0

On the ‘net: Network Models at Packet Pushers

I’ve just started a new series on network models over at Packet Pushers. The first two installments are here:

I learned the Open Systems Interconnect (OSI) model way back in the mid-1980s, as a part of my basic networking education. Ever since then, I’ve used the OSI model in my day-to-day work as a network engineer.

First, models are not sacrosanct. A model is just a tool. If the model you are using is not working for you, feel free to modify it.

0

On the ‘Net: The IETF at Packet Pushers

I’ve been writing a series about working within the IETF to publish a new standard over at Packet Pushers. The most recent installments are:

There are other seemingly mystical concepts in the IETF process as well—for instance, what is a “document stream,” and what is a document’s “status?”

You’re almost ready to submit a shiny new document to the IETF for consideration, right? Not quite yet—we still need to deal with mandatory sections and language.

0

Schedule 0923

Here’s a preview of what I’m working on for those who are interested:

• September 2023: (this Friday) How Routers Really Work, a three-hour live webinar at Safari Books Online through Pearson
• October 2023:
  • How the Internet Really Works a four-hour live webinar at Safari Books Online through Pearson; this is newly formatted and reorganized version of the two sessions I used to do
  • I’m speaking at a small theological conference on AI and ethics in Cary, NC
• November 2023:
  • The new CCST book should be released
  • I have recorded a network basics video series that should be released in late 2023 or early 2024
• January 2024:
  • What Coders Need to Know about Networks, a new course, co-authored with an engineer from Akamai; a three-hour live webinar at Safari Books Online through Pearson
  • I’ll be teaching a course in network engineering at the University of Colorado for the spring semester
• February 2024: A new three-hour live webinar on infrastructure interviewing skills at Safari Books Online through Pearson
• March 2024: BGP Policy, a three-hour live webinar on Safari Books Online through Pearson
• April 2024: Troubleshooting, a reformatted and rebuilt three-hour live webinar at Safari Books Online through Pearson

There will probably Continue reading

0

MPLS-Backbone-Class-Of-Service-Design-Principles

https://github.com/kashif-nawaz/MPLS-Backbone-Class-Of-Service-Design-Principles

0

Automation is Critical for 5G Network Slicing – Here’s Why

Network slicing could be the answer to 5G rollout – but it's not easy to implement. Automation provides a way forward.

0

Cisco snuffs Hyperflex development, hands hyperconverged infrastructure future to Nutanix

When Cisco and Nutanix partnered in August, the writing was on the wall: future development of Cisco’s Hyperflex platform was on the rocks.The other shoe dropped this week as Cisco said it would end development of the hyperconverged (HCI) system, saying it would “end-of-life” the HyperFlex Data Platform (HXDP) and the last day to order any products related to the system would be September 11, 2024. The last day to renew to an existing subscription is February 28, 2029 though active customers will be able to continue receiving Cisco support as necessary.To read this article in full, please click here

0

Cisco snuffs HyperFlex development, hands HCI future to Nutanix

When Cisco and Nutanix partnered in August, it raised questions about the future development of Cisco’s HyperFlex platform. The other shoe dropped this week as Cisco said it would cease development of its hyperconverged infrastructure (HCI) system.Cisco announced the end-of-sale and end-of-life dates for its HyperFlex Data Platform (HXDP); the last day to order any products related to the system is September 11, 2024, and the last day to renew to an existing subscription is February 28, 2029. Active customers will be able to continue receiving Cisco support as necessary.To read this article in full, please click here

0

Cisco snuffs Hyperflex development, hands hyperconverged infrastructure future to Nutanix

When Cisco and Nutanix partnered in August, the writing was on the wall: future development of Cisco’s Hyperflex platform was on the rocks.The other shoe dropped this week as Cisco said it would end development of the hyperconverged (HCI) system, saying it would “end-of-life” the HyperFlex Data Platform (HXDP) and the last day to order any products related to the system would be September 11, 2024. The last day to renew to an existing subscription is February 28, 2029 though active customers will be able to continue receiving Cisco support as necessary.To read this article in full, please click here

0

Cisco snuffs HyperFlex development, hands HCI future to Nutanix

When Cisco and Nutanix partnered in August, it raised questions about the future development of Cisco’s HyperFlex platform. The other shoe dropped this week as Cisco said it would cease development of its hyperconverged infrastructure (HCI) system.Cisco announced the end-of-sale and end-of-life dates for its HyperFlex Data Platform (HXDP); the last day to order any products related to the system is September 11, 2024, and the last day to renew to an existing subscription is February 28, 2029. Active customers will be able to continue receiving Cisco support as necessary.To read this article in full, please click here

0

Cisco snuffs HyperFlex development, hands HCI future to Nutanix

When Cisco and Nutanix partnered in August, it raised questions about the future development of Cisco’s HyperFlex platform. The other shoe dropped this week as Cisco said it would cease development of its hyperconverged infrastructure (HCI) system.Cisco announced the end-of-sale and end-of-life dates for its HyperFlex Data Platform (HXDP); the last day to order any products related to the system is September 11, 2024, and the last day to renew to an existing subscription is February 28, 2029. Active customers will be able to continue receiving Cisco support as necessary.To read this article in full, please click here

0

Weekend Reads 091523

The average total cost of a data breach has reached an all-time high in 2023 of $4.45 million. This is an increase of 2.3% from last year’s $4.35 million.

