Cisco releases a critical security patch for a virtualized automation tool

Cisco has released a  patch for a critical vulnerability in software used to control large virtual environments.The weakness gets a 10 out of 10 severity score and is found in Cisco’s Elastic Services Controller (ESC), which the company describes as offering a single point of control to manage all aspects of Virtual Network Functions and offers capabilities such as VM and service monitoring, auto-recovery and dynamic scaling. With ESC users control the lifecycle all virtualized resources, whether using Cisco or third-party VNFs, Cisco stated.RELATED: What IT admins love/hate about 8 top network monitoring tools The vulnerability in this case lies in the REST API of ESC and could let  an unauthenticated remote attacker to bypass authentication on the REST API and execute arbitrary actions through with administrative privileges on an affected system. The vulnerability is due to improper validation of API requests, Cisco wrote in its advisory.To read this article in full, please click here

Cisco releases a critical security patch for a virtualized automation tool

Cisco has released a  patch for a critical vulnerability in software used to control large virtual environments.The weakness gets a 10 out of 10 severity score and is found in Cisco’s Elastic Services Controller (ESC), which the company describes as offering a single point of control to manage all aspects of Virtual Network Functions and offers capabilities such as VM and service monitoring, auto-recovery and dynamic scaling. With ESC users control the lifecycle all virtualized resources, whether using Cisco or third-party VNFs, Cisco stated.RELATED: What IT admins love/hate about 8 top network monitoring tools The vulnerability in this case lies in the REST API of ESC and could let  an unauthenticated remote attacker to bypass authentication on the REST API and execute arbitrary actions through with administrative privileges on an affected system. The vulnerability is due to improper validation of API requests, Cisco wrote in its advisory.To read this article in full, please click here

Backblaze report shows slight uptick in HDD failure rates

Cloud backup vendor Backblaze issued its latest quarterly findings for hard-disk drive (HDD) reliability, and it shows a slight uptick in failure rates — but hardly something to fret over.All told, Backblaze has 106,238 hard drives spinning in three data center colocations, and every quarter it highlights the failure rate of each model drive it uses. The company first came to prominence several years ago when it highlighted an abnormally high failure rate of Seagate drives.The problem arose about two years after massive floods in Thailand (around 2011) ruined the manufacturing facilities of several hard drive manufacturers, with Seagate taking it especially hard. I did some reporting back then for a now-defunct publication and found out that some corners were cut to get hard drive production going again and that those cuts resulted in a bunch of time bomb hard drives with higher than average failure rates.To read this article in full, please click here

BrandPost: How to Handle More Support Tickets With Less Resources

No big surprise here: the number of support tickets increased again last year, following the same trend it has for nearly a decade. More than 57% of organizations reported an increase in ticket volume in 2018, according to the latest HDI Technical Support Practices & Salary Report.The question is, why? It seems clear that end users are now fully acclimatized to using technology in the workplace, so what’s triggering this very consistent increase in support incidents and issues?It comes down to three factors:Greater complexity in the technology environment. Nearly 50% of organizations are supporting Internet of Things (IoT) devices, with more businesses following suit to stay competitive. These IoT devices scan, measure, and report on the network, adding a whole new world of support issues to manage.To read this article in full, please click here

Real-Life Data Center Meltdown

A good friend of mine who prefers to stay A. Nonymous for obvious reasons sent me his “how I lost my data center to a broadcast storm” story. Enjoy!

Small-ish data center with several hundred racks. Row of racks supported by an end-of-row stack. Each stack with 2 x L2 EtherChannels, one EC to each of 2 core switches. The inter-switch link details don’t matter other than to highlight “sprawling L2 domains."

VLAN pruning was used to limit L2 scope, but a few VLANs went everywhere, including the management VLAN.

Read more ...

Distributed consensus revised – Part II

Distributed consensus revised (part II) Howard, PhD thesis

In today’s post we’re going to be looking at chapter 3 of Dr Howard’s thesis, which is a tour (“systematisation of knowledge”, SoK) of some of the major known revisions to the classic Paxos algorithm.

