Vodafone UK Pins 5G Launch Plans on July 3

Meeting Madness, ONUG, and Software Defining All The Things

We’re going back to our roots here at Network Collective and that means we’re going to be spending more time chatting and less time with agendas. In this episode we discuss Russ’s impression of ONUG 2019 in Dallas, the team’s take on solving problems in a meeting, the value of meetings in general, and the slow but steady rise of SDN adoption in the enterprise.

Jordan Martin

Host

Eyvonne Sharp

Host

Russ White

Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post Meeting Madness, ONUG, and Software Defining All The Things appeared first on Network Collective.

Announcing Cloudflare Image Resizing: Simplifying Optimal Image Delivery

In the past three years, the amount of image data on the median mobile webpage has doubled. Growing images translate directly to users hitting data transfer caps, experiencing slower websites, and even leaving if a website doesn’t load in a reasonable amount of time. The crime is many of these images are so slow because they are larger than they need to be, sending data over the wire which has absolutely no (positive) impact on the user’s experience.

To provide a concrete example, let’s consider this photo of Cloudflare’s Lava Lamp Wall:

On the left you see the photo, scaled to 300 pixels wide. On the right you see the same image delivered in its original high resolution, scaled in a desktop web browser. They both look exactly the same, yet the image on the right takes more than twenty times more data to load. Even for the best and most conscientious developers resizing every image to handle every possible device geometry consumes valuable time, and it’s exceptionally easy to forget to do this resizing altogether.

Today we are launching a new product, Image Resizing, to fix this problem once and for all.

Announcing Image Resizing

With Image Resizing, Cloudflare Continue reading

BrandPost: What’s a Mobile-First Support Strategy, and Why Do You Need One?

Remote support has long been offered to customers on desktops and laptops, but with the rise of mobile devices, times are changing. If you haven’t already considered a mobile-first support strategy, now’s the time to create one.Most people spend an average of 5 hours a day on their mobile devices, a statistic that you won’t find too surprising if you’re reading this on a mobile device. Increasingly, we rely on our mobile devices in our personal and work lives, and in many cases, customers are ditching their laptops and moving entirely to mobile.It stands to reason that if mobile is where customers are, support teams should be there too. The problem is, remote support was originally created for desktops and is often offered through channels that aren’t always readily available to mobile users, like live chat. That’s why it makes sense for support teams to look at remote support from the other side: mobile-first. This allows you to create a remote support experience that’s consistent across web and mobile, including how tickets feed into the same queue for fast resolution, and how diagnostic data is presented for the device, operating system, network, and more. Doing so enables your Continue reading

4 vulnerabilities and exposures affect Intel-based systems; Red Hat responds

Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs): CVE-2018-12126 - a flaw that could lead to information disclosure from the processor store buffer CVE-2018-12127 - an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline CVE-2018-12130 - the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer CVE-2019-11091 - a flaw in the implementation of the "fill buffer," a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache [ Also read: Linux hardening: a 15-step checklist for a secure Linux server ] Red Hat customers should update their systems Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.To read this article in full, please click here

4 vulnerabilities and exposures affect Intel-based systems; Red Hat responds

Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs): CVE-2018-12126 - a flaw that could lead to information disclosure from the processor store buffer CVE-2018-12127 - an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline CVE-2018-12130 - the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer CVE-2019-11091 - a flaw in the implementation of the "fill buffer," a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache [ Also read: Linux hardening: a 15-step checklist for a secure Linux server ] Red Hat customers should update their systems Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.To read this article in full, please click here

Riverbed Updates Performance Management, SD-WAN, End-User Monitoring

TM Forum Open Digital Framework Targets 5G Migration

Heavy Networking 449: Web Application Firewall Fundamentals

Today's Heaving Networking episode delves into Web application firewalls (WAFs) with guest Scott Hogg. We examine how WAFs differ from typical firewalls, the security problems they're trying to solve, how attackers try to bypass them, operational challenges, WAFs and cloud applications, and more.

The post Heavy Networking 449: Web Application Firewall Fundamentals appeared first on Packet Pushers.

