Archive

Category Archives for "Networking"

From Zero Visibility to Zero Trust in the Data Center

Imagine someone breaking into your home. If you catch them in the act, they’re most likely leaving right away, and you’re upping your security system. Now imagine someone breaking into your home, and staying for nine months – now what? They’ve prolonged their stay completely unnoticed and destroyed the security system you once trusted and relied upon. Your next move? Trying to reinstate the faith you once had in security and completely reconfigure your security blueprint.  

Let’s break down why data center security has taken center stage as of late with the increasing challenges of securing east-west traffic and the journey from zero visibility to Zero Trust thanks to Forrester and VMware’s collaborative webinar session. (Or, feel free to get straight to all the juicy details, and watch the webinar now.) 

The Catapult for Enhanced Data Center Security 

We’re on the heels of the global COVID-19 pandemic, and wow, have things changed. As a global community, we were trying to juggle the unknown and potential threats that COVID-19 had posed. From an industry perspective, we had to engage in an overhaul that changed the way we worked – forever. For organizations everywhere, remote work is now a part of the new normal routine. So, with these massive changes, Continue reading

The Packets Never Lie

In this episode, Phil and Brandon interview Kary Rogers, AKA PacketBomb, and discuss the need to drill down into packets when troubleshooting. The group shares a few stories from the trenches on how packets helped them solve issues and Kary explains how he got started looking at Packets for deeper information.

Reference Links:

Kary Rogers
Guest
Phil Gervasi
Host
Brandon Carroll
Host

The post The Packets Never Lie appeared first on Network Collective.

MikroTik RouterOS – v7.0.3 stable (chateau) and status of general release

If you don’t already use it, the MIkroTik v7 BETA forum (forum.mikrotik.com) is a fantastic source of information


When will stable be released?

This is the million dollar question. Technically, it already has been for one hardware platform…

!! Spoiler Alert – There is *already* a stable release of ROSv7 – v7.0.3!!

The Chateau 5G router originally shipped with a beta version of ROSv7 but was quietly moved to a stable version that’s developed specifically for that platform.

https://forum.mikrotik.com/viewtopic.php?t=175201#p865329

Because of the way MikroTik’s code repo works, this version can’t easily be added to the main download page and support provides the software:

ROSv7.0.3 Stable Download (!!! Chateau Only – will brick other hardware !!!)

https://box.mikrotik.com/f/7e3cad5779804d0b878d/?dl=1

It’s worth repeating MikroTik’s warning about using this on any platform other than the Chateau

v7 launch date – MikroTikhttps://forum.mikrotik.com/viewtopic.php?f=1&t=175201#p865452


https://iparchitechs.com/contact



What’s holding up v7 from being released?

If you’ve been around MikroTik for a while, then you know that version 7 has been in the works for a long time to add new functionality and address limitations of the older Linux kernel in ROSv6.

MikroTik recently Continue reading

Video Game Security Should Be Simple for Developers

Video games continue to Bharat Bhat (Okta marketing lead for developer relations) cover why and how video game platforms and connections should be more secure, with guest Okta senior developer advocate Video Game Security Should Be Simple for Developers Also available on Google Podcasts, PlayerFM, Spotify, TuneIn The gaming industry has often served as a showcase for some of the industry’s greatest programming talents. As a case in point,

The TPM chip controversy for Windows 11 is a non-issue for Windows Server

By now you’ve heard about the kerfuffle surrounding Windows 11 and its requirement for a Trusted Platform Module (TPM) chip, which is not standard on the majority of PCs and threatens to leave many newer Windows 10 PCs blocked from being upgraded.Normally the issues around a new version of Windows are system requirements, but here, the issue is the TPM chip. TPM is a specially designed chip that assists with security surrounding credentials. It ensures that boot code that’s loaded, such as firmware and OS components, haven’t been tampered with. It can also encrypt the drive contents to protect against theft. Microsoft is mandating that systems have TPM based on 2.0 specifications but few PCs do. Those that do ship with it have it turned off by default but it is easily activated.To read this article in full, please click here

