Archive

Category Archives for "Networking"

IDG Contributor Network: IoT protects fishing fleets and global fisheries with RPMA technology

The global seafood industry is over $190 billion. Millions of fishers take to the oceans each day to feed local communities and a growing global appetite for seafood.How can the demand for fish be met while maintaining healthy oceans? A new IoT-based solution holds promise.Background: The challenge of monitoring fishing boats Over half of the world’s seafood is exported from developing countries. Much of the catch is from small fishing boats, which are difficult to monitor and protect. Commercial fishing in developing regions typically occurs within 30 miles from land. Establishing a communication channel that can support hundreds of fishing boats spread out over a large area is a challenge. Boats are small and lack dependable power. Devices have to be both affordable and rugged.To read this article in full or to leave a comment, please click here

VMware, Splunk & Juniper among highest paying networking companies

Networking and other technology businesses are among the highest paying companies in America, according to a new report from jobs marketplace Glassdoor. And if you find yourself out of a tech job, well, there’s always consulting, where the pay isn’t too shabby either. In fact, the top two companies on the list, A.T. Kearney and PwC’s Strategy&, are both consulting firms, and two others are on the Top 25 List as well. A.T. Kearney and Strateg& offer median total compensation of $175K and $172K, respectively, according to the Glassdoor study, which is based on self-reported data by Glassdoor members. The report reveals total and base compensation, with the difference between the two often in the $15K-$30K range once you factor in commissions, bonuses, etc. To read this article in full or to leave a comment, please click here

Detecting insider threats is easier than you think

When it came to the physical plant, it used to be easy with surveillance cameras and access badges to tell if an insider was up to no good. Now with a more virtual network, you can’t always know if the person sitting in the next cubicle is gaining access to confidential documents. While the insider threat still connotes an employee of the company, the intruder is no longer someone located within the confines of the building. Accessing the network can happen from such public places as the local coffee shop. “For companies today, where old corporate lines are disappearing more frequently, the challenges only increase. Enterprises need to adapt their policies and procedures to prevent threats by securing corporate end-point equipment and the right tools that protect and allow users to do their work,” said Matias Brutti, a hacker at Okta. “Work environments are constantly changing, so monitoring is difficult on a corporate level.”To read this article in full or to leave a comment, please click here

Detecting insider threats is easier than you think

When it came to the physical plant, it used to be easy with surveillance cameras and access badges to tell if an insider was up to no good. Now with a more virtual network, you can’t always know if the person sitting in the next cubicle is gaining access to confidential documents. While the insider threat still connotes an employee of the company, the intruder is no longer someone located within the confines of the building. Accessing the network can happen from such public places as the local coffee shop. “For companies today, where old corporate lines are disappearing more frequently, the challenges only increase. Enterprises need to adapt their policies and procedures to prevent threats by securing corporate end-point equipment and the right tools that protect and allow users to do their work,” said Matias Brutti, a hacker at Okta. “Work environments are constantly changing, so monitoring is difficult on a corporate level.”To read this article in full or to leave a comment, please click here

Proper isolation of a Linux bridge

TL;DR: when configuring a Linux bridge, use the following commands to enforce isolation:

# bridge vlan del dev br0 vid 1 self
# echo 1 > /sys/class/net/br0/bridge/vlan_filtering

A network bridge (also commonly called a “switch”) brings several Ethernet segments together. It is a common element in most infrastructures. Linux provides its own implementation.

A typical use of a Linux bridge is shown below. The hypervisor is running three virtual hosts. Each virtual host is attached to the br0 bridge (represented by the horizontal segment). The hypervisor has two physical network interfaces:

  • eth0 is attached to a public network providing various services for the virtual hosts (DHCP, DNS, NTP, routers to Internet, …). It is also part of the br0 bridge.
  • eth1 is attached to an infrastructure network providing various services to the hypervisor (DNS, NTP, configuration management, routers to Internet, …). It is not part of the br0 bridge.

