Archive

Category Archives for "Networking"

How we made Firewall Rules

How we made Firewall Rules
How we made Firewall Rules

Recently we launched Firewall Rules, a new feature that allows you to construct expressions that perform complex matching against HTTP requests and then choose how that traffic is handled. As a Firewall feature you can, of course, block traffic. The expressions we support within Firewall Rules along with powerful control over the order in which they are applied allows complex new behaviour.

In this blog post I tell the story of Cloudflare’s Page Rules mechanism and how Firewall Rules came to be. Along the way I’ll look at the technical choices that led to us building the new matching engine in Rust.

The evolution of the Cloudflare Firewall

Cloudflare offers two types of firewall for web applications, a managed firewall in the form of a WAF where we write and maintain the rules for you, and a configurable firewall where you write and maintain rules. In this article, we will focus on the configurable firewall.

One of the earliest Cloudflare firewall features was the IP Access Rule. It dates backs to the earliest versions of the Cloudflare Firewall and simply allows you to block traffic from specific IP addresses:

if request IP equals 203.0.113.1 then block  Continue reading

CCIE relevancy: Is Cisco’s venerable network certification on top of programmability, automation trends?

WAVE Life Sciences was barreling toward its commercial launch when it hit a critical speedbump. The company’s network, a key part of the launch, received a negative assessment and would need to be re-architected. Anthony Murabito, vice president of IT at the Cambridge, Mass. biotechnology company, only wanted one thing from the IT pros that would be helping him fix the issue fast – to be Cisco Certified Internetwork Experts (CCIE).“We needed to do a major refresh and replacement on our network and, when I looked around, I had no network skills available in the organization,” Murabito says. Cisco’s top-tier certification would serve for Murabito and his hiring team as an indicator of a candidate’s expertise.To read this article in full, please click here

BrandPost: Can SD-WAN Help Overcome IT Skill Shortages?

The primary driver cited is an aging worker pool and the overwhelming male makeup of this sector.Other factors contributing to skill shortages include a lack of: Hybrid IT skills New skills like managing SLAs for off-premise workloads Software skills with adoption of software-defined technologies Fewer young men and women entering the field How is this affecting branch office networks? The data center IT skill set shortage is spilling over from the data center to the management and administration of branch office infrastructure. The two go hand in hand as most skills are leveraged across both areas; branch office networks are merely a “miniature architecture” of the data center network. Branch office networks typically include switches, routers, WAN optimization appliances, firewalls, and other networking gear that all require similar IT knowledge and skills as the data center.To read this article in full, please click here

Is Cisco’s CCIE certificate relevant any more?

WAVE Life Sciences was barreling toward its commercial launch when it hit a critical speedbump. The company’s network, a key part of the launch, received a negative assessment and would need to be re-architected. Anthony Murabito, vice president of IT at the Cambridge, Mass. biotechnology company, only wanted one thing from the IT pros that would be helping him fix the issue fast – to be Cisco Certified Internetwork Experts (CCIE).To read this article in full, please click here(Insider Story)

Is Cisco’s CCIE certificate relevant anymore?

WAVE Life Sciences was barreling toward its commercial launch when it hit a critical speedbump. The company’s network, a key part of the launch, received a negative assessment and would need to be re-architected. Anthony Murabito, vice president of IT at the Cambridge, Mass. biotechnology company, only wanted one thing from the IT pros that would be helping him fix the issue fast – to be Cisco Certified Internetwork Experts (CCIE).To read this article in full, please click here(Insider Story)

Upcoming ipSpace.net Events and Webinars (March 2019)

We’re starting the Spring 2019 workshop season in March with open-enrollment workshops in Zurich (Switzerland). It was always hard to decide which workshop to do (there are so many interesting topics), so we’ll do two of them in the same week:

Rachel Traylor will continue her Graph Theory webinar on March 7th with a topic most relevant to networking engineers: trees, spanning trees and shortest-path trees, and I’ll continue with two topics I started earlier this year:

Read more ...

A quick look at QUIC

Quick UDP Internet Connection (QUIC) is a network protocol initially developed and deployed by Google, and now being standardized in the Internet Engineering Task Force. In this article we’ll take a quick tour of QUIC, looking at what goals influenced its design, and what implications QUIC might have on the overall architecture of the Internet Protocol.

Replacement Strips for Screen Privacy Filter

I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my code is Open Source, but other content is proprietary. High chance of competitors being on the same plane as me, so better to make it harder for others to see.

The only problem with these screens is that if you frequently take it off like I do, the adhesive strips collect dust, and stop sticking after a while. Recently someone asked me how to get them replaced.

3M does not sell replacement strips…but they do something even better: they give them away for free. Pretty cool ah?

Just go here, fill in the details, and they’ll send you some more. How good is that?

Replacement Strips for Screen Privacy Filter

I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my code is Open Source, but other content is proprietary. High chance of competitors being on the same plane as me, so better to make it harder for others to see.

The only problem with these screens is that if you frequently take it off like I do, the adhesive strips collect dust, and stop sticking after a while. Recently someone asked me how to get them replaced.

3M does not sell replacement strips…but they do something even better: they give them away for free. Pretty cool ah?

Just go here, fill in the details, and they’ll send you some more. How good is that?

Replacement Strips for Screen Privacy Filter

I use a Privacy Filter on my laptop screen when traveling. I’m doing a bit of time on planes these days, and it makes a big difference. Most of my code is Open Source, but other content is proprietary. High chance of competitors being on the same plane as me, so better to make it harder for others to see.

The only problem with these screens is that if you frequently take it off like I do, the adhesive strips collect dust, and stop sticking after a while. Recently someone asked me how to get them replaced.

3M does not sell replacement strips…but they do something even better: they give them away for free. Pretty cool ah?

Just go here, fill in the details, and they’ll send you some more. How good is that?

Full Stack Journey 029: The Ballerina Programming Language With Anjana Fernando

Today's Full Stack Journey podcast dances with Ballerina, a cloud-native programming language introduced by WSO2. My guest is Anjana Fernando, who has been involved in Ballerina since its inception. We discuss use cases and compare Ballerina to languages such as Java and Golang.

The post Full Stack Journey 029: The Ballerina Programming Language With Anjana Fernando appeared first on Packet Pushers.

Weekend Reads 030119

The tradeoff is that users’ credentials are then centrally stored and managed, typically protected by a single master password to unlock a password manager data store. With the rising popularity of password manager use it is safe to assume that adversarial activity will target the growing user base of these password managers. Table 1, below, outlines the number of individual users and business entities for each of the password managers we examine in this paper.

Imagine that you’re about to give a presentation in front of your entire organization. If you have ever been anxious in a situation where the stakes are high, you’ve probably received well-meaning advice: Calm down. Take deep breaths. Think positively, and you will nail this. —Barry Brownstein

“Photographs furnish evidence,” wrote Susan Sontag in On Photography. “A photograph passes for incontrovertible proof that a given thing happened.” Sontag went on to write of how photographs can misrepresent situations. But do they even have to show real objects? —Ben Sixsmith

Scammers tend to be skilled at finding the most vulnerable individuals and turning them into victims. Case in point: Researchers at Proofpoint have been tracking campaigns that prey on those looking for work. The payoff Continue reading

1 991 992 993 994 995 3,345