The TPM chip controversy for Windows 11 is a non-issue for Windows Server

By now you’ve heard about the kerfuffle surrounding Windows 11 and its requirement for a Trusted Platform Module (TPM) chip, which is not standard on the majority of PCs and threatens to leave many newer Windows 10 PCs blocked from being upgraded.Normally the issues around a new version of Windows are system requirements, but here, the issue is the TPM chip. TPM is a specially designed chip that assists with security surrounding credentials. It ensures that boot code that’s loaded, such as firmware and OS components, haven’t been tampered with. It can also encrypt the drive contents to protect against theft. Microsoft is mandating that systems have TPM based on 2.0 specifications but few PCs do. Those that do ship with it have it turned off by default but it is easily activated.To read this article in full, please click here

What’s new in Calico Enterprise 3.7: eBPF data plane, high availability, and more!

As our enterprise customers build out large, multi-cluster Kubernetes environments, they are encountering an entirely new set of complex security, observability, and networking challenges, requiring solutions that operate at scale and can be deployed both on-premises and across multiple clouds. New features in our latest release add to the already formidable capabilities of Calico Enterprise.

New feature: High-availability connectivity for Kubernetes with dual ToR

 

Many platform operators who run Kubernetes on-premises want to leverage Border Gateway Protocol (BGP) to peer with other infrastructure. Calico uses BGP to peer with infrastructure within the cluster as well as outside of the cluster, and integrates with top-of-rack (ToR) switches to provide that connectivity.

Calico ToR connectivity has existed for some time now. However, for cluster operators using BGP who need reliable, consistent connectivity to resources outside of the cluster as well as cluster nodes on different racks, Calico Enterprise dual ToR connectivity ensures high availability with active-active redundant connectivity planes between cluster nodes and ToR switches. A cluster that is peered to two ToR switches will still have an active link, even if one switch becomes unavailable, thus ensuring the cluster always has a network connection. Kubernetes cannot do this on its Continue reading

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Hedge 90: Andrew Wertkin and a Naïve Reliance on Automation

Automation is surely one of the best things to come to the networking world—the ability to consistently apply a set of changes across a wide array of network devices has speed at which network engineers can respond to customer requests, increased the security of the network, and reduced the number of hours required to build and maintain large-scale systems. There are downsides to automation, as well—particularly when operators begin to rely on automation to solve problems that really should be solved someplace else.

In this episode of the Hedge, Andrew Wertkin from Bluecat Networks joins Tom Ammon and Russ White to discuss the naïve reliance on automation.

download

We Can’t Achieve the Sustainable Development Goals without the Internet

The Internet is a critical enabler for sustainable development. It unlocks human capabilities and provides the platform upon which an emerging digital economy can thrive. As the Internet and digital technologies become more essential, it also becomes more urgent to connect the people who are being left behind.

The post We Can’t Achieve the Sustainable Development Goals without the Internet appeared first on Internet Society.

Day Two Cloud 105: How The Fly.io Cloud Brings Apps Closer To Users

Fly.io is a public cloud that can run your applications all over the world. The goal of Fly.io is to allow developers to self-service complicated infrastructure without an ops team, while making multi-region a default setting to get apps as close to the user as possible. Our guest is founder Kurt Mackey. This is not a sponsored show.

The post Day Two Cloud 105: How The Fly.io Cloud Brings Apps Closer To Users appeared first on Packet Pushers.

Backing up not just your data, but your productivity

Everyone knows that backups are important, but most of us tend to think of backups solely as the process of backing up our data files -- not necessarily our applications, our passwords or our computers. And, when we run into a serious problem that threatens our ability to get our work done, it just might be time to rethink what "backing up" should involve.Even if you have more than one computer at your disposal, it could easily be that only one of them is ready to help you with passwords you rarely use, provide access to your cloud backups, allow you to connect to the VPN you use for special projects, probe your network for problems or offer you a way to log into remote systems.To read this article in full, please click here