Regional Internet Registries (RIRs) assign and manage numbered Internet resources like IPv4 address space, IPv6 address, and AS numbers. If you ever try to get address space or an AS number, though, it might seem like the policies the RIRs use to determine what kin and scale of resources you can get are a bit arbitrary (or even, perhaps, odd). Aftab Siddiqui joins Russ White and Tom Ammon to explain how and why these policies are set the way they are.
In this IPv6 Buzz podcast episode Ed, Scott, and Tom--with tongues firmly in cheek---discuss some of the ways to avoid or put off IPv6 adoption until you can retire.
The post IPv6 Buzz 106: How To Retire Before You Have To Deploy IPv6! appeared first on Packet Pushers.
The Gluware application suite that includes Device Manager, Config Drift and Audit, OS Manager and Config Modeling provide no-code automation to enable and maintain compliance and enhance security. Now, Network RPA enables defining automated end-to-end processes that ensure policies and procedures are executed manually, scheduled or event-driven providing continuous compliance and improved security posture. Host […]
The post Network RPA Compliance and Security Use Cases: Gluware LiveStream June 28, 2022 (6/7) – Video appeared first on Packet Pushers.
Here are the slides I presented for a ClickHouse SF Bay Area Meetup in July 2022, hosted by Altinity. They are about Akvorado, a network flow collector and visualizer, and notably on how it relies on ClickHouse, a column-oriented database.
The meetup was recorded and available on YouTube. Here is the part relevant to my presentation, with subtitles:1
I got a few questions about how to get information from the higher layers, like HTTP. As my use case for Akvorado was at the network edge, my answers were mostly negative. However, as sFlow is extensible, when collecting flows from Linux servers instead, you could embed additional data and they could be exported as well.
I also got a question about doing aggregation in a single table.
ClickHouse can aggregate automatically data using TTL. My answer for
not doing that is partial. There is another reason: the retention
periods of the various tables may overlap. For example, the main table
keeps data for 15 days, but even in these 15 days, if I do a query on
a 12-hour window, it is faster to use the flows_1m0s aggregated
table, unless I request something about Continue reading
In the previous posts in this series, I concluded that privacy is everyone’s responsibility, that IP addresses (and a lot of other information network engineers handle) are protected information, and while processing packets probably doesn’t trigger any privacy warnings, network logging should and does. In this post, I want to start answering the question—okay, what […]
The post Privacy And Networking Part 5: The Data Lifecycle appeared first on Packet Pushers.
Ages ago when we were building networks using super-expensive 64kbps WAN links, a customer sent us a weird bug report:
Everything works fine, but we cannot transfer one particular file between two locations – the file transfer stalls and eventually times out. At the same time, we’re seeing increased number of CRC errors on the WAN link.
My chat with the engineer handling the ticket went along these lines:
Ages ago when we were building networks using super-expensive 64kbps WAN links, a customer sent us a weird bug report:
Everything works fine, but we cannot transfer one particular file between two locations – the file transfer stalls and eventually times out. At the same time, we’re seeing increased number of CRC errors on the WAN link.
My chat with the engineer handling the ticket went along these lines:
Device Insights, a feature of Cisco's SecureX XDR service, aggregates, normalizes, and visualizes esssential details about all the devices on your network. SecureX can also automate workflows to respond to device-level security problems.
The post An Overview Of Cisco’s SecureX Device Insights appeared first on Packet Pushers.
A couple of days ago, I was checking my Twitter feed and saw a tweet from someone saying how frustrated he was that DockerHub (a renowned container registry) was down. Someone else replied to the tweet, recommending the tweet’s author to check out Google’s repository, where they have DockerHub mirrors in Google Cloud.
My first reaction was “Nice! How clever of this person (or Google) to have thought of this idea.” My next thought was, wait. This could lead to potential security risks for some developers who are not familiar with how these registries are updated and what images go into these mirrored sites. Imagine when application developers are busy scrambling to check-in their latest update to the CI/CD pipeline of the software they are building, and in that time crunch, their go-to container registry is down. Do developers really have the time to check if there are vulnerable images in every registry they use? Will there be an easy, streamlined way to automatically scan the images no matter which registry developers use to pull their images? The short answer is yes, and we will look into that in this blog.