NetworkingNexus.net

A Solution to Compression Oracles on the Web

A Solution to Compression Oracles on the Web
CC 3.0 by Jean-Jacques MILAN

This is a guest post by Blake Loring, a PhD student at Royal Holloway, University of London. Blake worked at Cloudflare as an intern in the summer of 2017.

Compression is often considered an essential tool when reducing the bandwidth usage of internet services. The impact that the use of such compression schemes can have on security, however, has often been overlooked. The recently detailed CRIME, BREACH, TIME and HEIST attacks on TLS have shown that if an attacker can make requests on behalf of a user then secret information can be extracted from encrypted messages using only the length of the response. Deciding whether an element of a web-page should be secret often depends on the content of the page, however there are some common elements of web-pages which should always remain secret such as Cross-Site Request Forgery (CSRF) tokens. Such tokens are used to ensure that malicious webpages cannot forge requests from a user by enforcing that any request must contain a secret token included in a previous response.

I worked at Cloudflare last summer to investigate possible solutions to this problem. The result is a project called cf-nocompress. The Continue reading

SDN Hasn’t Faded, It’s Just Evolved

A look at how software-defined networking is expanding with the incorporation of analytics and how service providers are implementing the technology.

SDN Hasn’t Faded, It’s Just Evolved

A look at how software-defined networking is expanding with the incorporation of analytics and how service providers are implementing the technology.

REVIEW: Network test tools from Fluke, NETSCOUT and SignalTEK

It’s not good enough to run cables and just hope they work, or simply say it’s all good if they provide a working network connection to the computer or device. You should double-check by testing or qualifying the cable runs before you call the job complete.You should use a tester to check if all the cable pairs are intact and correctly wired and see if the cable can truly handle the data rates you desire. Network testers can also be a lifesaver when troubleshooting network issues or making changes to the wired network.They could for instance tell you which cable pairs you might have mixed up when terminating the cable. Or if you’re working on someone else’s network install that didn’t document or label any cable runs, you can utilize the tester to help identify where the cables are running.To read this article in full, please click here

REVIEW: Network test tools from Fluke, NETSCOUT and SignalTEK

Upcoming Webinars, Online Courses and Live Events

The pace of live webinar sessions will slow down a bit in April 2018 due to the onslaught of European spring holiday season. Nonetheless, you’ll be able to enjoy:

The second part of EVPN Technical Deep Dive series with Dinesh Dutt on April 5th;
The planning and design part of NSX, ACI or EVPN webinar with Mitja Robas on April 24th;

On April 19th we’ll have the first DIGS event in 2018, starting with introduction to SDDC and VMware NSX in the morning and NSX workshop in the afternoon.

BrandPost: Think chip shots, not moon shots, for SD-WANs

Rarely do I have a conversation about networking when the topic of software-defined WANs (SD-WANs) does not come up. It’s far and away the thing that network professionals care most about, even ahead of data center SDNs.In a data center, enterprises can steer people out of problems as there’s always an abundance of experienced engineers locally available to tackle any issue big or small. That luxury does not exist with the WAN because branch offices can be scattered across the globe and often, the best one can hope for in terms of a local resource is a branch administrator or someone who can check lights or confirm things are plugged in and powered up. Also, for many geographically distributed organizations, the WAN is their business – so having an agile, dynamic WAN that enables applications to perform better is a top priority.To read this article in full, please click here

The Future of Programming GPU Supercomputers

There are few people as visible in high performance computing programming circles as Michael Wolfe—and fewer still with level of experience. With 20 years working on PGI compilers and another 20 years before that working on languages and HPC compilers in industry, when he talks about the past, present and future of programming supercomputers, it is worthwhile to listen.

In his early days at PGI (formerly known as The Portland Group) Wolfe focused on building out the company’s suite of Fortran, C, and C++ compilers for HPC, a role that changed after Nvidia Tesla GPUs came onto the scene and …

The Future of Programming GPU Supercomputers was written by Nicole Hemsoth at The Next Platform.

Casting Call: Angling for Good Tech and Good Conversation – Coming to YouTube SOON!

The idea started forming in my head 3 years ago at CiscoLive Europe 2018 in Barcelona. I was asked to be a roving reporter for the event. I had never done anything like that before…. so to say I was... Read More ›

The post Casting Call: Angling for Good Tech and Good Conversation – Coming to YouTube SOON! appeared first on Networking with FISH.

