Recently, Google officially launched Android 9 Pie, which includes a slew of new features around digital well-being, security, and privacy. If you’ve poked around the network settings on your phone while on the beta or after updating, you may have noticed a new Private DNS Mode now supported by Android.
This new feature simplifies the process of configuring a custom secure DNS resolver on Android, meaning parties between your device and the websites you visit won’t be able to snoop on your DNS queries because they’ll be encrypted. The protocol behind this, TLS, is also responsible for the green lock icon you see in your address bar when visiting websites over HTTPS. The same technology is useful for encrypting DNS queries, ensuring they cannot be tampered with and are unintelligible to ISPs, mobile carriers, and any others in the network path between you and your DNS resolver. These new security protocols are called DNS over HTTPS, and DNS over TLS.
Android Pie only supports DNS over TLS. To enable this on your device:
Continue reading
This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.
Tom Limoncelli published a must-read article in ACM Queue describing GitOps – the idea of using Pull Requests together with CI/CD pipeline to give your users the ability to request changes to infrastructure configuration.
Using GitOps in networking is nothing new – Leslie Carr talked about this concept almost three years ago @ RIPE 71, and I described some of the workflows you could use in Network Automation 101 webinar.
Read more ...Security is often an afterthought, but DevOps engineers should make it a priority by taking these factors into consideration.
Working with the Cumulus Professional Services team, we get the privilege of seeing how many folks use and operationalize Cumulus Linux. Over time, we’ve learned many lessons and best practices that can benefit others who are getting started on the journey. It’s for that reason that we’re putting virtual pen to virtual paper and writing this post. This article is the first in a series of two that will discuss how to use Zero Touch Provisioning (ZTP) and automation tools together for maximum efficiency in your initial provisioning. This post is going to focus on ZTP while the next will focus on automation tooling.
Let’s recap — what comes configured with Cumulus out of the box?
You’ll notice here that we’ve said nothing about interface configuration. Like all network switches and routers we start with a pretty blank slate from an interface configuration perspective. We leverage ZTP to give us some initial configuration for the node to use Continue reading
The company’s service provider business was up 6 percent year over year. But 5G isn’t the reason for the turnaround.
While IoT malware made its top-three debut in July, cryptomining malware remained the top two offenders, according to the monthly report.
Since leaving beta three weeks ago, Cloudflare Access has become our fastest-growing subscription service. Every day, more teams are using Access to leave their VPN behind and connect to applications quickly and securely from anywhere in the world.
We’ve heard from a number of teams about how they’re using Access. Each team has unique needs to consider as they move away from a VPN and to a zero trust model. In a zero trust framework, each request has to prove that a given application should trust its attempt to reach a secure tool. In this post, we’re highlighting some of the solutions that groups are using to transition to Cloudflare Access.
Cloudflare Access integrates with popular identity providers (IdPs) so that your team can reach internal applications without adding more credentials. However, teams rarely work in isolation. They frequently rely on external partners who also need to reach shared tools.
How to grant and manage permissions with external partners poses a security risk. Just because you are working with a third-party doesn’t mean they should have credentials to your IdP. They typically need access to a handful of tools, not all of your internal Continue reading
Since 2003 we’ve been helping IT professionals reach their career goals with help from top notch instructors and training materials. One of our most popular training resources – INE Bootcamps, continue to wow students and are a major step in the journey towards earning your certification. Thinking about signing up but aren’t sure what to expect? Take it from our current students, participating in an INE Bootcamp is the best way to ensure you’ll succeed in passing your certification exams.
I would arguably say that Keith is the best CCNA instructor in the nation. The interaction in this class is key. Listening to a lesson doesn’t ensure comprehension, so Keith offered periodic quizzes; not only did this make the course increasingly interactive but also verified your understanding of the technologies discussed.
I very much look forward to going to the CCNP bootcamps. Thank you again Keith and staff for making my learning experience a great one!
Thomas Osborne – CCNA
The instructor Keith is very knowledgeable, patient, and polite. He covered everything possible with the amount of time we had. I also like the format of having to take routing and switching separately.
Continue reading