Day Two Cloud 111: Infrastructure As Software With Kris Nóva
Kris Nóva, Senior Principal Software Engineer at Twilio, claims that managing infrastructure using tools like Terraform isn't that far away from just writing your own code to do the job yourself. Kris joins co-hosts Ned Bellavance and Ethan Banks to challenge the notion that ops folks can't become developers. Kris says they can.
The post Day Two Cloud 111: Infrastructure As Software With Kris Nóva appeared first on Packet Pushers.
How To Become A Mentor In Your Career Field
Becoming a mentor doesn’t just help others. It enables you to enhance your professional development too. That is because it is a mutually beneficial partnership that helps both parties involved, i.e., the mentor and mentee.
If you are looking to become a mentor, you are in the right place. Here are the top tips that will help you in how to become a mentor in your career field.
1. Find A Mentee
You can use your organization or professional network to find a mentee. However, many of the best mentoring relationships develop organically without you having to try. If you feel there is a junior in your organization that you offer advice to, you can always become their mentee.
Mentoring programs inside the organization are an excellent way to engage the staff, retain employees, and pass expertise. So, if you have such a program in your organization, you will find a mentee in no time.
2. Set Expectations
Once you have found a mentee in your organization, it is time to set expectations. That is because establishing guidelines help maintain a good working relationship. Your mentee will know what you expect and vice versa. Continue reading
Automation Simplifies Mobile Transport Network Rollouts
Automation to simplify the provisioning and configuration of transport network elements (NEs) will be key to performing much of the arduous tasks required to get equipment up and running.Register for the 5th Annual Indigenous Connectivity Summit
In its second year as a virtual event, the Indigenous Connectivity Summit will take place on 12-15 October 2021. The COVID-19 pandemic showed us that those who lack connectivity face the effects of starker inequalities. Millions of people across Canada and the United States still can’t take advantage of the benefits of a fast, affordable, […]
The post Register for the 5th Annual Indigenous Connectivity Summit appeared first on Internet Society.
Full Stack Journey 057: Open Policy Agent
What is Open Policy Agent (OPA)? And what can someone do with it? These are some of the questions that episode 57 of the Full Stack Journey podcast tackles. In this episode, Scott is joined by Diego Comas (@diegocomas on Twitter), a user/consumer of OPA, to discuss his direct experience in using OPA in real production environments.
The post Full Stack Journey 057: Open Policy Agent appeared first on Packet Pushers.
Full Stack Journey 057: Open Policy Agent
What is Open Policy Agent (OPA)? And what can someone do with it? These are some of the questions that episode 57 of the Full Stack Journey podcast tackles. In this episode, Scott is joined by Diego Comas (@diegocomas on Twitter), a user/consumer of OPA, to discuss his direct experience in using OPA in real production environments.
6 New Ways to Validate Device Posture
Cloudflare for Teams gives your organization the ability to build rules that determine who can reach specified resources. When we first launched, those rules primarily relied on identity. This helped our customers replace their private networks with a model that evaluated every request for who was connecting, but this lacked consideration for how they were connecting.
In March, we began to change that. We announced new integrations that give you the ability to create rules that consider the device as well. Starting today, we’re excited to share that you can now build additional rules that consider several different factors about the device, like its OS, patch status, and domain join or disk encryption status. This has become increasingly important over the last year as more and more people began connecting from home. Powered by the Cloudflare WARP agent, your team now has control over more health factors about the devices that connect to your applications.
Zero Trust is more than just identity
With Cloudflare for Teams, administrators can replace their Virtual Private Networks (VPNs), where users on the network were trusted, with an alternative that does not trust any connection by default—also known as a Zero Trust model.
Customers Continue reading
Musing: Does 802.1x Matter Anymore ?
802.1X has little relevance over time. As distributed work becomes widespread, laptops and smartphones will not connect to campus or branch networks operated by IT departments. Home broadband, cafes, kids schools, 4G/5g etc. Each user device will have some software mechanism/agent/method to access resources in SaaS, on/off prem DC/cloud and on son There is a market […]
Juniper ARP Policer on PTX
I’ve written before about the default ARP policer on Juniper MX. It can create some odd failure conditions when you’re connected to noisy networks such as large Internet Exchanges. Junos OS Evolved, as used on platforms like the PTX10003 has low default values for ARP and ICMPv6 ND DDoS protections. It will cause the same problems, but is easier to diagnose and mitigate.
Juniper DDoS Protection
Platforms like MX, QFX, PTX have Control Plane DDoS protections built in. These will automatically rate-limit various traffic types that hit the CPU. This is generally a Good Thing. Certain packet types get punted from the ASIC to the CPU, but the CPU can’t handle anywhere near the traffic levels that the forwarding ASIC can. Send enough special packets to a router, choke the CPU, and you might be able to knock things offline. So having default policies to rate-limit traffic makes sense.
Platform Defaults
Juniper might have “One Junos” but we know it’s not that simple. Behavior varies between platforms. Check these default values for some DDoS protections for different platforms:
| Protocol | MX | QFX | PTX |
|---|---|---|---|
| ARP | 20,000 | 500 | 500 |
| NDPv6 | 20,000 | N/A | 500 |
| ICMP | 20,000 | N/A | 500 |
| BGP | 20,000 | 3,000 | 5,000 |
Note Continue reading