0

Getting Your CIO to Say Yes to Automation: Gluware LiveStream June 28, 2022 (3/7) – Video

Network engineers need to make a business case to get an automation project off the ground, and it needs to describe the benefits and value in language that non-techincal executives can understand. This video offers tips and a simple blueprint to help engineers make the case to CIOs. Host Drew Conry-Murray from the Packet Pushers […]

The post Getting Your CIO to Say Yes to Automation: Gluware LiveStream June 28, 2022 (3/7) – Video appeared first on Packet Pushers.

0

HTTP/3 Is Now a Standard: Why Use It and How to Get Started

I’m sure, like me, you welcomed the IETF standard (Internet Engineering Task Force). No, of course, you didn’t — the web just works, so why worry about it? But if you are vaguely intrigued about why the change is happening, here is a short breakdown of the history behind it. Then we will get into the reasons why you should adopt it for your company. HTTP/3 is the third version of the Hypertext Transfer Protocol (HTTP), and was previously known as HTTP-over-QUIC. QUIC was initially developed by Google and is the successor of HTTP/2. Companies such as Google and Facebook already use QUIC to speed up the web. A Very Short History of HTTP Back in the day, there were two internet protocols that you could choose to work with. Even before the web, we still had to squirt packets of information (or datagrams) from one machine to another across the internet. For a games developer, the important protocol was UDP (User Datagram Protocol). This was the quick, fire and forget standard: you threw a packet across the network Continue reading

0

The Best Outcome Of Automation? Visibility

This post originally appeared on the Packet Pushers’ now-defunct Ignition site on October 28, 2019.   I was recently asked a question about the best business outcome of automation. My immediate thought was improved speed of operations by mechanizing operational tasks, like automated software upgrades, creating VLANs, updating ACLs or routing, and so forth. This […]

The post The Best Outcome Of Automation? Visibility appeared first on Packet Pushers.

0

Weekend Reads 071522

After more than a decade when cryptocurrencies and related technologies have surged, boomed, and busted in a regulatory vacuum, lawmakers in both the US and Europe are writing new rules for a sector that has grown dangerously large in both value and reach,

With the emergence of privacy regulations that assign penalties based on a business’ profit, or those that calculate a value for each compromised record, it is possible to calculate the cost of a breach based on those metrics.

What is the most expensive component in the more generic, non-accelerated servers that comprise the majority of their server fleets? Main memory, correct again.

Cybersecurity researchers have detailed the various measures ransomware actors have taken to obscure their true identity online as well as the hosting location of their web server infrastructure.

After nearly two years of legal wrangling, the European Parliament on Tuesday passed the Digital Markets Act and the Digital Services Act, teeing up a showdown between the continent and US tech giants.

The new PCI DSS Standard, version 4.0, contains all the steps, best practices, and explanations required for full compliance. In fact, even an organization that does not process cardholder data could follow the Continue reading

0

Friday Mobility Field Day Thoughts

I’m finishing up Mobility Field Day 7 this week and there’s been some exciting discussion here around a lot of technology. I think my favorite, and something I’m going to talk about more, is the continuing battle between 5G and Wi-Fi. However, there’s a lot going on that I figured I’d bring up to whet your appetite for the videos.

• What is mission critical? When you think about all the devices that are in your organization that absolutely must work every time what does that look like? And what are you prepared to do to make them work every time? If it’s a safety switch or some other kind of thing that prevents loss of life are you prepared to spend huge amounts of money to make it never fail?
• Operations teams don’t need easier systems. They need systems that remove complexity. The difference in those two things is subtle but important. Easier means that things are simplified to the point of almost being unusable. Think Apple Airport or even some Meraki devices. Whereas reduced complexity means that you’ve made the up front configuration easy but enabled the ability to configure other features in different places. Maybe that’s by giving Continue reading

0

Advizex: Automating Security Audits & Remediation with Gluware: LiveStream June 28, 2022 (2/7) – Video

Advizex, a reseller and Gluware customer, discusses how it uses Gluware for security audits and remediation with its clients. This includes network and device discovery, addressing configuration drift, and managing multiple vendors using the Gluware platform. Packet Pushers host Greg Ferro is joined by Michael Burns, Network Architect at Advizex to discuss real-world use cases. […]

The post Advizex: Automating Security Audits & Remediation with Gluware: LiveStream June 28, 2022 (2/7) – Video appeared first on Packet Pushers.

