Archive

Category Archives for "Networking"

Cisco makes SD-WAN integration a top priority

Software and programmable intelligent networks were hot topics at Cisco Live last week, and one of the key components of that discussion was the direction of the company’s SD-WAN strategy.Central to that dialog is how Cisco plans to use and integrate the SD-WAN technology it acquired last year when it bought Viptela for $610 million.   For the moment Cisco says Viptela has brought with it interest to the tune of about 800 new customers in recent months.To read this article in full, please click here

Microsoft adds resiliency, redundancy, security to Windows Server 2019

With Windows Server 2019, Microsoft is adding resiliency and redundancy enhancements to the Shielded Virtual Machines security controls it introduced with Windows Server 2016.Shielded VMs originally provided a way to protect virtual machine assets by isolating them from the hypervisor infrastructure and could also help prove to auditors that systems were adequately isolated and controlled. Now Shielded VM enhancements in Window Server 2019 provide real-time failback configurations and host- and policy-based security improvements.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] Host key attestation Under Windows Server 2016, key authentication was based on trusted platform module (TPM) cryptoprocessors and Microsoft Active Directory authentication. Both of these are great solutions but were limited when it comes to extensibility and redundancy.To read this article in full, please click here(Insider Story)

Cisco makes SD-WAN integration a top priority

Software and programmable intelligent networks were hot topics at Cisco Live last week, and one of the key components of that discussion was the direction of the company’s SD-WAN strategy.Central to that dialog is how Cisco plans to use and integrate the SD-WAN technology it acquired last year when it bought Viptela for $610 million. For the moment, Cisco says Viptela has brought with it interest to the tune of about 800 new customers in recent months.To read this article in full, please click here

Cisco makes SD-WAN integration a top priority

Software and programmable intelligent networks were hot topics at Cisco Live last week, and one of the key components of that discussion was the direction of the company’s SD-WAN strategy.Central to that dialog is how Cisco plans to use and integrate the SD-WAN technology it acquired last year when it bought Viptela for $610 million. For the moment, Cisco says Viptela has brought with it interest to the tune of about 800 new customers in recent months.To read this article in full, please click here

Vertical Integration Musings

One of my readers asked me a question that came up in his business strategy class:

Why did routers and switches end up being vertically integrated (the same person makes the hardware and the software)? Why didn't they go down the same horizontal path as compute (with Intel making chips, OEMs making systems and Microsoft providing the OS)? Why did this resemble the pre-Intel model of IBM, DEC, Sun…?

Simple answer: because nobody was interested in disaggregating them.

Read more ...

SEE 7: Connectivity, Routing Security & IoT

The 7th RIPE South-East Europe (SEE 7) meeting is being held on 18-19 June 2018 in Timisoara, Romania, and is focusing on several of the subjects of interest to the Internet Society. It’s also being chaired by our colleague Jan Žorž, whilst I’ll be talking about IoT Security and the OTA IoT Trust Framework.

In Monday, there are talks on BGP monitoring from Paolo Lucente (pmacct), and from Krzysztof Grzegorz Szarkowicz (Juniper Networks) on improvements to routing protocols to suit the centralised data centre-based architectures that are becoming more prevalent on the Internet, and which are the subject of an Internet Draft. Zoran Perovic (SOX) will also talk about paradigm shifts in the implementation of Internet Exchange Points.

On Tuesday, there will be a discussion led by Goran Slavic (SOX) on implementing MANRS in an IXP, which is very relevant to the current MANRS initiative which is increasingly being adopted by IXPs. Our colleague Jan will then be presenting about RIPE-690 which provides recommendations for IPv6 address prefix assignments for end-users. Preceding this, will be an update on IPv6 adoption in the SEE region from Massimiliano Stucchi (RIPE NCC).

Some other highlights are the talk on Quad9DNS by Nishal Goburdhan (PCH) that’s supporting Continue reading

Don’t Rely on Long Support Lifecycles

I hate long support lifecycles for hardware and software. Yes, you should be able to buy a new iPhone or switch and use it for 3+ years. But some people want 10+yrs of support, and wail and moan when vendors end support. This is wrong. It drives up costs & complexity, and makes your systems less robust, not more. It’s a false sense of security. Plan to buy smaller & cheaper, and upgrade frequently.

Why Vendors Don’t Like Them

Vendors don’t want to do long support lifecycles. They will do them, because people pay for it, but there comes a point where they put a line in the sand. “Sorry, that system is now EoL.”

Why?

  • Costs: Testing software and hardware combinations is hard work. Add many years of released hardware & software combinations, and it gets much harder. More racks of gear & more permutations == more costs.

  • Complexity: It’s hard enough to test against a small set. But now you have to deal with obscure systems acquired from a third party 7 years ago? Complexity == time and money.

  • Motivation: Hands up who wants to work on legacy systems? Exactly. It’s hard to motivate engineers to support Continue reading

Ubuntu image for EVE-NG – Python for network engineers

Lately I’ve started working more and more with EVE-NG to test various network scenarios, automation and in general to try and learn something everyday. If you’re familiar with EVE-NG, you know where to find various Linux images which you can download and install . Very helpful indeed, however all of them are coming without any … Continue reading Ubuntu image for EVE-NG – Python for network engineers

Salt SSH Getting Started

Salt SSH allows you to execute commands and apply state to minions without having to install a salt-minion. The only requirement is for the minion to have python installed unless using the -r option to execute raw commands. For reference the following software will be used in this post. ...

Weekend Reads 061518: A 51% attack materializes

In recent days the nightmare scenario for any cryptocurrency is playing out for Bitcoin Gold, as an attacker has taken control of its blockchain and proceeded to defraud cryptocurrency exchanges. All the Bitcoin Gold in circulation is valued at $786 million, according to data provider Coinmarketcap. Blockchains are designed to be decentralized but when an individual or group acting in concert controls the majority of a blockchain’s processing power, they can tamper with transactions and pave the way for fraud. This is known as a 51% attack.—Joon Ian Wong @Quartz

We have also discovered a new stage 3 module that injects malicious content into web traffic as it passes through a network device. At the time of our initial posting, we did not have all of the information regarding the suspected stage 3 modules. The new module allows the actor to deliver exploits to endpoints via a man-in-the-middle capability (e.g. they can intercept network traffic and inject malicious code into it without the user’s knowledge). With this new finding, we can confirm that the threat goes beyond what the actor could do on the network device itself, and extends the threat into the networks that a compromised network Continue reading

1 1,232 1,233 1,234 1,235 1,236 3,348