Take a Network Break! This week we examine Oracle's purchase of network assurance vendor Federos, discuss why Cisco has added a service mesh manager to its Intersight Kubernetes service, explore why some users are frustrated with a crypto-miner in NortonLifelock's anti-virus software, and cover more tech news.
The post Network Break 364: Oracle Acquires Federos For Network Assurance; Google Snags Security Startup Siemplify appeared first on Packet Pushers.
This post is also available in 日本語, Deutsch, Français, Español.
The first half of 2021 witnessed massive ransomware and ransom DDoS attack campaigns that interrupted aspects of critical infrastructure around the world (including one of the largest petroleum pipeline system operators in the US) and a vulnerability in IT management software that targeted schools, public sector, travel organizations, and credit unions, to name a few.
The second half of the year recorded a growing swarm of one of the most powerful botnets deployed (Meris) and record-breaking HTTP DDoS attacks and network-layer attacks observed over the Cloudflare network. This besides the Log4j2 vulnerability (CVE-2021-44228) discovered in December that allows an attacker to execute code on a remote server — arguably one of the most severe vulnerabilities on the Internet since both Heartbleed and Shellshock.
Prominent attacks such as the ones listed above are but a few examples that demonstrate a trend of intensifying cyber-insecurity that affected everyone, from tech firms and government organizations to wineries and meat processing plants.
Here are some DDoS attack trends and highlights from 2021 and Q4 ‘21 specifically:
In this post, we will look at a peculiar case of a SGACL not denying traffic between two hosts in a SD-Access fabric.
Remember the unnumbered IP interfaces saga? Let’s conclude it with the final challenge: can we run link-state routing protocols (OSPF or IS-IS) over unnumbered interfaces?
Quick answer: Sure, just use IPv6.
Cheater! IPv6 doesn’t count. There are no unnumbered interfaces in IPv6 – every interface has at least a link-local address (LLA). Even more, routing protocols are designed to run over LLA addresses, including some EBGP implementations, allowing you to build an LLA-only network (see RFC 7404 for details).
OK, what about IPv4?
TL&DR: It works, but…
Remember the unnumbered IP interfaces saga? Let’s conclude with the final challenge: can we run link-state routing protocols (OSPF or IS-IS) over unnumbered interfaces?
Quick answer: Sure, just use IPv6.
Cheater! IPv6 doesn’t count. There are no unnumbered interfaces in IPv6 – every interface has at least a link-local address (LLA). Even more, routing protocols are designed to run over LLA addresses, including some EBGP implementations, allowing you to build an LLA-only network (see RFC 7404 for details).
OK, what about IPv4?
TL&DR: It works, but…
2022 Goals In 2021, the pandemic managed to get to me. It seemed like alot of curve balls came my way. But, myself and my family came out the other end healthy and in relatively good spirits. 2022 is going to be a bit of a do-over in terms of my goals for the year. Without further...continue reading
As part of a POC I deployed a pair of HA F5 LTM/GTM at home to use for all things DNS based. It is an indulgent over the top DNS solution for a 1 bed flat, but hey-ho we are in a pandemic….. This guide does not go through the HA F5 or GTM (still cant stop calling it that) configuration, it is focussed around using ZoneRunner for DNS (bind) with these zones transferred into DNS express and serviced by a listener.
A friend of mine recently had a solar panel system installed on his acreage. Besides being interesting because of the renewable/green aspect of the project, the system itself—from SolarEdge—is actually highly digital.
The last point interested me the most because any time a device exposes its data or a control connection, it means there’s an opportunity to integrate it with other software. In this case, I wanted to create my own dashboard to display (near) real-time performance data for the system.
Whereas other blogs and articles on this topic describe how to monitor a single inverter system, this post will describe how I built a performance dashboard for a multi-inverter system.
This post originally appeared on the Packet Pushers’ Ignition site on August 20, 2021. For both individuals and businesses, the past 18-months have vastly increased their reliance on the Internet to access cloud services, online retail and entertainment venues and each other via high-definition video conferences. In the period from just before the initial SARS-CoV-2 […]
The post Carriers Are Scaling Backbones With Merchant Silicon & Disaggregated, Distributed Networking appeared first on Packet Pushers.