BrandPost: SD-WAN is Critical for IoT

The Internet of Things (IoT) is everywhere and its use is growing fast. IoT is used by local governments to build smart cities. It’s used to build smart businesses. And, consumers are benefitting as it’s built into smart homes and smart cars. Industry analyst first estimates that over 20 billion IoT devices will be connected by 2020. That’s a 2.5x increase from the more than 8 billion connected devices in 2017*. Manufacturing companies have the highest IoT spend to date of industries while the health care market is experiencing the highest IoT growth. By 2020, 50 percent of IoT spending will be driven by manufacturing, transportation and logistics, and utilities.To read this article in full, please click here

Five Functional Facts About AWS Service Control Policies

Following on the heels of my previous post, Five Functional Facts about AWS Identity and Access Management, I wanted to dive into a separate, yet related way of enforcing access policies in AWS: Service Control Policies (SCPs).

SCPs and IAM policies look very similar–both being JSON documents with the same sort of syntax–and it would be easy to mistake one for the other. However, they are used in different contexts and for different purposes. In this post, I’ll explain the context where SCPs are used and why they are used (and even why you’d use SCPs and IAM policies together).

Read on, dear reader!

1 – SCPs scope the permissions an AWS account has

To properly describe SCPs, I need to introduce a new service: AWS Organizations. Organizations is a service that is used to bring multiple AWS accounts together under a common management structure. For example, if you wanted to enforce the use of encryption on S3 buckets across all the AWS accounts used within your company, you could do that via AWS Organizations. Additional benefits of Organizations include consolidated billing, integration with certain services such as AWS CloudTrail, and streamlined sharing of resources between accounts using Continue reading

Building Automation Device Inventory with Open Source Tools

This blog post was initially sent to subscribers of my SDN and Network Automation mailing list. Subscribe here.

One of the common questions we get in the Building Network Automation Solutions online course is “how do I create device inventory if I don’t know (exactly) what devices are in my network?”… prompting one of the guest speakers to reply “could it really be that bad?” (yes, sometimes it is).

Some of the students tried to solve the challenge with Ansible. While that might eventually work (given enough effort), Ansible definitely isn’t the right tool for the job.

What you need to get the job done is a proper toolchain:

Read more ...

Distributed consensus revised – Part I

Distributed consensus revised Howard, PhD thesis

Welcome back to a new term of The Morning Paper! To kick things off, I’m going to start by taking a look at Dr Howard’s PhD thesis, ‘Distributed consensus revised’. This is obviously longer than a standard paper, so we’ll break things down over a few days. As the title suggests, the topic in hand is distributed consensus:

Single-valued agreement is often overlooked in the literature as already solved or trivial and is seldom considered at length, despite being a vital component in distributed systems which is infamously poorly understood… we undertake an extensive examination of how to achieve consensus over a single value.

What makes this much harder than it might at first appear of course, is the possibility of failures and asynchronous communication. In the face of this, an algorithm for consensus must meet three safety requirements and two progress requirements:

  • Non-triviality: the decided value must have been proposed by a participant (so for example, solutions which always choose a fixed pre-determined value are not acceptable)
  • Safety: if a value has been decided, no other value will be decided
  • Safe learning: if a participant learns a value, it must Continue reading

Five Functional Facts About AWS Service Control Policies

Following on the heels of my previous post, Five Functional Facts about AWS Identity and Access Management, I wanted to dive into a separate, yet related way of enforcing access policies in AWS: Service Control Policies (SCPs).

SCPs and IAM policies look very similar—both being JSON documents with the same sort of syntax—and it would be easy to mistake one for the other. However, they are used in different contexts and for different purposes. In this post, I'll explain the context where SCPs are used and why they are used (and even why you'd use SCPs and IAM policies together).

Read on, dear reader!

D-Star is a closed system

What is the point of amateur radio? To learn about radio, propagation, the electromagnetic spectrum in general. To understand how it works, and maybe even build or modify your own equipment. The license, after all, is the only legal way to use the electromagnetic spectrum at interesting power levels.

In order to learn we must be able to inspect; To tinker, or at the very least have access to a specification we can build from.

Some amateur radio operators seem to complain that people don’t build their own radios anymore. That they just buy a box and antenna and are now consumers. This is not what I’m talking about here. First, you know in principle how your radio works. And you could build one that could replace it. Would it be as good as a modern fancy rig? Of course not. It wouldn’t be as good, but you could build one, and you could use it just as well as the bought one.

And if you learn enough, and tweak enough with the rig and antenna system, you could build something better for your particular environment.

When I first learned that D-Star used a proprietary voice codec I couldn’t understand Continue reading

Cisco boosts SD-WAN with multicloud-to-branch access system

Cisco is looking to give traditional or legacy wide-area network users another reason to move to the software-defined WAN world.The company has rolled out an integrated hardware/software package called SD-WAN Cloud onRamp for CoLocation that lets customers tie distributed multicloud applications back to a local branch office or local private data center. The idea is that a cloud-to-branch link would be shorter, faster and possibly more secure that tying cloud-based applications directly all the way to the data center.  More about SD-WANTo read this article in full, please click here

Cisco boosts SD-WAN with multicloud-to-branch access system

Cisco is looking to give traditional or legacy wide-area network users another reason to move to the software-defined WAN world.The company has rolled out an integrated hardware/software package called SD-WAN Cloud onRamp for CoLocation that lets customers tie distributed multicloud applications back to a local branch office or local private data center. The idea is that a cloud-to-branch link would be shorter, faster and possibly more secure that tying cloud-based applications directly all the way to the data center.  More about SD-WANTo read this article in full, please click here

Throwing the baby out with the bathwater (No, you’re not Google, but why does this matter?)

It was quite difficult to prepare a tub full of bath water at many points in recent history (and it probably still is in some many parts of the world). First, there was the water itself—if you do not have plumbing, then the water must be manually transported, one bucket at a time, from a stream, well, or pump, to the tub. The result, of course, would be someone who was sweaty enough to need the forthcoming bath. Then there is the warming of the water. Shy of building a fire under the tub itself, how can you heat enough water quickly enough to make the eventual bathing experience? According to legend, this resulted in the entire household using the same tub of water to bathe. The last to bathe was always the smallest, the baby. By then, the water would be murky with dirt, which means the child could not be seen in the tub. When the tub was thrown out, then, no-one could tell if the baby was still in there.

But it doesn’t take a dirty tub of water to throw the baby out with the bath. All it really takes is an unwillingness to learn from Continue reading

Talking Internet of Things in Canada at IoT613 This Week

This week, 8-9 May, we’ll be at IoT613 in Ottawa, Canada, talking about our work on “Trust by Design” – the idea that privacy and security should be built into Internet-connected products, and not just an afterthought. We have been working with manufacturers to embrace the Online Trust Alliance’s IoT Trust Framework, which identifies the core requirements manufacturers, service providers, distributors/purchasers and policymakers need to understand, assess and embrace for effective IoT security and privacy. We also work to encourage consumers to demand security and privacy and to help policymakers create a policy environment that strengthens trust and enables innovation.

This week in Ottawa, we’ll have an Internet Society booth at the event both days, and on 9 May, Mark Buell, North American Bureau Director, will be part of an “IoT in Canada” panel that will “explore current IoT trends in Canada, identify the benefits of IoT for businesses and citizens and find out how Canada’s IoT ecosystem stacks up compared to the rest of the world.” Mark will speak about the Canadian Multistakeholder Process: Enhancing IoT Security, an Internet Society-led initiative to develop a broad-reaching policy to govern the security of the IoT for Continue reading

1 1,235 1,236 1,237 1,238 1,239 3,835