0

Ansible For Network Automation Lesson 6: Ansible Vault And Loops – Video

In this lesson on using Ansible for network automation, Josh VanDeraa looks at how to get started with Ansible Vault, re-using tasks in multiple playbooks with include_tasks, and leveraging loops in your playbooks. Josh has created a GitHub repo to store additional material, including links and documentation: https://github.com/jvanderaa/AnsibleForNetworkAutomation You can subscribe to the Packet Pushers’ […]

The post Ansible For Network Automation Lesson 6: Ansible Vault And Loops – Video appeared first on Packet Pushers.

0

Heavy Networking 638: Don’t Block DNS Over TCP

DNS is our subject on today's Heavy Networking. More specifically, DNS transport over TCP. We talk with John Kristoff, one of the forces behind RFC9210, which covers the operational requirements for DNS transport over TCP. This is not an esoteric document covering a tiny, nuanced DNS use case. Instead this doc will likely affect most of you listening, whether you’re a network operator or a name server operator. We talk with John about the implications of this RFC.

The post Heavy Networking 638: Don’t Block DNS Over TCP appeared first on Packet Pushers.

0

Heavy Networking 638: Don’t Block DNS Over TCP

DNS is our subject on today's Heavy Networking. More specifically, DNS transport over TCP. We talk with John Kristoff, one of the forces behind RFC9210, which covers the operational requirements for DNS transport over TCP. This is not an esoteric document covering a tiny, nuanced DNS use case. Instead this doc will likely affect most of you listening, whether you’re a network operator or a name server operator. We talk with John about the implications of this RFC.

0

Mobile Edge Computing: Lightning Speed from Factory to Personal Devices

It seems like we’ve been hearing about 5G for years now, and how when it’s here, it will revolutionize connectivity as we know it. Steve Dalby Steve is a director in the MongoDB Industry Solutions team, where he focuses on how MongoDB technology can be leveraged to solve challenges faced by organizations working in the telecommunications industry. Prior to this role, Steve held numerous leadership roles with MongoDB’s professional services team in EMEA. Well, 5G is here, but beyond faster or more reliable cell service, few companies have begun to tap into the potential 5G holds for both business-to-business and business-to-consumer innovation. In fact, this potential extends beyond the telecommunications industry into nearly all sectors that rely on connectivity, like the manufacturing, automotive and even agricultural industries, among others. By using the power of 5G networks and pairing that with intelligent software, enterprises can embrace the next generation of industry by launching IoT solutions and enabling enhanced data collection at the edge. This article will explore key questions around the slow move toward 5G innovation and how mobile edge computing can accelerate the push to near-instantaneous network connectivity. What’s Standing in the Way of Innovation? When COVID-19 hit, numerous companies Continue reading

0

Setting Up Public-Private Keys For SSH Authentication

This post originally appeared on the Packet Pushers’ Ignition site on February 18, 2020.   The more pedantic in the tech community argue about the merits of public-private key authentication vs. simple password authentication when logging into an SSH host. I have no strong opinion regarding your security posture when using one vs. the other. […]

The post Setting Up Public-Private Keys For SSH Authentication appeared first on Packet Pushers.

0

Working in public — our docs-as-code approach

Docs-as-code is an approach to writing and publishing documentation with the same tools and processes developers use to create code. This philosophy has become more popular in recent years, especially in tech companies. Automatic link checking is part of this process, which ensures that writer's changes are sound and safe to deploy. By setting the stage with a docs-as-code approach, technical writers can focus on what they do best: ensure that our readers get useful and accurate information that is easy to find, and our documentation speaks a single language.

Besides following a docs-as-code approach, at Cloudflare we handle our documentation changes in public, in our cloudflare-docs GitHub repository. Having our documentation open to external contributions has helped us improve our documentation over time — our community is great at finding issues! While we need to review these contributions and ensure that they fit our style guide and content strategy, the contributions provided by the Cloudflare community have been instrumental in making our documentation better every day. While Cloudflare helps build a better Internet, our community helps build better documentation.

Docs-as-code at Cloudflare

At Cloudflare, we follow a docs-as-code approach to create and publish product documentation in Developer Docs.

Such Continue reading

0

Are you doing enough to secure your network infrastructure?

