Day Two Cloud 200: Coaching For Accidental (And On-Purpose) Managers
Going from a tech role to manager is more than just a new gig---it's a full-blown career change. On today's Day Two Cloud we talk with management coach Steve Dwire about a manager's primary responsibilities, what new managers usually get wrong, management education vs. experience, and how to get better at the job. This episode goes places we didn't expect, so come along for the ride.
The post Day Two Cloud 200: Coaching For Accidental (And On-Purpose) Managers appeared first on Packet Pushers.
Day Two Cloud 200: Coaching For Accidental (And On-Purpose) Managers
Going from a tech role to manager is more than just a new gig---it's a full-blown career change. On today's Day Two Cloud we talk with management coach Steve Dwire about a manager's primary responsibilities, what new managers usually get wrong, management education vs. experience, and how to get better at the job. This episode goes places we didn't expect, so come along for the ride.Leveraging Calico flow logs for enhanced observability
In my previous blog post, I discussed how transitioning from legacy monolithic applications to microservices based applications running on Kubernetes brings a range of benefits, but that it also increases the application’s attack surface. I zoomed in on creating security policies to harden the distributed microservice application, but another key challenge this transition brings is observing and monitoring the workload communication and known and unknown security gaps.
In a more traditional application architecture, traffic will flow between tiers of an application and will usually traverse a firewall, and at that point, can be observed and actioned. In Kubernetes, the network architecture is much flatter, and thus creates a challenge for the more traditional means of observing flows in the cluster.
However since Calico is able to secure workloads on this flat network, it also means it can observe these traffic flows, too. In fact, Calico can report far more data about these flows over what a traditional 5-tuple firewall would, allowing DevOps and Security teams to make more informed decisions to effectively secure their applications.
Calico’s 52 data types
Traditional firewalls will report on five data types, or tuples, of a flow. Namely:
- The source IP address
- The destination Continue reading
Speaker Spotlight: eSentire’s Tia Hopkins on the Importance of Chief Cyber Resilience Officers, Emerging Tech, and Inclusion
Chief Cyber Resilience Officer and Field CTO details her 20-year background in the IT security industry and previews her upcoming keynote presentation on our 'Network Resilience Boot Camp' Thursday, June 29.Speaker Spotlight: StrategITcom’s Carrie Goetz Details Chaos Engineering, STEM Education, and Inclusion
Principal and CTO Carrie Goetz details her 40-year background in the global digital infrastructure industry and previews her upcoming keynote presentation on 'Network Resilience Boot Camp' Thursday, June 29.HS050 The Tech Job Debacle
Google, Microsoft, Twitter, META/FB and a few others laid off an estimated 200,000 tech and tech-adjacent folks in recent weeks. Other companies like Fedex and Amazon have made layoffs, many impacting the IT teams. What does that mean for the tech industry? Between AI and our corporate overlords are we all lucky to be employed, and should we go back to working 80 hour in-office weeks?
The post HS050 The Tech Job Debacle appeared first on Packet Pushers.
HS050: The Tech Job Debacle
Google, Microsoft, Twitter, META/FB and a few others laid off an estimated 200,000 tech and tech-adjacent folks in recent weeks. Other companies like Fedex and Amazon have made layoffs, many impacting the IT teams. What does that mean for the tech industry? Between AI and our corporate overlords are we all lucky to be employed, and should we go back to working 80 hour in-office weeks?
Subnet Cheat Sheet: IPv4 Subnetting for Beginners
Are you new to subnetting? This cheat sheet will help you get started with easy-to-follow instructions & helpful diagrams. Subnet confidently in no time.Happy 50th Birthday Ethernet!
