Archive

Category Archives for "Networking"

Starbucks still grappling with fraud in online accounts, gift cards

Starbucks is still grappling with fraud involving its customers’ online accounts and gift cards, with some victims seeing hundreds of dollars stolen.Gift-card related fraud with Starbucks cards is not new, but recent victims were highlighted earlier this week in an article by journalist and author Bob Sullivan.Starbucks officials could not be immediately reached for comment, although Sullivan wrote the company told him that customers would not be liable for charges and transfers they didn’t make.To read this article in full or to leave a comment, please click here

Free tool reveals mobile apps sending unencrypted data

A surprising amount of mobile data still crosses the Internet unencrypted, and a new free app is designed to show users what isn’t protected.The program, called Datapp, comes from the University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG), which last year showed popular Android applications such as Instagram, Grindr and OkCupid failed to safely store or transmit data.To read this article in full or to leave a comment, please click here

ONUG Spring 2015

I’ll continue to update this throughout the next two days. Feel free to issue a pull request if you’re also here at the conference and want to add to this post.

onug-logo

General

Location: Open Networking User Group (ONUG) at Columbia University

ONUG currently has 6 working groups:

  • NSV
  • SD-WAN
  • Virtual Network Overlays
  • Common Management tools across network, compute, and storage
  • Network State Collection, correlation, and analytics
  • Traffic Monitoring and Visibility

It is interesting and awesome to see that half of the working groups are all about Day 2 operations and management of networks. This is exactly what’s needed in the industry.

Sessions

Creating Business Value with Cloud Infrastructure

Speaker: Adrian Cockcroft

  • Developers don’t need any of that referring to NSV/NFV.
  • 2009 developed the Cloudicorn, took knowledge gained to Battery
  • Docker wasn’t on anyone’s roadmap for 2014. It’s on everyone’s roadmap for 2015
  • 2014 was the year that Enterpises finally embraced cloud and DevOps
  • Optimizing from IT cost to delivery and speed - Nordstrom - ended up yielding lower costs
  • Product IT reports into the business
  • Director is the highest Corp IT title
  • Immutable microservice deployments scales
  • If your QA team is saying there are too many bugs in a release, Continue reading

SDN: Integration over Manipulation

I’d like to briefly express a sentiment that I pondered after listening to another one of Ivan’s great podcasts, specifically regarding the true value of a software-defined network approach. The statement was made that ACLs are terrible representations of business policy. This is not inaccurate, but the fact remains that ACLs are currently the de facto representation of business policy on a network device. The “network team” gets a request from an application team to “fix the firewall”, and the policy that is applied to enable that application typically results in an ACL change.

SDN: Integration over Manipulation

I’d like to briefly express a sentiment that I pondered after listening to another one of Ivan’s great podcasts, specifically regarding the true value of a software-defined network approach. The statement was made that ACLs are terrible representations of business policy. This is not inaccurate, but the fact remains that ACLs are currently the de facto representation of business policy on a network device. The “network team” gets a request from an application team to “fix the firewall”, and the policy that is applied to enable that application typically results in an ACL change.

Greenpeace fingers YouTube, Netflix as threat to greener Internet

The next time you watch “House of Cards” on Netflix, think about the impact you might be having on the environment.As the Internet powers ever more services, from digital video to on-demand food delivery, energy use in data centers will rise. To reduce their impact on the environment, companies like Apple, Google and Facebook have taken big steps to power their operations with renewable energy sources like hydro, geothermal and solar.But despite those efforts, the growth of streaming video from the likes of Netflix, Hulu and Google’s YouTube presents a pesky challenge to the companies’ efforts to go green, according to a report Tuesday from Greenpeace.To read this article in full or to leave a comment, please click here

Salesforce teams with Sage, spawns new cloud platform for SMBs

There’s been a flurry of speculation that Salesforce.com could be up for sale, but an alternative line of thinking points to a deal with Sage Group as the explanation for the team of lawyers Salesforce recently hired.On Tuesday, Sage and Salesforce revealed the proof in the proverbial pudding. The two companies have announced a broad global partnership along with a new service from Sage that’s built on the Salesforce1 platform-as-a-service designed to help small businesses move to the cloud.To read this article in full or to leave a comment, please click here

F5 APM, SRX and DTLS NAT Timeout

I have been having issues using the F5 APM client behind a Juniper SRX-110 using hide NAT. I believe I’ve tracked it down to the default timeout settings used for UDP services. Here’s what I did to resolve it.

