What Makes a Security Company?
When you think of a “security” company, what comes to mind? Is it a software house making leaps in technology to save us from DDoS attacks or malicious actors? Maybe it’s a company that makes firewalls or intrusion detection systems that stand guard to keep the bad people out of places they aren’t supposed to be. Or maybe it’s something else entirely.
Tradition Since Twenty Minutes Ago
What comes to mind when you think of a traditional security company? What kinds of technology do they make? Maybe it’s a firewall. Maybe it’s an anti-virus program. Or maybe it’s something else that you’ve never thought of.
Is a lock company like Schlage a security company? Perhaps they aren’t a “traditional” IT security company but you can guarantee that you’ve seen their products protecting data centers and IDF closets. What about a Halon system manufacturer? They may not be a first thought for security, but you can believe that a fire in your data center is going cause security issues. Also, I remember that I learned more about Halon and wet/dry pipe fire sprinkler systems from my CISSP study than anywhere else.
The problem with classifying security companies as “traditional” or “non-traditional” Continue reading
The Week in Internet News: Artificial Intelligence Will Affect Every Job
AI and your job: Artificial Intelligence will affect 100 percent of the jobs out there, IBM CEO Ginni Rometty predicted, as noted at ZDNet.com. Everyone will have to change the way they work, she said. IBM’s work with its Watson AI system “starts with a fundamental belief that it’s going to change 100 percent of jobs, 100 percent of industries, and 100 percent of professions,” she added.
AI and your vote: Meanwhile, AI is creating new threats to election security, says CBS News. AI will help hackers better design attacks against voting systems, some security experts said. Automated bots can also be used to help hackers guess passwords, they said.
Big money for AI: Before we leave AI as a topic, the Massachusetts Institute of Technology has announced it will spend US$1 billion on a new college of computing with an AI focus, Fortune reports. The new college will serve as an interdisciplinary hub for data and computer science-related work.
Call it a comeback: BlackBerry, the down-on-its-luck smartphone maker, plans to reinvent itself as a secure Internet of Things hub, FT.com reports. Building on its past reputation as a maker of secure phones, BlackBerry wants to become a Continue reading
Juniper Nxtwork 2018 – Recap
The other week I had the privilege of attending Juniper Nxtwork 2018 in Las Vegas, NV. I have attended the …
The post Juniper Nxtwork 2018 – Recap appeared first on Fryguy's Blog.
Cloudflare Peering Portal – Beta
It can be a big deal for Internet users when Cloudflare rolls into town. After our recent Mongolia launch, we received lots of feedback from happy customers that all of a sudden, Internet performance noticeably improved.
As a result, it's not a surprising that we regularly receive requests from all over the world to either peer with our network, or to host a node. However, potential partners are always keen to know just how much traffic will be served over that link. What performance benefits can end-users expect? How much upstream traffic will the ISP save? What new bandwidth will they have available for traffic management?
Starting today, ISPs and hosting providers can request a login to the Cloudflare Peering Portal to find the answers to these questions. After validating ownership of your ASN, the Cloudflare network team will provide a login to the newly launched Peering Portal - Beta. You can find more information at: cloudflare.com/partners/peering-portal/
What problem does peering solve?
If you're new to the core infrastructure of the Internet, the best way to understand peering is to frame the problems it solves:
- Bandwidth costs money
- Internet users don't like slow websites
- Network operators have limited Continue reading
Highest Recommended SIP Trunk Providers, Friend to Friend
Would you recommend your SIP trunking provider to a friend? See which providers came out on top in the Eastern Management Group's customer satisfaction study that surveyed more than 3,000 IT managers.
Automation Win: Configure Cisco ACI with an Ansible Playbook
This blog post was initially sent to subscribers of my mailing list. Subscribe here.
Following on his previous work with Cisco ACI Dirk Feldhaus decided to create an Ansible playbook that would create and configure a new tenant and provision a vSRX firewall for the tenant when working on the Create Network Services hands-on exercise in the Building Network Automation Solutions online course.
