The battle for the wireless networking crown is heating up

The IT world has been buzzing recently with partnerships and acquisitions on the wireless networking front. HP announced its decision to acquire Aruba Networks and will reportedly focus its efforts on new software that allows customers to manage entire networks with a single app. We also learned about the newly formed partnership between Juniper Networks and Ruckus Wireless, demonstrating Juniper's continued effort to become a real player in the wireless space. All interesting revelations, but will these changes pose a real threat to Cisco, the reigning networking champ?To read this article in full or to leave a comment, please click here

CyberUL is a dumb idea

Peiter “mudge” Zatko is leaving Google, asked by the White House to create a sort of a cyber “Underwriter Laboratories” (UL) for the government. UL is the organization that certifies electrical devices, so that they don’t short out and zap you to death. But here’s the thing: a CyberUL is a dumb idea. It’s the Vogon approach to the problem. It imagines that security comes from a moral weakness that could be solved by getting “serious” about the problem.

It’s not the hacking problem

According to data-breach reports, 95% of all attacks are simple things, like phishing, SQL injection, and bad passwords – nothing related to software quality. The other 5% is because victims are using old, unpatched software. When exploits are used, it’s overwhelmingly for software that has remained unpatched for a year.

In other words, CyberUL addresses less than 0.1% of real-world attacks.

It’s not the same quality problem

UL is about accidental failures in electronics. CyberUL would be about intentional attacks against software. These are unrelated issues. Stopping accidental failures is a solved problem in many fields. Stopping attacks is something nobody has solved in any field.

In other words, the UL model of accidents is Continue reading

Preparing for the CCIE Wireless v3 Diagnostic Section

I had the pleasure of attending the CCIE Wireless tectorial at Cisco Live in San Diego this year. One of the topics discussed was the new diagnostic section of the lab. Jerome Henry gave us insights into what the section would look like as well as some examples of the types of things that we can expect in the section. I wanted to pass on some of that information along with a few insights about how you should prepare for this section since it’s quite different than what we’ve seen before in the lab.

What is the Diagnostic section?

Starting in v3 of the wireless lab, each lab will begin with a 1-hour diagnostic section. This section has no configuration task associated with it. Instead, you will be playing the role of TAC, or a senior level engineer. Your job is to look at information gathered from a client by a first-level engineer and analyze it so that you can answer questions related to troubleshooting an issue.

It sounds like you can expect maybe 3-4 separate troubleshooting scenarios with approximately 10 questions to answer across those 3-4 scenarios. So that means there will probably be 2-4 questions per scenario. All Continue reading

16 facts about our slowly mutating energy consumption

Electricity consumption has slowed while the use of natural gas, wind, and solar have become larger portions-- with coal and nuclear becoming less -- of the nation's electricity generation between 2001-2013.That was one observation of an interesting  report issued by the Government Accountability Office this week that looked at the changing ways in which the US generates and uses electricity.+More on Network World: World’s hot alternative energy projects+To read this article in full or to leave a comment, please click here

Surveillance court extends NSA’s phone records collection

A U.S. surveillance court has extended a controversial telephone records dragnet while the National Security Agency works to wind down the program on orders from Congress.Congress voted in June to rein in the NSA’s mass collection of U.S. telephone records, but the USA Freedom Act allowed for a six-month transition away from the program. On Monday, the Foreign Intelligence Surveillance Court approved an FBI application to continue the records collection program until December.To read this article in full or to leave a comment, please click here

Surveillance court extends NSA’s phone records collection

A U.S. surveillance court has extended a controversial telephone records dragnet while the National Security Agency works to wind down the program on orders from Congress.Congress voted in June to rein in the NSA’s mass collection of U.S. telephone records, but the USA Freedom Act allowed for a six-month transition away from the program. On Monday, the Foreign Intelligence Surveillance Court approved an FBI application to continue the records collection program until December.To read this article in full or to leave a comment, please click here

HP enterprise chief Bill Veghte to depart before company split

The head of Hewlett-Packard’s enterprise division will leave the company ahead of HP’s planned split later this year.Bill Veghte, a former Microsoft executive who joined HP five years ago, will leave the company later this summer to “pursue a new opportunity,” HP said in a statement on Tuesday. It’s not clear what he’ll do next and Veghte couldn’t be reached for comment.Veghte is executive vice president of the HP Enterprise Group, a $28 billion division that sells the company’s servers, network and storage gear. He’s been leading the effort to separate the group into a new company.To read this article in full or to leave a comment, please click here

Apple loses e-book antitrust appeal

An appeals court ruled against Apple’s challenge of a lower court’s decision which found the company liable for illegally conspiring with ebook publishers to jack up prices.A 3-judge panel from the U.S. Court of Appeals for the Second Circuit voted 2 to 1 against Apple. Writing for the majority, Judge Debra Ann Livingston said that Apple illegally orchestrated a conspiracy between book publishers, upholding a district court ruling from 2013. The lawsuit was filed by the U.S. Department of Justice.Additionally, she said that the injunction imposed by District Court Judge Denise Cote was appropriate and left it in place. It’s the latest strike against Apple in this long-running case, which stems from agreements the company set up with publishers around the launch of its online ebook marketplace.To read this article in full or to leave a comment, please click here

Failing to the Cloud – and Back!

I attended Virtualization Field Day 5 last week! The usual Field Day disclaimers apply.

This network guy found himself way outside his comfort zone at a Virtualization event, but I had a fantastic time, and I learned a lot.

