IDG Contributor Network: Networking anomalies

Recently, I had the great opportunity to discuss network security over dinner with one of the world’s best security practitioners. I learned that keeping bad actors from eventually getting inside a network is nearly impossible. While we maintain our vigilance at our borders over time we should assume our network would be penetrated, so the key to preventing exfiltration (which generally follows) is to look for networking anomalies.Look for network uses that are abnormal, unusual, or different in some way from the norm. Techniques for doing this “hunting” are expensive to implement and hard to interpret with frequent false positives but are a necessary evil.To read this article in full, please click here

Network Break 192: Dell Goes Public Again; Vodafone Trials Whitebox Optical

Take a Network Break! Dell Technologies is heading back to the public market, Vodafone tests a whitebox optical switch, and an LTE vulnerability rears its head.

Diane Bryant leaves Google Cloud after less than a year. Is Intel beckoning?

A Swedish private equity firm spins out SUSE, Micron products get banned in China, ZTE shuffles its executive ranks to comply with US requirements, and China approves Marvell’s acquisition of Cavium.

We’ve got links to all these stories after our sponsor messages.

Sponsor: InterOptic

InterOptic offers high-performance, high-quality optics at a fraction of the cost. If you re not doing optics correctly, you re going to pay for it upfront (and then later too). Don t be fooled by lesser optics. The difference between generic third-party and brand-equivalent optics matters.

Sponsor: Packet Pushers Ignition

The Packet Pushers have launched a brand new membership site called Ignition. Ignition offers free and premium memberships and hosts exclusive content for subscribers, including videos, reports, blogs, and more. Check it out at ignition.packetpushers.net.

Show Links:

Dell moves to go public, spurns IPO – Reuters

Vodafone begins its trek with Voyager – Cumulus Networks Blog

Vodafone deploys TIP s Voyager in a live network Continue reading

IDG Contributor Network: Solving for serverless: How do you manage something that’s not there?

Function-as-a-service (FaaS) technologies, including AWS Lambda, Azure Functions and IBM/Apache OpenWhisk, are experiencing mass adoption, even in private clouds, and it’s easy to see why. The promise of serverless is simple: developers and IT teams can stop worrying about their infrastructure, system software and network configuration altogether. There’s no need to load-balance, adjust resources for scale, monitor for network latency or CPU performance. Serverless computing can save you a lot of time, money and operational overhead, if you play your cards right.Say goodbye to the idle instance There’s also less waste with serverless computing. You only pay for infrastructure in the moment that code gets executed (or, each time a user processes a request). It’s the end of the server that just sits there. But with all these advantages, IT practitioners are also faced with an avalanche of complexity and new challenges.  To read this article in full, please click here

IDG Contributor Network: Solving for serverless: How do you manage something that’s not there?

Function-as-a-service (FaaS) technologies, including AWS Lambda, Azure Functions and IBM/Apache OpenWhisk, are experiencing mass adoption, even in private clouds, and it’s easy to see why. The promise of serverless is simple: developers and IT teams can stop worrying about their infrastructure, system software and network configuration altogether. There’s no need to load-balance, adjust resources for scale, monitor for network latency or CPU performance. Serverless computing can save you a lot of time, money and operational overhead, if you play your cards right.Say goodbye to the idle instance There’s also less waste with serverless computing. You only pay for infrastructure in the moment that code gets executed (or, each time a user processes a request). It’s the end of the server that just sits there. But with all these advantages, IT practitioners are also faced with an avalanche of complexity and new challenges.  To read this article in full, please click here

Q&A: Bill Hoffman of the Industrial Internet Consortium talks AI, IoT and more

Bill Hoffman, president of the Industrial Internet Consortium, has worked with artificial intelligence (AI) for decades. He's been with the IIC since its inception, and he worked with IIC executive director Richard Soley at various AI firms for years before that. Hoffman recently sat down with Network World's Jon Gold for a chat about IoT and the role of automation and AI.NWW: Is this what you guys expected to be working on 20-30 years ago?BF: For us it’s fascinating to see, three decades later, that the term AI actually has a good connotation. It’s funny, but a lot of the systems that we were involved with, which were primarily renamed “decision support systems” – for liability reasons, they didn’t want to call them “expert” systems – a lot of those are still functioning today. So it never really went away, it just went somewhat underground, and people said “OK, that works.”To read this article in full, please click here

IDG Contributor Network: A taxonomy of Intent-Based Networking (IBN)

You have probably heard all sorts of claims by various vendors and solutions that they are providing or supporting Intent-Based Networking (IBN), yet there is a wide range of capabilities that are all very confusing.One way to make sense of this is to apply a "maturity model" like the one used to classify the maturity level of RESTful web services implementations. The Richardson Maturity Model divides capabilities of RESTful web services into levels, starting from 0 and going up as the maturity of the implementation increases. Just like IBN, REST had received its fair share of hype. While the REST principles were clearly defined in Roy Fielding’s dissertation, in practice the REST label was attached to implementations with wildly varying levels of conformance to the original principles, starting from anything that had the words “HTTP” and “JSON” in it to full blown “hypermedia as the engine of application state.”To read this article in full, please click here

IDG Contributor Network: A taxonomy of Intent-Based Networking (IBN)

You have probably heard all sorts of claims by various vendors and solutions that they are providing or supporting Intent-Based Networking (IBN), yet there is a wide range of capabilities that are all very confusing.One way to make sense of this is to apply a "maturity model" like the one used to classify the maturity level of RESTful web services implementations. The Richardson Maturity Model divides capabilities of RESTful web services into levels, starting from 0 and going up as the maturity of the implementation increases. Just like IBN, REST had received its fair share of hype. While the REST principles were clearly defined in Roy Fielding’s dissertation, in practice the REST label was attached to implementations with wildly varying levels of conformance to the original principles, starting from anything that had the words “HTTP” and “JSON” in it to full blown “hypermedia as the engine of application state.”To read this article in full, please click here

The Week in Internet News: WhatsApp Looks to Combat the Spread of Fake News

Fake messaging: WhatsApp, the popular messaging tool, will pay researchers up to $50,000 to study the spread of fake news through its platform, notes Mashable.com. The announcement came after reports of mob lynchings in India fueled by false information spread on WhatsApp, reports the Washington Post. India’s government asked the app maker to take immediate action to stop the spread of fake news.

