0

Weekend Reads 061622

Seven months from now, assuming all goes as planned, Google Chrome will drop support for its legacy extension platform, known as Manifest v2 (Mv2). This is significant if you use a browser extension to, for instance, filter out certain kinds of content and safeguard your privacy.

But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups such as the famous hacking groups and state-sponsored groups.

A European team of university students has cobbled together the first RISC-V supercomputer capable of showing balanced power consumption and performance.

During the last decade, various individuals and organizations have contributed to promoting and deploying IPv6, which recently passed 40% adoption globally.

A successful attack against 5G networks could disrupt critical infrastructure, manipulate sensor data, or even cause physical harm to humans.

An Avengers-style mash up of telecoms firms are collaborating on experimental trials of new communications technologies expected to be underpinned by 6G.

Personally, in my more than 20 years of internet governance experience, tackling DNS abuse is one of the more important issues I’ve participated in and seen debated.

Infrastructure operators are struggling to reduce the rate of IT outages Continue reading

0

SD-WAN and SASE: Collaboration and Standards are Essential

MEF provider survey finds great revenue growth in SD-WAN and SASE expected in the year to come, yet obstacles will need to be addressed.

0

BrandPost: Digital Transformation with SD-WAN, SASE, and SSE

By: Nav Chander, Head of Service Provider SD-WAN/SASE Product Marketing.Since the early days of the global COVID-19 pandemic, enterprise IT staff have been working hard to keep corporate networks on pace with the changing requirements of the business, as most application resources would no longer be serving centralized groups. This meant updating cloud, networking, and security infrastructure to adapt to the new realities of hybrid work. To achieve these aims, enterprise IT teams have reexamined technology pillars that start with the letter S: SD-WAN, SASE, and now Security Service Edge (SSE), to support these cloud-first digital transformations enterprises demand.To read this article in full, please click here

0

IPv6 Buzz 103: Celebrating The 10th Anniversary Of World IPv6 Launch

In today's IPv6 Buzz podcast episode, Ed, Scott, and Tom chat about the recent 10th anniversary of World IPv6 Launch, the global event that kickstarted IPv6 adoption back in 2012.

The post IPv6 Buzz 103: Celebrating The 10th Anniversary Of World IPv6 Launch appeared first on Packet Pushers.

0

IPv6 Buzz 103: Celebrating The 10th Anniversary Of World IPv6 Launch

In today's IPv6 Buzz podcast episode, Ed, Scott, and Tom chat about the recent 10th anniversary of World IPv6 Launch, the global event that kickstarted IPv6 adoption back in 2012.

0

What Is Zero Trust Architecture?

Zero Trust Architecture (ZTA) builds on the foundational principles of zero trust security as defined by the National Institute of Standards and Technology (NIST) in publication Ansible, Puppet, and Crowdstrike offer products that cover the entire spectrum of detecting and protecting endpoints within a corporate network. This would include everything from antivirus and antimalware to abnormal network activity monitoring. Microsoft, Trend Micro, and SentinelOne offer similar capabilities and made Gartner’s upper quadrant in their 2021 Endpoint Protection report. Wrap up Zero Trust Architecture The real answer to the question of what is zero trust architecture depends on your most important corporate assets. Any network design should also include consideration of the humans with access to those critical assets. Trust but verify applies to corporate employees as well as geopolitical relationships. Choosing the right vendors and partners to meet your specific objectives will help you implement a solid Zero Trust Architecture. Once implemented it comes down to diligence and persistence. New threats pop up regularly and must be met with an adaptive security posture. Those who don’t adapt and change will be doomed to failure. The post What Is Zero Trust Architecture? appeared first on The New Stack.