Some 50 years ago, at the Palo Alto Research Centre of that renowned photocopier company Xerox, a revolutionary approach to local digital networks was born. On the 22nd of May 1973 Bob Metcalf authored a memo that described "X-Wire", a 3Mbps common bus office network system developed at Xerox's Palo Alto Research Center (PARC). There are very few networking technologies from the early 70's that have proved to be so resilient (TCP/IP is the only other major networking technology from that era that I can recall), so it’s worth looking at Ethernet a little closer in order to see why it has enjoyed such an unusual longevity.Top 10 Things to Look for in a SASE Architecture
Here are the ten most important elements to consider when choosing a SASE architecture — according to Gartner's favor of single-vendor and integrated solutions.Heavy Wireless 005: How To Build A Wi-Fi Community With Ferney Munoz
Have you ever wanted to build a community of professionals in your field, but didn't know where to start? In this episode of the Heavy Wireless podcast, Keith Parsons interviews Ferney Munoz, founder of the Tes@s en Wi-Fi community in Latin America, to learn how he built a successful community of Wi-Fi professionals.
The post Heavy Wireless 005: How To Build A Wi-Fi Community With Ferney Munoz appeared first on Packet Pushers.
Heavy Wireless 005: How To Build A Wi-Fi Community With Ferney Munoz
Have you ever wanted to build a community of professionals in your field, but didn't know where to start? In this episode of the Heavy Wireless podcast, Keith Parsons interviews Ferney Munoz, founder of the Tes@s en Wi-Fi community in Latin America, to learn how he built a successful community of Wi-Fi professionals.My Belated Review of Cisco Live 2023
It’s been a couple of weeks since Cisco Live US 2023 and I’m just now getting around to writing about it. I was thrilled to attend my 18th Cisco Live and it was just the thing I needed to reconnect with the community. The landscape of Cisco Live looks a little different than it has in years past. There are some challenges that are rising that need to be studied and understood before they become bigger than the event itself.
Showstopping Reveals? Or Consistent Improvement?
What was the big announcement from Cisco this year? What was the thing that was said on stage that stopped the presses and got people chattering? Was it a switch? A firewall? Was it a revolutionary new AI platform? Or a stable IP connection to Mars? Do you even know? Or was it more of a discussion of general topics with some technologies brought up alongside them?
In the last few years you may have noticed that the number of huge big announcements coinciding with the big yearly conferences has come down a bit. Rather than having some big news drop the morning of the keynote the big reveals are being given their own time Continue reading
Overcoming security gaps with active vulnerability management
Organizations can reduce security risks in containerized applications by actively managing vulnerabilities through scanning, automated image deployment, tracking runtime risk and deploying mitigating controls to reduce risk.
Kubernetes and containers have become de facto standards for cloud-native application development due to their ability to accelerate the pace of innovation and codify best practices for production deployments, but such acceleration can introduce risk if not operationalized properly.
In the architecture of containerized applications, it is important to understand that there are highly dynamic containers distributed across cloud environments. Some are ephemeral and short-lived, while others are more long-term. Traditional approaches to securing applications do not apply to cloud-native workloads because most deployments of containers occur automatically with an orchestrator that removes the manual step in the process. This automatic deployment requires that the images be continuously scanned to identify any vulnerabilities at the time of development in order to mitigate the risk of exploit during runtime.
In addition to these challenges, software supply chain adds complexity to vulnerability scanning and remediation. Applications increasingly depend on containers and components from third-party vendors and projects. As a result, it can take weeks or longer to patch the affected components and release new software Continue reading
Upcoming Training: BGP Policy
On July 21st I’ll be teaching BGP Policy over at Safari Books Online. From the description:
This course begins by simplifying the entire BGP policy space into three basic kinds of policies that operators implement using BGP—selecting the outbound path, selecting the inbound path, and “do not transit.” A use case is given for each of these three kinds, or classes, of policies from the perspective of a transit provider, and another from the perspective of a nontransit operator connected to the edge of the ‘net. With this background in place, the course will then explore each of the many ways these classes of policy may be implemented using local preference, AS Path prepending, various communities, AS Path poisoning, and other techniques. Positive and negative aspects of each implementation path will be considered.
My courses are going through a bit of updating, but I think August and September will be How the Internet Really Works, followed by an updated course on troubleshooting. I’m incorporating more tools into the course, including (of course!) ChatGPT. Watch this space for upcoming announcements.