Typical use of Linux bridging with virtual machines

The main expectation of such a setup is that while the virtual hosts should be able to use resources from the public network, they should not be able to access resources from the infrastructure network (including resources hosted on the hypervisor itself, like a Continue reading

Kubernetes networking 101 – Services

In our last post we talked about how Kubernetes handles pod networking.  Pods are an important networking construct in Kubernetes but by themselves they have certain limitations.  Consider for instance how pods are allocated.  The cluster takes care of running the pods on nodes – but how do we know which nodes it chose?  Put another way – if I want to consume a service in a pod, how do I know how to get to it?  We saw at the very end of the last post that the pods themselves could be reached directly by their allocated pod IP address (an anti-pattern for sure but it still works) but what happens when you have 3 or 4 replicas?  Services aim to solve these problems for us by providing a means to talk to one or more pods grouped by labels.  Let’s dive right in…

To start with, let’s look at our lab where we left at the end of our last post

 

If you’ve been following along with me there are some pods currently running.  Let’s clear the slate and delete the two existing test deployments we had out there…

user@ubuntu-1:~$ kubectl delete deployment pod-test-1
deployment "pod-test-1"  Continue reading

Fortinet upgrades for better cloud, SD-WAN protection

Fortinet has rolled out a new version of its FortiOS operating system that gives customers the ability to manage security capabilities across their cloud assets and software-defined wide area networking (SD-WAN) environments.With FortiOS 5.6, the company’s Fortinet Security Fabric gives a view of customers’ public and private clouds – including Amazon Web Services and Azure – as well as assets on and their software-defined WANs, says John Maddison, Fortinet’s senior vice president of products.+More on Network World: DARPA to eliminate “patch & pray” by baking chips with cybersecurity fortification+To read this article in full or to leave a comment, please click here

Fortinet upgrades for better cloud, SD-WAN protection

Fortinet has rolled out a new version of its FortiOS operating system that gives customers the ability to manage security capabilities across their cloud assets and software-defined wide area networking (SD-WAN) environments.With FortiOS 5.6, the company’s Fortinet Security Fabric gives a view of customers’ public and private clouds – including Amazon Web Services and Azure – as well as assets on and their software-defined WANs, says John Maddison, Fortinet’s senior vice president of products.+More on Network World: DARPA to eliminate “patch & pray” by baking chips with cybersecurity fortification+To read this article in full or to leave a comment, please click here

Fortinet upgrades for better cloud, SD-WAN protection

Fortinet has rolled out a new version of its FortiOS operating system that gives customers the ability to manage security capabilities across their cloud assets and software-defined wide area networking (SD-WAN) environments.With FortiOS 5.6, the company’s Fortinet Security Fabric gives a view of customers’ public and private clouds – including Amazon Web Services and Azure – as well as assets on and their software-defined WANs, says John Maddison, Fortinet’s senior vice president of products.+More on Network World: DARPA to eliminate “patch & pray” by baking chips with cybersecurity fortification+To read this article in full or to leave a comment, please click here

How to decide between cloud, on-premise and As-a-Service

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.Deciding whether and how to use cloud computing is a complex, and made all the more complicated by the overwhelming number of vendors and products. What’s more, hybrid and multicloud approaches blur the lines between the cloud and on-premise deployment options.With an operations team that counsels organizations on which type of architecture is best for them – on premise, cloud, hybrid or multicloud – and then evaluates what went well and didn’t in all four kinds of deployments, here’s our view of what situations tip the scale toward one approach or another.  While the context is data storage, this analysis applies to most enterprise IT scenarios.To read this article in full or to leave a comment, please click here

How to decide between cloud, on-premise and As-a-Service

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.

Deciding whether and how to use cloud computing is a complex, and made all the more complicated by the overwhelming number of vendors and products. What’s more, hybrid and multicloud approaches blur the lines between the cloud and on-premise deployment options.

With an operations team that counsels organizations on which type of architecture is best for them – on premise, cloud, hybrid or multicloud – and then evaluates what went well and didn’t in all four kinds of deployments, here’s our view of what situations tip the scale toward one approach or another.  While the context is data storage, this analysis applies to most enterprise IT scenarios.

