Archive

Category Archives for "Networking"

Weekend Reading: 2017-11-17

There’s an “automation meteor” headed right at us, according to financial adviser and Reformed Broker blogger Josh Brown, who used this troubling “chart o’ the day” from Wharton to show just “how quickly things have changed” over the past decade. And how they’re going to keep on changing. — Sean Langlios @ MarketWatch

Andrew Ng, formerly the head of AI for Chinese search giant Baidu and, before that, creator of Google’s deep-learning Brain project, knows as well as anyone that artificial intelligence is coming for plenty of jobs. And many of us don’t even know it. — Racel Metz @ MIT Technology Review

Cloudflare provides security and domain name services for millions of the most prominent sites on the web. The company has built a solid reputation for its secure encryption and one of the key factors in its system is a wall of 100 lava lamps in the lobby of its San Francisco headquarters. — Rhett Jones @ gizmodo

Predictions As A Service

It’s getting close to the end of the year and it’s time once again for the yearly December flood of posts that will be predicting what’s coming in 2018. Long time readers of my blog know that I don’t do these kinds of posts. My New Year’s Day posts are almost always introspective in nature and forward looking from my own personal perspective. But I also get asked quite a bit to contribute to other posts about the future. And I wanted to tell you why I think the prediction business is a house of cards built on quicksand.

The Layups

It’s far too tempting in the prediction business to play it safe. Absent a ton of research, it’s just easier to play it safe with some not-so-bold predictions. For instance, here’s what I could say about 2018 right now:

  • Whitebox switching will grow in revenue.
  • Software will continue to transform networking.
  • Cisco is going to buy companies.

Those are 100% true. Even without having spent one day in 2018. They’re also things I didn’t need to tell you at all. You already knew them. They’re almost common sense at this point. If I needed to point out that Cisco Continue reading

What do John Chambers and crickets have in common? The IoT

Earlier this year, Cisco announced the man who turned it from a small router company into the world’s dominant network vendor, John Chambers, was exiting his post as executive chairman of the board and it turned the mothership fully over to Chuck Robbins. This raised the question: What has Chambers been up to? Retired?Also on Network World: IoT catches on in New England fishing town Hardly. I met with Chambers near the end of his tenure as CEO, and he most emphatically stated he was not retiring. There are many things I admire about Chambers, but two of his more notable attributes are that he has a knack of catching market transitions and he has a burning desire to change the world. In fact, under Chambers, Cisco put together perhaps the best Corporate Social Responsibility (CSR) program in the industry, and that legacy has carried over in the Chuck Robbins era.To read this article in full, please click here

Show 366: Inside Cisco EVPN (Sponsored)

The Packet Pushers and sponsor Cisco dive into EVPN to explore how it works and find out why it's attracting the attention of enterprises and carriers for use cases such as data center interconnect and Carrier Ethernet. The post Show 366: Inside Cisco EVPN (Sponsored) appeared first on Packet Pushers.

ISOC hosts successful inaugural Indigenous Connectivity Summit

If U.S. Senator of New Mexico Tom Udall’s call that “we must do better” to ensure connectivity in Indigenous communities set the tone, delegates of the Indigenous Connectivity Summit (ICS) in Santa Fe this month left with little doubt in our ability to do so.

Whether it’s a pueblo at the top of a mountain or a fly-in region in the Arctic, Internet access in many Indigenous communities is characterized by high costs, low speeds, data caps and poor or non-existent service.

At the Internet Society, we work to make sure the Internet is open and accessible to everyone, everywhere. The ICS was the first event of its kind to focus on ensuring Alaska Native, American Indian, First Nations, Métis, and Inuit communities have access to affordable, high-quality and sustainable Internet access. We heard from several Indigenous community network operators in North America and abroad about their experiences and the impact it’s had on their communities.

Perhaps the most resonant and inspiring message at the ICS was the potential of Indigenous community networks to provide access where commercial networks do not reach or serve, or areas where they may not be economically viable to operate. Speakers shared success stories Continue reading

Docs should help design medical IoT

Doctors — particularly the ones that work in emergency rooms — need to have strong stomachs and level heads, since they see illness and injury at their most serious. Violence, accidents and serious diseases are all a matter of routine in the ER.Dr. Christian Dameff is a faculty member at UC San Diego’s medical school, has seen all of that and more, since he’s also a white-hat hacker and expert in medical IoT security. He warned the audience on Thursday at the Security of Things USA convention in San Diego that the state of that security is, frankly, alarming.+ALSO ON NETWORK WORLD: Windows Server in the cloud: Can you, should you, and with which provider? + HPE gives up the battle for tier 1 data center customersTo read this article in full, please click here

Docs should help design medical IoT

Doctors — particularly the ones that work in emergency rooms — need to have strong stomachs and level heads, since they see illness and injury at their most serious. Violence, accidents and serious diseases are all a matter of routine in the ER.Dr. Christian Dameff is a faculty member at UC San Diego’s medical school, has seen all of that and more, since he’s also a white-hat hacker and expert in medical IoT security. He warned the audience on Thursday at the Security of Things USA convention in San Diego that the state of that security is, frankly, alarming.+ALSO ON NETWORK WORLD: Windows Server in the cloud: Can you, should you, and with which provider? + HPE gives up the battle for tier 1 data center customersTo read this article in full, please click here

Docs should help design medical IoT

Doctors - particularly the ones that work in emergency rooms – need to have strong stomachs and level heads, since they see illness and injury at their most serious. Violence, accidents and serious diseases are all a matter of routine in the ER.Dr. Christian Dameff is a faculty member at UC San Diego’s medical school, has seen all of that and more, since he’s also a white-hat hacker and expert in medical IoT security. He warned the audience on Thursday at the Security of Things USA convention in San Diego that the state of that security is, frankly, alarming.+ALSO ON NETWORK WORLD: Windows Server in the cloud: Can you, should you, and with which provider? + HPE gives up the battle for tier 1 data center customersTo read this article in full, please click here

