Sound bites on submarine cables.
The post Cable Breakage: When and How Submarine Cables Go Down appeared first on EtherealMind.
The Network Collective has another History of Networking up; this time we’re chatting with Tony Li about the History of BGP. Tony was not involved in the original origins of BGP (the famous napkin, a picture of which you can see in this book), but he did start working on it in around 1996, the year I joined Cisco as a lowly TAC engineer.
The post The History of Networking: Tony Li on BGP appeared first on rule 11 reader.
authors – Geoff Wilmington, Mike Lonze
Healthcare organizations are focusing more and more on securing patient data. With Healthcare breaches on the rise, penalties and fines for lost or stolen PHI and PII data is not only devastating to the patients, but to the Healthcare organization as well. The Ponemon Institute Annual Benchmark Study on Privacy & Security of Healthcare Data has shown that nearly 50 percent of Healthcare organizations, up 5 percent from a previous study, that criminal attacks are the leading cause of Healthcare breaches. [1] With breaches on the rise and Healthcare organizations feeling the pain, how can we help Healthcare start layering security approaches on their most critical business applications that contain this highly critical data?
The principle of least privilege is to provide only the necessary minimal privileges for a process, user, or program to perform a task. With NSX, we can provide a network least privilege for the applications that run on the vSphere hypervisor using a concept called Micro-segmentation. NSX places a stateful firewall at the virtual network card of every virtual machine allowing organizations to control very granularly how virtual machines communicate or don’t communicate with each Continue reading
After quite a few discussions resulting from my Epic Evaluation: Ubiquiti ERPro-8 vs Play-Doh where (spoiler alert!) the Play-Doh™ won hands down after an exhaustive six-month test, I’ve been persuaded to give Ubiqiuti Networks (aka UBNT) another chance. Another two chances, in fact.
As I said in the evaluation post, I was hesitant about recommending against UBNT products not least because I owned four other UBNT devices (three wireless access points and a 48-port switch). Despite being persuaded to try UBNT again, I strongly maintain my previous recommendation to avoid the ERPro-8 like a wedding invitation from Walder Frey. For the rest of the product range I’ve decided to suspend my previous “NO BUY” verdict and reserve my final judgement while I try out some new additions to my home network and see if they can restore balance to the nerd universe.
I would also like to add that while Ubiquiti’s official Support and RMA channels were no help to me whatsoever when my ERPro-8 was behaving badly, I did appreciate one employee reaching out privately and trying to help. The conclusion for now is that flash itself has indeed become irrecoverably corrupted and the device Continue reading
Briefings In Brief is a new podcast channel from the Packet Pushers that summarizes tech news and announcements in quick doses.
The post Announce: Briefings In Brief – A New Packet Pushers Podcast Channel appeared first on EtherealMind.
What is MP, Merge Point in MPLS Traffic Engineering ? Understanding Merge Point in MPLS Traffic Engineering will help you to understand the MPLS TE – Fast Reroute MP (Merge Point) is the term is used in the context of Fast Reroute. I briefly mentioned from Merge Point in the MPLS Traffic Engineering Fast Reroute Link Protection post earlier and in this […]
The post What is MP – Merge Point in MPLS Traffic Engineering ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
I work at a company whose job it is to be attacked. As I’m writing this, an automatic mitigation is fighting two ongoing DDoS attacks. Any machine that’s publicly routable on the internet today can be a vector for attack, and that’s a problem.
Today we want to turn the tables and give you a new way of exposing services to the internet without having them be directly, publicly routable. Meet Cloudflare Warp.
CC BY-SA 2.0 image by Christian Ortiz
Cloudflare internally runs about 4,000 containers that make up about 1.5K services and applications. Some of these containers need to network with other local containers, and others need to accept connections over the wire.
Every devops engineer knows that bad things happen to good machines, and so our platform operations team tries to hide servers altogether from the internet. There are several ways to do this:
These can be complicated or time consuming, yet none of them are Continue reading
What is PI and PA ? Provider Independent and Provider Assigned ? In this post, I will explain the important considerations on PI (Provider Independent) and PA (Provider Assigned). In this post, I will explain below points : What is PI and PA ? Why PI and PA addresses are used ? […]
The post What is PI and PA ? Provider Independent and Provider Assigned ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
In the real world, tunnels are often carved out from the mass of something bigger - a hill, the ground, but also man-made structures.
CC BY-SA 2.0 image by Matt Brown
In an abstract sense Cloudflare Warp is similar; its connection strategy punches a hole through firewalls and NAT, and provides easy and secure passage for HTTP traffic to your origin. But the technical reality is a bit more interesting than this strained metaphor invoked by the name of similar predecessor technologies like GRE tunnels.
Generic Routing Encapsulation or GRE is a well-supported standard, commonly used to join two networks together over the public Internet, and by some CDNs to shield an origin from DDoS attacks. It forms the basis of the legacy VPN protocol PPTP.
Establishing a GRE tunnel requires configuring both ends of the tunnel to accept the other end’s packets and deciding which IP ranges should be routed through the tunnel. With this in place, an IP packet destined for any address in the configured range will be encapsulated within a GRE packet. The GRE packet is delivered directly to the other end of the tunnel, which removes the encapsulation and forwards the original Continue reading
I can imagine that is how I looked when I got my “new” Juniper SRX from (insert favorite auction site) …
The post Juniper SRX Password Recovery appeared first on Fryguy's Blog.
Uptime Institute study provides a reality check about the state of enterprise data centers.