Hybrid Networking: The Best of Both Worlds
With a strong network underpinning a cloud platform, a hybrid model can address reliacbility, security, and compliance concerns, while simplifying IT infrastructure management.
Network Infrastructure as Code Is Nothing New
Following “if you can’t explain it, you don’t understand it” mantra I decided to use blog posts to organize my ideas while preparing my Networking Infrastructure as Code presentation for the Autumn 2018 Building Network Automation Solutions online course. Constructive feedback is highly appreciated.
Let’s start with a simple terminology question: what exactly is Infrastructure as Code that everyone is raving about? Here’s what Wikipedia has to say on the topic:
Read more ...Who left open the cookie jar? A comprehensive evaluation of third-party cookie policies
Who left open the cookie jar? A comprehensive evaluation of third-party cookie policies from the Franken et al., USENIX Security 2018
This paper won a ‘Distinguished paper’ award at USENIX Security 2018, as well as the 2018 Internet Defense Prize. It’s an evaluation of the defense mechanisms built into browsers (and via extensions / add-ons) that seek to protect against user tracking and cross-site attacks. Testing across 7 browsers and 46 browser extensions, the authors find that for virtually every browser and extension combination there is a way to bypass the intended security policies.
Despite their significant merits, the way cookies are implemented in most modern browsers also introduces a variety of attacks and other unwanted behavior. More precisely, because cookies are attached to every request, including third-party requests, it becomes more difficult for websites to validate the authenticity of a request. Consequently, an attacker can trigger requests with a malicious payload from the browser of an unknowing victim… Next to cross-site attacks, the inclusion of cookies in third-party requests also allows fo users to be tracked across the various websites they visit.
When you visit a site A, it can set a cookie to be included in Continue reading
Taking EVPN & open networking to new heights with Broadcom Trident3 and Cumulus Linux
As highlighted in our recent press release, Cumulus Networks and Broadcom are expanding their commitment to open networking by introducing support of Cumulus Linux to the widely successful Broadcom Trident3 The Trident3-based switches will be available with Cumulus Linux in the Fall of 2018.
When Trident3 came to the market it offered a fully programming packet processing silicon as well as improved power efficiency. It’s additional benefit was a broad range of scalability, starting at 200 Gbps of throughput scaling all the way up to 3.2 Tbps on a single chip.
We are thrilled to have the world’s most powerful open network operating system, Cumulus Linux, now running on this innovative Broadcom chip. I see three benefits of utilizing these two solutions in data center networking 1) Simplified EVPN, 2) Scalable VXLAN, and 3) investment protection.
- Simplified EVPN operations
With the Cumulus and Trident3 EVPN implementation, teams can utilize well-understood and simple networking protocols like BGP to effortlessly build a highly scalable, layer-3-routed, underlay fabric for different address families, including IPv4, IPv6 and EVPN routes. EVPN will automatically set up neighbors, discover information, and exchange that information among nodes. With just a few lines of code, you can Continue reading
Nutanix Closes Big Deals, But Profits Still Elude
At some point, every company that has equity, venture, or public investors, has to start being profitable. …
Nutanix Closes Big Deals, But Profits Still Elude was written by Timothy Prickett Morgan at .
Worth Reading: Using DNS as a Single Signon
Internet-wide identity management is one of the hot issues currently — dealing with hundreds of separate usernames and passwords is insecure and unfriendly for users. Increasingly, people use their social network accounts to log into websites, which works well, but forces you to allow either Google or Facebook to track all your logins — you don’t have a lot of choice. —Vittorio Bertola @APNIC
OSS Vendor Comarch Works for Telefónica, Vodafone, and Deutsche Telekom
Comarch recently won a contract with South Korean 5G operator LG U+ to replace its OSS stack.
Storj Labs Offers Unique Model for Cloud Storage
The company's open source partner program will divert revenue to organizations or individuals that allow blockchain-based encrypted storage on personal devices.
Ericsson Snaps Up Service Assurance Firm CENX In Preparation for 5G
Verizon is a CENX customer. CENX employees, including new CEO Edward Kennedy, will become part of Ericsson when the deal closes this quarter.
Remember the Token Ring!!
We’ve Added Another CCIE Security v5.0 Technologies Course to Our Library
Log into your Members Account, or check out our online store the view or purchase Rohit Pardasani’s latest CCIE Security v5.0 Technologies video; CCIE Security V5 Technologies: ASA Firewall.
About The Course
This course is a deep dive in ASA and features of ASA firewall, and is a primary study resource for the CCIE Security v5 Lab Exam. Students looking for a thorough and well-structured learning tool will benefit from these videos, which help create a solid foundation of the concepts covered in the CCIE Security v5 Lab Exam.
In this course, we will walk you through the basics of ASA and help you dive into more practical and advanced topics. We will start by helping you understand the security levels in ASA and understand the Adaptive Security Algorithm. Then we will break down the ACL’s and objects and object-groups. We will further look at differences between ASA in router mode vs ASA in transparent mode. We will also focus on deep inspection of packets and later move on to creating virtual firewalls and running ASA in active/standby or active/active mode. Lastly, but not the least, we would focus on clustering.
Prerequisites
Basic understanding of firewalls and basic Continue reading