Technology Short Take 112

Welcome to Technology Short Take #112! It’s been quite a while since the last one, as life and work have been keeping me busy. I have, however, finally managed to pull together this list of links and articles from around the Internet, and I hope that something I’ve included here proves useful to readers.

Networking

Servers/Hardware

Nothing this time around! I’ll stay alert for content I can include next time.

Security

Using Faucet to Build SC18 Network with OpenFlow

Remember how Nick Buraglio tried to use OpenDaylight to build a small part of SuperComputing conference network… and ended up with a programmable patch panel?

This time he repeated the experiment using Faucet SDN Controller – an OpenFlow controller focused on getting the job done – and described his experience in Episode 101 of Software Gone Wild.

We started with the usual “what problem were you trying to solve” and quickly started teasing apart the architecture and got geekily focused on interesting things like:

Read more ...

BrandPost: 5-Minute Breakdown: Wi-Fi 6

The Wi-Fi Alliance has announced the standard for the next-generation of Wi-Fi and that standard is Wi-Fi 6.The first thing that people are thrown off by is the newer, uncommon naming convention. From basic consumers to techies alike, we are used to the 802.11 technology designations. I'm not saying the naming didn’t exist before, but the 802.11 standards designation was much more commonly used. To break it down simply, here is what Wi-Fi 6 translates to along with other well-known technologies: Wi-Fi 6→ 802.11ax Wi-Fi 5→ 802.11ac Wi-Fi 4→ 802.11n Wi-Fi 3→ 802.11g Wi-Fi 2→ 802.11a Wi-Fi 1→ 802.11b That being said, you can treat the Wi-Fi 6 designation as a generation number of sorts.To read this article in full, please click here

Campus design feature set-up : Part 2

To catch you up to speed quickly, I have a six-part blog series that will show you how to set up the CL 3.7.5 campus design feature: Multi-Domain Authentication. 

We’ll cover it all: Wired 802.1X Authentication using Aruba ClearPass, Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass, Wired 802.1x using Cisco ISE, Wired MAC Authentication using Cisco ISE, and Multi-Domain Authentication using Cisco ISE.

In the last blog, I showed you how to enable wired 802.1X authentication in Cumulus Linux 3.7.5+ using Aruba ClearPass 6.7.x. In this second guide, I’ll be sharing is how to enable wired MAC Authentication in Cumulus Linux 3.7.5+ using Aruba ClearPass 6.7.x.

Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Aruba ClearPass.

Aruba ClearPass Configuration:

1. Add the Cumulus Switch to ClearPass

First, we are going to add this specific Cumulus Network switch to ClearPass. Go to the following:

Configuration > Network > Devices. Click “+Add” in the top right-hand corner

Fill in the appropriate IP Address, Description, and Shared Secrets. For simplicity sake, set the “Vendor Name” to Continue reading

Fujitsu completes design of exascale supercomputer, promises to productize it

Fujitsu and Japanese research institute Riken announced the design for the post-K supercomputer, to be launched in 2021, is complete and that they will productize the design for sale later this year.The K supercomputer was a massive system, built by Fujitsu and housed at the Riken Advanced Institute for Computational Science campus in Kobe, Japan, with more than 80,000 nodes and using Sparc64 VIIIfx processors, a derivative of the Sun Microsystems Sparc processor developed under a license agreement that pre-dated Oracle buying out Sun in 2010.It was ranked as the top supercomputer when it was launched in June 2011 with a computation speed of over 8 petaflops. And in November 2011, K became the first computer to top 10 petaflops. It was eventually surpassed as the world's fastest supercomputer by the IBM’s Sequoia, but even now, eight years later, it’s still in the top 20 of supercomputers in the world.To read this article in full, please click here

Cisco warns WLAN controller, 9000 series router and IOS/XE users to patch urgent security holes

Cisco this week issued 31 security advisories but direct customer attention to “critical” patches for its  IOS and IOS XE Software Cluster Management and IOS software for Cisco ASR 9000 Series routers. A number of vulnerabilities also need attention if customers are running Cisco Wireless LAN Controllers.The first critical patch has to do with a vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to send malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device, Cisco said.To read this article in full, please click here

Cisco warns WLAN controller, 9000 series router and IOS/XE users to patch urgent security holes

Cisco this week issued 31 security advisories but direct customer attention to “critical” patches for its  IOS and IOS XE Software Cluster Management and IOS software for Cisco ASR 9000 Series routers. A number of vulnerabilities also need attention if customers are running Cisco Wireless LAN Controllers.The first critical patch has to do with a vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to send malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device, Cisco said.To read this article in full, please click here

Making Cisco ACI REST API Transactional

This is a guest blog post by Dave Crown, Lead Data Center Engineer at the State of Delaware. He can be found automating things when he's not in meetings or fighting technical debt.

In a recent blog post, Ivan postulated “You’d execute a REST API call. Any one of those calls might fail. Now what? ... You’ll have absolutely no help from the orchestration system because REST API is not transactional so there’s no rollback.” Well, that depends on the orchestration system in use.

The promise of controller-based solutions (ACI, NSX, etc.) is that your unicorn powered network controller should be an all seeing, all knowing platform managing your network. We all have hopefully learned about the importance of backups very early on our careers. Backup and, more importantly, restore should be table stakes; a fundamental feature of any network device, let alone a networking system managed by a controller imbued with magical powers (if the vendor is to be believed).

Read more ...

2019 Internet Society Board of Trustees Final Election Results & IETF Appointment

The Internet Society Elections Committee is pleased to announce the final results of the 2019 elections for the Internet Society Board of Trustees. The voting concluded on 8 April. The challenge period (for appeals) was opened on 9 April and closed on 17 April.

There were no challenges filed. Therefore the election results stand:

  • Olga Cavalli has been re-elected to the Board by our Chapters.
  • Mike Godwin and Mieke van Heesewijk have been elected by Organization Members.
  • Also, following the process documented in RFC 3677, the Internet Architecture Board has selected and the IETF has confirmed Richard Barnes to serve a second term on the ISOC board.

The term of office for all 4 of these Trustees will be 3 years, commencing with the 2019 Annual General Meeting of the Internet Society, 26-28 July.

The Elections Committee congratulates all of the new and renewing Trustees and expresses its gratitude once more to all the candidates and to everyone who participated in the process this year

The post 2019 Internet Society Board of Trustees Final Election Results & IETF Appointment appeared first on Internet Society.

The Confluence of SD-WAN and Microsegmentation

If you had to pick two really hot topics in the networking space right now, you’d be hard-pressed to find two more discussed than SD-WAN and microsegmentation. SD-WAN is the former “king of the hill” in the network engineering. I can remember having more conversations about SD-WAN in the last couple of years than anything else. But as the SD-WAN market has started to consolidate and iterate, a new challenger has arrived. Microsegmentation is the word of the day.

However, I think that SD-WAN and microsegmentation are quickly heading toward a merger of ideas and solutions. There are a lot of commonalities between the two technologies that make a lot of sense running together.

SD-WAN isn’t just about packet switching and routing any longer. That’s because networking people have quickly learned that packet-by-packet processing of traffic is inefficient. All of our older network analysis devices could only see things one IP packet at a time. But the new wave of devices think in terms of flows. They can analyze a stream of packets to figure out what’s going on. And what generates those flows?

Applications.

The key to the new wave of SD-WAN technology isn’t some kind of magic method Continue reading

1 1,246 1,247 1,248 1,249 1,250 3,832