Cisco makes SD-WAN integration a top priority

Software and programmable intelligent networks were hot topics at Cisco Live last week, and one of the key components of that discussion was the direction of the company’s SD-WAN strategy.Central to that dialog is how Cisco plans to use and integrate the SD-WAN technology it acquired last year when it bought Viptela for $610 million.   For the moment Cisco says Viptela has brought with it interest to the tune of about 800 new customers in recent months.To read this article in full, please click here

Vertical Integration Musings

One of my readers asked me a question that came up in his business strategy class:

Why did routers and switches end up being vertically integrated (the same person makes the hardware and the software)? Why didn't they go down the same horizontal path as compute (with Intel making chips, OEMs making systems and Microsoft providing the OS)? Why did this resemble the pre-Intel model of IBM, DEC, Sun…?

Simple answer: because nobody was interested in disaggregating them.

Read more ...

DeepTest: automated testing of deep-neural-network-driven autonomous cars

DeepTest: automated testing of deep-neural-network-driven autonomous cars Tian et al., ICSE’18

How do you test a DNN? We’ve seen plenty of examples of adversarial attacks in previous editions of The Morning Paper, but you couldn’t really say that generating adversarial images is enough to give you confidence in the overall behaviour of a model under all operating conditions. Adversarial images approach things from a ‘think like an attacker’ mindset. We want to ‘think like a tester.’ For example, the work on DeepXplore which uses model ensembles to find differences in outputs that suggest bugs. The importance of testing DNNs is especially obvious when it comes to applications such as autonomous driving. Several of the ideas from DeepXplore are used in DeepTest, which looks specifically at testing of autonomous driving system. I think you could apply the DeepTest techniques to test other kinds of DNNs as well.

…despite the tremendous progress, just like traditional software, DNN-based software, including the ones used for autonomous driving, often demonstrate incorrect/unexpected corner-case behaviours that lead to dangerous consequences like a fatal collision.

DeepTest is a system designed to aid in the testing of autonomous driving models. When used to test three of Continue reading

SEE 7: Connectivity, Routing Security & IoT

The 7th RIPE South-East Europe (SEE 7) meeting is being held on 18-19 June 2018 in Timisoara, Romania, and is focusing on several of the subjects of interest to the Internet Society. It’s also being chaired by our colleague Jan Žorž, whilst I’ll be talking about IoT Security and the OTA IoT Trust Framework.

In Monday, there are talks on BGP monitoring from Paolo Lucente (pmacct), and from Krzysztof Grzegorz Szarkowicz (Juniper Networks) on improvements to routing protocols to suit the centralised data centre-based architectures that are becoming more prevalent on the Internet, and which are the subject of an Internet Draft. Zoran Perovic (SOX) will also talk about paradigm shifts in the implementation of Internet Exchange Points.

On Tuesday, there will be a discussion led by Goran Slavic (SOX) on implementing MANRS in an IXP, which is very relevant to the current MANRS initiative which is increasingly being adopted by IXPs. Our colleague Jan will then be presenting about RIPE-690 which provides recommendations for IPv6 address prefix assignments for end-users. Preceding this, will be an update on IPv6 adoption in the SEE region from Massimiliano Stucchi (RIPE NCC).

Some other highlights are the talk on Quad9DNS by Nishal Goburdhan (PCH) that’s supporting Continue reading

Notes on “The President is Missing”

Former president Bill Clinton has contributed to a cyberthriller "The President is Missing", the plot of which is that the president stops a cybervirus from destroying the country. This is scary, because people in Washington D.C. are going to read this book, believe the hacking portrayed has some basis in reality, and base policy on it. This "news analysis" piece in the New York Times is a good example, coming up with policy recommendations based on fictional cliches rather than a reality of what hackers do.


The cybervirus in the book is some all powerful thing, able to infect everything everywhere without being detected. This is fantasy no more real than magic and faeries. Sure, magical faeries is a popular basis for fiction, but in this case, it's lazy fantasy, a cliche. In fiction, viruses are rarely portrayed as anything other than all powerful.

But in the real world, viruses have important limitations. If you knew anything about computer viruses, rather than being impressed by what they can do, you'd be disappointed by what they can't.

