BGP Security
I set up a set of slides on BGP security for some folks I know at Level 3 over the last couple of months, and then presented them to an internal Ericsson audience this week. I just posted them to Slideshare, as well —
I wrote an entire series on this same topic a while back on Packet Pushers, if you want commentary to go with the slides —
Part 1: Basic Operation
Part 2: Protections Offered
Part 3: Replays, Timers, and Performance
Part 4: Signatures and Performance
Part 5: Leaks
The post BGP Security appeared first on 'net work.
Skyport Systems Launch Shocker: It’s the Hardware, Stupid
A bank vault of a server turns out to be the hot security product Skyport raised $37M for.
Scaling OpenStack Security Groups
Security groups (or Endpoint Groups if you’re a Cisco ACI fan) are a nice traffic policy abstraction: instead of dealing with subnets and ACLs, define groups of hosts and the rules of traffic control between them… and let the orchestration system deal with IP addresses and TCP/UDP port numbers.
Read more ...DevNet Zone at Cisco LIVE
Going to Cisco LIVE? Interested in chatting about network automation or about how DevOps principles can be used on the network? Well, if you are, feel free to reach out - I would love to have a conversation out in San Diego! I just booked a trip to Cisco LIVE, but am only purchasing the $49 DevNet Explorer pass. This means I should have plenty of time to socialize and will likely be spending most of my time at the DevNet zone. I’ll have access to my remote lab and should be able to demo much of what I’ve posted about in the past few months too.
Email me (jedelman8 at gmail) or comment below if you’re interested in meeting up.
Thanks,
Jason
Twitter: @jedelman8
Analytics and SDN
The first slide is from a presentation by AT&T's Margaret Chiosi; SDN+NFV Next Steps in the Journey, NFV World Congress 2015. The future architecture envisions generic (white box) hardware providing a stream of analytics which are compared to policies and used to drive actions to assure service levels.
The second slide is from the presentation by Google's Bikash Koley at the Silicon Valley Software Defined Networking Group Meetup. In this architecture, "network state changes observed by analyzing comprehensive time-series data stream." Telemetry is used to verify that the network is behaving as intended, identifying policy violations so that the management and control planes can apply corrective actions. Again, the software defined network is built from commodity white box switches.
Support for standard sFlow measurements is almost universally available in commodity switch hardware. sFlow agents embedded within network devices continuously stream measurements to the SDN controller, supplying the analytics component with the comprehensive, scaleable, real-time visibility needed for effective control.
SDN fabric controller for commodity data center switches describes the measurement and control capabilities available in commodity switch hardware. Continue reading
Understanding Wi-Fi Signal Strength vs. Wi-Fi Speed
The relationship between Wi-Fi signal strength and the speed at which data can be transferred over that signal is something that is essential to understand when it comes to Wi-Fi performance. One question we constantly get is this: When I...Google Cloud Lowers Prices Again, Raising the Stakes Versus AWS
Google Cloud and AWS have been waging a price war for a while, but Google is the latest to shoot.