Read more ...Test Driving Inter Regional VPC peering in AWS
Connect AWS VPCs hosted in different regions. AWS Virtual Private Cloud(VPC) provides a way to isolate a tenant’s cloud infrastructure. To a tenant a VPCs provide a view of his own virtual infrastructure in the cloud that is completely isolated, has its own compute, storage, network connectivity, security settings etc. In the physical world, Amazon’s … Continue reading Test Driving Inter Regional VPC peering in AWSCustom VPC and Internet Access in AWS
Create your VPC, launch EC2 instances and get internet access with Public IP. With a Virtual Private Cloud(VPC), tenants can create his own cloud based infrastructure in AWS. While AWS provides a default VPC for a new tenant, there are always use cases that need creation of custom VPC. While exploring custom VPC, I found … Continue reading Custom VPC and Internet Access in AWSBGP LLGR: robust and reactive BGP sessions
On a BGP-routed network with multiple redundant paths, we seek to achieve two goals concerning reliability:
-
A failure on a path should quickly bring down the related BGP sessions. A common expectation is to recover in less than a second by diverting the traffic to the remaining paths.
-
As long as a path is operational, the related BGP sessions should stay up, even under duress.
Detecting failures fast: BFD⚓︎
To quickly detect a failure, BGP can be associated with BFD, a protocol to detect faults in bidirectional paths,1 defined in RFC 5880 and RFC 5882. BFD can use very low timers, like 100 ms.
However, when BFD runs in a process on top of a generic kernel,2 notably when running BGP on the host, it is not unexpected to loose a few BFD packets on adverse conditions: the daemon handling the BFD sessions may not get enough CPU to answer in a timely manner. In this scenario, it is not unlikely for all the BGP sessions to go down at the same time, creating an outage, as depicted in the last case in the diagram below.
App Micro-segmentation How To’s: Informatica, Oracle and SAP
consolidated posts from the VMware on VMware blog
Are you someone that prefers a blank sheet of paper or an empty text pad screen? Do you get the time to have that thought process to create the words, images or code to fill that empty space? Yes to both — I’m impressed! Creating something from scratch is an absolutely magical feeling especially once it gets to a point of sharing or usefulness. However, many of us spend a bit more of our time editing, building upon or debugging. Fortunately, that can be pretty interesting as well.
In the case of setting up mico-segmentation with VMware NSX Data Center, you have a couple options on quickly getting started:
- NSX Micro-segmentation: Day 1 Guide
- NSX Micro-segmentation: Day 2 Guide
- (blog) Rapid Micro-segmentation using Application Rule Manager Recommendation Engine
- (blog) Securing Native Cloud Workloads with VMware NSX Cloud Blog Series – Part 1: Getting Started
Those resources and more are great jumping off points especially since you likely have more than just Informatica, Oracle and SAP apps in your environments.
Now, should you have those Informatica, Oracle and SAP apps, then here’s the next level of details. I’m Continue reading
Weekly Wrap Podcast: WikiLeaks Unmasks Amazon Data Center Locations
SDxCentral Weekly Wrap for October 19, 2018. Ericsson's third quarter results get overshadowed by an ongoing corruption scandal.
Cisco’s Viptela SD-WAN Is the First VNF on Bell Canada’s VNS
The platform allows enterprise customers to deploy and manage applications and services that reside in the carrier’s private cloud. It comes with a 99.9 percent SLA for uptime.
SolarWinds Goes Public (Again)
The company opened on the NYSE at $15.30 per share and offered 25 million shares.
Automation: Flow Control & Dimensionality
Human beings as we are, struggle sometimes to think multi-dimensionally about tasks. Our brains seem to have a conscious layer and a sub-conscious layer. Whether you think in words, noise or images, your brain is a single threaded engine with a silent co-processor that can either assist or annoy. Experience has shown that we look at network automation challenges through this shaped lens and try and solve things that makes sense to humans, but not necessarily for mechanized processes.
In an attempt not to lose my own thread, I’ll try and explain some different view points through examples.
Example One: I’m English, Make me some Tea!
Making a a cup of tea is a very English thing to do and the process of making one will suffice for this example.
Let’s look at the process involved:
// { type: activity}
(Start)-><a>[kettle empty]->(Fill Kettle)->|b|
<a>-(note: Kettle activities)
<a>[kettle full]->|b|->(Boil Kettle)->|c|
|b|->(Add Tea Bag)-><d>[Sugar: yes]->(Add Sugar)->(Add Milk)
<d>[Sugar: no]->(Add Milk)
<d>-(note: Sweet tooth?)
(Add Milk)->|c|->(Pour Boiled Water)
(Pour Boiled Water)->(Enjoy)->(Stop)
Fig.1
This makes us a relative standard cup of English breakfast tea.
Let’s assume macros exist for milk and sugar quantity and the dealing of a mug or best china Continue reading