BrandPost: 802.11ax means more IoT. Now, how do I secure it?

Like the teenager with no driving experience who takes the family SUV on the open highway, even the simplest devices that are connecting to corporate networks have the power to participate in an attack and cause serious damage.Courtesy of Moore’s Law, anything with an IP address must be now considered a potential threat. Ironically, 802.11ax introduces terrific new security features such as WPA3 and OWE. But, it also makes the WLAN even more IoT-friendly, given the support for dense concentrations of clients in environments such as smart buildings, where devices like lighting controls are as likely to be connected wirelessly as wired.To read this article in full, please click here

Sponsored Post: InMemory.Net, Triplebyte, Etleap, Stream, Scalyr

Who's Hiring? 

• Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.


• Need excellent people? Advertise your job here! 

Fun and Informative Events

• Advertise your event here!

Cool Products and Services

• InMemory.Net provides a Dot Net native in memory database for analysing large amounts of data. It runs natively on .Net, and provides a native .Net, COM & ODBC apis for integration. It also has an easy to use language for importing data, and supports standard SQL for querying data. http://InMemory.Net

• For heads of IT/Engineering responsible for building an analytics infrastructure, Etleap is an ETL solution for creating perfect data pipelines from day one. Unlike older enterprise solutions, Etleap doesn’t require extensive engineering work to set up, maintain, and scale. It automates most ETL setup and maintenance work, and simplifies the rest into 10-minute tasks that analysts can own. Read stories from customers like Okta and PagerDuty, or try Etleap yourself.

• Build, scale and personalize your news feeds and activity streams with getstream.io. Try the API now in this  Continue reading

Are Huawei Products Unsafe or Insecure ? A Review

I’ve done quite a bit of research in the Huawei issue. There are two key areas that I will cover in this review of the available information.  The network has to work before it can secured.  Software Quality and poor process.  Insider Threats by Chinese Nationals. TL:DR Huawei has substantial problems with product quality and […]

The post Are Huawei Products Unsafe or Insecure ? A Review appeared first on EtherealMind.

Dell Wins Shareholder Vote, Will Go Public This Month

More than 61 percent of shareholders approved the deal that allows Dell to buy back the stock that tracks its controlling stake in VMware.

Verizon Entices 10,400 Workers to Take Severance Package

The telecom giant is looking to cut $10 billion in costs from its operations as it positions itself to boost its focus on 5G.

Response: How Important is it to Understand Hardware Architecture?

This reddit post asked the question: For example, I’m going through a Cisco Live presentation on troubleshooting ASR routers, and the first 50 slides or so are completely dedicated to describing the Route Processors, Packet Engines, ASICs, Buffers, etc., and the different paths that packets can take through the hardware. While that’s all obviously important […]

The post Response: How Important is it to Understand Hardware Architecture? appeared first on EtherealMind.

Senegal Kicks Off Enhancing IoT Security Project

On April 4, 2018, the Canadian Multistakeholder Process: Enhancing Internet of Things (IoT) Security held its first convening in partnership with the Canadian Internet Registration Authority (CIRA); CANARIE; Innovation, Science and Economic Development (ISED) Canada; and the Canadian Internet Policy and Public Interest Clinic (CIPIC). Over 80 participants from government, academia, public interest, industry, and other organizations attended the first meeting and many have continued to engage at in-person and virtual meetings ever since. Over the past eight months, this group has experienced significant success in the areas of consumer education, labeling, and network resiliency. And these achievements have been well-noted on a global scale.

A delegation from Senegal came to Canada in July to meet with members of the Enhancing IoT Security oversight committee. The group was comprised of government officials, Senegal Chapter members, and staff from the Internet Society’s African Bureau. The delegation met with Canadian government officials, technologists, public interest groups, and North American Bureau staff to learn more about how and why the IoT security project was initiated, and what the group had accomplished to date. The group discussed the significant successes the Canadian multistakeholder group had already achieved, the challenges it faced, Continue reading

Liveblog: Hardening Kubernetes Setups

This is a liveblog of the KubeCon NA 2018 session titled “Hardening Kubernetes Setup: War Stories from the Trenches of Production.” The speaker is Puja Abbassi (@puja108 on Twitter) from Giant Swarm. It’s a pretty popular session, held in one of the larger ballrooms up on level 6 of the convention center, and nearly every seat was full.

Abbassi starts by talking about Giant Swarm’s environment, in which they run more than 100 clusters across different clouds and different regions. These clusters are running for different companies, different industries, and they serve different use cases for various constituents of users. Abbassi says that Giant Swarm opts to give users more freedom in how they use (and potentially misuse) the clusters.

