0

What CISOs Should Understand About the Zero Trust Security Model

The way forward for enterprises in the new era of work is to implement a zero trust security model to enhance the organizational cybersecurity posture.

0

Video: Kubernetes SDN Architecture

Stuart Charlton started the Kubernetes Networking Deep Dive webinar with an overview of basic concepts including the networking model and services. After covering the fundamentals, it was time for The Real Stuff: Container Networking Interface, starting with an overview of Kubernetes SDN architecture.

0

Video: Kubernetes SDN Architecture

Stuart Charlton started the Kubernetes Networking Deep Dive webinar with an overview of basic concepts including the networking model and services. After covering the fundamentals, it was time for The Real Stuff: Container Networking Interface, starting with an overview of Kubernetes SDN architecture.

0

Migrating Cisco FabricPath and Classic Ethernet Environments to VXLAN BGP/EVPN over a 400Gb-based Clos Topology, part 1 – the why

During the past three years, I have spent a good portion of my time testing, planning, designing, and then migrating our DC network from Cisco FabricPath and Classic Ethernet environments to VXLAN BGP/EVPN. And simultaneously, from a hierarchical classic two-tier architecture to a more modern Clos 400Gb-based topology. The migration is not yet 100% completed, but it is well underway. And I have gained significant experience on the subject, so I think it’s time to share my knowledge and experiments with our community. This is my first post on this…

The post Migrating Cisco FabricPath and Classic Ethernet Environments to VXLAN BGP/EVPN over a 400Gb-based Clos Topology, part 1 – the why appeared first on AboutNetworks.net.

0

5G hits the streets of New York

With 56% of New York City households lacking both home and mobile broadband connections, a consortium is taking steps to supply at least mobile access via sidewalk kiosks, the latest of which include 5G.Called Link5G, these kiosks also provide free Wi-Fi access, a built-in tablet to access maps and other resources including phone connections, a USB-port to charge mobile devices, a jack for headsets, and a button to make 911 calls. Some also include two 55-inch screens for digital signage that can provide the city with ad revenue to help pay for the kiosks. Perhaps the most interesting feature, though, are the 5G cellular antennas near the top of the 32-foot structures.To read this article in full, please click here

0

Hedge 165: Low Earth Orbit with Dan York

Have you ever wondered about Starlink and similar Low Earth Orbit (LEO) satellite systems? How are they different from geosynchronous satellites? What about the delay of sending traffic through satellites? And the future of satellites? Join Tom Ammon, Dan York, and Russ White as we discuss the ins and outs of satellite technologies.

download

0

IPv6 Buzz 119: Operational Issues With IPv6 Neighbor Discovery

In today's IPv6 Buzz podcast we discuss IPv6 Neighbor Discovery and some of the operational issues that can happen when configuring and operating IPv6, and what can help listeners understand and resolve those issues.

The post IPv6 Buzz 119: Operational Issues With IPv6 Neighbor Discovery appeared first on Packet Pushers.

0

IPv6 Buzz 119: Operational Issues With IPv6 Neighbor Discovery

In today's IPv6 Buzz podcast we discuss IPv6 Neighbor Discovery and some of the operational issues that can happen when configuring and operating IPv6, and what can help listeners understand and resolve those issues.

0

The MITRE ATT&CK framework explained: Discerning a threat actor’s mindset

This is part 2 of the blog series on the MITRE ATT&CK framework for container security, where I explain and discuss the MITRE ATT&CK framework. For those who are not familiar with what the MITRE framework is, I encourage you to read part 1.

In my previous blog post, I explained the first four stages of the MITRE ATT&CK framework and the tactics used by adversaries to gain a foothold in the network or the environment within a containerized application. What happens next?

Imagine a military battalion trying to invade its enemy’s territory. What would a soldier do once they’ve infiltrated the opposition? They would take cover and wait for the right opportunity to attack. Similarly, in cyber crime, an attacker will take time to make sure they evade any type of defense that has been put in place. This is the fifth stage in the MITRE ATT&CK framework. In this article, I will explore this fifth stage, along with stages six through nine, and look at how Calico can help mitigate the attack techniques used in these stages.

Delivery and exploitation tactics

Defense evasion

Many security solutions offer Continue reading

0

How Digital Transformation Is Eroding NetOps Visibility And Control

The following post is by Jeremy Rossbach, Chief Technical Evangelist, Broadcom. We thank Broadcom for being a sponsor. When it comes to cloud adoption, hybrid approaches are the reality for the vast majority of large organizations today. While some may solely be running workloads in a legacy on-premises data center and others may run 100% […]

The post How Digital Transformation Is Eroding NetOps Visibility And Control appeared first on Packet Pushers.

