AWS security issues show up in tech news fairly often. Today, we talk with someone who wrote about AWS services other than S3 that were found exposed to the public. Could that be some of your services?

Could be. The numbers are pretty impressive. Stay tuned, and find out how to determine whether or not your EBS snapshots, RDS snapshots, AMIs, or ElasticSearch clusters are accidentally public.

Our guest is Scott Piper, an AWS security consultant for Summit Route. You can follow him on Twitter at @0xdabbad00.

We start by exploring the types of AWS resources that can be unintentionally exposed to the public Internet, how to find them, and how to lock them down.

Then we talk about general practices such as vulnerability scanning, how to minimize human error when configuring AWS services, and drill into options such as CloudMapper and Security Monkey, open-source tools to help administrators find and control AWS resources.

Show Links:

Scott Piper on Twitter

Scott Piper’s blog – Duo.com

Scott Piper on GitHub – GitHub

Beyond S3: Exposed Resources on AWS – Duo.com

flAWS Challenge

CloudMapper – GitHub

CloudTracker – GitHub

Netflix Security Monkey – GitHub

Datanauts 086: AWS Identity & Access Continue reading

Take a Network Break! Cisco Live US 2018 took place last week, so we spend a some time covering show news, overall impressions, and a touch of tea-leaf reading.

In non-Cisco news, VMware has a new lower-cost pricing tier to encourage customers to try VMware on AWS, LiveAction acquires packet capture/network monitoring vendor Savvius for an undisclosed amount, and orchestration vendor Gluware can now upgrade OSs for seven different vendors.

Metaswitch joins the OpenSwitch project, ONAP announces the Beijing release of its network automation package, and Comcast has deactivated its “congestion management system” (aka throttling).

Speaking of Comcast, the ISP has made a $65 billion bid for 21st Century Fox. In other provider news, AT&T gets the greenlight to merge with Time Warner. And last but not least, Cisco has joined an investment round in the startup Avi Networks, which makes software load balancers and service meshes.

Get links to all these stories after our sponsor messages.

Sponsor: ThousandEyes

ThousandEyes gives you performance visibility from every user to every app over any network, both internal and external, so you can smoothly migrate to the cloud, transform your WAN, troubleshoot faster and deliver exceptional user experiences. Sign up for a free Continue reading

You are a problem…maybe the biggest problem of all. No? The crashing router code is the biggest problem? The leaking memory in the switch?

The app needs layer 2 stretched between data centers–what problem could be worse than that?

Today on the show, we re here to argue that, no…it s you. And me. And everyone else you work with.

With us today to defend the idea that technology problems are really people problems is Eyvonne Sharp, network architect and co-founder of The Network Collective.

We talk about how people and processes can contribute more to a problem than a technology. We also talk about three different organizational culture types (Pathological, Bureaucratic, and Generative), how to evaluate your own organization, and Eyvonne recommends a few books on team building and culture development.

Show Links:

Eyvonne Sharp on Twitter

The Network Collective

Using the Westrum typology to measure culture – Andy Kelk

Forget about broad-based pay hikes, executives say – Axios

The Undoing Project – Michael Lewis

The Five Dysfunctions of a Team: A Leadership Fable – Patrick M. Lencioni

Team of Teams: New Rules of Engagement for a Complex World – General Stanley McChrystal

Today on the Datanauts podcast, we review the state of Ethernet fabrics in 2018.

Between 2010 and 2012, before SDN became the new marketing hotness, it seemed like vendors were churning out Ethernet fabric products for the data center. Everyone had at least one fabric, and some had two or three.

As time has marched on, many of those Ethernet fabrics have dropped off the map. To catch us up and review what Ethernet fabric means today is Stefan Fouant. Stefan is the Chief Architect at Copper River Technologies, a Juniper Ambassador, a quadruple JNCIE, and author of the book Day One: Junos Fusion Data Center Up and Running.

We look at the status of Ethernet fabric protocols such as TRILL and SPB. We also dig into BGP EVPN, the latest hot fabric.

We also discuss the characteristics of a fabric, look at reasons why a fabric might make sense in your data center, and explore inter-fabric connectivity.

Show Links:

Day One: Junos Fusion Data Center Up and Running – Stefan Fouant

Shortest Path First – Stefan Fouant’s blog

Stefan Fouant on Twitter

Transparent Interconnection of Lots of Links (TRILL) – IETF

Shortest Path Bridging (SPB) – Wikipedia

BGP MPLS-Based Continue reading

Take a Network Break! Its the virtual stroopwafel edition this week. Drew is on annual leave and travelling to Amsterdam, don t panic he will be back next week with bags of virtual stroopwaffel s. Mike Fratto is c-hosting to keep the show flowing. 

Microsoft buys a bunch of new developer friends, Arista get some P4 & Tofino, Micron is embroiled in US-China politics to balance ZTE, Huawei is No2 Enterprise networking vendor, Fortinet buys Bradford Networks and more.

Sponsor: InterOptic

InterOptic offers high-performance, high-quality optics at a fraction of the cost. If you’re not doing optics correctly, you’re going to pay for it upfront (and then later too). Don’t be fooled by lesser optics. The difference between generic third-party and brand-equivalent optics matters.

Show Links

Microsoft Buys GitHub for $7.5 Billion Andreessen Horowitz

So Pigs Do Fly: Microsoft Acquires GitHub– Redmonk

Arista Announces New Multi-function Platform for Cloud Networking – Arista

Link: Micron Says It s Being Investigated by Chinese Regulatory Agents – Yahoo

Link: Trump strikes deal with Chinese telecom company ZTE amid trade talks – Axios – 

Link: Cloud computing sticker shock is now a monthly occurrence at many companies | ZDNet – 

Link: Continue reading

Juniper Appformix is a telemetry platform thats multi-vendor, cross layer, built-in machine learning and
with fancy visualisation. Its designed simplify operations and closed-loop automation.  In the era of multi-cloud, we need tools that run on-prem or in cloud and support OpenStack, K8s, VMware, Azure, Google, Amazon networks with integration into virtual machines, containers, overlay networks and physical devices.

The ability to draw data from a wide range of sources creates data flood that can overwhelm you. Appformix has machine learning and a range of automation functions to simplify and organise this diverse data flood. The increasing complexity of networks as the the edge of the network expands in multiple dimensions – on and off premises, virtual edge, overlay networks as well the physical devices must all operate in cahoots.

Appformix is automating this operational load so you aren’t getting calls at 2am. Thats a very fine thing.

Sumeet Singh, VP/GM for Juniper AppFormix, kicks off the discussion with a quick intro to Appformix, we cover the key features and the approach of the product before we move into use cases and what customers are using today. Surprisingly, this includes WAN operations in addition to DC/Cloud.

• Start Here: Use cases on network automation and Continue reading