Constant Connection Timeouts

The laptop client was behind the SRX-110, using hide NAT. The initial client connection would work, and things would look good for a while. The the client would stop receiving packets. Traffic graphs would show a little bit of outbound traffic, and nothing inbound. Eventually, the client might decide it needed to reconnect. But usually, it would sit there for a few minutes doing nothing. Then I would force a disconnect, which would take a while, and then reconnect. Exceedingly frustrating.

Connecting the client to a different network – e.g. using a phone hotspot – worked fine. No dropouts. Using a wired connection behind the SRX had the same issue. So clearly the problem was related to the SRX.

TLS & DTLS

I dug into the traffic flows to better understand what was going on. This SSL VPN solution makes an initial TLS connection using TCP 443. It then switches over to DTLS using UDP 4433 for ongoing encrypted Continue reading

Digging Deeper into the Cisco ASA Firewall REST API

Security orchestration methods, and of course SDN, are driving the need for programmable interfaces in  security products. The Cisco ASA Firewall added a REST API back in December with the 9.3(2) code release. I've asked Mason Harris from Cisco to write up a quick how-to primer on the ASA API capabilities. Thank you Mason for the great information.Author: Mason Harris CCIE #5916, Solutions Architect, Global EnterpriseOver the years I've seen many different custom methods used to manage ASA firewalls. Most of them involve some version of command line interface (CLI) scripting since nearly all ASA features and functions are available in this manner. Perl and Expect scripts are the common scripting languages in use today for managing ASAs.To read this article in full or to leave a comment, please click here

Digging Deeper into the Cisco ASA Firewall REST API

Security orchestration methods and of course SDN is driving the need for programmable interfaces in  security products.  The Cisco ASA Firewall added a REST API back in December with the 9.3(2) code release.  I've asked Mason Harris, from Cisco, to write up a quick how-to primer on the ASA API capabilities.  Thank you Mason for the great information.Author: Mason Harris CCIE #5916Solutions Architect, Global EnterpriseOver the years I’ve seen many different custom methods used to manage ASA firewalls. Most of them involve some version of command line interface (CLI) scripting since nearly all ASA features and functions are available in this manner. Perl and Expect scripts are the common scripting languages in use today for managing ASAs.To read this article in full or to leave a comment, please click here

Broadcom hardware platform gains support for Apple’s HomeKit

Apple’s efforts to allow people to control household appliances from their iPhones through the company’s HomeKit framework are gaining momentum.Chip maker Broadcom announced Tuesday that the SDK for its WICED hardware platform, which allows manufacturers to build so-called smart devices that can connect to the Internet, is fully compliant with HomeKit. The HomeKit protocols from Apple allow manufacturers to create products that can be controlled from an iOS device.For example, if a smart lock was integrated with HomeKit, people could use an app on their iPhones or speak a command to Siri, Apple’s voice-controlled virtual assistant, to unlock a door. Using Siri to handle voice commands when a person isn’t in his house requires an Apple TV, which works as a gateway to a home network.To read this article in full or to leave a comment, please click here

Intel looking to boost horsepower on server chips with ASIC integration

Intel is expanding its custom server chip program by integrating a special processing unit that could speed up specific applications in cloud computing environments.The chip maker said it will integrate ASICs (application-specific integrated circuits) in future Xeon chips, which will speed up cloud, security and big data applications. The ASIC designs will be provided by eASIC, a fabless semiconductor company based in Santa Clara, California.Intel declined to comment on the type of ASICs being integrated, or when they will be integrated in Xeon chips. But the integrated ASICs will be reprogrammable, and customers will be able to add more flexibility to their servers to handle specific types of tasks.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Internet-over-voice a solution for developing countries

Here's a question: who remembers the pre-broadband days of web? You'd use a voice line, acoustic coupler, and a modem, right?Well, believe it or not, huge swaths of the global population might be about to revert back to this old method for sending data. Only this time it will be over mobile 2G networks instead of dial-up copper twisted-pair—and you won't have to wrap your acoustic coupler in a pillow to prevent stray noise corrupting the data transmission.Modulated sound wave Startup Pangea Communications, presenting at Disrupt NY, reckons that the answer to a lack of data infrastructure for consumers in places such as Africa is to simply convert data into a modulated sound wave and then send the audio down existing 2G pipes to and from mobile devices. Any mobile device would work.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Internet-over-voice a solution for developing countries