Obviously, this can lead to problems, and that’s where the postmortems come into play. Abbassi explains the idea behind postmortems by quoting a definition from the Google SRE book, and then provides some context about the process that Giant Swarm follows when conducting postmortems. That leads into a discussion of various postmortems conducted at Giant Swarm.

The first one mentioned by Abbassi concerns a memory leak first fixed in 1.11.4 and 1.12.0. Prior to Continue reading

Response: Super Micro says no implants on motherboards

I’m convinced that Bloomberg is wrong about the hardware implants. Until they retract the story they don’t have credibility to report on technology.  Supermicro commissioned 3rd party audit and found nothing which is confirmation of many other sources who also refute the claims. The ONLY people making the claim is Bloomberg and there is no […]

The post Response: Super Micro says no implants on motherboards appeared first on EtherealMind.

Murambinda Works Community Engagement Workshop in Buhera: Meeting Challenges with Opportunity

Over 100 community members, including head masters, government officials, teachers and heads of primary and secondary schools gathered in Buhera rural district council of Zimbabwe on 15 November, eager to engage in discussions related to the initial deployment of the Murambinda Works Community Network. Schools, health and the local authority facilities have been earmarked as the initial benefactors for the inaugural roll out of the Murambinda Works Community Network.

The CEO of Murambinda, Mama Emilie gave a welcoming speech followed by the district school inspector of Buhera who talked about the importance of equipping their schools with ICT. “We cannot imagine a good curriculum that has not taken into consideration ICT. The partnership with Internet Society is a blessing to the district. We want to support it until infinity,” he said. The inspector also mentioned some of the challenges they are facing in their schools including the lack of power, unavailability of computers and connectivity. (Since 2015, 1200 teachers have been trained in ICT, but couldn’t do much with their acquired knowledge.)

TelONE, the national Telecommunications parastatal company with infrastructure in Murambinda Town, was also present at the workshop. “One man cannot make it but we can work together Continue reading

Liveblog: Linkerd 2.0, Now with Extra Prometheus

This is a liveblog of the KubeCon NA 2018 session titled “Linkerd 2.0, Now with Extra Prometheus.” The speakers are Frederic Branczyk from Red Hat and Andrew Seigner with Buoyant.

Seigner kicks off the session with a quick introduction before handing off to Branczyk. Prometheus, for folks who didn’t know, originated at SoundCloud with a couple of ex-Googlers. Prometheus is one of the graduated CNCF projects and—judging by a show of hands in response to a speaker question—lots of folks here at KubeCon know about Prometheus and are using Prometheus in production.

Branczyk provides an overview of Prometheus, explaining that it pulls metrics from a target on a set of regular intervals (like every 15 seconds, for example). Prometheus stores those metrics in a time-series database, so every time it pulls metrics it stores them in a time series. As a monitoring solution, it also has to provide alerting, to notify cluster operators/administrators that some metric is outside of some predefined threshold.

With regards to Kubernetes, Prometheus has built-in support to perform service discovery in Kubernetes by querying the Kubernetes API. This enables it to discover Pods backing a Service and scrape (pull) the metrics from those discovered Continue reading

KubeCon 2018 Day 1 Keynote

This is a liveblog from the day 1 (Tuesday, December 11) keynote of KubeCon/CloudNativeCon 2018 in Seattle, WA. This will be my first (and last!) KubeCon as a Heptio employee, and looking forward to the event.

The keynote kicks off at 9:02am with Liz Rice, Technology Evangelist at Aqua Security. Rice welcomes attendees (back) to Seattle, and she shares that this year’s event in Seattle is 8x the size of the same event in Seattle just two years ago. Rice also shares some statistics from other CNCF events around the world, stressing the growth of these events both in size and in the number of events happening worldwide.

Rice next shares some entertaining statistics about web site visits to kubernetes.io versus some other popular brands. (TL;DR: Kubernetes gets more web site visits than the Seahawks and Manchester United, but not as many as Starbucks.)

Moving on, Rice talks for a few minutes about the strategy or purpose behind the collection of projects that fall under the CNCF umbrella (to provide some of the important building blocks in the full stack of technologies to support cloud-native environments). At this point, Rice turns it over to Michelle Noorali, Continue reading

Tech Time is Real Time

Silicon Valley is both an addiction and passion where entrepreneurs seek the realm of the impossible. Real-time language translation, fraud detection, and autonomous vehicle control are being addressed through the use of neural network models, detecting patterns and behaviors across massive amounts of structured and unstructured data. Indeed, change is not only a constant progression in Silicon Valley, it is a continuum in time. Every piece of traditional technology has to imminently become smarter, challenged or be eliminated. While this transformation is especially true for entrepreneurs, invention is not limited to start-ups. I have witnessed several waves of evolution and revolution during my journey in Silicon Valley in both high-tech and networking.

