How to fix insecure LDAP binds

Prevent Windows admin credentials from being exposed in cleartext with this tip.

Do We Need Math in Networking?

I should have known better, but I couldn’t resist being pulled into a Twitter spat around the question “whether networking engineers need to know something about math” a long while ago.

Before going into the details, let’s start with Wikipedia definition: “Engineering is the use of scientific principles to design and build machines, structures, and other things” including “specific emphasis on particular areas of applied mathematics, applied science, and types of application”.

So feel free to believe that you don’t need any math or other science (because there’s very little science behind what we do in networking) in your job, in which case you might want to stop reading… but then at least please think twice about your job title.

Price of NAND memory chips projected to rise up to 40%

Sources in Asian memory chipmakers are projecting that NAND flash contract prices will rise by 40% in 2020 due to product ramps and increased demand, according to the Taiwanese publication DigiTimes.The article, now locked behind a subscription wall, cited sources at Taiwanese memory makers. However, the biggest makers of NAND flash are not Taiwanese, like Samsung, Toshiba, and Micron. This would impact memory cards, USB flash drives, and solid-state drives. It noted the contract price of SSDs had been falling for a few years and only started to rise after production issues reduced NAND output in the second quarter of 2019.To read this article in full, please click here

Price of NAND memory chips projected to rise up to 40%

Sources in Asian memory chipmakers are projecting that NAND flash contract prices will rise by 40% in 2020 due to product ramps and increased demand, according to the Taiwanese publication DigiTimes.The article, now locked behind a subscription wall, cited sources at Taiwanese memory makers. However, the biggest makers of NAND flash are not Taiwanese, like Samsung, Toshiba, and Micron. This would impact memory cards, USB flash drives, and solid-state drives. It noted the contract price of SSDs had been falling for a few years and only started to rise after production issues reduced NAND output in the second quarter of 2019.To read this article in full, please click here

FCC Chair Sets Ambitious 5G Goals for 2020

flexiWAN Open Source SD-WAN Platform Hits GA

Decentralized Calico Network Security Policy Deployment for GitOps – Part 2

In part 1 of the GitOps blog series, we discussed the value of using GitOps for Calico policies, and how to roll out such a framework. In this second part of the series, we will expand the scope to include decentralized deployment and GitOps.

We see different personas among our customers deploying three types of controls:

1. Cluster hardening policies are enforced and controlled by the platform admin
2. Organizational security controls are enforced and controlled by the security admin
3. Each application team may have their own unique requirements. This is controlled by the DevOps admin for the specific application.

This is different from the traditional firewall world, where the security admin is responsible for managing security policies, and the change management window could be several weeks in duration. Adopting that model in Kubernetes is simply counter to the very principles of enabling the developers. So how can we make policy creation and enforcement simple, yet adhere to organizational processes? The answer lies in simple tooling, GitOps and governance.

Policies have business logic that must be implemented in YAML. The business logic (allow access for service A to service B, open port 443 inbound on service B, permit access to slack webhook Continue reading

Decentralized Calico Network Security Policy Deployment for GitOps – Part 2

In part 1 of the GitOps blog series, we discussed the value of using GitOps for Calico policies, and how to roll out such a framework. In this second part of the series, we will expand the scope to include decentralized deployment and GitOps.

We see different personas among our customers deploying three types of controls:

1. Cluster hardening policies are enforced and controlled by the platform admin
2. Organizational security controls are enforced and controlled by the security admin
3. Each application team may have their own unique requirements. This is controlled by the DevOps admin for the specific application.

This is different from the traditional firewall world, where the security admin is responsible for managing security policies, and the change management window could be several weeks in duration. Adopting that model in Kubernetes is simply counter to the very principles of enabling the developers. So how can we make policy creation and enforcement simple, yet adhere to organizational processes? The answer lies in simple tooling, GitOps and governance.

Policies have business logic that must be implemented in YAML. The business logic (allow access for service A to service B, open port 443 inbound on service B, permit access to slack webhook Continue reading

Broadcom Sells Accenture Symantec Security Services Biz

Intel Showcases AI Strategy for 5G, Intelligent Edge

8 best practices for all-flash storage

IT Central Station offers advice from users of HPE Nimble Storage on how to work optimally with all-flash storage arrays.

8 best practices for all-flash storage

IT Central Station offers advice from users of HPE Nimble Storage on how to work optimally with all-flash storage arrays.

Adaptiv Absorbs LiveQoS to Accelerate SD-WAN

Iran Cyberattacks Targeting US Companies Imminent, Experts Warn

Johnsonville Sausage makes cutting-edge links with SD-WAN

About a year ago it was becoming clear to Johnsonville Sausage’s IT department that it had to modernize its wide area network to get costs down and simplify the overall enterprise network environment to effectively move the business forward. To read this article in full, please click here(Insider Story)

Johnsonville Sausage cuts MPLS costs with SD-WAN

About a year ago it was becoming clear to Johnsonville Sausage’s IT department that it had to modernize its wide area network to get costs down and simplify the overall enterprise network environment to effectively move the business forward. The company embarked on a two-pronged path that moved its US and global business and industrial networks toward a software-defined WAN (SD-WAN) environment -- eliminating costly MPLS links -- and a more automated, controlled system that has restored quality of life back to IT, said  Johnsonville Sausage Global Network Operations Manager Anthony Wild.To read this article in full, please click here

Johnsonville Sausage makes cutting-edge links with SD-WAN

About a year ago it was becoming clear to Johnsonville Sausage’s IT department that it had to modernize its wide area network to get costs down and simplify the overall enterprise network environment to effectively move the business forward. To read this article in full, please click here(Insider Story)

Johnsonville Sausage cuts MPLS costs with SD-WAN

About a year ago it was becoming clear to Johnsonville Sausage’s IT department that it had to modernize its wide area network to get costs down and simplify the overall enterprise network environment to effectively move the business forward. The company embarked on a two-pronged path that moved its US and global business and industrial networks toward a software-defined WAN (SD-WAN) environment -- eliminating costly MPLS links -- and a more automated, controlled system that has restored quality of life back to IT, said  Johnsonville Sausage Global Network Operations Manager Anthony Wild.To read this article in full, please click here

Deep Dive: How Does the Consumer Sector Score on Privacy and Security?

In April 2019 the Internet Society’s Online Trust Alliance released its 10th annual Online Trust Audit & Honor Roll. The Audit looks at the security and privacy practices of over 1,000 of the top sites on the Internet from retailers to government sites. In this post we will take a deeper dive into the Consumer section of the Audit. The Consumer section is a diverse set of sites including travel sites, hotels, and dating sites (see the methodology of the report for the full list).

In 2018 the Consumer section improved its standings with 85% making the honor roll, up from 76% in 2017. This was largely due to improvements in email security. Despite these gains in overall email security, TLS 1.3 adoption was actually down in 2018 (largely due to a change in the list of retail sites). Despite this OTA advocates the adoption of TLS 1.3.

Where these sites did stand out, compared to other sectors, was in privacy scores. Overall, the Consumer sector scored 43 out of 55 on their privacy tracker score, among the highest of any sector, and 33 out of 55 on their privacy statement, also among the highest.

The Consumer section Continue reading

AMD Boasts First Mainstream 64-Core Processor at CES