0

Technology Short Take 105

Welcome to Technology Short Take #105! Here’s another collection of articles and blog posts about some of the common technologies that modern IT professionals will typically encounter. I hope that something I’ve included here proves to be useful for you.

Networking

• Jon Williams discusses deploying Anycast DNS using OpenBSD and BGP.
• Brian Boucheron provides a great article on how to inspect and debug Kubernetes network primitives. The information in this article is a great foundation upon which to build, in my opinion.

Servers/Hardware

• The big news in the hardware space recently was the article regarding the purported Chinese hardware supply chain attack. This has generated a lot of discussion. First, we have Amazon’s reply, in which they categorically deny all such claims. Apple’s response similarly denies the allegations in the report. Of the (innumerable) articles commenting on the hardware hack, this article by Joe FitzPatrick and this ErrataSec article caught my eye. Both articles point out the incredible difficulty of finding such a hardware hack, and point out that exploiting software vulnerabilities would probably be a much faster/easier way to accomplish the same goal. Will we ever know the truth as to whether this actually happened? Probably not.

Security

• Continue reading

0

The future of networking: Open source networking is the ‘new norm’

If you weren’t in Amsterdam last week, you missed an extremely exciting conference – the Open Networking Summit Europe 2018. This Linux Foundation event drew more than 700 networking, development and operations leaders and enterprise users from open source service providers, cloud companies, and more.Chief among the conference themes was the idea that open source networking is the "new norm," with lots of vendors attesting to how this theme is playing out in the IT industry. Dan Kohn who leads the Linux Foundation's Cloud Native Computing Foundation cites cost savings, improved resilience and higher development velocity for both bug fixes and the rolling out of new features for this change. Arpit Joshipura, General Manager of Networking at The Linux Foundation used the term "open-sourcification" in his keynote.To read this article in full, please click here

0

The future of networking: Open source networking is the ‘new norm’

If you weren’t in Amsterdam last week, you missed an extremely exciting conference – the Open Networking Summit Europe 2018. This Linux Foundation event drew more than 700 networking, development and operations leaders and enterprise users from open source service providers, cloud companies, and more.Chief among the conference themes was the idea that open source networking is the "new norm," with lots of vendors attesting to how this theme is playing out in the IT industry. Dan Kohn who leads the Linux Foundation's Cloud Native Computing Foundation cites cost savings, improved resilience and higher development velocity for both bug fixes and the rolling out of new features for this change. Arpit Joshipura, General Manager of Networking at The Linux Foundation used the term "open-sourcification" in his keynote.To read this article in full, please click here

0

The future of networking: Open networking is the ‘new norm’

If you weren’t in Amsterdam last week, you missed an extremely exciting conference – the Open Networking Summit Europe 2018. This Linux Foundation event drew more than 700 networking, development and operations leaders and enterprise users from open source service providers, cloud companies, and more.Chief among the conference themes was the idea that open networking is the "new norm," with lots of vendors attesting to how this theme is playing out in the IT industry. The conference drew both business and technical leaders focused on networking beyond software-defined networking (SDN) and network function virtualization (NFV) with deep technical tracks and opportunities for attendees to learn from peers across the industry.To read this article in full, please click here

0

The future of networking: Open networking is the ‘new norm’

If you weren’t in Amsterdam last week, you missed an extremely exciting conference – the Open Networking Summit Europe 2018. This Linux Foundation event drew more than 700 networking, development and operations leaders and enterprise users from open source service providers, cloud companies, and more.Chief among the conference themes was the idea that open networking is the "new norm," with lots of vendors attesting to how this theme is playing out in the IT industry. The conference drew both business and technical leaders focused on networking beyond software-defined networking (SDN) and network function virtualization (NFV) with deep technical tracks and opportunities for attendees to learn from peers across the industry.To read this article in full, please click here

0

Monitoring Windows Services for Free

0

I know you’ll be back: interpretable new user clustering and churn prediction on a mobile social application

I know you’ll be back: interpretable new user clustering and churn prediction on a mobile social application Yang et al., KDD’18

Churn rates (how fast users abandon your app / service) are really important in modelling a business. If the churn rate is too high, it’s hard to maintain growth. Since acquiring new customers is also typically much more expensive than expanding in existing accounts, churn hits you twice over. So it’s really important to understand what causes users to churn in your business, and ideally to be able to predict users likely to churn so that you can intervene. This paper describes ClusChurn, the churn prediction system deployed at Snapchat.

It has been argued for decades that acquiring new users is often more expensive than keeping old ones. Surprisingly, however, user retention and its core component, churn prediction, have received much less attention from the research community… While this paper focuses on the Snapchat data as a comprehensive example, the techniques developed here can be readily leveraged for other online platforms, where users interact with the platform functions as well as other users.

The central idea in ClusChurn is to cluster users into clusters that are meaningful Continue reading

0

Nation-States Attack MSP Networks, DHS Security Alert Warns

Managed service providers' customers — especially IT, energy, healthcare, communications, and manufacturing companies — are the end target for these attacks.

0

Edgility Open Source Initiative Marries Serverless With the Edge

Creators of Edgility say it will offer network operators a better way to manage resources at the network edge. And it will work with existing open source projects like ONAP and Akraino.

0

NSX Cloud 2.3 – Support for AWS, Free Visibility into Public Cloud Workloads & more!