Go look at your home router. See the blinky lights. The light flashes every time a packet of data goes across the network. Continue reading

Don’t Rely on Long Support Lifecycles

I hate long support lifecycles for hardware and software. Yes, you should be able to buy a new iPhone or switch and use it for 3+ years. But some people want 10+yrs of support, and wail and moan when vendors end support. This is wrong. It drives up costs & complexity, and makes your systems less robust, not more. It’s a false sense of security. Plan to buy smaller & cheaper, and upgrade frequently.

Why Vendors Don’t Like Them

Vendors don’t want to do long support lifecycles. They will do them, because people pay for it, but there comes a point where they put a line in the sand. “Sorry, that system is now EoL.”

Why?

  • Costs: Testing software and hardware combinations is hard work. Add many years of released hardware & software combinations, and it gets much harder. More racks of gear & more permutations == more costs.

  • Complexity: It’s hard enough to test against a small set. But now you have to deal with obscure systems acquired from a third party 7 years ago? Complexity == time and money.

  • Motivation: Hands up who wants to work on legacy systems? Exactly. It’s hard to motivate engineers to support Continue reading

It’s a wrap! The DockerCon Cool Hacks closing keynote.

Yesterday we continued a long tradition at DockerCon, the Cool Hacks closing keynote. In our Cool Hacks keynote, we like to emphasize applications that push the limits and applications that represent major future trends in container workloads. We also like to feature applications that demonstrate how Docker fueled innovation can be used every day.

This DockerCon, the three applications we chose embodied all of these characteristics.

Our first hack, by Christopher Heistand of the Johns Hopkins University Applied Physics Laboratory is helping save the world. The Double Asteroid Redirect Mission Test (DART) is testing kinetic impact against an asteroid to measure whether one can be redirected. They use Docker to emulate the specialized and expensive hardware, saving them money and development time.

David Aronchick (@aronchick ‏) and Michelle Casbon (@texasmichelle)  demonstrated our second hack with Kubeflow. Machine learning in production workloads, at scale.

And finally, Idit Levine (@Idit_Levine) showed us Gloo. Gloo gives you the portability and choice of a serverless framework, from cloud services like AWS Lambda to running one of the several containerized self-hosted serverless frameworks. All running in Docker EE.

Check out our Cool Hacks closing keynote.

And finally, we wrapped up inviting Continue reading

Ubuntu image for EVE-NG – Python for network engineers

Lately I’ve started working more and more with EVE-NG to test various network scenarios, automation and in general to try and learn something everyday. If you’re familiar with EVE-NG, you know where to find various Linux images which you can download and install . Very helpful indeed, however all of them are coming without any … Continue reading Ubuntu image for EVE-NG – Python for network engineers

Salt SSH Getting Started

Salt SSH allows you to execute commands and apply state to minions without having to install a salt-minion. The only requirement is for the minion to have python installed unless using the -r option to execute raw commands. For reference the following software will be used in this post. ...

Cisco Twists Open Its Intent Networking

The rise of public clouds, the Internet of Things, greater mobility, and the more devices connecting to corporate networks is creating highly distributed environments for enterprises where applications can come from a variety of places, workloads can run on-premises or somewhere in multiple public clouds and computing resources can be located anywhere from the datacenter through branch offices and the network edge and out in the cloud.

Cisco Twists Open Its Intent Networking was written by Jeffrey Burt at .

Weekend Reads 061518: A 51% attack materializes

In recent days the nightmare scenario for any cryptocurrency is playing out for Bitcoin Gold, as an attacker has taken control of its blockchain and proceeded to defraud cryptocurrency exchanges. All the Bitcoin Gold in circulation is valued at $786 million, according to data provider Coinmarketcap. Blockchains are designed to be decentralized but when an individual or group acting in concert controls the majority of a blockchain’s processing power, they can tamper with transactions and pave the way for fraud. This is known as a 51% attack.—Joon Ian Wong @Quartz

We have also discovered a new stage 3 module that injects malicious content into web traffic as it passes through a network device. At the time of our initial posting, we did not have all of the information regarding the suspected stage 3 modules. The new module allows the actor to deliver exploits to endpoints via a man-in-the-middle capability (e.g. they can intercept network traffic and inject malicious code into it without the user’s knowledge). With this new finding, we can confirm that the threat goes beyond what the actor could do on the network device itself, and extends the threat into the networks that a compromised network Continue reading

1 1,517 1,518 1,519 1,520 1,521 3,790