Defining fake news: While we’re still on the topic of fake news, Cambodia’s recent crackdown on false information is raising concerns about press freedom in the country, reports The Guardian. A new directive aimed at fake news on websites and social media allows for violators to be jailed for two years and fined US$1,000, but civil rights groups said the new rules could give “authorities the power to silence individuals at the click of a button.”

Fired by a computer: A Los Angeles worker was recently shown the door by an automated process that seemed to assume he was let go after his original manager was laid off, the BBC reports. The case could raise questions about artificial intelligence processes, but the real fix would be a more intelligent machine, The Conversation says.

AI manages Continue reading

Goodbye, content.ipspace.net

It turns out that while I cannot bring myself to writing or creating other content during the summer break, it feels perfectly fine to be a janitor and fix small things on the web site.

One of the long-outstanding items: get rid of the free content web site that never went where I wanted it to go… one can do only so much in 24 hours. All the features available on content.ipspace.net are now part of the main ipSpace.net web site including pointers to free content and list of free presentations.

During the summer break, I’m publishing blog posts about the projects I’m working on. Regular blog posts will return in autumn.

Rough Guide to IETF 102

Starting next weekend, the Internet Engineering Task Force will be in Montreal for IETF 102, where over 1,000 engineers will discuss open Internet standards and protocols. The week begins on Saturday, 14 July, with a Hackathon and Code Sprint. The IETF meeting itself begins on Sunday and goes through Friday. We’ll be providing our rough guides on topics of mutual interest to both the IETF and the Internet Society as follows:

For more general information about IETF 102 see:

Immediately prior to the IETF meeting, ICANN are hosting a DNS Symposium on the theme “Attention, Domain Name System: Your 30-year scheduled maintenance is overdue.” The ICANN DNS Symposium will take place in the same venue as the IETF 102 meeting on Friday 13th July.

Here are some of the activities that the Internet Society is involved in during the week.

Applied Networking Research Workshop (ANRW 2018)

The ACM, IRTF and ISOC Applied Networking Research Workshop will take place on the Monday of IETF week, Continue reading

Backup vs. archive: Why it’s important to know the difference

If you want to make a backup person apoplectic, call an old backup an archive.It’s just shy of saying that data on a RAID array doesn’t need to be backed up. The good news is that the differences between backup and archive are quite stark and easy to understand.[ Check out AI boosts data-center availability, efficiency. Also learn what hyperconvergence is and whether you’re ready for hyperconverged storage. | For regularly scheduled insights sign up for Network World newsletters. ] What is backup? Backup is a copy of data created to restore said data in case of damage or loss. The original data is not deleted after a backup is made.To read this article in full, please click here

Using JUNOS Firewall Filters for Troubleshooting & Verification | QFX5110

The Junos firewall filter feature can be a really useful tool for troubleshooting and verification scenarios. I was recently troubleshooting a packet loss fault and I was fairly sure it was an asymmetrical routing issue but I needed a quick way of verifying. And then a colleague said, “hey, how about a firewall filter?”. Of course, assuming IP traffic, we can use a Junos firewall filter to capture specific traffic flows.

Overview

In this scenario, we have a pair of Juniper QFX5110 switches that are both connected to an upstream IP transit provider. They are also connected to a local network via a VMware NSX edge. We’re going to use a firewall filter on QFX1 and QFX2 to identify which QFX is being used for egress traffic and which QFX is being used for ingress traffic. More specifically, the flow is an ICMP flow between a host on 212.134.79.62 and Cloudflare’s DNS service.

Topology

Junos Firewall Filters topology

 

Firewall Filter

So we’re essentially going to create a firewall filter to count specific egress traffic and apply as an import filter on both QFX switches. We’re also going to create another firewall filter to count the return traffic and apply Continue reading

Registration Open for “Cyber Diplomacy Meets InfoSec and Technology” Alongside IETF 102

As we recently announced, the Global Commission on the Stability of Cyberspace (GCSC) will host a lunch panel on “Cyber Diplomacy Meets InfoSec and Technology” alongside IETF 102 on Tuesday, 17 July. Registration opens today in two time slots for global time zone fairness, at 08:00 UTC and 20:00 UTC. Register here.

The Global Commission on the Stability of Cyberspace is developing norms and policy initiatives that intend to counter the risk to the overall security and stability of cyberspace due to rise of offensive cyber-activities, and especially those by states. During this session, the Commission wants to inform and engage with the IETF community on its work so far and the work that is in the pipeline.

The Internet Society is assisting with logistics. Internet Society Chief Internet Technology Officer and GCSC Commissioner Olaf Kolkman will moderate the panel. The panelists are:

  • Irina Rizmal, researcher at the DiploFoundation specialized in policy analysis in matters pertaining to national security and defense.
  • Bill Woodcock, Commissioner and Executive Director at Packet Clearing House, the non-profit agency that supports critical Internet infrastructure.
  • Jeff Moss, Commissioner, founder of Black Hat and Defcon, member of the DHS security council, Continue reading