Container Security through Segregation
One of my readers sent me a container security question after reading the Application Container Security Guide from NIST:
We are considering segregating dev/test/prod environments with bare-metal hardware. I did not find something in the standard concerning this. What should a financial institution do in your opinion?
I am no security expert and know just enough about containers to be dangerous, but there’s a rule that usually works well: use common sense and identify similar scenarios that have already been solved.
Read more ...Most Important Skills in Networking
It’s easy to get blinded these days by all the talk about cloud, SDN and automation leading both new and existing people in networking to make decisions in their career which may not be the best ones long term. I’ve had the pleasure of interacting and working together with a lot of prominent people in the industry. Based on this I have identified some skills that all of these people have to some degree and that I believe to be crucial to succeeding in the IT industry.
Ability to write – Many of the successful people in the industry like Ivan Pepelnjak, Russ White, Nick Russo and so on have either authored books, write blogs or both. The ability to put your thoughts down into writing is critical. For someone like me that is working in network design, it is probably the most important skill, not only to write technical documents but to interact with customers, colleagues, managers and so on. It doesn’t matter if you are a technical savant if you can’t put a brief document together describing why and how a certain technology should be implemented.
Ability to speak – A lot of people in IT are a Continue reading
Poweron and Poweroff Esxi instance from CLI using a Python script
Hi,
I have to agree that to start a esxi node i was depending heavily on a windows VM and then was using a VSphere client to connect to a Esxi 5.5.
In a typical day all of my VM’s are hosted on Esxi and am not any advanced user of esxi by any stretch of Imagination.
It came down to a point where i had to manually click close to 8 VMS in order to boot up and all this was sort of irriatating for me, so i wrote a very basic script which can do this for me. Most of the experienced VM admins have been doing this for very long, for someone like me or anyone who is new to Esxi this is going to help.
Here is the code for the script, all you need to do is to copy to your lab esxi, obviously if any one using production esxi they already know how to manage this.
https://github.com/yukthr/auts/tree/master/vmware_scripts
Requirement – I have 5 Vm-machines and i would like to start them via script and also power them off.
First things, list the Vm-instances
Now that we have it, let explore the Continue reading
Worth Reading: Automation: Easy Button vs Sentient Voodoo Magic Button
I’m always telling network engineers attending my network automation workshops and online courses that there’s no magic bullet or 3-steps-to- success.
You cannot automate a process until you can describe it with enough details so that someone who has absolutely no clue what should be done can execute it.
David Gee published a long (and somewhat ranty) version of that statement. Enjoy!
Link Propagation 113
Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. Blogs Getting started with Jenkins for […]Show 384: The Packet Pushers Unleashed
On today’s show Greg and Ethan talk about a few things that have been on their minds, including updates on the forthcoming Packet Pushers subscription site and a post-mortem of the recent Virtual Design Clinic.
They also hash out some tech conversations, including Cloudflare’s new DNS resolver, peak open networking, a review of the Aruba Atmosphere wireless conference, and more nerdy topics.
Sponsor: ThousandEyes
ThousandEyes gives you visibility, insights, and actionable intelligence into user experience from every user to every application over any network, so you transform your WAN, troubleshoot faster and deliver exceptional user experiences in the cloud and on premises. Try ThousandEyes for free at thousandeyes.com/packetpushers and grab a fun t-shirt!
Sponsor: Cumulus Networks
The Cumulus Linux network OS is simple, open, untethered Linux that can run on more than 70 hardware platforms and help you transition from your legacy infrastructure. Cumulus Networks is Web-scale networking for the digital age. Go to cumulusnetworks.com to find out more.
Show Links:
Introducing DNS Resolver, 1.1.1.1 (not a joke) – Cloudflare
Announcing 1.1.1.1: the fastest, privacy-first consumer DNS service – Cloudflare
jedisct1/dnsblast: A simple and stupid load testing tool for DNS resolvers – Continue reading
OpenContrail Becomes Tungsten Fabric, Plans Next Release in May
Juniper Networks will be one of the biggest consumers of Tungsten Fabric, but the name change helps distinguish it from Contrail.
