Archive

Category Archives for "Networking"

Wi-Fi 6E: When it’s coming and what it’s good for

This spring the FCC opened up a new swath of unlicensed wireless spectrum in the 6GHz band that’s intended for use with Wi-Fi and can provide lower latency and faster data rates. The new spectrum also has a shorter range and supports more channels than bands that were already dedicated to Wi-Fi, making it suitable for deployment in high-density areas like stadiums.To read this article in full, please click here(Insider Story)

How Important is BGP RPKI?

Corey Quinn mentioned me in a tweet linking to AWS announcement that they are the biggest user of BGP RPKI (by the size of signed address space) worldwide. Good for them – I’m sure it got their marketing excited. It’s also trivial to do once you have the infrastructure in place. Just saying…

On a more serious front: how important is RPKI and what misuses can it stop?

If you’ve never heard of RPKI, the AWS blog post is not too bad, Nick Matthews wrote a “look grandma, this is how it works” version in 280-character installments, and you should definitely spend some time exploring MANRS resources. Here’s a short version for differently-attentive ;))

How Important is BGP RPKI?

Corey Quinn mentioned me in a tweet linking to AWS announcement that they are the biggest user of BGP RPKI (by the size of signed address space) worldwide. Good for them – I’m sure it got their marketing excited. It’s also trivial to do once you have the infrastructure in place. Just saying…

On a more serious front: how important is RPKI and what misuses can it stop?

If you’ve never heard of RPKI, the AWS blog post is not too bad, Nick Matthews wrote a “look grandma, this is how it works” version in 280-character installments, and you should definitely spend some time exploring MANRS resources. Here’s a short version for differently-attentive ;))

Cisco tags critical security holes in SD-WAN software

Cisco has noted and fixed two critical and a number of high-degree vulnerabilities in its SD-WAN software portfolio.Most of the vulnerabilities could let an authenticated attacker execute command injection attacks against an affected device, which could let the attacker utilize root privileges on the device.The first critical problem–with a Common Vulnerability Scoring System rating of 9.9 out of 10–is  vulnerability in the web-based management interface of Cisco SD-WAN vManage Software. “This vulnerability is due to improper input validation of user-supplied input to the device template configuration,” Cisco stated. “An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to gain root-level access to the affected system.”To read this article in full, please click here

Cisco tags critical security holes in SD-WAN software

Cisco has noted and fixed two critical and a number of high-degree vulnerabilities in its SD-WAN software portfolio.Most of the vulnerabilities could let an authenticated attacker execute command injection attacks against an affected device, which could let the attacker utilize root privileges on the device.The first critical problem–with a Common Vulnerability Scoring System rating of 9.9 out of 10–is  vulnerability in the web-based management interface of Cisco SD-WAN vManage Software. “This vulnerability is due to improper input validation of user-supplied input to the device template configuration,” Cisco stated. “An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to gain root-level access to the affected system.”To read this article in full, please click here

Get the Network Out of the Way

Getting the network out of the way has been very important for me in my thinking about networks, and is an easy way to help talk about a bunch of very important concepts, decisions, and arguments. This can sound trite, obvious, or insulting. In this post I’ll try to describe...

Istio’s Complexity Leads Some Users to Linkerd

Twain Taylor Twain is a guest blogger for Twistlock and a Fixate IO Contributor. He began his career at Google, where, among other things, he was involved in technical support for the AdWords team. His work involved reviewing stack traces and resolving issues affecting both customers and the Support team, and handling escalations. Today, as a technology journalist, he helps IT magazines, and startups change the way teams build and ship applications. Service meshes have been getting quite a bit of attention, and with good reason. By providing reliability, security, and observability at the platform layer, service meshes can play a mission-critical role in Kubernetes applications. But tales of adoption are mixed: some practitioners report shying away from adopting a service meshes due to their apparent complexity, while others report getting them up and running with apparent ease. So which is it? Are service meshes too complex to be worth the effort, or ready for adoption today? In this article I wanted to focus on

Tech Bytes: VMware’s vRealize True Visibility Suite Illuminates Dark Corners Of Your IT Stack (Sponsored)

On today's sponsored Tech Bytes podcast we discuss VMware's vRealize True Visibility Suite (TVS), an add-on that helps you understand transactions from the physical layer all the way through to the application layer. Our guest is Apolak Borthakur, VP/GM at VMware.

