Automation Workflow Patterns
Workflows vary from seriously simple to notoriously complex and as humans, we might not even consciously observe the subtleties of what a workflow comprises of. Workflows are the source of control semantics and comprise of many elements, some obvious some not so. This post is a primer to help you think about the kind of workflows you encounter drawn from my experiences. This post offers a view with conviction backed by experience.
To set the tone, workflows have logical flow, temporal behaviour, consume and transmit data, for processing triggers, acting on decision points and returning states. Since the 1970s, I believe we haven’t actually come that far from a workflow orchestration standpoint. Atomic units of code exist that do one thing well, a real win for the 1970s and good automation systems understand how to instantiate, feed these atomic blobs of logic data and grab their exit state and content. On a *nix system, it’s possible to use bash to create a single chain of tasks using the | operator. One blob of logic effectively feeds it’s output to the next blob of logic. Who needs an orchestrator? It’s sensible to include detection logic within each blob of code to Continue reading
Heavy Networking 454: Analyzing Encrypted Traffic In The TLS 1.3 Era With ExtraHop (Sponsored)
Today's Heavy Networking examines packet analysis with sponsor ExtraHop. We drill into the company's marketing claims about deep analysis at line rate with Mike Ernst, VP of Sales Engineering. We also tackle how ExtraHop handles encrypted traffic, incuding TLS 1.3 and Perfect Forward Secrecy. Mike promises to keep his inner salesperson on mute for this conversation.
The post Heavy Networking 454: Analyzing Encrypted Traffic In The TLS 1.3 Era With ExtraHop (Sponsored) appeared first on Packet Pushers.
Weekend Reads 060619
On the one hand, testing is all too often the roadblock that stands between highly accelerated Dev processes and highly automated ops-driven delivery processes. But on the other hand, testing is essential for ensuring that the release doesn’t place the business at risk — undermining the very “customer experience” Continue reading
Microsoft Nips Amazon in Cloud Revenues, IHS Report Finds
That victory came on the back of its applications business, which generated $8.5 billion in...
Copyright 2019 SDxCentral, LLC; For non-commercial use
SDxCentral Weekly Wrap: Nutanix’s Sunil Potti Leaves for Google Amid Revenue Miss
SDxCentral Weekly Wrap for June 7, 2019: Nutanix is the latest to lose an exec to Google; BT taps...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Home on the Palo Alto Networks Cyber Range
You’ve probably heard many horror stories by now about the crazy interviews that companies in Silicon Valley put you though. Sure, some of the questions are downright silly. How would I know how to weigh the moon? But the most insidious are the ones designed to look like skills tests. You may have to spend an hour optimizing a bubble sort or writing some crazy code that honestly won’t have much impact on the outcome of what you’ll be doing for the company.
Practical skills tests have always been the joy and the bane of people the world over. Many disciplines require you to have a practical examination before you can be certified. Doctors are one. The Cisco CCIE is probably the most well-known in IT. But what is the test really quizzing you on? Most people will admit that the CCIE is an imperfect representation of a network at best. It’s a test designed to get people to think about networks in different ways. But what about other disciplines? What about the ones where time is even more of the essence than it was in CCIE lab?
Red Team Go!
I was at Palo Alto Networks Ignite19 this past Continue reading
Hong Kong Chapter: Why Aren’t There More Women in Tech?
The tech industry in Hong Kong and across the world remains male dominated. Why aren’t there more women and what can be done to fix this?
To mark International Girls in ICT Day, which aims to encourage girls and young women to work in information and communications technology, the Internet Society Hong Kong Chapter organized an event to tackle these questions. Ladies X Tech X Gents: How Are the Three Compatible? brought together four successful developers to lead the dialogue:
- Ivy Luk, Sales Engineer at Clare.AI (an Artificial Intelligence digital assistant solutions provider)
- Emma Wong, Organiser of Google Developer Group and Women Techmakers Hong Kong
- May Yeung, Director of Internet Society Hong Kong Chapter
- Rick Mak, Co-Founder of Oursky (a web and mobile application development company)
Why are there so few women in the tech industry?
A common observation among the speakers was the high dropout rate of women developers in the tech industry – amid the already low women to men ratio. The speakers noted that it drops from roughly 3:7 at school to 1:10 at work.
One of the main reasons women leave the tech industry is the gender stereotype that it is a masculine profession. Continue reading
Where to find quality network engineers?
Probably you aren’t good enough
The post Where to find quality network engineers? appeared first on EtherealMind.