One of the things that really struck me was just how much virtualization platforms depend on mucking around with block storage in use by VMs. Half or more of the presentations hinged on it. Frankly, this notion terrifies the UNIX admin in me. I realize that we're not talking about UFS filesystems on SunOS4, but it seems those fragile old systems have really imprinted on me!

One of the VFD presenters was OneCloud Software, which presented a DR-via-Public-Cloud offering. The following bullets describing their solution came from here:

  • Auto discovers your on-premise assets; data and applications
  • Provides you with a simple policy engine to set RPO and RTO
  • Automatically provisions a fully functioning virtual data center in the cloud that mirrors your on-premise data center
  • Optimizes the economics of your data center in the cloud by eliminating unneeded compute costs and using the most cost-effective storage
  • Executes on-going data replication to keep the virtual data center in sync with the Continue reading

Robot apocalypse unlikely, but researchers need to understand AI risks

Recent concerns from tech luminaries about a robot apocalypse may be overblown, but artificial intelligence researchers need to start thinking about security measures as they build ever more intelligent machines, according to a group of AI experts.The fields of AI and robotics can bring huge potential benefits to the human race, but many AI researchers don’t spend a lot of time thinking about the societal implications of super intelligent machines, Ronald Arkin, an associate dean in the Georgia Tech College of Computing, said Tuesday during a debate on the future of AI.“Not all our colleagues are concerned with safety,” Arkin said during the debate, which was hosted by the Information Technology and Innovation Foundation (ITIF) in Washington, D.C. “You cannot leave this up to the AI researchers. You cannot leave this up to the roboticists. We are an arrogant crew, and we think we know what’s best.”To read this article in full or to leave a comment, please click here

A Fix for Ubuntu Apparently Caching Network Configuration

I’ve been wrestling with an Ubuntu network configuration issue over the last couple of weeks (off and on between working on other projects), and today I finally found a fix for the problem. The issue was that Ubuntu wouldn’t pick up changes to network interfaces. The fix is so simple I’m almost embarrassed to talk about it (it seems like something that I should have known), but I’m posting it here in case others run into the same issue.

Here’s a bit more context: I was switching some of the network interfaces in my Ubuntu 14.04.2 servers from a “standard” network configuration to using VLAN interfaces (after all, it seemed like such a shame to not more fully utilize the 10GbE and 40GbE interfaces in these servers). Before the reconfiguration, the servers had a network interface configuration file (located in /etc/network/interfaces.d and sourced in /etc/network/interfaces) that looked something like this:

auto p55p1
iface p55p1 inet static
address 172.16.3.201
netmask 255.255.255.0

This interface was connected to a port on a Cumulus Linux-powered Dell S6000-ON that was configured as an access port on a particular VLAN. Everything seemed to work just Continue reading

Testing Open Networking

Over the last couple of weeks, the networking industry has made some significant steps in the right direction, the open networking direction. At the Open Networking Summit (ONS), we heard some great news about the disaggregated network and how open networking is now everywhere from hyperscale to the enterprise to startups to telcos. As exciting as that is, that’s not the news I’m referring to — I’m referring to the announcement of the Open Networking Testing Consortium.

To illustrate why this is big news, I’ll give some background on how open networking has been operating for most people. Up until a few years ago, the way you purchased a bare metal switch was through select APAC sources and a wire transfer. A few weeks later, you’d receive your equipment and it was then up to you, the end user, to perform interoperability testing with your cables and optics manufacturers while on the phone with support, along with bootstrapping your OS to these boxes. Eventually you had both a CapEx and OpEx saving solution that you controlled from end to end.

One the first bare metal switches, Google Pluto
One the first bare metal switches, Google Pluto

Luckily for most of you, that experience has now been refined significantly Continue reading

Amazon releases open source cryptographic module

Potentially saving the world from another online security disaster like last year’s Heartbleed, Amazon Web Services has released as open source a cryptographic module for securing sensitive data passing over the Internet.The software, s2n, is a new implementation of Transport Layer Security (TLS), a protocol for encrypting data. TLS is the successor of SSL (Secure Sockets Layer), both of which AWS uses to secure most of its services.The AWS engineers who designed s2n, short for signal-to-noise, reduced the amount of code needed to implement TLS, with the hopes of making it easier to spot potential security vulnerabilities.To read this article in full or to leave a comment, please click here

CCIE RSv5 Lab Cram Session & New CCIE RSv5 Mock Labs Now Available

INE CCIE RSv5 Lab Cram Session is now available for viewing in our All Access Pass Library. This course includes over 35 hours of new content for CCIE Routing & Switching Version 5, including both technology review sessions as well as a step-by-step walkthrough of two new CCIE RSv5 Mock Lab Exams. These new Mock Labs are available here as part of INE’s CCIE RSv5 Workbook.

This class is designed as a last minute review of technologies and strategy before taking the actual CCIE RSv5 Lab Exam. Each of the two Mock Labs covered in class are subdivided into three sections – just like the actual exam – Troubleshooting, Diagnostics, and Configuration.

Rack rentals are available for these mock labs here. Technical discussion of the labs is through our Online Community, IEOC.

Happy Labbing!

Cisco plans to buy security-as-a-service provider OpenDNS

Cisco Systems plans to pay $635 million in cash to buy OpenDNS, a company that leverages the Domain Name System (DNS) to provide security services including Web filtering, threat intelligence and malware and phishing protection.The DNS is a core Internet protocol. It’s used to translate Web addresses that are easy for people to remember, like website names, into numerical IP (Internet Protocol) addresses that computers need to communicate with each other.OpenDNS customers configure their computers or networks to use the company’s DNS resolution servers instead of the ones provided by their ISPs and this allows OpenDNS to provide additional services.To read this article in full or to leave a comment, please click here