State of IT Security in 2021
Patrik Schindler sent me his views on code quality and resulting security nightmares after reading the Cisco SD-WAN SQL Injection saga. Enjoy!
I think we have a global problem with code quality. Both from a security perspective, and from a less problematic but still annoying bugs-everywhere perspective. I’m not sure if the issue is largely ignored, or we’ve given up on it (see also: Cloud Complexity Lies or Cisco ACI Complexity).
State of IT Security in 2021
Patrik Schindler sent me his views on code quality and resulting security nightmares after reading the Cisco SD-WAN SQL Injection saga. Enjoy!
I think we have a global problem with code quality. Both from a security perspective, and from a less problematic but still annoying bugs-everywhere perspective. I’m not sure if the issue is largely ignored, or we’ve given up on it (see also: Cloud Complexity Lies or Cisco ACI Complexity).
Cloudflare’s Annual Founders’ Letter
This week we celebrate Cloudflare's birthday. We launched the company 11 years ago tomorrow: September 27, 2010. It has been our tradition, since our first birthday, to use this week to launch innovative new products that we think of as our gift back to the Internet.
Since going public, it's also been an opportunity for us to update our Annual Founders' Letter and share what's on our mind. Recently we've been thinking about three things: team, the Internet, and innovation.
Team
When anyone asks us the key to Cloudflare's success, we always say the same thing: the team we've been able to attract to help us achieve our mission of helping build a better Internet. In the last year we've had more than 250,000 people apply to work for us and extended offers to less than one half of one percent of them. We continue to attract great people.
It's incredible to realize that more than half of Cloudflare's team today started since March 13, 2020, when we closed all our physical offices due to the pandemic. In the last several months, as we've started to see a light at the end of the COVID tunnel, we've been hosting what Continue reading
Private 5G Needs Complexity To Thrive
I know we talk about the subject of private 5G a lot in the industry but there are more players coming out every day looking to add their voice to the growing supporters of these solutions. And despite the fact that we tend to see 5G and Wi-Fi technologies as ships in the night this discussion isn’t going to go away any time soon. In part it’s because decision makers aren’t quite savvy enough to distinguish between the bands, thinking all wireless communications are pretty much the same.
I think we’re not going to see much overlap between these two technologies. But the reasons why aren’t quite what you might think.
Walking Workforces
Working from anywhere other than the traditional office is here to stay. Every major Silicon Valley company has looked at the cost benefit analysis and decided to let workers do their thing from where they live. How can I tell it’s permanent? Because they’re reducing salaries for those that choose to stay away from the Bay Area. That carrot is pretty enticing and for the companies to say that it’s not on the table for remote work going forward means they have no incentive to make people Continue reading
All Things Networking at VMworld 2021
Must-See Sessions for Networking
This year’s networking sessions – based on the audience feedback from VMworld 2020 – not only feature more customers stories and interviews, but have a balance of innovation, industry trends, roadmap, and technical get-your-hands-dirty sessions. The VMworld 2021 Session Types and Levels summary gives you an idea of what’s available for you and your colleagues.
If you’re not sure about the different learning tracks or what they will include, check out the VMworld learning index here. The robust Content Catalog will allow you to filter sessions based on topic, tracks, products, type and level; the scheduler lets you to build an itinerary.
Lastly, we have made a list of can’t miss sessions based on your role.
For Networking Leaders:
- Solution Keynote: Self-Service will Modernize Networks
- Self-Service will Modernize Networks – See it in Action with HSBC
- Operationalizing Zero Trust at Scale – Lessons Learned
For Networking Practitioners:
Heavy Networking 599: DriveNets Taps Disaggregation To Build Networks Like Cloud (Sponsored)
On today's sponsored Heavy Networking we talk with DriveNets about why it’s time to take the disaggregated model--where you buy whitebox hardware and put a network operating system of your choice on it--seriously. Along the way, we’re going to hit DriveNets network architectures and operating models, and get you thinking about why disaggregated networking might make sense for you.Heavy Networking 599: DriveNets Taps Disaggregation To Build Networks Like Cloud (Sponsored)
On today's sponsored Heavy Networking we talk with DriveNets about why it’s time to take the disaggregated model--where you buy whitebox hardware and put a network operating system of your choice on it--seriously. Along the way, we’re going to hit DriveNets network architectures and operating models, and get you thinking about why disaggregated networking might make sense for you.
The post Heavy Networking 599: DriveNets Taps Disaggregation To Build Networks Like Cloud (Sponsored) appeared first on Packet Pushers.
AWS Networking – Part VIII: AWS Network ACL (NACL)
In this section, I am going to introduce the default Network ACL for subnets in VPC NVKT-VPC-01.
Figure 1-28 shows the complete structure of our VPC NVKT-VPC-01. We have a Public subnet 10.10.0.0/24 in AZ eu-west-2c a Private subnet 10.10.1.0/24 in AZ eu-west-2a. Both subnets are protected by the default VPC’s NACL named NWKT-NACL. NACL allows all traffic to and from the subnet by default.
Figure 1-37: Complete VPC Stack.
Continue reading
Cloud Native Driving Change in Enterprise and Analytics
Software development via cloud-native resources continues to gain traction among enterprises looking for scale, security, and accessibility of business intelligence.AWS Networking – Part VII: Create Subnet and RT Using AWS CloudFormation
In this post, we create a Subnet with the set of properties and attach it to VPC. We also specify a Route Table, which we associate with the Subnet using association.
1) AWS::EC2::VPC (NwktVPC)
2) AWS::EC2::Subnet (NwktSubnet)
3) AWS::EC2::RouteTable (NwktPUB2RouteTable)
4) AWS::EC2::SubnetRouteTableAssociation(NwktRouteTableAssociation)
We are using a Ref function for defining the dependencies between AWS resources when the actual AWS resource Identifier is unknown. For example, the Ref function in AWS::EC2::Subnet resource [2] refers to the resource AWS::EC2::VPC’s logical name NwktVPC (A). We have to use an intrinsic function because we don’t know which VPC Identifier AWS generates to VPC. After creating the subnet, we specify the subnet-specific Route Table [3]. First, we need to bind it to VPC using the Ref function value NwktVPC (B). Next, we “glue” the Route Table to Subnet using RouteTableAssociation, where we use two Ref functions. The first one refers to Route Table (C), and the second to Subnet (D).
Figure 1-34: Subnet Route Table.
Continue reading
What does the Internet Society do and who are they? – Massimiliano “Max” Stucchi, Technical Advisor, European Bureau @ Internet Society
The Internet Society supports and promotes the development of the Internet as a global technical infrastructure, a resource to enrich people’s lives, and a force for good in society. Our work aligns with our goals for the Internet to be open, globally-connected, secure, and trustworthy
Worth Reading: Breaking Down Silos
Here’s another masterpiece by Charity Majors: Why I hate the phrase “breaking down silos”. A teaser in case you can’t decide whether to click the link:
When someone says they are “breaking down silos”, whether in an interview, a panel, or casual conversation, it tells me jack shit about what they actually did.
Enjoy ;)