Archive

Category Archives for "Russ White"

Reaction: Offensive Destruction of Attack Assets

It is certainly true that DDoS and hacking are on the rise; there have been a number of critical hacks in the last few years, including apparent attempts to alter the outcome of elections. The reaction has been a rising tide of fear, and an ever increasing desire to “do something.” The something that seems to be emerging is, however, not necessarily the best possible “something.” Specifically, governments are now talking about attempting to “wipe out” the equipment used in attacks—

Berlin was studying what legal changes were needed to allow authorities to purge stolen data from third-party servers, and to potentially destroy servers used to carry out cyber attacks. “We believe it is necessary that we are in a position to be able to wipe out these servers if the providers and the owners of the servers are not ready to ensure that they are not used to carry out attacks,” Maassen said. —Reuters

“Wiping out” (destroying?) a server because the owner cannot ensure the server will be used in a way the government agrees with—sounds like a good idea, right? And how do we make certain such laws are not extended to destroy the servers Continue reading

Troubleshooting: Models

How well can you know each of these four systems? Can you actually know them in fine detail, down to the last packet transmitted and the last bit in each packet? Can you know the flow of every packet through the network, and every piece of information any particular application pushes into a packet, or the complete set of ever changing business requirements?

Obviously the answer to these questions is no. As these four components of the network combine, they create a system that suffers from combinatorial explosion. There are far too many combinations, and far too many possible states, for any one person to actually know all of them.

How can you reduce the amount of information to some amount a reasonable human can keep in their minds? The answer—as it is with most problems related to having too much information—is abstraction. In turn, what does abstraction really mean? It really means you build a model of the system, interacting with the system through the model, rather than trying to keep all the information about every subsystem, and how the subsystems interact, in your head. So for each subsystem of the entire system, you have a model you are Continue reading

Design Resource: Shared Workspace Infrastructure

This white paper outlines solutions that can provide secure connectivity for Public Sector agencies over shared wired and wireless network infrastructures. This guide is targeted at network professionals and other personnel who assist in the design of Public Sector office networks and compliments the design patterns and principles issued by GDS Common Technology Services (CTS).

This design guide includes—

  • DMVPN
  • MPLS over DMVPN
  • Wireless and wired access control
  • 802.1x
  • Federated RADIUS

note to readers: From time to time I like to highlight solid case studies and design guides in the network engineering space; you can find past highlighted resources under design/resources in the menu.

The post Design Resource: Shared Workspace Infrastructure appeared first on rule 11 reader.

Upcoming Webinar: Open Networking

I’m doing a webinar over at IP Space next week—

Most modern data centers are still using vendor-driven “future proof” routers and switches with offering lots of (often unnecessary) capabilities. To build large, however, it is often better to build simple—radically simple. This webinar will cover the design components involved in building a data center or cloud fabric using a single, disaggregated device—the way some hyperscale and web scale operators build their networks. The first live session of the webinar will consider the benefits of disaggregated switch, focusing on the components, sources, and challenges in using disaggregated hardware and software in data center fabrics. The second live session will focus on the topologies and design concepts used in large scale data center fabrics using a single switching device as a leaf, spine and superspine switch.

This should be a fun time, and a good introduction to the disaggregation space.

The post Upcoming Webinar: Open Networking appeared first on rule 11 reader.

Troubleshooting: Basics

It’s 2AM, the network is down, and the CEO is on the phone asking when it is going to be back up—the overnight job crucial to the business opening in the morning has failed, and the company stands to lose millions of dollars if the network is not fixed in the next hour or so. Almost every network engineer has faced this problem at least once in their career, often involving intense bouts of troubleshooting.

And yet—troubleshooting is a skill that is hardly ever taught. There are a number of computer science programs that do include classes in troubleshooting, but these tend to be mostly focused on tools, rather than technique, or focused on practical skill application. I was also trained in troubleshooting many years ago as a young recruit into the United States Air Force—but the training was, again, practical in bent, with very few theoretical components.

Note to readers: I wrote a short piece on troubleshooting here on rule11, but I have taken that piece down and replaced it with this short series on the topic. I did start writing a book on this topic many years ago, but my co-authors and I soon discovered troubleshooting was going Continue reading

1 92 93 94 95 96 164