Archive

Category Archives for "Networking"

Open sourcing our NGINX HTTP/2 + SPDY code

In December, we released HTTP/2 support for all customers and on April 28 we released HTTP/2 Server Push support as well.

The release of HTTP/2 by CloudFlare had a huge impact on the number of sites supporting and using the protocol. Today, 50% of sites that use HTTP/2 are served via CloudFlare.

CC BY 2.0 image by JD Hancock

When we released HTTP/2 support we decided not to deprecate SPDY immediately because it was still in widespread use and we promised to open source our modifications to NGINX as it was not possible to support both SPDY and HTTP/2 together with the standard release of NGINX.

We've extracted our changes and they are available as a patch here. This patch should build cleanly against NGINX 1.9.7.

The patch means that NGINX can be built with both --with-http_v2_module and --with-http_spdy_module. And it will accept both the spdy and http2 keywords to the listen directive.

To configure both HTTP/2 and SPDY in NGINX you'll need to run:

./configure --with-http_spdy_module --with-http_v2_module --with-http_ssl_module

Note that you need SSL support for both SPDY and HTTP/2.

Then it will be possible to configure an NGINX server to support both HTTP/2 and SPDY on Continue reading

Technology Short Take #66

Welcome to Technology Short Take #66! In this post you’ll find a collection of links to articles about the major data center technologies. Hopefully something I’ve included here will be useful to you. Enjoy!

Networking

  • I recently spoke at Interop 2016 in Las Vegas, and while I was there I scribbled down some notes pertaining to how decomposing applications into microservices-based architectures was similar in some respects to decomposing networks into an overlay network and an underlay (physical) network. It’s still something I’m exploring, but I hope to get something written up soon. In the meantime, I’d love to hear your thoughts about it. Feel free to hit me up on Twitter or drop me an e-mail.
  • While I’m talking about the overlay/underlay model, I found this article by Tom Nolle discussing how using the overlay/underlay model could enable agile infrastructure. It’s a good post, well worth reading (in my opinion).

Servers/Hardware

Nothing this time around. Maybe next time?

Security

  • In the event you’re interested in an idea of how much latency the use of in-kernel hypervisor firewalling (such as that offered by VMware NSX) adds, have a look at this article by Sean Howard.

Cloud Computing/Cloud Management

DHS Inspector General lambasts TSA’s IT security flaws

The Transportation Security Administration’s IT department has persistent security problems including unpatched software, inadequate contractor oversight, physical security and inadequate vulnerability reporting.+More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+Those were the main conclusions outlined in a report this week from the Department of Homeland Security’s Office of Inspector General which specifically took a look at the TSA’s Security Technology Integrated Program (STIP) which it defines as a “mission-essential data management system that connects airport transportation security equipment to servers. Connection to a centralized server allows remote management of passenger and baggage screening equipment and facilitates equipment maintenance, including software changes in response to emerging threats.”To read this article in full or to leave a comment, please click here

DHS Inspector General lambasts TSA’s IT security flaws

The Transportation Security Administration’s IT department has persistent security problems including unpatched software, inadequate contractor oversight, physical security and inadequate vulnerability reporting.+More on Network World: 26 of the craziest and scariest things the TSA has found on travelers+Those were the main conclusions outlined in a report this week from the Department of Homeland Security’s Office of Inspector General which specifically took a look at the TSA’s Security Technology Integrated Program (STIP) which it defines as a “mission-essential data management system that connects airport transportation security equipment to servers. Connection to a centralized server allows remote management of passenger and baggage screening equipment and facilitates equipment maintenance, including software changes in response to emerging threats.”To read this article in full or to leave a comment, please click here

Four major trends in enterprise mobility  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  If you want to get some insight to the trends of mobility in the enterprise, the guy to talk to is Ojas Rege, vice president of strategy for MobileIron. I caught up with him recently and he talked about four major trends that will have a big impact in the years ahead.The first trend is what is happening from the application security perspective. Enterprises started to get interested in mobile apps about five or six years ago. The larger screen real estate of the Apple iPad really opened companies' eyes to what could be done with mobile apps. The earliest applications were rather ad hoc, usually project-based. Then organizations began building apps around their business workflow, and security became a bigger issue.To read this article in full or to leave a comment, please click here

