Google faces new antitrust investigation in Turkey

Antitrust concerns about Google's tying of its app store and services to use of the Android OS are spreading, as Turkey's Competition Board has opened an inquiry, reversing an earlier decision.Russian search company Yandex filed a complaint with the board in 2015, alleging that Google requires smartphone manufacturers to pre-load Google Play Store, Google Play Services and Google Mobile Services on any Android devices they sell, and to make Google Search the default search provider on those devices.Such behavior would be a concern for Yandex, which offers app store, mobile mapping and search services of its own.To read this article in full or to leave a comment, please click here

Response: Cisco’s Identity Crisis: Complexity, Pride, and SD-WAN

An excellent post from Eyvonne Sharp highlights one of Cisco’s weakest areas, its enduring passion for too many products, too many options, too much complexity:

With that in mind consider Cisco, a company in love with complexity. They’ve built their business making complex systems. Their culture breeds nerd knobs. They’ve built certification tracks — through which many network engineers have built their careers — to develop expert level understanding of their products.

At the same time, engineers operate in a culture were we believe configuration and operational complexity have inherent value. We unconsciously embrace the following logic: Networks are complex. One must be smart to understand networks. I understand networks. Therefore, I’m smart.

We extrapolate this logic and believe that complexity, for complexity’s sake, makes us superior. In truth, our pride has tied gordian knot with complexity and we don’t know how to unravel it.

Using SD-WAN as a use case to highlight Cisco’s love of its own complex technology instead of radically redefining itself. Cisco has limited traction in SD-WAN space because its current technology is hard to design, harder to operate and lacks features. While the business units are doing their best to make it simple, building on Continue reading

Why Automation is Necessary in IT

How to remotely control your Windows 10 computer via Google Chrome

Google provides a free and powerful tool, Chrome Remote Desktop, that lets you connect to and control your Windows 10 computer over the internet. (It also works with Windows 7 and Windows 8.) The computer has to be running Chrome, of course, and you also need a Gmail account to sign in to Chrome in order to use this feature.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 3.6.17

New products of the weekImage by CertaOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.A10 Networks Thunder CFW, with integrated Gi/SGi firewall capabilitiesImage by a10To read this article in full or to leave a comment, please click here

New products of the week 3.6.17

New products of the weekImage by CertaOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.A10 Networks Thunder CFW, with integrated Gi/SGi firewall capabilitiesImage by a10To read this article in full or to leave a comment, please click here

Review: vArmour flips security on its head

Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We’ve even reviewed dedicated threat-hunting tools that ferret out malware that’s already active inside a network. However, what if there were a different way to approach security? Instead of searching for behaviors that might indicate a threat, what if you could define everything that is allowed within a network? If every process, application and workflow needed to conduct business could be defined, then by default everything outside of those definitions could be flagged as illegal. At the very least, critical programs could be identified and all interactions with them could be tightly defined and monitored. It’s a different way of looking at security, called segmentation.To read this article in full or to leave a comment, please click here(Insider Story)

Review: vArmour flips security on its head

Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We’ve even reviewed dedicated threat-hunting tools that ferret out malware that’s already active inside a network. However, what if there were a different way to approach security? Instead of searching for behaviors that might indicate a threat, what if you could define everything that is allowed within a network? If every process, application and workflow needed to conduct business could be defined, then by default everything outside of those definitions could be flagged as illegal. At the very least, critical programs could be identified and all interactions with them could be tightly defined and monitored. It’s a different way of looking at security, called segmentation.To read this article in full or to leave a comment, please click here(Insider Story)

Review: vArmour flips security on its head

Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We’ve even reviewed dedicated threat-hunting tools that ferret out malware that’s already active inside a network.To read this article in full or to leave a comment, please click here(Insider Story)

Worth Reading: Agile Development and Security

Matthias Luft (a good friend of mine, and a guest speaker in the upcoming Building Next-Generation Data Center course) wrote a great post about the (lack of) security in software development.

The parts I like most (and they apply equally well to networking):

iPhone 8 Rumor Rollup: new Lightning twist; Apple getting schooled; delivery delay?

Despite the fact that Apple had no presence at the big Mobile World Congress event in Barcelona this past week, rumors about the iPhone 8 or iPhone X did not subside.Sure, Android and Windows had their week in the spotlight at MWC, but inquiring minds also wanted to know what's up with rumors about a possible new port on the next flagship iPhone.LIGHTNING FAST CHARGING The Wall Street Journal and others reported that a USB Type-C port might be coming to the iPhone 8 to deliver faster charging and data transfer speeds. But by the end of the week, in part because of commentary from KGI Securities analyst Ming-Chi Kuo (revealed by MacRumors), the consensus seemed to be that the USB Type-C connecter will indeed come to the next iPhone, but on the other end of the cord from the Lightning connector. That's similar to what you find in the 12.9-inch iPad Pro.To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic Senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing on Sunday, the site was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing, the Pennsylvania Senate Democratic Caucus website was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text, since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic Senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing on Sunday, the site was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing, the Pennsylvania Senate Democratic Caucus website was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text, since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Netops with Emacs and Org mode

Org mode is a package for Emacs to “keep notes, maintain todo lists, planning projects and authoring documents”. It can execute embedded snippets of code and capture the output (through Babel). It’s an invaluable tool for documenting your infrastructure and your operations.