Originally created as a secure sandbox to run compiled C/C++ code in web browsers, WebAssembly (Wasm) has been gaining traction and momentum on the server-side.

Specifically, the web giant’s Privacy Sandbox APIs, a set of ad delivery and analysis technologies, now function in the latest version of the Chrome browser. Website developers can thus write code that calls those APIs to deliver and measure ads to visitors with compatible browsers.

The German digital association, Bitkom, recently announced that the cost of IT equipment theft, data breaches, digital and industrial espionage, and sabotage is expected to reach a staggering 206 billion euros ($224 billion) in 2023.

The alarming rise of phishing attacks has been underscored by a recent study “Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing conducted” by the Interisle Consulting Group, revealing a tripling of such attacks since May 2020.

Japan is widely regarded as one of the most advanced economies for Internet penetration. Japan’s Internet usage rate (individuals) is 82.9% Continue reading

0

IBM X-Force: Use of compromised credentials darkens cloud security picture

As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That's one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials’ popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here

0

IBM X-Force: Use of compromised credentials darkens cloud security picture

As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That's one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials’ popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here

0

IBM X-Force: Use of compromised credentials darkens cloud security picture

As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That's one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials’ popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here

0

Heavy Networking 701: Monitoring SD-WAN At Scale With Broadcom (Sponsored)

Our topic today on Heavy Networking is SD-WAN monitoring at massive scale. Scale can grow quickly with SD-WAN when you account for the underlay, overlays, gateways, endpoints, and more. We talk with sponsor Broadcom about their monitoring platform and dig into a case study with a Broadcom customer providing global IT infrastructure for thousands of their own customers.

The post Heavy Networking 701: Monitoring SD-WAN At Scale With Broadcom (Sponsored) appeared first on Packet Pushers.

0

Heavy Networking 701: Monitoring SD-WAN At Scale With Broadcom (Sponsored)

Our topic today on Heavy Networking is SD-WAN monitoring at massive scale. Scale can grow quickly with SD-WAN when you account for the underlay, overlays, gateways, endpoints, and more. We talk with sponsor Broadcom about their monitoring platform and dig into a case study with a Broadcom customer providing global IT infrastructure for thousands of their own customers.

0

Making Content Security Policies (CSPs) easy with Page Shield

Modern web applications are complex, often loading JavaScript libraries from tens of different sources and submitting data to just as many. This leads to a vast attack surface area and many attack types that hackers may leverage to target the user browser directly. Magecart, a category of supply chain attack, is a good example.

To combat this, browser vendors (Google, Microsoft, Mozilla, etc.) have agreed on a standard that allows application owners to control browser behavior from a security perspective. This standard is called Content Security Policies (CSPs). Content Security Policies are implemented by application owners as a specially formatted HTTP response header that the browser then parses and enforces. This header can be used, for example, to enforce loading of JavaScript libraries only from a specific set of URLs. CSPs are good as they reduce the attack surface, but are hard to implement and manage, especially in a fast-paced development environment.

Starting today, Page Shield, our client-side security product, supports all major CSP directives. We’ve also added better reporting, automated suggestions, and Page Shield specific user roles, making CSPs much easier to manage.

If you are a Page Shield enterprise customer, log in to your Continue reading

0

BrandPost: Unified Management Is the Key to Single-Vendor SASE

It’s no secret that SASE has skyrocketed in popularity in recent years due in large part to how the solution provides strong threat protection and secure access no matter where a user, device, or application is located. This is no small feat, especially in the work-from-anywhere (WFA) era, where employees are logging in from a coffee shop one day and the office the next.  To read this article in full, please click here

0

BrandPost: Unified Management Is the Key to Single-Vendor SASE

It’s no secret that SASE has skyrocketed in popularity in recent years due in large part to how the solution provides strong threat protection and secure access no matter where a user, device, or application is located. This is no small feat, especially in the work-from-anywhere (WFA) era, where employees are logging in from a coffee shop one day and the office the next.  To read this article in full, please click here

0

Upcoming Training: How Routers Really Work

Have you ever wondered exactly how a router moves a packet from input to output interface? Or what the difference between is between a router’s and host’s operating system? Or why forwarding engines are built in classes, and one forwarding engine cannot “do it all?” Join me on the 22nd at 1pm ET for How Routers Really Work, a three-hour tour through router guts. I’ve replaced about 10% of the slides since the last time I taught this course.

If you register, you can watch the recording at a later date.

Register here.