WhatsApp finally comes to PC and Mac

Instant messaging between desktops and phones hasn't exactly taken off despite the ubiquity of both. There is Skype. Microsoft has done a good job of making it available everywhere, but most instant messengers are limited to either the PC or mobile phones, and PCs do a surprisingly bad job of supporting SMS texting.Well, things took a step forward now that WhatsApp, a popular smartphone instant messenger, has finally launched on PC and Mac. The smartphone app, which Facebook bought for an incredible $19 billion last year, has over a billion users worldwide.Up to now, if you didn't have it on your smartphone, you had to use the Web site, WhatsApp Web. The desktop app, like the Web site and smartphone app, is designed as "an extension of your phone," as the company put it in announcing the app, synchronizing your conversations and messages between the two devices.To read this article in full or to leave a comment, please click here

Worth Reading: Feinstein-Burr, Encryption, and “The Rule of Law”

There’s a lot to say about the substance of the misguided anti-encryption legislation sponsored by Sens. Dianne Feinstein and Richard Burr, which was recently released as a “discussion draft” after a nearly-identical version leaked earlier this month. I hope to do just that in subsequent posts. But it’s also worth spending a little time on the proposal’s lengthy preamble, which echoes the rhetorical tropes frequently deployed by advocates for mandating government access to secure communications and stored data. -via Just Security

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Feinstein-Burr, Encryption, and “The Rule of Law” appeared first on 'net work.

Microsoft’s fascinating GigJam service is open to anyone who wants an invite

Anyone can get into the private beta of MIcrosoft's new GigJam productivity service, which is aimed at helping teams of people collaborate in real time over the Internet, the company announced Thursday. GigJam combines data from a variety of services including Microsoft's own Office 365, Trello, Dropbox, and Salesforce. Users can then bring that information into a shared workspace, allowing them to quickly work together.Users can easily redact part of the information they're sharing with other people, meaning they can selectively share only what needs to be seen in order to get a job done. There's no way around it: GigJam is a kind of wacky product Microsoft has built to help people get work done together. But what's interesting is that it's emblematic of the company's current approach to the productivity market -- focused on letting people quickly and independently collaborate across different services while maintaining a secure environment. To read this article in full or to leave a comment, please click here

Man who entombed Verizon worker gets probation, anger management

Because no one was physically injured or worse, headline writers such as yours truly felt able to characterize the August 2013 incident thusly: “Verizon worker thankful 911 operator could hear him now.” Today the 73-year-old Massachusetts man who perpetrated the criminal act against that Verizon worker must be equally thankful that a lenient judge has sentenced him to only a year of probation plus an apparently long-overdue anger management class. From a story in the Worcester Telegram & Gazette:To read this article in full or to leave a comment, please click here

Man who entombed Verizon worker gets probation, anger management

Because no one was physically injured or worse, headline writers such as yours truly felt able to characterize the August 2013 incident thusly: “Verizon worker thankful 911 operator could hear him now.” Today the 73-year-old Massachusetts man who perpetrated the criminal act against that Verizon worker must be equally thankful that a lenient judge has sentenced him to only a year of probation plus an apparently long-overdue anger management class. From a story in the Worcester Telegram & Gazette:To read this article in full or to leave a comment, please click here

IDG Contributor Network: Artificial intelligence will revolutionize Wi-Fi

Wi-Fi has moved from a nascent technology to one that is widely accepted and become so commonplace that we wonder how we ever functioned without it.It started from autonomous access points and was followed up by controller-based architecture (with a centralized controller and thin access points). And, as we learned from the challenges in deploying Wi-Fi and the ability of the environment to impact user experience, companies have constantly tried to innovate. Some focused on building dynamic channel or power planning, some built controller-less networks, and others tried to make it work in single channel. (Don't deploy single channel until you have read the challenges here.)To read this article in full or to leave a comment, please click here

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library.The flaws, an out-of-bounds read vulnerability and a heap overflow, were discovered by researchers from Cisco's Talos security team. They were fixed in 7-Zip 16.00, released Tuesday.The 7-Zip software can pack and unpack files using a large number of archive formats, including its own 7z format, which is more efficient than ZIP. Its versatility and open-source nature make it an attractive library to include in other software projects that need to process and deal with archived files.To read this article in full or to leave a comment, please click here

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library.The flaws, an out-of-bounds read vulnerability and a heap overflow, were discovered by researchers from Cisco's Talos security team. They were fixed in 7-Zip 16.00, released Tuesday.The 7-Zip software can pack and unpack files using a large number of archive formats, including its own 7z format, which is more efficient than ZIP. Its versatility and open-source nature make it an attractive library to include in other software projects that need to process and deal with archived files.To read this article in full or to leave a comment, please click here

1 2,625 2,626 2,627 2,628 2,629 3,444