The Cloudflare Radar 2020 Elections Dashboard
There is significant global attention around the upcoming United States election. Through the Athenian Project and Cloudflare for Campaigns, Cloudflare is providing free protection from cyber attacks to a significant number of state and local elections' websites, as well as those of federal campaigns.
One of the bedrocks of a democracy is that people need to be able to get access to relevant information to make a choice about the future of their country. This includes information about the candidates up for election; learning about how to register, and how to cast a vote; and obtaining accurate information on the results.
A question that I’ve been increasingly asked these past few months: are cyberattacks going to impact these resources leading up to and on election day?
Internally, we have been closely monitoring attacks on the broader elections and campaign websites and have a team standing by 24x7 to help our current customers as well as state and local governments and eligible political campaigns to protect them at no cost from any cyberattacks they may see.
The good news is that, so far, cyberattacks have not been impacting the websites of campaigns and elections officials we are monitoring and protecting. Continue reading
Whiteboards Don’t Remote Work
Its a mistake to think whiteboards are the only tool you have.
Validate Ansible YAML Data with JSON Schema
When I published the Optimize Network Data Models series a long while ago, someone made an interesting comment along the lines of “You should use JSON Schema to validate the data model.”
It took me ages to gather the willpower to tame that particular beast, but I finally got there. In the next installment of the Data Models saga I described how you can use JSON Schema to validate Ansible inventory data and your own YAML- or JSON-based data structures.
To learn more about data validation, error handling, unit- and system testing, and CI/CD pipelines in network automation, join our automation course.
Validate Ansible YAML Data with JSON Schema
When I published the Optimize Network Data Models series a long while ago, someone made an interesting comment along the lines of “You should use JSON Schema to validate the data model.”
It took me ages to gather the willpower to tame that particular beast, but I finally got there. In the next installment of the Data Models saga I described how you can use JSON Schema to validate Ansible inventory data and your own YAML- or JSON-based data structures.
To learn more about data validation, error handling, unit- and system testing, and CI/CD pipelines in network automation, join our automation course.
Docker DDoS testbed
Docker testbed describes how to use Docker Desktop to build a test network to experiment with real-time sFlow streaming telemetry and analytics. This article extends the testbed to experiment with distributed denial of service (DDoS) detection and mitigation techniques described in Real-time DDoS mitigation using BGP RTBH and FlowSpec.
Start a Host sFlow agent using the pre-built sflow/host-sflow image:
docker run --rm -d -e "COLLECTOR=host.docker.internal" -e "SAMPLING=10" \
--net=host -v /var/run/docker.sock:/var/run/docker.sock:ro \
--name=host-sflow sflow/host-sflow
Start ExaBGP using the pre-built sflow/exabgp image. ExaBGP connects to the sFlow-RT analytics software and displays BGP RTBH / Flowspec controls sent by sFlow-RT:
docker run --rm sflow/exabgp
In a second terminal window, start an instance of the sFlow-RT analytics software using the pre-built sflow/ddos-protect image:
GW=`docker network inspect bridge -f '{{range .IPAM.Config}}{{.Gateway}}{{end}}'`
SUBNET=`docker network inspect bridge -f '{{range .IPAM.Config}}{{.Subnet}}{{end}}'`
docker run --rm -p 6343:6343/udp -p 8008:8008 -p 1179:1179 --name=sflow-rt \
sflow/ddos-protect -Dddos_protect.router=$GW -Dddos_protect.as=65001 \
-Dddos_protect.enable.flowspec=yes -Dddos_protect.group.local=$SUBNET \
-Dddos_protect.mode=automatic \
-Dddos_protect.udp_amplification.action=filter \
-Dddos_protect.udp_amplification.threshold=5000Open the sFlow-RT dashboard at http://localhost:8008/
The sFlow Agents gauge confirms that sFlow is being received from the Host sFlow agent. Now access the Continue reading
A Communication Fabric for Today’s Omni-Channel Digital Experience
How to connect the myriad vendors leveraged by enterprises to create robust consumer journeys.Insight Analytics with Custom Tagging: Cost-Effective Insight into Networks and Applications
Insight Analytics with custom tagging lets operators tailor their traffic views to their environment to gain deeper insight and accelerate trouble resolution.Technologies that Didn’t: Network Operating Systems
For those with a long memory—no, even longer than that—there were once things called Network Operating Systems (NOS’s). These were not the kinds of NOS’s we have today, like Cisco IOS Software, or Arista EOS, or even SONiC. Rather, these were designed for servers. The most common example was Novell’s Netware. These operating systems were the “bread and butter” of the networking world for many years. I was a Certified Netware Expert (CNE) version 4.0, and then 4.11, before I moved into the routing and switching world. I also deployed Banyan’s Vines, IBM’s OS/2, and a much simpler system called LANtastic, among others.
What were these pieces of software? They were largely built around providing a complete environment for the network user. These systems began with file sharing and directory services and included a small driver that would need to be installed on each host accessing the file share. This small driver was actually a network stack for a proprietary set of protocols. For Vines, this was VIP; for Netware, it was IPX. Over time, these systems began to include email, and then, as a natural outgrowth of file sharing and email, directory services. For some time, there Continue reading
Full Stack Journey 047: Using Kubernetes And Crossplane To Provision Cloud Infrastructure
Today's Full Stack Journey episode explores the Crossplane project, which uses APIs in Kubernetes and public cloud providers to allow you to provision and manage cloud services and infrastructure from Kubernetes. Crossplane maintainer Daniel Mangum is our guide.
The post Full Stack Journey 047: Using Kubernetes And Crossplane To Provision Cloud Infrastructure appeared first on Packet Pushers.
Full Stack Journey 047: Using Kubernetes And Crossplane To Provision Cloud Infrastructure
Today's Full Stack Journey episode explores the Crossplane project, which uses APIs in Kubernetes and public cloud providers to allow you to provision and manage cloud services and infrastructure from Kubernetes. Crossplane maintainer Daniel Mangum is our guide.
HS001 – Detecting Hype in 5G Marketing
Greg brings the topic of Hype in 5G Marketing and attempts to explain why some hype is legit but humans should care less. Keith puts the brakes on and provides context, breakdown and reality.
Bot Attack trends for Jan-Jul 2020
Now that we’re a long way through 2020, let’s take a look at automated traffic, which makes up almost 40% of total Internet traffic.
This blog post is a high-level overview of bot traffic on Cloudflare’s network. Cloudflare offers a comprehensive Bot Management tool for Enterprise customers, along with an effective free tool called Bot Fight Mode. Because of the tremendous amount of traffic that flows through our network each day, Cloudflare is in a unique position to analyze global bot trends.
In this post, we will cover the basics of bot traffic and distinguish between automated requests and other human requests (What Is A Bot?). Then, we’ll move on to a global overview of bot traffic around the world (A RoboBird’s Eye View, A Bot Day and Bots All Over The World), and dive into North American traffic (A Look into North American Traffic). Lastly, we’ll finish with an overview of how the coronavirus pandemic affected global traffic, and we’ll take a deeper look at European traffic (Bots During COVID-19 In Europe).
On average, Cloudflare processes 18 million HTTP requests every second. This is a great opportunity to understand how bots shape the Continue reading
Getting Started With Noction Flow Analyzer
The post Getting Started With Noction Flow Analyzer appeared first on Noction.