BiB083 – Forescout – Visibility For Segmentation
I'm talking about Forescout after receiving a briefing during Tech Field Day 20.
The post BiB083 – Forescout – Visibility For Segmentation appeared first on Packet Pushers.
Technology Short Take 120
Welcome to Technology Short Take #120! Wow…hard to believe it’s been almost two months since the last Tech Short Take. Sorry about that! Hopefully something I share here in this Tech Short Take is useful or helpful to readers. On to the content!
Networking
- In the event you are seeking more information on NAT hole punching, here you go. You’re welcome. (I found this link in the serverless mullet architectures post, see the “Operating Systems/Applications” section below.)
- Mohamad Alhussein shares how to filter the transit subnets from being redistributed from NSX-T to upstream physical routers (by transit subnets Alhussein is referring to the NSX-managed subnets used to connect logical routers together).
- Ahmet Alp Balkan shows how to use
mitmproxyto inspectkubectltraffic. I’m now inspired to go do this myself and see what knowledge I can gain. - Corey Quinn proclaims “BGP is a hot mess”; Ivan Pepelnjak lays out some facts.
Servers/Hardware
I don’t have anything to share this time around, but I’ll stay alert for content to include future Tech Short Takes.
Security
- This basic introduction of
firewalldas found in CentOS 8 may prove useful to some readers. I’ve been messing around withfirewalldever since Continue reading
Five Minutes To Magic Time
Have you ever worked with someone that has the most valuable time in the world? Someone that counts each precious minute in their presence as if you’re keeping them from something very, very important that they could use to solve world hunger or cure cancer? If you haven’t then you’re a very lucky person indeed. Sadly, almost everyone, especially those in IT, has had the misfortune to be involved with someone whose time is more precious than platinum-plated saffron.
That’s not to say that we should be wasting the time of those we work with. Simple things like being late to meetings or not having your materials prepared are easy ways to help reduce the time of meetings or to make things run smoothly. Those items are common courtesies that should be extended to all the people you meet, from the cashier that takes your order at a fast food establishment to the most powerful people on the planet. No, this is about something deeper and more insidious.
No Time For Hugs
I’ve seen the kind of behavior I’ve described very often in the higher echelons of companies. People that live at the CxO level often have very little time Continue reading
Heavy Networking 488: Using Genetic Algorithms To Avoid Internet Censorship
Today's Heavy Networking dives into a research project, Geneva, that uses genetic algorithms to evade Internet censorship. The project was developed at the University of Maryland. We drill into how it works with guests Dr. David Levin and graduate student Kevin Bock from the University of Maryland.
The post Heavy Networking 488: Using Genetic Algorithms To Avoid Internet Censorship appeared first on Packet Pushers.
New Applications, More Users Drive Bright Outlook for HPC
According to Hyperion Research, 2018 was a banner year for the high performance computing industry. …
New Applications, More Users Drive Bright Outlook for HPC was written by Michael Feldman at The Next Platform.
Nokia Argues Cloud Native Is Essential to 5G Core
Nokia outlined five key business objectives for 5G that can only be delivered by a cloud-native...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Arm Supercomputer Captures The Energy Efficiency Crown
When it comes to energy-efficient supercomputing, sometimes less is more. That was illustrated this week by Fujitsu with its A64FX prototype, which captured the top spot on the Green500 list. …
Arm Supercomputer Captures The Energy Efficiency Crown was written by Michael Feldman at The Next Platform.
A10 Hires New CEO, No Word on Potential Sale
Almost four months after announcing that its founding CEO Lee Chen was on his way out, A10 Networks...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Recommended Networking Resources for September 2019 First Week
I would like to share with you every week some networking resources , can be video , article , book , diagram , another website etc.
Whatever I believe can be useful for the computer network engineers, mobile network providers, satellite engineers ,transmission experts, datacenter engineers, basically whatever I am interested in and I like, I will share in a blog post.
There will not be any order of importance among the resources. You can open and go through anyone you want.
I will try to limit the list with 5 resources as I want you to read the posts that I publish on the website. Sometimes can be more than 5 though!
Let’s get started!
TCP vs QUIC – Quic is a new transport protocol I think everyone should have a look at. What are the high level differences between them etc.