BrandPost: Mobile coverage: How SD-WAN improves performance

More than 100,000 attendees from around the world recently descended on Mobile World Congress 2018 in Barcelona. They were able to witness many new and exciting communications technologies, including IoT, 5G, augmented reality, artificial intelligence, machine learning and SD-WAN.MWC also provided an opportunity to showcase how service providers are expanding their existing services footprint with tiered managed SD-WAN services. By leveraging existing Long Term Evolution (LTE) infrastructures, service providers are now offering new mobility-based 4G LTE managed SD-WAN services. In fact, Silver Peak and TPx Communications announced a new strategic agreement at MWC that underscores how TPx plans to expand their managed SD-WAN services into global markets with 4G LTE as one of the key underlying transport network choices for their global customers.To read this article in full, please click here

BrandPost: 3 Security Features to Look for in SD-WAN Solutions

The increasing adoption of SaaS and IaaS applications and infrastructure has been a catalyst for the rapid adoption of SD-WAN architectures. Directly connecting users to SaaS/IaaS instances from branch offices using lower cost internet services to augment (or even replace) MPLS provides the highest performance and user experience.But, since all web traffic is not created equal, active use of internet connections demands a new approach to security.At the same time, it’s simply not tenable to deploy an expensive, next-generation firewall at every branch. Therefore, a more intelligent, application-driven security model is enabled by more advanced SD-WAN solutions, such as Silver Peak Unity EdgeConnect. These solutions place just the right amount of inspection at the branch and enable easy, cost-effective service chaining to more advanced – and more expensive – security services deployed in the cloud or in the enterprise data center.To read this article in full, please click here

Cisco continues its CSR efforts, invests $50M in Destination: Home

Cisco is well known for many things. It’s the world’s largest networking vendor, it has typically been the bell weather for IT spending, as it’s often predicted upticks or downticks in spending before other vendors, and its ability to catch market transitions has been remarkable, which is why it has a market leading position in so many technology areas adjacent to the network.I’ve always felt that one of the more under-appreciated attributes of Cisco is the work its corporate social responsibility (CSR) group does in trying to solve some of the globe’s biggest problems. Cisco has been very active at the World Economic Forum held annually in Davos, Switzerland, where world leaders, celebrities, and business leaders gather to discuss issues such as ending hunger and creating greater equality.To read this article in full, please click here

Cisco continues its CSR efforts, invests $50M in Destination: Home

Worth Reading: Magical thinking on Internet security

Most of us expect Internet security spending to increase from $70B to $140B by the end of this decade. But even at $70B, our spending is in the same order of magnitude as our losses. —Paul Vixie @Far Sight Security

Data Center Network Equipment Revenue Hit $13.7B in 2017

Bare metal switch revenue was up 60 percent year-over-year in the fourth quarter of 2017. And it’s projected to reach $3.6 billion in 2022, with cloud deployments as the primary driver.

ONF Operator Members are Tired of Vendor Inertia

Step up or get out of the way, say the operator board members of ONF, including AT&T, China Unicom, Comcast, Google, Deutsche Telekom, NTT Group, Telefonica, and Turk Telekom.

Video Series: Modernizing Java Apps for Developers Part 3

Docker for Java

Moving a monolithic application to a modern cloud architecture can be difficult and often result in a greenfield development effort. However, it is possible to move towards a cloud architecture using Docker Enterprise Edition with no code changes and gain choice , security and operational agility in the process.

Docker for Java

Part 3 of the series begins the modernization process. I’ll take one aspect of the current application and break it out into a microservice. As written, the application writes to the database directly, but direct writes to the database can easily overwhelm the application by a large number of requests.

One solution is to implement a messaging queue. As in the part 2, I’ll follow several guidelines:

Leave existing code in place.
Design the new code as a separate and reusable application
Deploy the microservice locally using Docker Enterise Edition
Test the code

In this part of the modernization process, I add a message queue comprised of a REST interface that writes to a Redis database. The user data is held in Redis until it’s requested by a worker service that does the write to the database. The message queue uses Spring Boot to implement both the REST interface and the Redis database functions. Continue reading

Intent-Based Management Will Revolutionize the Storage Industry

Looking into the world of manufacturing and how its modernizing can help to understand the intricacies of intent-based approaches and how they can be applied to storage.

IDG Contributor Network: Are client-troubleshooting WiFi sensors really necessary?

Troubleshooting WiFi problems has been the bane of the network engineer’s existence for nearly a decade. So often these problems go undiagnosed that clients have even since stopped reporting them. Bad WiFi chalked up as just part of everyday life.Yet the role enterprise WLAN plays has literally become a critical part of an ever-growing ecosystem of both end user and IoT devices. Add to that the technology advancements in 802.11 and the task of maintaining a reliable WiFi network has become nearly out of reach of the average WLAN engineer. To solve this conundrum WLAN vendors, have a long history of attempting to solve the problem with hardware sensors and detailed active site surveys.To read this article in full, please click here

IDG Contributor Network: Are client-troubleshooting WiFi sensors really necessary?

« Previous 1 … 1,673 1,674 1,675 1,676 1,677 … 3,841 Next »