Here's a question: who remembers the pre-broadband days of web? You'd use a voice line, acoustic coupler, and a modem, right?Well, believe it or not, huge swaths of the global population might be about to revert back to this old method for sending data. Only this time it will be over mobile 2G networks instead of dial-up copper twisted-pair—and you won't have to wrap your acoustic coupler in a pillow to prevent stray noise corrupting the data transmission.Modulated sound wave Startup Pangea Communications, presenting at Disrupt NY, reckons that the answer to a lack of data infrastructure for consumers in places such as Africa is to simply convert data into a modulated sound wave and then send the audio down existing 2G pipes to and from mobile devices. Any mobile device would work.To read this article in full or to leave a comment, please click here

BGP Listen Range Command

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
BGP Dynamic Neighbors are a way to bring up  BGP neighbors without specifically defining the neighbors remote IP address. Using the BGP Listen Range command you specify a range of IP addresses typically on your Hub site (maybe in a DMVPN environment) that you trust to become BGP neigbors with you. When a TCP request... [Read More]

Other pages of interest:

Post taken from CCIE Blog

Original post BGP Listen Range Command

Law firm challenges net neutrality rules, saying they’re too weak

The U.S. Federal Communications Commission is facing a new, novel challenge to its recent net neutrality rules: a communications law firm is arguing the regulations aren’t strong enough.The petition from Washington, D.C., law firm Smithwick and Belendiuk is a new wrinkle for the FCC, after a spate of lawsuits from broadband providers and trade groups challenging the rules for creating too many regulations.The FCC’s net neutrality rules, passed Feb. 26, fall short in several ways, firm partner Arthur Belendiuk said. The shortcomings are largely related to the agency’s decision to forbear from applying traditional telecommunication regulations to broadband even though it reclassified broadband as a regulated telecom service, he said.To read this article in full or to leave a comment, please click here

Citrix launches Workspace Cloud with BYOD flexibility

Life today is vastly more complicated for IT managers than it used to be, thanks in large part to two key trends: bring-your-own-device computing and the growing prevalence of mixed-infrastructure IT environments.Aiming to ease some of the pressure on both ends, Citrix on Tuesday unveiled a new cloud offering designed to give enterprises maximum flexibility.The Citrix Workspace Cloud is built on the notion of a personal “work space” that includes all the desktop, Web and mobile apps a user needs, along with data, documents and collaboration tools. Essentially, the software lets IT administrators put all that together in a unified package and deliver it securely to users wherever they are, no matter what device or network they’re using.To read this article in full or to leave a comment, please click here

iPhone 6s to feature 2GB of RAM, Force Touch, sturdier aluminum frame and much more

The iPhone 6 and 6 Plus incorporated what were arguably the most significant upgrades Apple's smartphone had ever seen. In addition to much larger screens, the iPhone 6 models also introduced to Apple Pay, Cupertino's take on mobile payments.Not surprisingly, iPhone 6 sales have been record-setting, which of course leads one to wonder what Apple has planned in order keep its iPhone sales momentum going strong.Well, thanks to KGI Securities analyst Ming-Chi Kuo, we now know a whole lot more about what type of new features we can expect to see in Apple's next-gen iPhone models.One of the more exciting things about Apple's upcoming iPhones, according to Kuo, and originally relayed by GforGames, is that they will finally come with 2GB of RAM. With more RAM in tow, next-gen iPhones will likely run a bit smoother, a bit faster, and will be able to handle more intensive apps.To read this article in full or to leave a comment, please click here

BGP PIC – Prefix Independent Convergence

BGP PIC ( Prefix Independent Convergence )  is a BGP Fast reroute mechanism which can provides sub second convergence even for the 500K internet prefixes by taking help of IGP convergence. BGP PIC uses hierarchical data plane in contrast to flat FIB design which is used by Cisco CEF and many legacy platforms. In a hierarchical… Read More »

The post BGP PIC – Prefix Independent Convergence appeared first on Network Design and Architecture.

1 3,022 3,023 3,024 3,025 3,026 3,355