Archive

Category Archives for "Networking"

9 big moments in Yahoo’s troubled history

Yahoo is founded in 1994Image by JD Lasica/FlickrIn early 1994, Stanford University grad students Jerry Yang and David Filo launch the website, Jerry and David's Guide to the World Wide Web. Within months, they rename it Yahoo.Yahoo goes public with huge stock gainsImage by Yahoo/FlickrTo read this article in full or to leave a comment, please click here

snaproute Go BGP Code Dive (5): Starting a Peer

Last time we looked at the snaproute BGP code, we discovered the peer bringup process is a finite state machine. With this in mind, let’s try to unravel the state machine into a set of calls, beginning from our original starting point, a debug message that prints on the screen when a new peering relationship is established. The key word in the debug message was ConnEstablished, which led to:

func (fsm *FSM) ConnEstablished() {
fsm.logger.Info(fmt.Sprintln("Neighbor:", fsm.pConf.NeighborAddress, "FSM", fsm.id, "ConnEstablished - start"))
fsm.Manager.fsmEstablished(fsm.id, fsm.peerConn.conn)
fsm.logger.Info(fmt.Sprintln("Neighbor:", fsm.pConf.NeighborAddress, "FSM", fsm.id, "ConnEstablished - end"))
}

From here, we searched for calls to ConnEstablished, and found—

func (fsm *FSM) ChangeState(newState BaseStateIface) {
...
if oldState == BGPFSMEstablished && fsm.State.state() != BGPFSMEstablished {
fsm.ConnBroken()
} else if oldState != BGPFSMEstablished && fsm.State.state() == BGPFSMEstablished {
fsm.ConnEstablished()
}
}

Looking for ChangeState leads us to a lot of different calls, but only one that seems to relate to establishing a new peer, as evidenced by a state that relates to established in some way. This, in turn, leads to—

func (st *OpenConfirmState) processEvent(event BGPFSMEvent, data Continue reading

6 Slack alternatives worth a look

Once upon a time if you wanted employees to collaborate you'd probably encourage them to use Internet Relay Chat (IRC). But about three years ago Slack appeared on the scene, and since then it's been eating IRC's lunch. That's because it's much easier to install, get up and running, and use than IRC, making it massively popular with nontechies. And thanks to a well-documented API it's easy to integrate with other programs and services. That means it's customizable and infinitely extensible, which makes it popular with developers.To read this article in full or to leave a comment, please click here(Insider Story)

Businesses failing to secure privileged accounts

Most companies fail to secure the "keys to the kingdom," according to a new benchmark survey .Last week, privileged account management (PAM) specialist Thycotic and research firm Cybersecurity Ventures released their 2016 State of Privileged Account Management security report, based on the responses of more than 500 IT security professionals who have participated in the Privileged Password Vulnerability Benchmark survey to date.High priority, low compliance While 80 percent of respondents indicated PAM security is a high priority for their organizations, and 60 percent said PAM security is required to demonstrate compliance with government regulations, 52 percent of participants received a failing grade on enforcement of proper privileged credential controls.To read this article in full or to leave a comment, please click here

Businesses failing to secure privileged accounts

Most companies fail to secure the "keys to the kingdom," according to a new benchmark survey .Last week, privileged account management (PAM) specialist Thycotic and research firm Cybersecurity Ventures released their 2016 State of Privileged Account Management security report, based on the responses of more than 500 IT security professionals who have participated in the Privileged Password Vulnerability Benchmark survey to date.High priority, low compliance While 80 percent of respondents indicated PAM security is a high priority for their organizations, and 60 percent said PAM security is required to demonstrate compliance with government regulations, 52 percent of participants received a failing grade on enforcement of proper privileged credential controls.To read this article in full or to leave a comment, please click here

Low-speed Ethernet champions set plugfest ahead of new net standard

Hand-in-hand with the forthcoming adoption of a low-speed Ethernet standard by the IEEE, proponents of the technology will hold an interoperability plugfest in October to tout the readiness of 2.5GBASE-T and 5GBASE-T products.The new specification -- IEEE P802.3bz – defines 2.5GBASE-T and 5GBASE-T, significantly boosting the speed of traditional Ethernet without requiring the tearing out of current cabling.+More on Network World: Ethernet everywhere!+Perhaps most significantly 2.5GbE and 5GbE will allow connectivity to 802.11ac Wave 2 Access Points, considered by many to be the real driving force behind bringing up the speed of traditional NBase-T products.To read this article in full or to leave a comment, please click here