How to tame enterprise communications services

Communications capabilities are essential to the success of organizations everywhere. Voice, email, text messaging, multimedia messaging, file sharing, streaming video, conferencing, collaboration, and more – you can’t do business without them. But as traffic volumes and the number of communications services in use continue to grow, so do the IT and operational challenges.Communications services have historically been provisioned by, and are of course still widely available from, broadband landline and wireless carriers who seek value-added revenue to offset the commodity nature of their “big dumb pipe” core businesses. But there are also numerous third-party solution suppliers, private implementations, and unified communications (UC) product and service capabilities. In addition, an increasing number of cloud-based services – many of which are often aimed squarely at consumer end-users rather than organizations – are seeing significant organizational application, and unfortunately often via backdoor or shadow-IT routes.To read this article in full, please click here

6 Things You Should Know About 802.11ax

How to tame enterprise communications services

Communications capabilities are essential to the success of organizations everywhere. Voice, e-mail, text messaging, multimedia messaging, file sharing, streaming video, conferencing, collaboration, and more – you can’t do business without them. But as traffic volumes and the number of communications services in use continue to grow, so do the IT and operational challenges.Communications services have historically been provisioned by, and are of course still widely available from, broadband landline and wireless carriers who seek value-added revenue to offset the commodity nature of their “big dumb pipe” core businesses. But there are also numerous third-party solution suppliers, private implementations, and unified communications (UC) product and service capabilities. In addition, an increasing number of cloud-based services – many of which are often aimed squarely at consumer end-users rather than organizations – are seeing significant organizational application, and unfortunately often via backdoor or shadow-IT routes.To read this article in full, please click here

The truth about Black Friday and Cyber Monday

At Cloudflare we handle a lot of traffic on behalf of our customers. Something we all see and hear a lot about at this time of year are Black Friday (23 November this year) and Cyber Monday (26 November) - but just how important are these days on the Internet?

To try and answer this question, we took a look at anonymised samples of HTTP requests crossing our network. First of all, let’s look at total page views from across our global network from the last few weeks and see if we can spot Black Friday and Cyber Monday:

So this is total page views by day (UTC) from November 19 (a week before Cyber Monday) until Monday December 3. Other than follow-the-sun fluctuations in a repeating daily pattern, each whole day is pretty similar in shape and size compared to the last. Black Friday and Cyber Monday aren’t visible in overall traffic patterns.

Get specific

We have a very diverse set of customers across 12 million domain names and not all of them are selling products or doing so directly online. To identify those websites Continue reading

How to find the correct MTU and MRU of your link

Overview

In the previous post, I talked about Network IP Fragmentation, what it is and why it’s needed (You are advised to read it before continuing). I also covered the so called PMTUD Black hole effect.

Fixing a PMTUD Black hole is a multistep process, and it starts with finding the correct MTU/MRU of your link.

Now as I’ve discussed, every path can have its own unique MTU/MRU value, but we are usually interested in the max value that is dictated by your ISP.

When you send a packet, it always routes through your ISP. Because of different protocols in place and their overheads (mostly layer 2 ones), it is common for your ISP to force MTU/MRU of less than 1500 bytes on your link.

If a packet exceeds these values, your ISP is required to send the appropriate ICMP messages either back to you (for the MTU), or to the server sending the data (for the MRU). These messages give the corresponding hosts a chance to adapt themselves to the link.

If your ISP decides to not send the required ICMP messages (or they get lost in transaction for some reason), all sorts of issues could arise. And Continue reading

Building Your Own Virtual Lab

Last week we published Matt Oswalt’s thoughts on using virtual labs in training and testing. In the second part of his interview with Christoph Jaggi he talked about building a virtual lab.

Matt will cover the same topic in way more details in his guest speaker presentation in Spring 2019 Building Network Automation Solutions online course. Register here.

A new look on your Cloudflare dashboard

Building a great customer experience is a top priority here at Cloudflare. Over the last week, we have been  slowly rolling out an improvement to our customer dashboard - specifically the zone overview page. We are now ready to share the new dashboard with everyone.

Many of the changes you’ll notice first were driven directly by customer feedback. We’ve heard time and time again that site owners would like better visibility of their key analytics, and for it to be easier to apply certain common settings changes. This new dashboard provides both, with a snapshot of several of your key analytics, and a new toolkit area for easy access to key functions. This page has also been redesigned from top to bottom for responsiveness across various devices and screen widths.

Even more interesting is all the work under-the-hood that went into making this release and how it sets the stage for improvements to our customer experience as we look ahead to 2019. This is one of the first pieces of production Product work shipped using our new prototyping framework. We will soon be sharing details of the design systems work that underlies the new experience on Continue reading