5% growth in Ethernet Switches.
SDxCentral’s Weekly Roundup — April 6, 2018
Telefónica collaborates with Microsoft Azure on IoT; B.Yond joins the Linux Foundation Deep Learning Foundation; Openwave Mobility launched a 5G telco cloud database.
Apcela Gets to the Root of Problems With Enhanced Analytics Platform, SD-WAN API
The SD-WAN API leverages and extends Cisco's SD-WAN and its network monitoring platform by isolating problems using underlay and overlay network data.
Muhammad Shabbbir Awan: Reflections on the WTDC17
It’s been 5 months since WTDC17 concluded and I had time to reflect on the outcomes of the conference and the experience itself. WTDC sets the ITU’s development agenda and in Argentina last October over 1000 government delegates from close to 135 countries gathered during the two-week period. They were there to discuss a range of issues and shape the development sector’s priorities for the next four years. For me, it was a trip of many firsts: my first experience as an observer participating in a multilateral conference; my first trip to South America; and, as a visually impaired person, the eighteen hours flight duration was my first such experience.
To recall, I was a member of the Internet Society delegation as a Fellow. For me, the two motivators to apply for the fellowship opportunity were: first, the theme for WTDC17 (“ICTs for Sustainable Development Goals”) and possibility to make a difference. Second, my quest to learn even more about Internet Governance processes and to participate in the discussions.
WTDC17 had a packed agenda that included ceremonial events marking the 25th Anniversary of the Development Sector and side events on a range of Sustainable Development Goal (SDG) topics.
Aella Data Emerges From Stealth, Launches AI-Based Threat Detection
The security startup, founded by former Juniper, Fortinet, Barracuda, and Aerohive executives, exited stealth mode with its AI-based breach detection platform.
IoTium Plugs Kubernetes Into IoT to Boost Edge Management
The platform allows companies to better manage data that must remain on premises due to compliance, security, or latency reasons.
Huawei Shoots Back at FCC Proposal That Threatens Its Rural Biz
The FCC wants to ban any spending from the Universal Service Fund on networking equipment that could pose a security threat.
sFlow available on Juniper MX series routers
Understanding How to Use sFlow Technology for Network Monitoring on a MX Series Router lists the following benefits of sFlow Technology on a MX Series Router:
- sFlow can be used by software tools like a network analyzer to continuously monitor tens of thousands of switch or router ports simultaneously.
- Since sFlow uses network sampling (forwarding one packet from ‘n’ number of total packets) for analysis, it is not resource intensive (for example processing, memory and more). The sampling is done at the hardware application-specific integrated circuits (ASICs) and hence it is simple and more accurate.
- ACX5000 Universal Access Router
- EX Series Ethernet Switches
- MX Series 3D Universal Edge Routers
- NFX Series Network Services Platform
- OCX1100 Open networking, cloud-optimized switch
- QFX Series High-performance, high-density data center switches
Universal support for Continue reading
Introducing “Cooking with Cumulus” – Episode one
Alright, we know you’re hungry for more Cumulus goodness, so we’ve cooked up something new that we think will satiate your appetite for awesome technical content. It’s the perfect mix of one part technical deep-dive, one part fun and just a pinch of silliness. The wait is over — our latest project is hot, fresh and ready to serve!
Okay, enough teasing. Today we’re introducing the new Cumulus Networks video series “Cooking with Cumulus!”
“Wait, what does cooking have to do with networking??” you may think to yourself. Glad you asked. You may already know JR Rivers as the CTO and co-founder of Cumulus Networks, but did you know he’s also a master of the culinary arts? Here at the Mountain View office, we know it’s the start of a good day when JR brings in his homemade food to share. From chocolate chip cookies to paella, we’ve approved (and enjoyed) his many recipes. So, we decided that we wanted to share that gift with the rest of the Cumulus community by combining two of JR’s greatest passions — networking and cooking. The resulting brain child was a video series where we put two networking nerds in a Continue reading