Basics on Security : IPS Vs IDS Vs Firewalls

Today I am going to talk about the another security topic which i will going to highlight the difference between the IPS, IDS and the firewalls in their functionality. Before I will start with the IPS, IDS and Firewalls I would like to tell you guys that we have our own youtube channel for various network videos that can further help you guys to study further. I will going to add many more videos soon on the channel, Please subscribe to the channel for the study network related videos

Subscribe us on Youtube: http://y2u.be/0c4lMYVp9go

IPS - Intrusion Prevention System
IPS-Intrusion Prevention System inspects traffic flowing through a network and is capable of blocking or otherwise remediating flows that it determines are malicious. Usually uses a combination of traffic and file signatures and heuristic analysis of flows.

In other words, we can say that a device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.

Fig 1.1- IPS in the Network with Firewall
It also provideds the analysis of low by sitting inline and seeing all traffic during an Continue reading

The concept of RD and RT in MPLS Scenario

Today I am going to talk about the other terms used in the MPLS and you guys surely heard about these terms named as RD and RT when ever you are going to configure or design the MPLS network in your enterprise. As RD and RT is the concept used on the MPLS platform where first you define the VRF and i already wrote about the VRF in my earlier post. Please have a look on the below mentioned link for the VRF concept and how to configure the VRF

Basics of VRF(Virtual Routing forwarding)

Before we are going to start with the RD and RT concept, I would like to inform you that we launched our Youtube Channel and will going to soon upload many Network related videos on the channel. Please subscribe for videos on the below mentioned link

Subscribe us on Youtube: http://y2u.be/0c4lMYVp9go

Thanks for your huge support always, Now lets start with the today's topic RD and RT. Below is just a basic topology just to show the connectivity of PE and CE with MPLS scenario

Fig 1.1- Sample MPLS topology
What is RD and why is the purpose of RD in MPLS network ?

BrandPost: SD-WAN Puts Traditional Routers on Notice

SD-WAN with its benefits of improved bandwidth economics, application prioritization, and centralized management, is rapidly reshaping the branch network architecture.SD-WAN technologies are becoming mainstream as distributed organizations experience the benefits of plentiful internet bandwidth, prioritized access to critical applications, and the ease of centralized management. Leading IT organizations are deploying SD-WAN solutions with software-based routing and displacing traditional branch router architectures. Over time, Doyle Research expects significant disruption of the branch router market with SD-WAN becoming the primary platform.To read this article in full, please click here

RESTful control of Cumulus Linux ACLs

The diagram above shows how the Cumulus Linux 3.4 HTTP API can be extended to include the functionality described in REST API for Cumulus Linux ACLs. Fast programmatic control of Cumulus Linux ACLs addresses a number of interesting use cases, including: DDoS mitigationElephant flow marking, and Triggered remote packet capture using filtered ERSPAN.

The Github pphaal/acl_server project INSTALL page describes how to install the acl_server daemon and configure the NGINX web server front end for the Cumulus Linux REST API to include the acl_server functions. The integration ensures that the same access controls configured for the REST API apply to the acl_server functions, which appear under the /acl/ path.

The following examples demonstrate the REST API.

Create an ACL

curl -X PUT -H 'Content-Type:application/json' --data '["[iptables]","-A FORWARD --in-interface swp+ -d 10.10.100.10 -p udp --sport 53 -j DROP"]' -k -u 'cumulus:CumulusLinux!' https://10.0.0.52:8080/acl/ddos1
ACLs are sent as a JSON encoded array of strings. Each string will be written as a line in a file stored under /etc/cumulus/acl/policy.d/ - See Cumulus Linux: Netfilter - ACLs. For example, the rule above will be written to the file 50rest-ddos1.rules with the following Continue reading

Worth Reading: Court Overreach with SOPA

Nearly six years ago, Internet user communities rose up and said no to the disastrous SOPA copyright bill. This bill proposed creating a new, quick court order process to compel various Internet services—free speech’s weak links—to help make websites disappear. Today, despite the failure of SOPA, a federal court in Virginia issued just such an order, potentially reaching many different kinds of Internet services. — Mitch Stoltz @ Deep Links

Remote User Authentication and RBAC with NSX-T

Remote user authentication and role based access control (RBAC) is an important requirement when deploying new systems in an organization, particularly in the networking world. For that matter, systems typically leverage RADIUS or Active Directory (AD) servers, to name a few.

NSX-T integrates with VMware Identity Manager (vIDM) to get the following benefits related to user authentication:

  • Support for extensive AAA Systems, including
    • AD-based LDAP, OpenLDAP
    • RADIUS
    • SmartCards / Common Access Cards
    • RSA Secure ID
  • Enterprise Single Sign-On
    • Common authentication platform across multiple VMware solutions
    • Seamless single sign-on experience


This blog post covers the main steps required to integrate NSX-T with vIDM and to configure roles that grant different privileges to different users. It does not cover deployment and hardening of VMware Identity Manager (vIDM). At the end of the post, there is a link to a demo showing how to do the configuration and several role-based access tests.

Assuming that both NSX-T Manager and vIDM appliances are deployed, powered on and configured with the basic management details (IP address, admin users, etc.), the integration requires the following steps:

  1. Creating a OAuth client ID for the NSX-T Manager in vIDM
  2. Getting the vIDM appliance thumbprint
  3. Registering NSX-T Manager with Continue reading
1 1,455 1,456 1,457 1,458 1,459 3,347