Low-speed Ethernet champions set plugfest ahead of new net standard

Hand-in-hand with the forthcoming adoption of a low-speed Ethernet standard by the IEEE, proponents of the technology will hold an interoperability plugfest in October to tout the readiness of 2.5GBASE-T and 5GBASE-T products.The new specification -- IEEE P802.3bz – defines 2.5GBASE-T and 5GBASE-T, significantly boosting the speed of traditional Ethernet without requiring the tearing out of current cabling.+More on Network World: Ethernet everywhere!+Perhaps most significantly 2.5GbE and 5GbE will allow connectivity to 802.11ac Wave 2 Access Points, considered by many to be the real driving force behind bringing up the speed of traditional NBase-T products.To read this article in full or to leave a comment, please click here

Yahoo’s homepage through the years

A look backImage by YahooWith Yahoo’s sale to Verizon for $4.8 billion confirmed this morning, the Wayback Machine offers us an opportunity to see how one of the Internet’s most iconic address – www.yahoo.com – has evolved over the years.To read this article in full or to leave a comment, please click here

Devices with Qualcomm modems safe from critical ASN.1 telecom flaw

Despite initial concerns, smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile devices. The vulnerability was discovered in ASN1C, a popular compiler that produces C code for parsing ASN.1 encoded data. Abstract Syntax Notation One (ASN.1) is a standard for representing, encoding, transmitting, and decoding data in telecommunications and computer networking. Many devices, from mobile phones to switching equipment inside cellular infrastructure parse ASN.1 data and do so using programs that were created by compilers such as ASN1C, which is developed by U.S.-based Objective Systems.To read this article in full or to leave a comment, please click here

Devices with Qualcomm modems safe from critical ASN.1 telecom flaw

Despite initial concerns, smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile devices. The vulnerability was discovered in ASN1C, a popular compiler that produces C code for parsing ASN.1 encoded data. Abstract Syntax Notation One (ASN.1) is a standard for representing, encoding, transmitting, and decoding data in telecommunications and computer networking. Many devices, from mobile phones to switching equipment inside cellular infrastructure parse ASN.1 data and do so using programs that were created by compilers such as ASN1C, which is developed by U.S.-based Objective Systems.To read this article in full or to leave a comment, please click here

IDG Contributor Network: OK — What is this Nano Server in Windows Server 2016?

Nano is a prefix that means small, really small. Maybe even microscopic small. So that means we know right away Nano Server is very small version of Windows Server 2016. But wait, didn’t we already have that with Windows Server 2012 Core. Nano Server is a nice GUI-less version of the server technology.+ Also on Network World: Is Windows Nano Server a data center game-changer? +Nano makes Server Core look bloated and massive. Don’t believe me? Let’s looks at some numbers.The full GUI Server version of Windows Server has required the following:To read this article in full or to leave a comment, please click here

Five years until transistors stop shrinking, predicts last Moore’s Law roadmap

Moore’s Law, which says the number of transistors within an integrated circuit will double every two years, had a good long run but its end may be near – very near – potentially a mere five years away. By 2021, even if chip makers could further shrink and add more transistors, the high cost of manufacturing would make it financially impractical.That’s not the only problem, according to the last installment of the International Technology Roadmap for Semiconductors 2.0 (pdf).By 2020 to 2025, it will be “practically impossible” to reduce device dimensions. While one solution is to stack the transistors, it can’t get so hot that it burns up either.To read this article in full or to leave a comment, please click here

Operationalizing Micro-segmentation – NSX Securing “Anywhere” – Part III

hand-813525_1280Welcome to part 3 of the Micro-Segmentation Defined – NSX Securing “Anywhere” blog series. This installment covers how to operationalize NSX Micro-Segmentation. Be sure to check out Part 1 on the definition of micro-segmentation and Part 2 on securing physical workloads with NSX.

This blog covers the following topics:

  1. Micro-segmentation design patterns
  2. Determining appropriate security groups and policies
  3. Deploying micro-segmentation
  4. Application lifecycle management with vRealize Automation and NSX
  5. Day 2 operations for micro-segmentation

Micro-segmentation design patterns

Micro-segmentation can be implemented based on various design patterns reflecting specific requirements.  The NSX Distributed Firewall (DFW) can be used to provide controlled communication between workloads independent of their network connectivity. These workloads can, for example, all connect to a single VLAN. Distributed logical switches and routers can be leveraged to provide isolation or segmentation between different environments or application tiers, regardless of the underlying physical network, as well as many other benefits.  Furthermore, the NSX Edge Service Gateway (ESG) can provide additional functionality such as NAT or load balancing and the NSX Service Insertion framework enables partner services such as L7 firewalling, agent-less anti-virus or IPS/IDS applied to workloads that need additional security controls.

Picture1
Figure 1: Leveraging the DFW to provide Continue reading

1 2,493 2,494 2,495 2,496 2,497 3,477