It’s time to take a hard look at whether you’re devoting enough resources to securing your network infrastructure. Short answer: You’re probably not.If you work for a hyperscaler, your organization is probably doing everything it can to secure the network. For almost everyone else, it is pretty safe to assume that the answer is no.This is not necessarily a blameworthy failing. In many cases it is down to available resources and perceived risk: Given too little money for cybersecurity and too little time from too few people to tackle all possible risks in the network, what should network cybersecurity staff focus on? They tend to focus less on the inward-facing aspects of their networks and more on explicitly outward-facing pieces.To read this article in full, please click here

0

Are you doing enough to secure your network infrastructure?

It’s time to take a hard look at whether you’re devoting enough resources to securing your network infrastructure. Short answer: You’re probably not.If you work for a hyperscaler, your organization is probably doing everything it can to secure the network. For almost everyone else, it is pretty safe to assume that the answer is no.This is not necessarily a blameworthy failing. In many cases it is down to available resources and perceived risk: Given too little money for cybersecurity and too little time from too few people to tackle all possible risks in the network, what should network cybersecurity staff focus on? They tend to focus less on the inward-facing aspects of their networks and more on explicitly outward-facing pieces.To read this article in full, please click here

0

Are you doing enough to secure your network infrastructure?

It’s time to take a hard look at whether you’re devoting enough resources to securing your network infrastructure. Short answer: You’re probably not.If you work for a hyperscaler, your organization is probably doing everything it can to secure the network. For almost everyone else, it is pretty safe to assume that the answer is no.This is not necessarily a blameworthy failing. In many cases it is down to available resources and perceived risk: Given too little money for cybersecurity and too little time from too few people to tackle all possible risks in the network, what should network cybersecurity staff focus on? They tend to focus less on the inward-facing aspects of their networks and more on explicitly outward-facing pieces.To read this article in full, please click here

0

Linux Tips: How to count the days between two dates

This trick works because Linux stores dates/times as the number of seconds since Jan 1, 1970. This doesn’t mean you can’t look at earlier dates; the earlier dates are simply stored as negative numbers.

0

Worth Exploring: Akvorado Flow Collector and Visualizer

The results you can get when you know how to apply proper glue to a bunch of open-source tools never cease to amaze me. The latest entrant in that category: Akvorado, a Netflow/IPFIX collector and analyzer by Vincent Bernat.

Some of the sample graphs (shown in the GitHub repo) are not far off from those that knocked our socks off during the first Kentik Networking Field Day presentation. Definitely a tool worth exploring ;)

0

Kubernetes Unpacked 004: Pros And Cons Of Using Terraform With Kubernetes

On today's Kubernetes Unpacked podcast we explore tradeoffs that come with using Terraform to manage Kubernetes. My guest is Luke Orellana, an SRE who uses Kubernetes. He's also a HashiCorp Ambassador. We also discuss differences between managing VMs and Kubernetes, Kubernetes benefits including self-healing, and downsides such as dealing with the complexity that comes from containers and microservices.

The post Kubernetes Unpacked 004: Pros And Cons Of Using Terraform With Kubernetes appeared first on Packet Pushers.

0

Kubernetes Unpacked 004: Pros And Cons Of Using Terraform With Kubernetes

On today's Kubernetes Unpacked podcast we explore tradeoffs that come with using Terraform to manage Kubernetes. My guest is Luke Orellana, an SRE who uses Kubernetes. He's also a HashiCorp Ambassador. We also discuss differences between managing VMs and Kubernetes, Kubernetes benefits including self-healing, and downsides such as dealing with the complexity that comes from containers and microservices.

0

Marketing Docs Are Not Written For Engineers

When reading marketing literature as an engineer, you must always be careful to parse the words correctly. For example, I was reviewing a vendor’s pitch deck on a new hardware switch. The switch was described as having the following attributes.

• Cloud-native
• AI-driven
• Secure
• Next-generation

From an engineering perspective, nothing of value has been described to you in that list.

I have no idea what they are trying to get at with cloud-native. I can think of no greater antithesis to “cloud-native” than a chunk of hardware you bolt into a rack to do network things. Someone on Twitter suggested that because the switch supports ZTP, it’s cloud-native…which, if so, is comedy gold.

AI-driven means…what, exactly? That there is some AI on the switch itself doing data analysis and changing the network configuration in response to whatever the algorithm thinks is best? It could mean that, although then we’d have to discuss what’s meant by AI, whether or not the “AI” is happening off- or on-box, and why that’s different from software-defined.

Secure is a word you sprinkle over every technology product. Because of course it’s secure. But again, what does secure mean in this context? That the switch was built Continue reading