Here are three (relatively) short videos exhibiting Org mode use in the context of network operations. In all of them, I am using my own junos-mode which features the following perks:

• syntax highlighting for configuration files,
• commit of configuration snippets to remote devices, and
• execution of remote commands.

Since some Junos devices can be quite slow, commits and remote executions are done asynchronously¹ with the help of a Python helper.

In the first video, I take some notes about configuring BGP add-path feature (RFC 7911). It demonstrates all the available features of junos-mode.

In the second video, I execute a planned operation to enable this feature in production. The document is a modus operandi and contains the configuration to apply and the commands to check if it works as expected. At the end, the document becomes a detailed report of the operation.

In the third video, a cookbook has been prepared to execute Continue reading

NSX-V 6.3: Control Plane Resiliency with CDO Mode

NSX-V 6.3, released last month, introduced many new features. In my last blog post, NSX-V 6.3: Cross-VC NSX Security Enhancements, I discussed several new Cross-VC NSX security features. In this post I’ll discuss another new feature called Controller Disconnected Operation (CDO) mode which provides additional resiliency for the NSX control plane.

The NSX Controllers already offer inherint resiliency for the control plane by design in several ways:

• complete separation of control plane and data plane (even if entire controller cluster is down, data plane keeps forwarding)
• controller cluster of three nodes allows for loss of controller with no disruption to NSX control plane
• vSphere HA provides additional resiliency by recovering the respective NSX controller on another node if host it’s running on fails

For the reasons mentioned above, it’s a rare event and unlikely that communication would be lost with the entire NSX Controller Cluster. In NSX-V 6.3, this control plane resiliency is enhanced even further via CDO mode.

CDO mode targets specific scenarios where control plane connectivity is lost, for example, a host losing control plane connectivity, losing control plane connectivity to the controller cluster, or NSX controllers are down. CDO mode enhances control plane Continue reading

IDC projects Windows Phone share to be big fat goose egg by 2021

Market watcher IDC anticipates the worldwide smartphone market will bounce back over the next few years from a sluggish 2016, but Microsoft is not expected to take part in that celebration.In fact, while Android smartphone shipments are projected to edge up from 85% this year to 85.3% in 2021 and Apple iPhones are expected to slip a tad from 14.7% to 14.6%, Windows Phone's meager 0.1% share in 2017 will drop to 0% if IDC is on the mark.While Windows Phone's predecessor, Windows Mobile, led the U.S. market as recently as 10 years ago, iOS and BlackBerry blew by it before long in the United States, and Symbian ruled worldwide until its own decline beginning in 2011.To read this article in full or to leave a comment, please click here

Uber and the Terrible, Horrible, No Good, Very Bad Month

On February 19th, this year, Susan J. Fowler, a software engineer who left Uber (I don’t have to explain what Uber is, do I?) to work for Stripe (okay, I’ll outline what they are: Stripe has been described as “the PayPal of the mobile era”) blogged about her experience of working at Uber. She outlined a nightmarish corporate culture of poor management, backstabbing, dirty politics, and negligent human resources, along with apparently endemic and rampant sexual discrimination and harassment. To read this article in full or to leave a comment, please click here

Enough with “the Cyber”!

Email is great; it’s transformed business, enabled geographically dispersed families and friends to stay in touch, redefined news distribution, transformed sales pipelines … the list of good stuff about email is endless. But, as many people have discovered to their cost, keeping control of your email account requires effort, effort like not using dumb, easy-to-guess passwords, and making sure your email hosting service is reliable and not, for example, Yahoo or AOL. And these issues aren’t anything like new, recent discoveries; we’ve all known for over a decade where the risks lie … well, all of us except, apparently, for the government.I don’t know about you, but  during the 2016 election I was fairly surprised when the Democratic National Committee email system was hacked after which the email account of John Podesta, the DNC chairperson, was hacked. You’d have thought that the folks who manage IT for these people would have known the risks and done more to minimize exposure but when simple phishing and malware intrusions that should never of happened and which went undetected were successful, then you have to wonder where the disconnect lies.To read this article in full or to leave a comment, Continue reading