Archive

Category Archives for "Networking"

Secret Management with HashiCorp Vault

Secret Management with HashiCorp Vault
Secret Management with HashiCorp Vault

Many applications these days require authentication to external systems with resources, such as users and passwords to access databases and service accounts to access cloud services, and so on. In such cases, private information, like passwords and keys, becomes necessary. It is essential to take extra care in managing such sensitive data. For example, if you write your AWS key information or password in a script for deployment and then push it to a Git repository, all users who can read it will also be able to access it, and you could be in trouble. Even if it's an internal repository, you run the risk of a potential leak.

How we were managing secrets in the service

Before we talk about Vault, let's take a look at how we've used to manage secrets.

Salt

We use SaltStack as a bare-metal configuration management tool. The core of the Salt ecosystem consists of two major components: the Salt Master and the Salt Minion. The configuration state is owned by Salt Master, and thousands of Salt Minions automatically install packages, generate configuration files, and start services to the node based on the state. The state may contain secrets, such as passwords and API Continue reading

Practical Python For Networking: 6.3 – Making A Simple Package Example – Video

This lesson walks through the creation of a simple package. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network Automation Nerds and has written the books Mastering Python Networking and Distributed […]

The post Practical Python For Networking: 6.3 – Making A Simple Package Example – Video appeared first on Packet Pushers.

Using LEOs and GEOs

Once you head off the main roads your Internet connectivity options are often pretty limited. However, things are improving, and in Australia you can use an Internet service based on a connection through a geostationary satellite connection or you could sign up for Starlink, a Low Earth Orbit service. Both services offer decent capacity, but there are some some other critical differences going on here. Let's look at these services using a custom test rig to put them through their paces.

Extreme Networks: Supply chain-woes, backlogs, higher prices

Supply chain issues continue to drive networking equipment prices up and impact delivery schedules but despite them, Extreme Networks reported solid product revenue this week.Extreme said its Q3 results were its fifth consecutive quarter of double-digit product revenue growth—$285.5 million, up 13% year-over-year—driven by sales in its cloud, universal-switching platforms, and Wi-Fi 6E access points. Competitor Juniper Networks reported solid results this week, too, saying it had a fourth consecutive quarter of double-digit year over year growth in cloud, but also enterprise business growth of nearly 20% year over year.Wi-Fi 6E: When it’s coming, what it’s good for While Extreme's results are solid, its backlog of orders is growing substantially, up $130 million just in Q3, with a total backlog of $425 million, largely due to industry-wide semiconductor supply-chain issues. More than half of that consists of the company's latest generation products, according to Extreme's presideint and CEO Ed Meyercord.To read this article in full, please click here

EVPN-VXLAN Explainer 2 – The BGP Session

In this second post I will look at Ethernet VPN (EVPN), what is it and how to configure a BGP EVPN session on Aruba devices.

Please note, this post will focus on the establishment of the BGP EVPN session between peers, and thus will not present a fully functioning EVPN network. I aim to build the configuration up in stages to enable the reader to confidently understand the different pieces of EVPN-VXLAN as a technology.

Ethernet VPN - the VPLS successor seen about campus

Reading through EVPN RFCs one gets an impression of its convoluted development, or rather, the evolving area of focus for its application.
To summarize, it started life as a service-provider focused VPLS successor, then jumped over to the control plane for virtualized data centres, now gaining a foothold in campus networks.
I put together an overview of the various RFCs here.

EVPN - what is it used for?

In the first post in this series, I explained the VXLAN forwarding process, that relies upon flood and learn.

  • VXLAN is a data plane technology, concerned with the forwarding of packets and what headers to add to data.
  • EVPN is a control plane technology, concerned with building a Continue reading

Gartner: Hybrid work helps boost use of cloud services

Gartner projects that global spending on public cloud services will come in at $494.6 billion this year due to both growth in cloud-native infrastructure services and the trend towards hybrid work scenarios driven by the pandemic as well.That’s a 20.4% increase over the $410.9 billion in sales in 2021, just shy of the 21.2% growth to $599.8 billion that Gartner projects for 2023. [ Get regularly scheduled insights by signing up for Network World newsletters. ] Because of the maturation of core cloud services, companies are past the tire-kicking stage and shifting their focus to capabilities that can affect digital business and enterprise operations.To read this article in full, please click here

Protecting The Hybrid Workforce With Palo Alto Networks Secure, Flexible SASE Solution

Palo Alto Networks announces new innovations for Prisma SASE for protecting the hybrid workforce, including the general availability of Prisma SD-WAN bandwidth licensing on-demand and Okyo Garde Enterprise Edition.

The post Protecting The Hybrid Workforce With Palo Alto Networks Secure, Flexible SASE Solution appeared first on Packet Pushers.

How to Make Friends as an Adult

Making friends as an adult can seem daunting, but it doesn’t have to be. There are many ways to meet new people and build lasting relationships. 

Ways to Find Friends as an Adult

Making friends as an adult can be challenging, but it can also be rewarding. With a little effort, you can develop lasting relationships with the people around you. Here are a few tips to get you started:

Join a club or group that aligns with your interests

One of the best ways to meet new friends is by joining a club or group that aligns with your interests. This could be anything from a book club to a hiking group to a cooking class. Not only will you have something in common with the other members, but you’ll also have the opportunity to bond over shared activities.

Attend local events and festivals

Another great way to meet new people is by attending local events and festivals. These are usually great occasions for socializing, and you never know who you might meet. You might even make some new friends that live right in your own neighborhood.

Volunteer for a cause that’s important to you

If you’re looking Continue reading

Cloudflare blocks 15M rps HTTPS DDoS attack

Cloudflare blocks 15M rps HTTPS DDoS attack
Cloudflare blocks 15M rps HTTPS DDoS attack

Earlier this month, Cloudflare’s systems automatically detected and mitigated a 15.3 million request-per-second (rps) DDoS attack — one of the largest HTTPS DDoS attacks on record.

While this isn’t the largest application-layer attack we’ve seen, it is the largest we’ve seen over HTTPS. HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection. Therefore it costs the attacker more to launch the attack, and for the victim to mitigate it. We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale.

The attack, lasting less than 15 seconds, targeted a Cloudflare customer on the Professional (Pro) plan operating a crypto launchpad. Crypto launchpads are used to surface Decentralized Finance projects to potential investors. The attack was launched by a botnet that we’ve been observing — we’ve already seen large attacks as high as 10M rps matching the same attack fingerprint.

Cloudflare customers are protected against this botnet and do not need to take any action.


Cloudflare blocks 15M rps HTTPS DDoS attack

The attack

What’s interesting is that the attack mostly came from data centers. We’re Continue reading

Practical Python For Networking: 6.2 – Package Examples – Video

This lesson walks through basic examples of packages. Course files are in a GitHub repository: https://github.com/ericchou1/pp_practical_lessons_1_route_alerts Eric Chou is a network engineer with 20 years of experience, including managing networks at Amazon AWS and Microsoft Azure. He’s the founder of Network Automation Nerds and has written the books Mastering Python Networking and Distributed Denial Of […]

The post Practical Python For Networking: 6.2 – Package Examples – Video appeared first on Packet Pushers.

Arm launches new IoT processors

Arm Holdings launched its latest micro controller design to provide high-performance computing at the edge as well as two new platforms to help reduce development time of internet of things (IoT) devices.Normally, the Cortex-M line of controllers is used in small low-power devices, like smart watches, but the Cortex-M85 performs better than the rest of the line. It is designed to improve artificial-intelligence operations such as voice recognition on edge devices including smart-home products and drones.To read this article in full, please click here

1 420 421 422 423 424 3,444