allow for input like Source/Destination, Protocol, Port, SGT, etc.

PacketTracer

After filling out this information and choosing “Start“, the device would be put through the same process as an initial packet of a new connection. The resulting packet walk is shown in an expandable tree view or raw text (user selectable).

Tree View

TreeView

Continue reading

Do We Need Chassis Switches Anymore in the DC?

While Cisco Live this year was far more about the campus than the DC, Cisco did announce the Cisco Nexus 9364C, a spine-oriented switch which can run in both ACI mode and NX-OS mode. And it is a monster.

It’s (64) ports of 100 Gigabit. It’s from a single SoC (the Cisco S6400 SoC).

It provides 6.4 Tbps in 2RU, likely running below 700 watts (probably a lot less). I mean, holy shit.

9364c

Cisco Nexus 9364C: (64) ports of 100 Gigabit Ethernet.

And Cisco isn’t the only vendor with an upcoming 64 port 100 gigabit switch in a 2RU form factor. Broadcom’s Tomahawk II, successor to their 25/100 Gigabit datacenter SoC, also sports the ability to have (64) 100 Gigabit interfaces. I would expect the usual suspects to announce switches based on these soon (Arista, Cisco Nexus 3K, Juniper, etc.)

And another vendor Innovium, while far less established, is claiming to have a chip in the works that can do (128) 100 Gigabit interfaces. On a single SoC.

For modern data center fabric, which rely on leaf/spine Clos style topologies, do we even need chassis anymore?

For a while we’ve been reliant upon the Sith-rule on Continue reading

23% off FitBit Aria WiFi Smart Scale – Deal Alert

Fitbit's Aria WiFi smart scale is a great add-on for anyone using a Fitbit to track progress towards their fitness goals. The current 23% discount shaves a solid $30 off its regular $129.95 list price, so you can buy it now on Amazon for $99.95 (see this item on Amazon). The Fitbit Aria will accurately track weight, % body fat, and Body Mass Index (BMI) for up to 8 users. Using WiFi, data is automatically uploaded to your Fitbit account, so you can graph and track your progress easily and privately online. The product averages 3.5 out of 5 stars from over 6,200 people on Amazon (see reviews). Click over to Amazon for more information and to review buying options for the discounted Fitbit Aria smart scale.To read this article in full or to leave a comment, please click here

Worth Reading: Why data integration is on the front line

Data is increasingly viewed as a strategic asset with real revenue impact for businesses of every size. A 2016 Capgemini survey found 61% of executives surveyed felt big data was a driver of revenue and was as valuable to their bottom line as the products or services they sell. Additionally, 65% of the surveyed executives felt they risked becoming irrelevant or uncompetitive if they failed to embrace big data. —Data Center Journal

The post Worth Reading: Why data integration is on the front line appeared first on rule 11 reader.

IDG Contributor Network: What companies need to know about interconnection to succeed at digital business

What is interconnection, and why does it matter?Interconnection is the deployment of IT traffic exchange points that integrate direct, private connections between counterparties. Interconnection is best achieved hosted in carrier-neutral data center campuses, where distributed IT components are collocated. In an age when reams of information race around the world with the click of a finger and massive transactions routinely occur several times faster than the blink of an eye, interconnection powers digital business.Interconnection is much more than successfully connecting Point A to Point B. Telephone wires pulled off that kind of simple connectivity ages ago. Today’s enterprise-grade interconnection has some key characteristics that can help take digital business to the next level:To read this article in full or to leave a comment, please click here

IDG Contributor Network: What companies need to know about interconnection to succeed at digital business

What is interconnection, and why does it matter?Interconnection is the deployment of IT traffic exchange points that integrate direct, private connections between counterparties. Interconnection is best achieved hosted in carrier-neutral data center campuses, where distributed IT components are collocated. In an age when reams of information race around the world with the click of a finger and massive transactions routinely occur several times faster than the blink of an eye, interconnection powers digital business.Interconnection is much more than successfully connecting Point A to Point B. Telephone wires pulled off that kind of simple connectivity ages ago. Today’s enterprise-grade interconnection has some key characteristics that can help take digital business to the next level:To read this article in full or to leave a comment, please click here

IDG Contributor Network: What companies need to know about interconnection to succeed at digital business

What is interconnection, and why does it matter?Interconnection is the deployment of IT traffic exchange points that integrate direct, private connections between counterparties. Interconnection is best achieved hosted in carrier-neutral data center campuses, where distributed IT components are collocated. In an age when reams of information race around the world with the click of a finger and massive transactions routinely occur several times faster than the blink of an eye, interconnection powers digital business.Interconnection is much more than successfully connecting Point A to Point B. Telephone wires pulled off that kind of simple connectivity ages ago. Today’s enterprise-grade interconnection has some key characteristics that can help take digital business to the next level:To read this article in full or to leave a comment, please click here

Housing developer builds resiliency with DRaaS

When Steve Werner joined Milhaus, the company was gearing up for a growth spurt that took it from roughly 80 employees in 2015 to more than 270 employees today. Upgrading the company’s IT infrastructure was a priority for Werner, who is the first director of technology at the Indianapolis-based company, which designs, builds and manages luxury apartments in urban areas.“They went from a very small business to a pretty good sized business in a short amount of time. But we were still running on small business hardware, with a small business backup plan,” Werner says. The company’s IT gear was running in an old server closet with no air conditioning. “It couldn’t handle all that we were adding to it,” Werner says. “Everything was about to melt down.”To read this article in full or to leave a comment, please click here

Multi-Stage Builds

This is part of a series of articles describing how the AtSea Shop application was built using enterprise development tools and Docker. In the previous post, I introduced the AtSea application and how I developed a REST application with the Eclipse IDE and Docker. Multi-stage builds, a Docker feature introduced in Docker 17.06 CE, let you orchestrate a complex build in a single Dockerfile. Before multi-stage build, Docker users would use a script to compile the applications on the host machine, then use Dockerfiles to build the images. The AtSea application is the perfect use case for a multi-stage build because:

  • it uses node.js to compile the ReactJs app into storefront
  • it uses Spring Boot and Maven to make a standalone jar file
  • it is deployed to a standalone JDK container
  • the storefront is then included in the jar

Let’s look at the Dockerfile.

The react-app is an extension of create-react-app. From within the react-app directory we run AtSea’s frontend in local development mode.

The first stage of the build uses a Node base image to create a production-ready frontend build directory consisting of static javascript and css files. A Docker best practice is named stages, e.g. FROM Continue reading

Unix’s mysterious && and ||

The Unix shell’s && and || operators provide some very useful functionality, but they can be a bit mysterious, especially considering the number of options for how they are used.The most common use of these Boolean operators is in the construction of multi-conditional tests—when you want two or more conditions to be true (or any in a set of operators to be true) before some command is run. The && serves as a logical AND (requiring all conditions to be true) operation, while the || provides a logical OR (requiring only one to be true).Combining tests In the script below, we’re using && to combine two very simple conditions. We won’t get output unless both conditions are true. This particular script runs through the tests twice, but only to demonstrate the two “flavors” of the brackets that can be used. Note that && doesn’t work inside square brackets unless they’re doubled.To read this article in full or to leave a comment, please click here

1 1,771 1,772 1,773 1,774 1,775 3,616