As Expected: Where Have All the SDN Controllers Gone?
Roy Chua (SDx Central) published a blog post titled “Where Have All the SDN Controllers Gone” a while ago describing the gradual disappearance of SDN controller hype.
No surprise there - some of us were pointing out the gap between marketing and reality years ago.
It was evident to anyone familiar with how networking actually works that in a generic environment the drawbacks of orthodox centralized control plane SDN approach far outweigh its benefits. There are special use cases like intelligent patch panels where a centralized control plane makes sense.
Read more ...Arista Fills Out Its Cognitive Enterprise Portfolio
The new PoE switch and WiFi access point bolster its software-led equipment products as it battles...
Copyright 2019 SDxCentral, LLC; For non-commercial use
Community Week: Share Ideas to Help Make the Internet Stronger
The role people play in our community is vital for an open and trustworthy Internet for everyone. We know that without the knowledge, experience, and contributions of our members the Internet Society wouldn’t be complete.
Chapters Leaders Training in Latin America and the Caribbean
The Chapters of the Latin American and Caribbean (LAC) region have come together to implement a training program that allows members to work with their local Chapter, contributing to the four focus areas of the Internet Society’s Action Plan 2019. The first LAC Capacity Building Program for Chapters was successfully launched last week, with the participation of 182 people out of almost 1000 applicants.
This initiative started at the beginning of the year as a result of a working session held with LAC Chapters leaders. During the session, it was determined that capacity building was an important leverage point for Chapter development and it would be a tool to achieve the Chapters’ local goals during 2019. In the process, three important phases were defined for the program:
- Capacity Building: Training in our different focus areas
- Community engagement: Allocation of trained members in Chapters to support local initiatives
- 2020-2025 Planning: LAC Chapters Workshop to define LAC Community Continue reading
Happy Birthday BGP
The first RFC describing BGP, RFC 1105, was published in June 1989, thirty years ago. That makes BGP a venerable protocol in the internet context and considering that it holds the Internet together it's still a central piece of the Internet's infrastructure. How has this critically important routing protocol fared over these thirty years and what are its future prospects? It BGP approaching its dotage or will it be a feature of the Internet for decades to come?On the 7th World IPv6 Launchiversary, How About Listening to a Podcast About IPv6?
On this 7th “launchiversary” of World IPv6 Launch, I thought I’d share a way I’ve enjoyed learning more about IPv6 over the past year. I like listening to podcasts while I’m running or driving, and a show that’s in my playlist is “IPv6 Buzz” where IPv6 veterans Ed Horley, Scott Hogg, and Tom Coffeen “dive into the 128-bit address space wormhole.“
Anyone working with IPv6 for any amount of time, and particularly IPv6 advocacy, has probably read or heard something from Ed, Scott, or Tom. They’ve been explaining and promoting IPv6 for a long time in their own individual endeavors.
This podcast, which launched one year ago today, brings the three of them together with a wide range of guests from across the industry. Even with all my own years of IPv6 activity, I’ve learned a great amount about IPv6 security, recent drivers of deployment (including state task forces), tools and suggestions for promoting IPv6 growth. They dove deeply into IPv6 inside the IETF with Fred Baker, talked about going IPv6-only with Veronika McKillop of Microsoft, got into Happy Eyeballs with Dan Wing, and most recently explored enterprise IPv6 issues with Enno Rey.
Part Continue reading
NSX-T Infrastructure Deployment Using Ansible
VMware NSX-T Data Center 2.4 was a major release adding new functionality for virtualized network and security for public, private and hybrid clouds. The release includes a rich set of features including IPv6 support, context-aware firewall, network introspection features, a new intent-based networking user interface and many more.
Along with these features, another important infrastructure change is the ability to deploy highly-available clustered management and control plane.
What is the Highly-Available Cluster?
The highly-avilable cluster consists of three NSX nodes where each node contains the management plane and control plane services. The three nodes form a cluster to give a highly-available management plane and control plane. It provides application programming interface (API) and graphical user interface (GUI) for clients. It can be accessed from any of the manager or a single VIP associated with the cluster. The VIP can be provided by NSX or can be created using an external Load Balancer. It makes operations easier with less systems to monitor, maintain and upgrade.
Besides a NSX cluster, you will have to create Transport Zones, Host and Edge Transport Nodes to consume NSX-T Data Center.
- A Transport Zone defines the scope of hosts and virtual machines (VMs) for participation Continue reading