Tech Bytes: How Fortinet’s FortiGuard Labs Turns Billions Of Security Events Into Intelligence (Sponsored)
Today’s Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products.VMware And NVIDIA Focus On The Far Edge To Host Network Services On SmartNICs
This post originally appeared on the Packet Pushers’ Ignition site on October 19, 2020. The network edge is desirable new territory for software and hardware vendors. The objective is to get compute, networking, storage, and security features as close as possible to data sources and data-hungry applications. VMware and NVIDIA have launched new initiatives to […]
The post VMware And NVIDIA Focus On The Far Edge To Host Network Services On SmartNICs appeared first on Packet Pushers.
Network Break 371: Arista Turns Campus Switch Into NDR Sensor; Mikrotik Puts A Router On A PCIe Card
Take a Network Break! This week we examine how Arista is turning a campus switch into a sensor for network detection and response, a new PCIe card from Mikrotik running router software, a Dell/Marvell partnership on hardware for Open RAN gear, Cisco and Dell financial results, potential equipment danger from solar flares, and more.Topology aware fabric analytics
docker run --rm -it --privileged --network host --pid="host" \Start Containerlab.
-v /var/run/docker.sock:/var/run/docker.sock -v /run/netns:/run/netns \
-v ~/clab:/home/clab -w /home/clab \
ghcr.io/srl-labs/clab bash
curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/clos5.ymlDownload the Containerlab topology file.
sed -i "s/prometheus/topology/g" clos5.ymlChange the sFlow-RT image from sflow/prometheus to sflow/topology in the Containerlab topology. The sflow/topology image packages sFlow-RT with useful applications that combine topology awareness with analytics.
containerlab deploy -t clos5.ymlDeploy the topology.
curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/clos5.jsonDownload the sFlow-RT topology file.
curl -X PUT -H "Content-Type: application/json" -d @clos5.json \Post the topology to sFlow-RT.
http://localhost:8008/topology/json
docker exec -it clab-clos5-h1 iperf3 -c 172.16.4.2Generate traffic. You should see the Nodes No Flows number drop Continue reading
Running a Ubuntu VM on a Mac M1
If you’re brand-new to Python and Ansible, you might be a bit reluctant to install a bunch of packages and Ansible collections on your production laptop to start building your automation skills. The usual recommendation I make to get past that hurdle is to create a Ubuntu virtual machine that can be destroyed every time to mess it up.
Creating a virtual machine is trivial on Linux and MacOS with Intel CPU (install VirtualBox and Vagrant). The same toolset no longer works on newer Macs with M1 CPU (VMware Fusion is in tech preview, so we’re getting there), but there’s an amazingly simple alternative: Multipass by Canonical.
The Flash-Native Future is Coming, and You’ll Like its Price Tag
All-flash data centers are the data centers of the future, giving organizations the ability to achieve better infrastructure performance, speed, and efficiency.Noction releases the new feature-rich NFA 22.02 version
The post Noction releases the new feature-rich NFA 22.02 version appeared first on Noction.
A Bird feeder from re-usable plastics – we have to start something small to protect other beings.
Disclaimer: I speak about reducing plastic and still I use a 3d printer to print a very specific fixture, I have weighed in options and plastic that I end up printing will be out there hopefully feeding birds or can safely be re-cycled until I come up with something innovative, as of now this is the least I could come upon re-using old bottles, helping birds feed and using some plastic to print a fixture. If I have to buy a commercial one, that is again some plastic and I won’t end up re-using it as well, so 3d printing this small fixture for me outweighs the other currently viable solution and this is something I can give out to neighbours and they can easily associate with.
Am proud to say that I have started to take some responsibility towards the environment and other living beings, that to say it’s my first step and now I appreciate even more what environmentalists and other people do to protect other beings, earth and fellow human beings which we don’t have any time to notice and appreciate them.
Once I started doing the below things which are very trivial I feel good and Continue reading
ExtraHop Bridge Triggers
Recently, I was working with a customer that wanted to extract the TCP SYN unanswered in/out metric captured by Extrahop for a group of web servers and send that data to Splunk so their application team could view the data in a Splunk dashboard. It was an interesting problem to solve...continue reading
AWS: The Case of the iBGP Peer that Worked – Part 1: The Facts
I was so surprised when the BGP neighbor came up. I kinda just blinked and stared at it for awhile. I knew it couldn’t be an AWS bug. This was just too basic a setup. Did I misconfigure something? If... Read More ›
The post AWS: The Case of the iBGP Peer that Worked – Part 1: The Facts appeared first on Networking with FISH.
Heavy Networking 619: Pluribus Empowers NetOps With Kubernetes Network Visibility (Sponsored)
Today's sponsored Heavy Networking dives into the latest features from Pluribus Networks, including Pluribus KubeTracker, which correlates containers with applications, maps hosts to the network fabric, and more. We also cover FlowTracker and a virtualized packet broker service. Our guest is Alessandro Barbieri, VP Product Management at Pluribus.
The post Heavy Networking 619: Pluribus Empowers NetOps With Kubernetes Network Visibility (Sponsored) appeared first on Packet Pushers.