0

Redefining NaaS: It’s the internet

Your network vendor has probably already told you that network as a service or NaaS would improve your network and bottom line. They’ve probably told you that they offer a NaaS strategy. The first statement is true, and the second is fast becoming irrelevant, because the fact is that you have a better, vendor-independent, NaaS option already.  It’s called the internet.The definition for NaaS that’s recently taken hold is financial more than technical—NaaS is a strategy for expensing network technology rather than building networks from capital purchases. Some vendor NaaS is little more than the equivalent of an auto lease, which lets companies expense cars rather than make capital purchases. Others could add in management services or usage pricing. Is this really NaaS?  Uber is driving-as-a-service, not auto leasing. If we want network-as-a-service, we have to look at something that’s really a service.To read this article in full, please click here

0

How to use the htop command to monitor system performance

In this Linux tip, we’re going to take a look at htop – a very useful command-line tool for looking into system performance and nailing down the cause of system slowdowns.

0

Video: IPv6 RA Guard and Extension Headers

Last week’s IPv6 security video introduced the rogue IPv6 RA challenges and the usual countermeasure – RA guard. Unfortunately, IPv6 tends to be a wonderfully extensible protocol, creating all sorts of opportunities for nefarious actors and security researchers.

For years, the networking vendors were furiously trying to plug the holes created by the academically minded IPv6 designers in love with fragmented extension headers. In the meantime, security researches had absolutely no problem finding yet another weird combination of IPv6 headers that would bypass any IPv6 RA guard implementation until IETF gave up and admitted one cannot have “infinitely extensible” and “secure” in the same sentence.

For more details watch the video by Christopher Werny describing how one could use IPv6 extension headers to circumvent IPv6 RA guard

0

Video: IPv6 RA Guard and Extension Headers

Last week’s IPv6 security video introduced the rogue IPv6 RA challenges and the usual countermeasure – RA guard. Unfortunately, IPv6 tends to be a wonderfully extensible protocol, creating all sorts of opportunities for nefarious actors and security researchers.

For years, the networking vendors were furiously trying to plug the holes created by the academically minded IPv6 designers in love with fragmented extension headers. In the meantime, security researches had absolutely no problem finding yet another weird combination of IPv6 headers that would bypass any IPv6 RA guard implementation until IETF gave up and admitted one cannot have “infinitely extensible” and “secure” in the same sentence.

For more details watch the video by Christopher Werny describing how one could use IPv6 extension headers to circumvent IPv6 RA guard

0

3 Key Strategies for Securing the Software Supply Chain

Software supply chain attacks can use a single breach to target software components that can then affect multiple companies' applications.

0

Cisco puts app-performance tools in the cloud

Cisco is taking aim at better controlling the performance and development of core applications with a new AppDynamics cloud service and open-source development tools.AppDynamics Cloud is a cloud-native service designed to let enterprises observe applications and take action to remediate performance problems.   [ Get regularly scheduled insights by signing up for Network World newsletters. ] Available by the end of June, the service is built to observe distributed and dynamic cloud-native applications at scale, wrote chief marketing officer of Cisco AppDynamics, Eric Schou in a blog about the new offering.To read this article in full, please click here

0

Cisco puts app-performance tools in the cloud

Cisco is taking aim at better controlling the performance and development of core applications with a new AppDynamics cloud service and open-source development tools.AppDynamics Cloud is a cloud-native service designed to let enterprises observe applications and take action to remediate performance problems.   [ Get regularly scheduled insights by signing up for Network World newsletters. ] Available by the end of June, the service is built to observe distributed and dynamic cloud-native applications at scale, wrote chief marketing officer of Cisco AppDynamics, Eric Schou in a blog about the new offering.To read this article in full, please click here

0

Cisco puts app-performance tools in the cloud

Cisco is taking aim at better controlling the performance and development of core applications with a new AppDynamics cloud service and open-source development tools.AppDynamics Cloud is a cloud-native service designed to let enterprises observe applications and take action to remediate performance problems.   [ Get regularly scheduled insights by signing up for Network World newsletters. ] Available by the end of June, the service is built to observe distributed and dynamic cloud-native applications at scale, wrote chief marketing officer of Cisco AppDynamics, Eric Schou in a blog about the new offering.To read this article in full, please click here

0

Using OpenSSL With Ed Harmoush 5/6 Inspecting Certificates: Invalid Certificates – Video