Negative responses (NACKs)

In classic Paxos acceptors only send replies to proposer messages with an epoch greater than or equal to the acceptors last promised epoch (Property 6). The algorithms relies on timeouts to determine when a proposer abandons the current phase and retries with a new epoch number. We can eliminate the timeout delays by adding negative responses, for example no\_promise(e) and no\_accept(e), to be sent by the acceptor in response to prepare or propose messages with an invalid epoch number. These negative acknowledgements (NACKS) can also include further information such as the acceptor’s last promised epoch and last accepted proposal value. (There’s no point a proposer retrying with a new epoch less than the acceptor’s last promised one for example).

NACKs have replaced timeouts as we assume that messages are eventually delivered. We can therefore remove the synchrony assumptions from our progress proof.

Bypassing phase two

If a proposer learns during phase one that a value Continue reading

The Mythical Eight Hour Workday

I haven’t tracked my time in many years. I’ve always felt the practice was a nuisance. Hey, I’m busy. I have a lot to do. I’m working on it. Don’t distract me with a time sheet. You know what I do, boss, right? Do I really have to document my daily doings?

Working for myself means I don’t have to perform such trivial tasks, and of course, I don’t. However, I have been wondering over the last month where my workday goes. Often, it feels like I park my tush in my office chair, begin working on tasks, and then the day is suddenly over.

Except that often, the day isn’t over. My workday ends when I’ve accomplished everything I need to for that day. Eight hours gone by? Whatever. Head down. Keep at it. Get everything done. The list won’t get shorter tomorrow. If I want to get paid, I have to get my work done.

The Final Countdown

With more days than I want falling into a pattern of working more hours than I’d like, I’ve gotten serious about determining what the problem is. Do I need to turn away projects? Should I hire someone to handle some Continue reading

The 10 most powerful companies in enterprise networking

Enterprises recognize that all of the new technologies they want to deploy – IoT, edge computing, serverless, containers, hybrid cloud, and AI – require a robust, flexible, secure, self-healing, software-driven network. And the industry has responded with fresh new approaches such as software-defined networking (SDN), SD-WAN, hyperconverged infrastructure (HCI) and intent-based networking.To read this article in full, please click here

The 10 most powerful companies in enterprise networking

Enterprises recognize that all of the new technologies they want to deploy – IoT, edge computing, serverless, containers, hybrid cloud, and AI – require a robust, flexible, secure, self-healing, software-driven network. And the industry has responded with fresh new approaches such as software-defined networking (SDN), SD-WAN, hyperconverged infrastructure (HCI) and intent-based networking.To read this article in full, please click here

Server shipments to pick up in the second half of 2019

Global server shipments are not expected to return to growth momentum until the third quarter or even the fourth quarter of 2019, according to Taiwan-based tech news site DigiTimes, which cited unnamed server supply chain sources. The one bright spot remains cloud providers like Amazon, Google, and Facebook, which continue their buying binge.Normally I’d be reluctant to cite such a questionable source, but given most of the OEMs and ODMs are based in Taiwan and DigiTimes (the article is behind a paywall so I cannot link) has shown it has connections to them, I’m inclined to believe them.Quanta Computer chairman Barry Lam told the publication that Quanta's shipments of cloud servers have risen steadily, compared to sharp declines in shipments of enterprise servers. Lam continued that enterprise servers command only 1-2% of the firm's total server shipments.To read this article in full, please click here

Server shipments to pick up in the second half of 2019

Global server shipments are not expected to return to growth momentum until the third quarter or even the fourth quarter of 2019, according to Taiwan-based tech news site DigiTimes, which cited unnamed server supply chain sources. The one bright spot remains cloud providers like Amazon, Google, and Facebook, which continue their buying binge.Normally I’d be reluctant to cite such a questionable source, but given most of the OEMs and ODMs are based in Taiwan and DigiTimes (the article is behind a paywall so I cannot link) has shown it has connections to them, I’m inclined to believe them.Quanta Computer chairman Barry Lam told the publication that Quanta's shipments of cloud servers have risen steadily, compared to sharp declines in shipments of enterprise servers. Lam continued that enterprise servers command only 1-2% of the firm's total server shipments.To read this article in full, please click here

1 1,280 1,281 1,282 1,283 1,284 3,882