Heavy Networking 619: Pluribus Empowers NetOps With Kubernetes Network Visibility (Sponsored)
Today's sponsored Heavy Networking dives into the latest features from Pluribus Networks, including Pluribus KubeTracker, which correlates containers with applications, maps hosts to the network fabric, and more. We also cover FlowTracker and a virtualized packet broker service. Our guest is Alessandro Barbieri, VP Product Management at Pluribus.The Value of Old Ideas
I had a fun exchange on Twitter this week that bears some additional thinking. Emirage (@Emirage6) tweeted a fun meme about learning BGP:
Okay, it's decided. This is how I am going to handle BGP in the future
pic.twitter.com/tx4LQfXlEK
— Emirage (@Emirage6) February 22, 2022
I retweeted it and a few people jumped in the fun, including a couple that said it was better to configure BGP for reasons. This led to a blog post about routing protocols with even more great memes and a good dose of reality for anyone that isn’t a multi-CCIE.
Explain It Like I’m Five
I want you to call your mom and explain BGP to her. Go on and do that now because I’m curious to see how you’d open that conversation. Unless your mom is in networking already I’m willing to bet you’re going to have to start really, really basic. In fact, given the number of news organizations that don’t even know what the letters in the acronym stand for I’d guess you are going to have a hard time talking about the path selection process or leak maps or how sessions are established.
Now, try that same Continue reading
What Amazon’s Pay Cap Increase Means to the Tech Pro Job Market
Amazon more than doubled its pay cap for tech and corporate workers to $360K a year. Here's what it means and how smaller companies can compete for skilled talent against the high compensation offered by tech giants like Amazon, Google, and Microsoft.What Does An ‘R’ Before A String Mean In Python?
R Means ‘Raw String’
An ‘r’ before a string tells the Python interpreter to treat backslashes as a literal (raw) character. Normally, Python uses backslashes as escape characters. Prefacing the string definition with ‘r’ is a useful way to define a string where you need the backslash to be an actual backslash and not part of an escape code that means something else in the string.
Examples
1. In this example, Python will interpret each ‘\t’ found in this string as a tab. That is, the backslash+t is interpreted as an escape sequence with a special purpose.
>>> 'path\to\the\thing'
'path\to\the\thing'
>>> print('path\to\the\thing')
path o he hing
>>>
2. By adding the leading r, Python will know that the backslashes are to be interpreted as literal characters and not escape sequences. Interestingly, note how Python represents the literal backslash–as an escape sequence of backslash + backslash.
>>> r'path\to\the\thing' 'path\\to\\the\\thing' >>> print(r'path\to\the\thing') path\to\the\thing >>>
3. This means another way to handle the literal backslash problem is to use backslash + backslash in your string definition. However, this feels like a clunkier way to define the string to me when compared to using ‘r’. Using ‘r’ makes for, I think, more readable Continue reading
The post-quantum future: challenges and opportunities
“People ask me to predict the future, when all I want to do is prevent it. Better yet, build it. Predicting the future is much too easy, anyway. You look at the people around you, the street you stand on, the visible air you breathe, and predict more of the same. To hell with more. I want better.”
— Ray Bradbury, from Beyond 1984: The People Machines
The story and the path are clear: quantum computers are coming that will have the ability to break the cryptographic mechanisms we rely on to secure modern communications, but there is hope! The cryptographic community has designed new mechanisms to safeguard against this disruption. There are challenges: will the new safeguards be practical? How will the fast-evolving Internet migrate to this new reality? In other blog posts in this series, we have outlined some potential solutions to these questions: there are new algorithms for maintaining confidentiality and authentication (in a “post-quantum” manner) in the protocols we use. But will they be fast enough to deploy at scale? Will they provide the required properties and work in all protocols? Are they easy to use?
Adding post-quantum cryptography into architectures and networks Continue reading
Post-quantumify internal services: Logfwrdr, Tunnel, and gokeyless
Theoretically, there is no impediment to adding post-quantum cryptography to any system. But the reality is harder. In the middle of last year, we posed ourselves a big challenge: to change all internal connections at Cloudflare to use post-quantum cryptography. We call this, in a cheeky way, “post-quantum-ifying” our services. Theoretically, this should be simple: swap algorithms for post-quantum ones and move along. But with dozens of different services in various programming languages (as we have at Cloudflare), it is not so simple. The challenge is big but we are here and up for the task! In this blog post, we will look at what our plan was, where we are now, and what we have learned so far. Welcome to the first announcement of a post-quantum future at Cloudflare: our connections are going to be quantum-secure!
What are we doing?
The life of most requests at Cloudflare begins and ends at the edge of our global network. Not all requests are equal and on their path they are transmitted by several protocols. Some of those protocols provide security properties whilst others do not. For the protocols that do, for context, Cloudflare uses: TLS, QUIC, WireGuard, DNSSEC Continue reading
Cisco Live 2022 – Good vibes again!
It should be safe to say that most of us have had a tough time these past two years, no …
The post Cisco Live 2022 – Good vibes again! first appeared on Fryguy's Blog.