Bathwater and Hyperscalers

Russ White recently wrote an interesting blog post claiming how we should not ignore any particular technology just because it was invented by a hyperscaler illustrating his point with a half-dozen technologies that were first used by NASA.

However, there are “a few” details he glossed over:

Las Vegas targets transport, public safety with IoT deployments

The city of Las Vegas’ pilot program with NTT and Dell, designed to crack down on wrong-way driving on municipal roads, is just part of the big plans that Sin City has for leveraging IoT tech in the future, according to the city's director of technology Michael Sherwood., who sat down with Network World at the IoT World conference in Silicon Valley this week.The system uses smart cameras and does most of its processing at the edge, according to Sherwood. The only information that gets sent back to the city’s private cloud is metadata – aggregated information about overall patterns, for decision-making and targeting purposes, not data about individual traffic incidents and wrong-way drivers.To read this article in full, please click here

Git Attack Hit Weak Credentials

Not All SD-WANs Are Created Equal

Thrangrycat Attacks Cisco Switches, Routers, Firewalls

WhatsApp: How a Bug Relates to the G7

On 13 May, more than a billion users saw the messaging application WhatsApp being updated. At the same time reports appeared that a vulnerability had been used in attacks that targeted an unknown but select number of users and was orchestrated by an advanced cyber actor.

Facebook, the owner of WhatsApp, reported it fixed a vulnerability – a buffer overflow, a fairly well known type of vulnerability – that was, according to media (see references  below), used in the spyware product Pegasus from the NSO Group, an Israeli company that sells spyware to governments and intelligence agencies all around the world.

Two observations:

• Despite best efforts, bugs in software exist – if critical bugs in global communication systems are found they can have a global impact. There are two additional observations that come with that:
  • WhatsApp is a valuable target, if bugs exist they will be found and exploited.
  • A process that allows for bugs to be reported, promptly fixed, and automatically rolled out are crucial elements to maintain (or restore) trust in this sort of software. There are sectors of the industry (anybody listening in IoT land?) that can learn from how this is handled by Facebook.
• The Continue reading

On the ‘net: Dial Banks

In the early 1990’s, several large network equipment vendors sold equipment targeted at large scale dial banks, including Cisco, ADTRAN, and Cabletron. These servers were often tied to banks of modems on one side, and to servers of some sort on the other, creating a dial bank. Dial banks grew in scale and sophistication on the back of Bulletin Board Systems (BBSs), run by dedicated system operators (SYSOPs) for the support of individual communities. At one time, there were tens of thousands, potentially even hundreds of thousands, of these systems in the United States alone, serving large communities of users. @ECI LighTALK

Verizon Launches NB-IoT Network for Fixed Use Cases

Parallel streaming of progressive images

Progressive image rendering and HTTP/2 multiplexing technologies have existed for a while, but now we've combined them in a new way that makes them much more powerful. With Cloudflare progressive streaming images appear to load in half of the time, and browsers can start rendering pages sooner.

In HTTP/1.1 connections, servers didn't have any choice about the order in which resources were sent to the client; they had to send responses, as a whole, in the exact order they were requested by the web browser. HTTP/2 improved this by adding multiplexing and prioritization, which allows servers to decide exactly what data is sent and when. We’ve taken advantage of these new HTTP/2 capabilities to improve perceived speed of loading of progressive images by sending the most important fragments of image data sooner.

This feature is compatible with all major browsers, and doesn’t require any changes to page markup, so it’s very easy to adopt. Sign up for the Beta to enable it on your site!

What is progressive image rendering?

Basic images load strictly from top to bottom. If a browser has received only half of an image file, it can show only the top Continue reading

Data Breaches Are the New Normal. Encryption Should Be, Too

BrandPost: Brillio and Blue Planet Partner to Bring Network Automation to the Enterprise

Rick Hamilton, Senior Vice President, Blue Planet Software Rick Hamilton, senior vice president of Blue Planet, a division of Ciena, explains how partnering with Brillio brings the next generation of network capabilities to enterprises—just when they need it most.In February 2019, we announced that Blue Planet was evolving into a more independent division, helping us increase our focus on innovative intelligent automation solutions that help our enterprise and service provider customers accelerate and achieve their business transformation goals. To read this article in full, please click here