To read this article in full or to leave a comment, please click here

21% off Seagate Backup Plus Hub for Mac, 4TB External Desktop Hard Drive – Deal Alert

Back up your files, precious photos and videos while connecting to and recharging any USB device, such as your tablet, smartphone or camera -- even if your system is off or in standby mode. The Backup Plus Hub for Mac is fully compatible with Time Machine, and will work with Windows based computers as well. This model has integrated USB ports, and packs a generous 4TB of space for just $109.99, a 21% discount over its typical list price of $139.99. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

21% off Seagate Backup Plus Hub for Mac, 4TB External Desktop Hard Drive – Deal Alert

Back up your files, precious photos and videos while connecting to and recharging any USB device, such as your tablet, smartphone or camera -- even if your system is off or in standby mode. The Backup Plus Hub for Mac is fully compatible with Time Machine, and will work with Windows based computers as well. This model has integrated USB ports, and packs a generous 4TB of space for just $109.99, a 21% discount over its typical list price of $139.99. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

HP rises again to be the world’s top PC maker as Lenovo slips

It was another tough quarter for PC shipments, but there was good news for HP, which edged Lenovo to regain the title of world top's PC maker, according to IDC.Worldwide PC shipments totaled 60.3 million units in the first quarter of 2017, growing by just 0.6 percent compared to the same quarter the previous year.IDC previously forecast a decline of 1.8 percent in PC shipments, so the positive growth was a sign the PC market is recovering. Quarterly PC shipments reported positive growth for the first time since the first quarter of 2012. Lenovo previously beat HP for the title of the world's top maker in 2013 and has mostly held the position since then. HP regained the top spot this quarter boosted by strong laptop shipments worldwide. Now the question remains if HP can hold the spot.To read this article in full or to leave a comment, please click here

Microsoft kicks security bulletins to the curb in favor of security update guide

Forget about security bulletins; Microsoft is so done with them. Now, it’s all about the Security Update Guide – something Microsoft claimed customers wanted back in November 2016. Bulletins were supposed to bite the dust starting in January 2017, but it appears as if they did starting in April 2017. This new era for patching Microsoft is great, if you really like clicking again and again. If not, I suppose that is too bad, so sad.The release notes are slightly more informative than the Microsoft Security Response Center post about the April patches. The latter simply stated, “Today we released security updates to provide additional protections against malicious attackers.” Microsoft recommends turning on automatic updates, but probably not to stop the upcoming migraine for the click-fest you will have to endure to find out about the security updates.To read this article in full or to leave a comment, please click here

Microsoft kicks security bulletins to the curb in favor of security update guide

Forget about security bulletins; Microsoft is so done with them. Now, it’s all about the Security Update Guide – something Microsoft claimed customers wanted back in November 2016. Bulletins were supposed to bite the dust starting in January 2017, but it appears as if they did starting in April 2017. This new era for patching Microsoft is great, if you really like clicking again and again. If not, I suppose that is too bad, so sad.The release notes are slightly more informative than the Microsoft Security Response Center post about the April patches. The latter simply stated, “Today we released security updates to provide additional protections against malicious attackers.” Microsoft recommends turning on automatic updates, but probably not to stop the upcoming migraine for the click-fest you will have to endure to find out about the security updates.To read this article in full or to leave a comment, please click here

Orange Pi takes on Raspberry Pi with new computer boards

Raspberry Pi may be the most well-known board computer, but rival Orange Pi is rolling out a much larger range of boards at a furious pace and at cheaper prices.The number of board computer users is growing, with Raspberry Pi's shipments passing 10 million units last year. Orange Pi hasn't shipped as many devices but is trying to customize its boards to meet a wider set of computing needs. The latest board computer is the US$30 Orange Pi Prime, which is almost identical to Raspberry Pi 3 in terms of features. The Orange Pi Prime has better graphics by using a Mali-450 GPU, which can process 2K video.To read this article in full or to leave a comment, please click here