Archive

Category Archives for "Networking"

Thwarting the Tactics of the Equifax Attackers

Thwarting the Tactics of the Equifax Attackers

We are now 3 months on from one of the biggest, most significant data breaches in history, but has it redefined people's awareness on security?

The answer to that is absolutely yes, awareness is at an all-time high. Awareness, however, does not always result in positive action. The fallacy which is often assumed is "surely, if I keep my software up to date with all the patches, that's more than enough to keep me safe?". It's true, keeping software up to date does defend against known vulnerabilities, but it's a very reactive stance. The more important part is protecting against the unknown.

Something every engineer will agree on is that security is hard, and maintaining systems is even harder. Patching or upgrading systems can lead to unforeseen outages or unexpected behaviour due to other fixes which may be applied. This, in most cases, can cause huge delays in the deployment of patches or upgrades, due to requiring either regression testing or deployment in a staging environment. Whilst processes are followed, and tests are done, systems are sat vulnerable, ready to be exploited if they are exposed to the internet.

Looking at the wider landscape, an increase in security research Continue reading

Reflections from Copenhagen: RIPE NCC IPv6 Hackathon and Danish IPv6 Day

On 4-5 November, a group of enthusiastic and skillful people gathered at the 6th RIPE NCC hackathon with a theme of IPv6. The event was organized by RIPE NCC and DKNOG, sponsored by Comcast, hosted by IT University of Copenhagen and aimed to bring together open-minded developers and network engineers to work on different ideas and projects from the IPv6 field.

I was honoured to be a jury member and even before the hackathon we were quite busy rating all the submissions that came in, as the number of hackathon participants was limited. All potential participants had to submit a short bio, explain what kind of development (programming) knowledge they had, and also what their ideas or expectations for the hackathon were. We selected 24 participants – and what a skillful bunch that was! In total we were 33 people in the room, 24 participants, 5 jurors and 4 RIPE NCC staff for on-site support.

On Saturday,  4 November, the group came together at IT University of Copenhagen and after a short opening and update on logistics and rules of the hackathon, people got to work. First was a “speaker’s corner”, where everyone with an idea for a Continue reading

Supercomputing is becoming super-efficient, Top500 list shows

Supercomputing is becoming super-efficient. The highest climber in the latest Top500 list of the world's fastest supercomputers is also one of the highest scorers on the Green500 ranking of the world's most efficient.But the November 2017 edition of the Top500 and Green500 is also remarkable in other ways, as it marks a tipping point in U.S. dominance of the list.[ See these top supercomputers at our slideshow 10 of the world’s fastest supercomputers. ]Chinese systems now outnumber U.S. systems on the list by 202 to 144, a reversal of the situation just six months ago, when the U.S. had 169 systems in the Top500 vs China's 160. It will still be a long while before third-placed Japan overtakes the U.S.: It has 35 systems in the list, followed by Germany with 20, France with 18, and the UK with 15.To read this article in full, please click here

Supercomputing is becoming super-efficient, Top500 list shows

Supercomputing is becoming super-efficient. The highest climber in the latest Top500 list of the world's fastest supercomputers is also one of the highest scorers on the Green500 ranking of the world's most efficient.But the November 2017 edition of the Top500 and Green500 is also remarkable in other ways, as it marks a tipping point in U.S. dominance of the list.[ See these top supercomputers at our slideshow 10 of the world’s fastest supercomputers. ]Chinese systems now outnumber U.S. systems on the list by 202 to 144, a reversal of the situation just six months ago, when the U.S. had 169 systems in the Top500 vs China's 160. It will still be a long while before third-placed Japan overtakes the U.S.: It has 35 systems in the list, followed by Germany with 20, France with 18, and the UK with 15.To read this article in full, please click here

10 of the world’s fastest supercomputers

10 of the world's fastest supercomputersImage by Henrik5000 / Getty ImagesThe semi-annual Top500 ranking of the world’s fastest supercomputers is in for fall 2018 with China claiming 227 of the 500 spots on the list, although it managed to take just two places in the top 10. The United states took five of the top 10, including first and second place. New to the Top500 rankings at number 205 is Astra, an HPE-built machine at Sandia National Laboratories that is the first powered by ARM chips to make the list. The top 10 highlighted in this slideshow demonstrate what might become available in corporate data centers.To read this article in full, please click here

10 of the world’s fastest supercomputers

10 of the world's fastest supercomputersImage by Henrik5000 / Getty ImagesThe semi-annual Top500 ranking of the world’s fastest supercomputers is in for fall 2018 with China claiming 227 of the 500 spots on the list, although it managed to take just two places in the top 10. The United states took five of the top 10, including first and second place. New to the Top500 rankings at number 205 is Astra, an HPE-built machine at Sandia National Laboratories that is the first powered by ARM chips to make the list. The top 10 highlighted in this slideshow demonstrate what might become available in corporate data centers.To read this article in full, please click here

Deploy360 at IETF 100, Day 2: More IPv6 & IoT

This week is IETF 100 in Singapore, and we’re bringing you daily blog posts highlighting some of the topics that Deploy360 is interested in. ‘Things’ are less hectic today, although there’s still plenty to follow in the areas of IPv6, the Internet of Things and encryption.

There’s a couple of choices for starting the day at 09.30 SGT/UTC+8. ACE is defining a framework for authentication and authorization in IoT environments based on OAuth 2.0 and CoAP, and there are 8 drafts up for discussion. Alternatively, DMM will be meeting to discuss issues related to Mobile IPv6.