TCP vs QUIC: A New Transport Protocol
2. Below post explains how BGP As-Path prepending , when it is done more than couple times , can be dangerous for the attacks on BGP information security
Excessive BGP AS-PATH prepending is a self-inflicted vulnerability
3. This presentation is one of the best presentation about BGP Continue reading
Weekly Wrap: Palo Alto Networks Leaps Into SASE Market
SDxCentral Weekly Wrap for Nov. 22, 2019: The burgeoning SASE market lures another entrant; Nokia...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Video: Breaking the End-to-End Principle
Original TCP/IP and OSI network stacks had relatively clean layered architecture (forgetting the battle scars for the moment) and relied on end-to-end principle to keep the network core simple.
As always, no good deed goes unpunished - “creative” individuals trying to force-fit their mis-designed star-shaped pegs into round holes, and networking vendors looking for competitive advantage quickly destroyed the idea with tons of middlebox devices, ranging from firewalls and load balancers to NAT, WAN optimization, and DPI monstrosities.
You need free ipSpace.net subscription to watch the video, or a paid ipSpace.net subscriptions to watch the whole How Networks Really Work webinar.
PlanAlyzer: assessing threats to the validity of online experiments
PlanAlyzer: assessing threats to the validity of online experiments Tosch et al., OOPSLA’19
It’s easy to make experimental design mistakes that invalidate your online controlled experiments. At an organisation like Facebook (who kindly supplied the corpus of experiments used in this study), the state of art is to have a pool of experts carefully review all experiments. PlanAlyzer acts a bit like a linter for online experiment designs, where those designs are specified in the PlanOut language.
We present the first approach for statically checking the internal validity of online experiments. Our checks are based on well-known problems that arise in experimental design and causal inference… PlanAlyzer checks PlanOut programs for a variety of threats to internal validity, including failures of randomization, treatment assignment, and causal sufficiency.
As well as pointing out any bugs in the experiment design, PlanAlyzer will also output a set of contrasts — comparisons that you can safely make given the design of the experiment. Hopefully the comparison you wanted to make when you set up the experiment is in that set!
Experimental design with PlanOut
PlanOut is a open source framework for online field experiments, developed by and extensively used at Facebook. To quote Continue reading
Go Notes: Arrays
Arrays are a collection of values of the same type. go // create an array that can hold 2 elements var stuff [2]string // assign values to the array stuff[0] = "blah" stuff[1] = "bleh" // shortcut to create an array and assign values stuff := [2]string // let the go compiler dynamically...Go Notes: Arrays
All about arrays in Golang.Liqid, Western Digital Demo Composable NVMe-oF
Western Digital and Liqid demonstrated the ability to orchestrate NVMe over Fabrics across...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
KubeCon 2019 Day 3 and Event Summary
Keynotes
Bryan Liles kicked off the day 3 morning keynotes with a discussion of “finding Kubernetes’ Rails moment”—basically focusing on how Kubernetes enables folks to work on/solve higher-level problems. Key phrase from Bryan’s discussion (which, as usual, incorporated the humor I love to see from Bryan): “Kubernetes isn’t the destination. Kubernetes is the vehicle that takes us to the destination.” Ian Coldwater delivered a talk on looking at Kubernetes from the attacker’s point of view, and using that perspective to secure and harden Kubernetes. Two folks from Walmart also discussed their use case, which involves running Kubernetes clusters in retail locations to support a point-of-sale (POS) application at the check-out register. Finally, there was a discussion of chaos engineering from folks at Gremlin and Target.
No Breakout Sessions
Due to booth duty and my flight home, I wasn’t able to attend any breakout sessions today.
Event Summary
If I’m completely honest, I didn’t get as much out of the event as I’d hoped. I’m not yet sure if that is because I didn’t get to attend as many sessions as I’d hoped/planned (due to problems with sessions being moved/rescheduled or whatever), if my choice of sessions was just poor, Continue reading
Extreme Embeds Fabric Automation on Broadcom-Based Switches
“Everybody does automation,” Extreme’s Dan DeBacker said. “But we believe we’re the only...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Real-time monitoring at terabit speeds
400GE First Data Networks: Caltech, Starlight/NRL, USC, SCinet/XNET, Ciena, Mellanox, Arista, Dell, 2CRSI, Echostreams, DDN and Pavilion Data, as well as other supporting optical, switch and server vendor partners will demonstrate the first fully functional 3 X400GE local ring network as well as 400GE wide area network ring, linking the Starlight and Caltech booths and Starlight in Chicago. This network will integrate storage using NVMe over Fabric, the latest high throughput methods, in-depth monitoring and realtime flow steering. As part of these demonstrations, we will make use of the latest DWDM, Waveserver Ai, and 400GE as Continue reading