ED, HIS TLS COURSE, AND THE FREE OPENSSL CHEATSHEET Twitter @ed_pracnet https://practicalnetworking.net Practical TLS course: https://pracnet.net/tls OpenSSL Cheatsheet: https://pracnet.net/openssl FILES FOR THE CERT/KEY MATCHING EXERCISE: ZIP VERSION: packetpushers-pracnet-openssl.zip https://ln5.sync.com/dl/1f1f63d90/kqztwkp9-hkcz3yvq-tuzx79ke-aewxgaip TAR.GZ VERSION: packetpushers-pracnet-openssl.tar.gz https://ln5.sync.com/dl/0791b8d50/q973jpyb-qrmz3cpd-xeiar9zn-qu99gi5w FOR MORE INFO Hashing, Hashing Algorithms, and Collisions – Cryptography Symmetric Encryption vs Asymmetric Encryption Public & Private Keys – Signatures & […]

The post Using OpenSSL With Ed Harmoush 5/6 Inspecting Certificates: Invalid Certificates – Video appeared first on Packet Pushers.

0

High-Bandwidth Memory (HBM) delivers impressive performance gains

IT vendors typically race to deliver incremental improvements to existing product lines, but occasionally a truly disruptive technology comes along.  One of those disruptive technologies, which is beginning to find its way into enterprise data centers, is High-Bandwidth Memory (HBM).HBM is significantly faster than incumbent memory chip technologies, uses less power and takes up less space. It is becoming particularly popular for resource-intensive applications such as high-performance computing (HPC) and artificial intelligence (AI).To read this article in full, please click here

0

High-Bandwidth Memory (HBM) delivers impressive performance gains

IT vendors typically race to deliver incremental improvements to existing product lines, but occasionally a truly disruptive technology comes along.  One of those disruptive technologies, which is beginning to find its way into enterprise data centers, is High-Bandwidth Memory (HBM).HBM is significantly faster than incumbent memory chip technologies, uses less power and takes up less space. It is becoming particularly popular for resource-intensive applications such as high-performance computing (HPC) and artificial intelligence (AI).To read this article in full, please click here

0

MLAG Deep Dive: Layer-2 Flooding

In the previous blog post of the MLAG Technology Deep Dive series, we explored the intricacies of layer-2 unicast forwarding. Now let’s focus on layer-2 BUM¹ flooding functionality of an MLAG system.

Our network topology will have two switches and five hosts, some connected to a single switch. That’s not a good idea in an MLAG environment, but even if you have a picture-perfect design with everything redundantly connected, you will have to deal with it after a single link failure.

0

MLAG Deep Dive: Layer-2 Flooding

In the previous blog post of the MLAG Technology Deep Dive series, we explored the intricacies of layer-2 unicast forwarding. Now let’s focus on layer-2 BUM¹ flooding functionality of an MLAG system.

Our network topology will have two switches and five hosts, some connected to a single switch. That’s not a good idea in an MLAG environment, but even if you have a picture-perfect design with everything redundantly connected, you will have to deal with it after a single link failure.

0

Cisco Nexus data-center switches promise 800Gb Ethernet but deliver 400GbE today

Cisco is prepping its high-end data-center Nexus switch family for high-speed Ethernet  that will better support high-bandwidth applications such as AI and cloud-native.  The vendor rolled out five new Nexus data-center switches that include improved support for 100/400Gb Ethernet networks, but its flagship box—the 9800—now includes a migration path to support 800GbE requirements. [ Get regularly scheduled insights by signing up for Network World newsletters. ] The new modular data-center switch product family with 14.4Tb/s fully encrypted bandwidth per slot. The Cisco Nexus 9800 Series features eight-slot and four-slot chassis that can scale from 57Tb/s to 115Tb/s with a combination of various first-generation line cards and fabric modules. Each line card slot can support 400GbE or 100GbE or 10/25/50GbE ports. The eight-slot option could support up to 288 400GbE ports, well above the current 9000’s 32-port capacity.To read this article in full, please click here