NOTE: If you are unable to attend IETF 100 in person, there are multiple ways to participate remotely.

After lunch is 6MAN at 13.30 SGT/UTC+8 which is one of the key IPv6-related Working Groups. There’s one working group sponsored draft on IPv6 Node Requirements that specifies the minimum requirements for enabling effective IPv6 functionality and interoperability on nodes. There are also three recommendations on the security and privacy implications of IPv6, temporary IPv6 interface identifiers, and on the filtering of IPv6 packets containing extension headers, a further draft requesting the creation of an IANA registry for the Prefix Information Option in the IPv6 Neighbour Continue reading

Go, don’t collect my garbage

Not long ago I needed to benchmark the performance of Golang on a many-core machine. I took several of the benchmarks that are bundled with the Go source code, copied them, and modified them to run on all available threads. In that case the machine has 24 cores and 48 threads.

CC BY-SA 2.0 image by sponki25

I started with ECDSA P256 Sign, probably because I have warm feeling for that function, since I optimized it for amd64.

First, I ran the benchmark on a single goroutine: ECDSA-P256 Sign,30618.50, op/s

That looks good; next I ran it on 48 goroutines: ECDSA-P256 Sign,78940.67, op/s.

OK, that is not what I expected. Just over 2X speedup, from 24 physical cores? I must be doing something wrong. Maybe Go only uses two cores? I ran top, it showed 2,266% utilization. That is not the 4,800% I expected, but it is also way above 400%.

How about taking a step back, and running the benchmark on two goroutines? ECDSA-P256 Sign,55966.40, op/s. Almost double, so pretty good. How about four goroutines? ECDSA-P256 Sign,108731.00, op/s. That is actually faster than 48 goroutines, what is going on?

I ran the benchmark Continue reading

New Dates for the Building Network Automation Solutions Online Course

We’re slowly wrapping up the autumn 2017 Building Network Automation Solutions online course, so it’s time to schedule the next one. It will start on February 13th and you can already register (and save $700 over regular price as long as there are Enthusiast tickets left).

Do note that you get access to all course content (including the recordings of autumn 2017 sessions) the moment you register for the course. You can also start building your lab and working on hands-on exercises way before the course starts.

Read more ...

Introduction to Virtual Device Context- VDC in Nexus Environment

Today I am going to talk about the virtual feature in the Cisco Nexus devices called as VDC. VDC stands for Virtual Device Context. With the help of VDC we can convert a single physical Nexus device or chassis into various virtual devices or chassis and that depends upon the SUP engine we are using in the device.

Keep in mind that VDC feature is not available in any of the Nexus device below 7K. So now we have the question like how many VDCs we can create in a single Nexus Chassis.

Look at the below picture, you are going to replace Core and Distribution physical switches with the a single Nexus Switch where we create two different VDC for Core and Aggregation layer. The picture defines the right way for your 3 layer architecture in the Datacenter environment.

Hope picture and the below mentioned description will help you guys to understand the concept of the VDC in the datacenter environment.

Fig 1.1- VDC Topology

How many VDC, we can create ?
Well VDC depends upon the SUP engine we are using. Like if we are using SUP 1, we can create maximum of 3 VDCs, if we are using Continue reading

Deploy360 at IETF 100, Day 1: IPv6 and IoT

This week is the one hundredth meeting of the IETF in Singapore, and to celebrate the occasion we’re bringing you daily blog posts highlighting some of the topics that Deploy360 is interested in. And once again, Monday is our busiest day with no fewer than 7 working groups covering the areas of IPv6 and the Internet-of-Things.

The day kicks off at 09.30 SGT/UTC+8 with DNSOP (which continues on Thursday) and has a full agenda with 11 drafts up for discussion. An important draft discussing the RFC5011 rollover strategy has failed to reach consensus, with another draft defining and clarifying DNS terminology requiring further review.

The Working Group has picked up a draft on extending error messages to better report the cause of DNS and DNSSEC failures, whilst the draft updating RFC6761 to ensure “localhost” can be safely relied upon as a name for the local host’s loopback interface should now be close to WGLC. There’s also Deploy360 involvement in a new draft on the requirements for a validator to be able to perform accurate validation, with Dan York being one of the co-authors.

NOTE: If you are unable to attend IETF 100 in person, there are multiple ways to participate remotely.

Continue reading

Passed JNCIP-DC

I took JNCIP-DC Exam and could pass it. My review on the exam and Prep strategy.

Materials

-> Juniper Documentation

-> Cisco Implementing EVPN Video series – Safari press

-> Juniper Qfx1000 Github and vagrant images

-> DCX , ADCX , TDCX Materials

-> Hand’s on Implementation and 4 months Study (Not including any weekends)

 

Exam in itself was not that tough to be frank, but depth of questions covered all the concepts. There is no topic that you could leave from official blue-print, everything is touched and everything is touched at a fairly equal way.

 

Recommendations

-> Use the Github page for Juniper QFX1000 and download the vagrant images for practise

-> Revise Evpn and QFX-Series Books and you should be good

-> If you can, go through the official course-ware as they are good for review and exam prep

-> Evpn from Cisco’s standpoint is pretty much covered by Many learning instructors like INE,CBT use them to learn the technology if you are Video based learning individual.

 

-RAKESH

 

 

 

 

1 1,589 1,590 1,591 1,592 1,593 3,476