0

Joining lines of text on Linux

There are number of ways to join multiple lines of text and change delimiters if needed. This article shows two of the easier ways to do this and explains the commands.Using the tr command The tr command is quite versatile. It’s used to make many types of changes to text files, but it can also flatten multiple lines into one by replacing newline characters with blanks. It does, however, remove the final newline as well. Note the $ prompt at the end of the second line. That's a clue!$ tr '\n' ' ' < testfile This is a file that I can use for testing. $ $ tr '\n' ' ' < testfile > newfile To fix this problem, you can add a newline to the end of the file with an echo command like this:To read this article in full, please click here

0

Joining lines of text on Linux

There are number of ways to join multiple lines of text and change delimiters if needed. This article shows two of the easier ways to do this and explains the commands.Using the tr command The tr command is quite versatile. It’s used to make many types of changes to text files, but it can also flatten multiple lines into one by replacing newline characters with blanks. It does, however, remove the final newline as well. Note the $ prompt at the end of the second line. That's a clue!$ tr '\n' ' ' < testfile This is a file that I can use for testing. $ $ tr '\n' ' ' < testfile > newfile To fix this problem, you can add a newline to the end of the file with an echo command like this:To read this article in full, please click here

0

VMware ESXi server ransomware evolves, after recovery script released

After the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective.The attacks, aimed at VMware’s ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions of the software, or those that have not been patched to current standards. Some 3,800 servers have been affected globally, CISA and the FBI said.To read this article in full, please click here

0

VMware ESXi server ransomware evolves, after recovery script released

After the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective.The attacks, aimed at VMware’s ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions of the software, or those that have not been patched to current standards. Some 3,800 servers have been affected globally, CISA and the FBI said.To read this article in full, please click here

0

VMware ESXi server ransomware evolves, after recovery script released

After the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective.The attacks, aimed at VMware’s ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions of the software, or those that have not been patched to current standards. Some 3,800 servers have been affected globally, CISA and the FBI said.To read this article in full, please click here

0

Project Escalation Is Good! How To Identify Stakeholders And Escalate Well

When tackling technical projects, every organization needs a system to make decisions, resolve conflicts, and chart alternative paths when plans go awry. Effective escalation is key, but the prospect of escalation can make engineers anxious. We need to reframe our view of escalation as a tool to help move a project forward.

The post Project Escalation Is Good! How To Identify Stakeholders And Escalate Well appeared first on Packet Pushers.

0

A Deep Dive into the Recent Microsoft Cloud Services Outage

Configuration changes and DNS issues have been the source of multiple major outages over the last two years. And everyone knows there will be more to come.

0

Tanzu Service Mesh Security Enhancements using Confidential Computing

Performance and Security Optimizations on Intel Xeon Scalable Processors with Intel SGX – Part 3

Contributors

Andrew Babakian — VMware

Saidulu Aldas, Ramesh Masavarapu, Sakari Poussa, Tarun Viswanathan —  Intel

Introduction

Intel and VMware have been working together to optimize and accelerate the microservices middleware and infrastructure with software and hardware to ensure developers have the best-in-class performance and low latency experience for building distributed workloads. The focus is on improving the performance of crypto accelerations and making workloads more secure.

The Service Mesh architecture pattern solves many problems, which are well-known and extensively documented, and will not be central to this discussion. However, the focal point of this blog series will include the architectural challenges of Service Mesh in the following top focus areas:

1. Performance
2. Security

In Part 1 of this series, we looked at how Tanzu Service Mesh uses eBPF to achieve network acceleration. In Part 2, we showcased how Intel and VMware collaborated to accelerate Tanzu Service Mesh crypto use cases and improve the performance of asymmetric crypto operations.

In this Part 3 blog series, we will discuss one security challenge (concerning the service mesh private key protection mechanism) and our solution.

In the current Continue reading

0

Real-Life Not-Exactly-Networking AI Use Case

I get several emails every week¹ from people I never heard of telling me what a wonderful job they could do writing guest blog posts on a range of topics of interest to my audience.

I’m positive you must be pretty intelligent to be a successful scammer, so I’m sure the good ones are using ChatGPT to generate the “unique” content they’re promising. I felt it was high time to return the favor.

0

Real-Life Not-Exactly-Networking AI Use Case

I get several emails every week¹ from people I never heard of telling me what a wonderful job they could do writing guest blog posts on a range of topics of interest to my audience.

I’m positive you must be pretty intelligent to be a successful scammer, so I’m sure the good ones are using ChatGPT to generate the “unique” content they’re promising. I felt it was high time to return the favor.