We are very excited about the following key NSX Cloud features which are shipping as part of the latest NSX release – NSX 2.3

 

Support for AWS:

NSX 2.3 now extends support for native AWS workloads. This is a big step towards VMware’s pursuit for a truly Hybrid Cloud NSX Solution. NSX customers can now simplify and scale operations across a growing number of accounts, subscriptions, virtual networks, availability zones and regions in AWS, Azure and private cloud. Furthermore, this opens the doors for adding more networking platform capabilities such as service insertion, etc.  Look out for more information on this in our future blogs.

 

Free Visibility into Public Cloud Workloads:

If you have an NSX-T based Datacenter deployed within your on-premise environment, it only takes one additional VM to extend your visibility to include all your Public Cloud workloads. Here is how you go about it: In the NSX-T download page, under the Product Downloads section, you will see the link to download “NSX Manager / NSX Cloud Service Manager / NSX Policy Manager”. This is the NSX Unified Appliance which can be configured as an NSX Manager, or NSX Cloud Service Continue reading

0

Move to the Cloud with Microsoft and Live Happily Ever After — Maybe

0

Are you ready? How to prepare for the DNSSEC Root KSK Rollover on October 11, 2018

Are you ready? Are your systems prepared so that DNS will keep functioning for your networks?  One week from today, on Thursday, October 11, 2018, at 16:00 UTC ICANN will change the cryptographic key that is at the center of the DNS security system – what we call DNSSEC. The current key has been in place since July 15, 2010. This is a long-planned replacement.

If everything goes fine, you should not notice and your systems will all work as normal. However, if your DNS resolvers are not ready to use the new key, your users may not be able to reach many websites, send email, use social media or engage in other Internet activities!

This change of this central security key for DNS is known as the “Root Key Signing Key (KSK) Rollover”. It has been in discussion and planning since 2013. We’ve written many articles about it and spoken about it at many conferences, as have many others in the industry. ICANN has a page with many links and articles at:

• https://www.icann.org/kskroll

But here we are, with only a few days left and you may be wondering – how can I know if my systems Continue reading

0

Notes on the Bloomberg Supermicro supply chain hack story

Bloomberg has a story how Chinese intelligence inserted secret chips into servers bound for America. There are a couple issues with the story I wanted to address.


The story is based on anonymous sources, and not even good anonymous sources. An example is this attribution:

a person briefed on evidence gathered during the probe says

That means somebody not even involved, but somebody who heard a rumor. It also doesn't the person even had sufficient expertise to understand what they were being briefed about.

The technical detail that's missing from the story is that the supply chain is already messed up with fake chips rather than malicious chips. Reputable vendors spend a lot of time ensuring quality, reliability, tolerances, ability to withstand harsh environments, and so on. Even the simplest of chips can command a price premium when they are well made.

What happens is that other companies make clones that are cheaper and lower quality. They are just good enough to pass testing, but fail in the real world. They may not even be completely fake chips. They may be bad chips the original manufacturer discarded, or chips the night shift at the factory secretly ran through on the Continue reading

0

Full Qubit, Tooling Access a Game-Changer for Quantum Development

As we argued a few weeks ago, the cloud is where quantum competition gets real. …

Full Qubit, Tooling Access a Game-Changer for Quantum Development was written by Nicole Hemsoth at .

0

Worth Reading: Outing your Outages

How are you supposed to handle outages? What happens when everything around you goes upside down in an instant? How much communication is “too much”? Or “not enough”? And is all of this written down now instead of being figured out when the world is on fire? —Tom @Networking Nerd

0

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

0

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

0

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

0

National Cybersecurity Awareness Month = International IoT Security and Privacy Month

October is National Cybersecurity Awareness Month, and as part of our work with the Online Trust Alliance and our Internet of Things (IoT) campaign, we think October also deserves another label… International IoT Security and Privacy Month. There are a number of significant activities and developments related to security and privacy. Here are a few highlights of what’s happening, how we are participating, and how you can get involved.

• The “How to Make Trustworthy #IoT” Workshop – (Oct. 8) This year’s Internet Society Chapterthon is focused on IoT, and we are excited to see how all 43 participating Chapters raise awareness of the privacy and security issues surrounding IoT. On Monday, 8 October, Jeff Wilbur and Megan Kruse from the Online Trust Alliance be in New York City with the Internet Society New York Chapter (ISOC-NY) and IoTNation holding a workshop on ‘How to Make Trustworthy IoT’ – an IoT Privacy & Security Workshop. If you’ll be in New York City on Monday, please consider registering for the event, or watching the livestream starting at 2PM.
• Comments due for NIST Internal Report (NISTIR) 8228: Considerations for Managing IoT Cybersecurity and Privacy Risks – (Oct. 24) The report by Continue reading

0

Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !

Hi everyone ! I am glad to announce that we started CCIE SP (Service Provider) Training.   The CCIE Service Provider Lab bootcamp has been developed by Orhan Ergun LLC. as a preparation tool for the CCIE Service Provider v4.1 Lab Exam.   Each session will start by reviewing the concepts and fundamentals of the related …

Continue reading "Orhan Ergun Training and Consultancy Company has CCIE SP Training as well !"

The post Orhan Ergun Training and Consultancy Company has CCIE SP Training as well ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.