The post Tech Bytes: VMware’s vRealize True Visibility Suite Illuminates Dark Corners Of Your IT Stack (Sponsored) appeared first on Packet Pushers.

Day Two Cloud 081: Abstractions Should Save Typing, Not Thinking

Today's Day Two Cloud episode is part one of a two-part show on abstractions. Hosts Ned Bellavance and Ethan Banks riff on the idea that "Abstractions are there to save you typing, not to save you thinking." The upshot? Abstractions don't eliminate issues, they just move them someplace else. And that has repercussions for design, development, infrastructure, and operations.

The post Day Two Cloud 081: Abstractions Should Save Typing, Not Thinking appeared first on Packet Pushers.

Calico Enterprise: An Overview

As we enter a new year, it’s an appropriate time to reflect on our achievements at Tigera and how much Calico Enterprise has evolved over the past year as the industry’s leading Security and Observability solution for Kubernetes Networking and Microservices. Our experience working with enterprise-class early adopters has helped us to identify the most critical requirements for them to operationalize their Kubernetes deployments and successfully make the challenging transition from pilot to production. These learnings have helped us to shape today’s Calico Enterprise, which is visually represented in this solutions architecture diagram. Let’s dig into this feature-rich layer cake of functionality, from bottom to top!

Calico Enterprise Solutions Architecture

Calico Enterprise is “Kube-native”

But first, there are some important things to keep in mind as we explore. Calico Enterprise is a Kubernetes-native solution – Kube-native – in which everything we do is an extension of Kubernetes primitives. We leverage the full power of Kubernetes by integrating with the Kubernetes API server and creating our own aggregated API server. We use an operator model to access and control custom resources to perform specific functions, like RBAC for example, natively in Kubernetes. Being Kubernetes-native means that as Kubernetes evolves, Calico Enterprise Continue reading

The Hedge Podcast 67: Daniel Beveridge and the Structure of Innovation

Innovation and disruption are part the air we breath in the information technology world. But what is innovation, and how do we become innovators? When you see someone who has invented a lot of things, either shown in patents or standards or software, you might wonder how you can become an innovator, too. In this episode of the Hedge, Tom Ammon, Eyvonne Sharp, and Russ White talk to Daniel Beveridge about the structure of innovation—how to position yourself in a place where you can innovate, and how to launch innovation.

download

Indigenous Communities Must Have Internet Access on Their Own Terms

A shorter version of this article was first published in the Toronto Star.

With the recent launch of the Universal Broadband Fund, or UBF, the federal government has committed to addressing the connectivity gap that is far too real for many people living in Canada. Over the past eight months, COVID-19 has shown us how important the Internet is during a crisis. Broadband access has become an essential service as critical as access to water or electricity. Minister Maryam Monsef was correct when she said: “High-speed Internet is more than just a convenience.”

Certainly, an investment of CAD$1.75 billion to help lower the hurdles that have left many Indigenous, rural, and remote communities in Canada on the wrong side of the digital divide is both needed and welcome. But officials need to take care not to disenfranchise the very communities they intend to help in the process. For the most challenging communities to connect to the Internet, success can only happen with community-led initiatives. It is critical that the communities most in need are full partners in the process, driving connectivity solutions that work for them, and have access to the necessary resources to make that happen.

This Continue reading

Lessons that insurrection selfies hold for legitimate enterprises

The pro-Trump rioters who invaded the Capitol on January 6 came with smartphones to record and celebrate what they thought was a righteous effort to prevent president-elect Joe Biden from taking office two weeks later.Now those electronic devices, along with the GPS data they generated, are being used to track the location of rioters within the building as federal law enforcement officials continue to make arrests and build criminal cases.Among the acts being investigated: breaking through police barriers, smashing windows, and assaulting police officers and media members. Five people died including a Capitol Hill police officer who was bludgeoned with a fire extinguisher.To read this article in full, please click here

Lessons that insurrection selfies hold for legitimate enterprises

The pro-Trump rioters who invaded the Capitol on January 6 came with smartphones to record and celebrate what they thought was a righteous effort to prevent president-elect Joe Biden from taking office two weeks later.Now those electronic devices, along with the GPS data they generated, are being used to track the location of rioters within the building as federal law enforcement officials continue to make arrests and build criminal cases.Among the acts being investigated: breaking through police barriers, smashing windows, and assaulting police officers and media members. Five people died including a Capitol Hill police officer who was bludgeoned with a fire extinguisher.To read this article in full, please click here