Sanjay Poonen Talks VMware’s Multi-Billion-Dollar Security Strategy

Nutanix Hammered by Coronavirus-Tainted Outlook

Akamai: The Financial Sector Is Seeing More APIs-Based Attacks

Cyberattackers are now increasingly targeting APIs, especially in the financial sector, according to content delivery network Akamai’s between 15% and 30% of all web traffic. The Cambridge, Massachusetts-based company hAndy Ellis neatly summarized the resultsemail to VentureBeat, Akamai explained some of the advantages of automation: criminals “use bots and tools that allow threading, or multiple simultaneous connections, to attempt multiple logins at once.” And by targeting APIs, “they hope to avoid some front-end defenses and speed up their validation times.” A recent Franck V. on 

Microsoft’s Ann Johnson: Security Needs AI With Human Spirit

My Personal Notes on Corona Virus (COVID-19) And Travelling

Or why you should stop travelling for a while

The post My Personal Notes on Corona Virus (COVID-19) And Travelling appeared first on EtherealMind.

Gen X Performance Tuning

We are using AMD 2nd Gen EPYC 7642 for our tenth generation “Gen X” servers. We found many aspects of this processor compelling such as its increase in performance due to its frequency bump and cache-to-core ratio. We have partnered with AMD to get the best performance out of this processor and today, we are highlighting our tuning efforts that led to an additional 6% performance.

Thermal Design Power & Dynamic Power

Thermal design power (TDP) and dynamic power, amongst others, play a critical role when tuning a system. Many share a common belief that thermal design power is the maximum or average power drawn by the processor. The 48-core AMD EPYC 7642 has a TDP rating of 225W which is just as high as the 64-core AMD EPYC 7742. It comes to mind that fewer cores should translate into lower power consumption, so why is the AMD EPYC 7642 expected to draw just as much power as the AMD EPYC 7742?

Let’s take a step back and understand that TDP does not always mean the maximum or average power that the processor will draw. At a glance, Continue reading

Upcoming Events and Webinars (March 2020)

Starting with a short message to anyone interested in our on-site events in Switzerland: on March 10th we’re running our first 2020 workshop, focusing on Docker and containers.

I totally reworked the material, adding tons of new Docker networking examples (including deep dive into iptables) and a few fun things like building an Ansible container, or starting the whole NetBox stack with a single command. Even if you don’t plan to deploy containers in your production network, you might drop by just for that part.

And now for the upcoming webinars:

Upcoming Events and Webinars (March 2020)

Starting with a short message to anyone interested in our on-site events in Switzerland: on March 10th we’re running our first 2020 workshop, focusing on Docker and containers.

I totally reworked the material, adding tons of new Docker networking examples (including deep dive into iptables) and a few fun things like building an Ansible container, or starting the whole NetBox stack with a single command. Even if you don’t plan to deploy containers in your production network, you might drop by just for that part.

And now for the upcoming webinars:

Fiery Debate Ensues Over Huawei Supply Chain Risk

Google Pledges $10B Investment in Data Centers, Offices This Year

Genomics and Privacy Collide at RSA Conference

TIP Launches Radio, Takes on Open Routing, Fields Tech

Daily Roundup: Cisco SD-WAN Targets FedRAMP

Cisco security warnings include firewall holes, Nexus software weaknesses

Cisco has issued another batch of security warnings that include problems in its Firepower firewall (FXOS),  Unified Computing System (UCS) software and Nexus switch operating system (NX-OS) .Network pros react to new Cisco certification curriculum The firewall and UCS vulnerabilities all have a severity level of “high” on the Common Vulnerability Scoring System and include:To read this article in full, please click here

Airline Exec Dishes Advice to Security Vendors at RSA

VMware Automates Maestro, Grabs DT for vRAN

Juniper EVPN BGP options – eBGP-only design

In another part of his never-ending EVPN/BGP saga Ivan Pepelnjak argued with Juniper fanboys once again about sanity of iBGP-over-eBGP and eBGP-over-eBGP designs and all that fun stuff. I’ve already written my opinion about that topic in my previous post and numerous comments to Ivan’s posts (TL;DR: iBGP-over-eBGP design has its advantages, just implement it wisely – don’t place RR on spine switches).

But there is one thing that worries me. In almost every one of his posts Ivan talks about some mythical Junos limitations that don’t allow Juniper to support eBGP only (over single session) design. So let’s find out what these limitaions are.

Juniper has freely available version of vQFX for Vagrant. There are a few lab topologies available on GitHub. I will be using full-2qfx-4srv-evpnvxlan topology in this post.

This topology comes with Ansible playbook that configures vQFX switches with iBGP-over-OSPF EVPN. Standard Juniper configuration, just for reference:

YAML

Yaml- YAML Ain’t markup langauge

The devices need a standard  protocol to communicate between each other , similarly there  is requirement of specific standard data format to communicate between application .YAML is one of the data format and is best known to be human friendly  means it’s easier to understand and write  for human compare to other well know data format such as JSON and XML

YAML document starts with 3 hyphen ‘—‘ at top ,it indicate beginning of YAML  document .

We can have mix data types in YAML, let’s see with an yaml example

ex1_ya.yaml

---
IOS: CISCO
JNOS: JUNIPER
CISCO:
  - Router
  - 7600
  - True
  - ['interface','ip address']

 First and second item i.e IOS: CISCO  and JNOS: JUNIPER is dictionary where ‘IOS’ and ‘JNOS’ is key and ‘CISCO’ and ‘JUNIPER’ is respective values

Third Item too is dictionary which comprises of list having different data type as below:

    ‘Router’ is string type.

     ‘7600’  is integer type

    ‘True’ is Boolean type

    Fourth item [‘interface’,’ip address’] is list  containing strings

Working with YAML using Python

The first and foremost thing to use YAML is to install PyYAML  , it’s  a YAML parser .

anurudh@anurudh:~/newfolder$  Continue reading

APRICOT 2020: Routing Security Takes Center Stage

More than 600 of the world’s leading Internet engineers from 60 economies gathered last week at APRICOT, and it was encouraging to see routing security take center stage in the largest meeting of the technical community in the region.

The Internet Society is a long-time partner of the annual event, also called the Asia Pacific Regional Internet Conference on Operational Technologies, and this year we held two community gatherings, spoke in several sessions, and ran a booth throughout the conference.

The ten-day meeting consisted of workshops, tutorials, conference sessions, birds-of-a-feather sessions, and peering forums from 12-21 February in Melbourne, Australia. This year marked the 25th anniversary of APRICOT, and it was good to recognize how the event has grown over time and contributed to technical capacity building in the region. It also gave me the chance to reflect on my own participation in the event over the years, including from when I was in the private sector prior to my current role.

One of the things Internet builders get together for at APRICOT is to share the technical knowledge needed to run and expand the Internet securely. So it was a great opportunity to bring attention to the Mutually Continue reading

The Russians Are Coming for Your Network