True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

Network Automation with Netmiko

802.11ax WiFi Faces Technical Challenges

MPLS Scenario: Manually Configuring a BGP Router ID per VRF

Today I am going to talk about the configuration part of the BGP router id per VRF. In my example we took two different VRFs name NB and ttlbits and defined that VRF configurations.

The IP addresses are used here is for the demo purposes only and has no relevance with any of the enterprise network. These configurations are the demo configurations and will help you out for the configuration on your live network.

Below are the steps to configure the BGP router id per VRF. These steps are

• Defining VRF_ttlbits on the router
• Defining VRF_NB on the router
• Configuring Loopback with the IP address
• Configuring Ethernet interfaces with VRF
• Configuring VPNv4 and IPv4 address family

Fig 1.1- Basic Sample MPLS network topology

Below is the basic configuration of defining the VRF

Defining VRF ttlbits on the router

!

ip vrf vrf_ttlbits

 rd 45000:1

 route-target export 50000:50

 route-target import 40000:1

!

Defining VRF NB on the router

!

ip vrf vrf_NB

 rd 65500:1

 route-target export 65500:1

 route-target import 65500:1

!

Configuring Loopback with the IP address

!

interface Loopback0

 ip address 10.10.10.1 255.255.255.255

!

Configuring Ethernet interfaces with the IP address

interface Ethernet0/0

 ip vrf forwarding vrf_ttlbits

 ip address Continue reading

New in Ansible for Networking Engineers

I’ve added two new case studies to Ansible for Networking Engineers online course:

Create network diagrams from LLDP information playbook focuses on creating a single summary report based on information from numerous devices (and the report just happens to be network diagram in DOT format).

Route where you can , switch where you must – Is it true ?

Route where you can , switch where you must. If you are from networking background most probably you heard this many times. But is it true or like anything else, does it depend on the situation and other parameters ?   Yes, you are right, it depends.   When you hear a quote , at […]

The post Route where you can , switch where you must – Is it true ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either thinking ahead to figure out how people may act in a given situation, or by learning over time by observing what people are doing. Since attackers learn over time by collecting feedback, obfuscating what they get can really mess up what the attackers are able to learn.

Safeguarding power grids and other critical infrastructure from data leaks

CSO senior writer Steve Ragan talks with cybersecurity experts Krypt3ia and Kodor about how the pair seek out passwords, schematics and other sensitive documents on SCADA control system architectures that shouldn't be available online, passing along tips to federal authorities to combat real-world threats.

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either thinking ahead to figure out how people may act in a given situation, or by learning over time by observing what people are doing. Since attackers learn over time by collecting feedback, obfuscating what they get can really mess up what the attackers are able to learn.

Safeguarding power grids and other critical infrastructure from data leaks

CSO senior writer Steve Ragan talks with cybersecurity experts Krypt3ia and Kodor about how the pair seek out passwords, schematics and other sensitive documents on SCADA control system architectures that shouldn't be available online, passing along tips to federal authorities to combat real-world threats.

Bigleaf Focuses on Channel Resellers to Tackle SD-WAN

Bigleaf intentionally kept security separate from its platform.

Worth Reading: Internet Resource Course

Following the success of the first course ‘Introduction to Cybersecurity’, the APNIC Academy has launched its second course: ‘Internet Resource Management’. The course is for anyone interested in managing their Internet number resources more effectively, familiarising themselves with the Internet ecosystem, and finding out new ways to engage with the Internet community. —APNIC

The post Worth Reading: Internet Resource Course appeared first on rule 11 reader.

5 Wi-Fi analyzer and survey apps for Android

Wi-Fi networks have many variables and points of frustration. Different types of walls, materials and objects can impact the Wi-Fi signal in varying ways. Visualizing how the signals move about the area is difficult without the right tools. A simple Wi-Fi stumbler is great for quickly checking signal levels, but a map-based surveying tool helps you visualize the coverage, interference and performance much more easily. They allow you to load your floor plan map, walk the building to take measurements and then give you heatmaps of the signals and other data.Most Windows-based Wi-Fi surveying tools offer more features and functionality than Android-based tools provide, such as detecting noise levels and providing more heatmap visualizations. However, if you don’t require all the bells and whistles, using an app on an Android-based smartphone or tablet can lighten your load. (And in case you’re wondering why we're not discussing iOS apps, it’s because Apple won’t allow developers access to the Wi-Fi data, thus there can’t be any legit Wi-Fi surveying apps without jailbreaking the device.)To read this article in full or to leave a comment, please click here

Moving to a private cloud tips and considerations

There are a lot of reasons you may be thinking about moving to a private cloud environment. Perhaps you need more security, or maybe you feel the risks of public cloud have outweighed the benefits. But you’re still not certain that this version of web-scale networking is right for your company, and you’re wondering what’s involved in moving from a public cloud to a private one. Not surprisingly, there are several factors to consider when making the move from public to private clouds. Public clouds have their place, but there are many good reasons to switch. In this post we’ll covers some private cloud tips and considerations.

For an even deeper look at reasons you may want to switch to a private cloud, check out our education page, Private Cloud vs. Public Cloud.

Level set: Defining public, private and hybrid clouds

Private clouds take several different forms: semi-private cloud, virtual private cloud (hybrid), and fully private cloud. Each one has their advantages and disadvantages.

Semi-private clouds are similar to public clouds where the cloud is being hosted by a provider, but the access to the cloud is through private channels and not over the Internet. This reduces the problem of lag Continue reading

WiFi Startup Mist Uses Machine Learning to Improve Connectivity

The company has 200 customers, including 10 Fortune 100 companies.

LoRaWAN key to building full-stack production IoT networks

Outside of the consumer market, real examples of the Internet of Things (IoT) often disappoint because in the end, they are limited by one or more of the IoT’s constraints: tens of billions of devices, cheap to acquire, cheap to deploy, security and ubiquitous connections.I spoke with Dave Kjendal, Senet’s vice president of engineering and CTO, because he has built products and networks that meet these constraints. It was insightful because Senet has produced products using the entire IoT stack. Senet’s evolution began in 2009 with low-cost fuel oil tank sensors communicating over the unlicensed airwaves to optimize delivery routes. The company now operates a general purpose LoRaWAN IoT network that covers one-fortieth of the United States. LoRaWAN is an implementation of low-power, wide-area networks designed to transmit small messages at a frequency of about one an hour. It serves about 55 percent of IoT WAN connectivity. It is a different technical approach than what the mobile carriers promise with 3GPP, which is yet to be standardized.To read this article in full or to leave a comment, please click here

Contrarian Reading on Net Neutrality

‘net neturality has been much in the news recently; a while back I did a piece for Tech Target on some of the complexities here, and I ran across three other articles that provide a contrarian view—not what you are likely to hear from the major edge providers. Since I am always trying to understand both sides of an issue, I am always looking for solid, well written views on both sides. It is hard to dig behind the hype in our 140 character world, but it is also important.

Hence this post, with pointers to my older post and three other articles of interest. Warning: some of these are more trenchant and contrarian than others.

The primary foundation of net neutrality explained is this: Providers should not be able to give services they offer any advantage over a competing service running over their network. The perfect example might seem to be voice services. Suppose you purchase access to the internet from a company that not only sells internet access, but also voice services. Now, suppose the provider decides to sell its voice service as superior in quality to any other available voice service — and guarantee its service is Continue reading