Intranet DDoS attacks

As on a Darkling Plain: Network Survival in an Age of Pervasive DDoS talk by Steinthor Bjarnason at the recent NANOG 71 conference. The talk discusses the threat that the proliferation of network connected devices in enterprises create when they are used to launch denial of service attacks. Last year's Mirai attacks are described, demonstrating the threat posed by mixed mode attacks where a compromised host is used to infect large numbers devices on the corporate network.
The first slide from the talk shows a denial attack launched against an external target, launched from infected video surveillance cameras scattered throughout the the enterprise network. The large volume of traffic fills up external WAN link and overwhelms stateful firewalls.
The second slide shows an attack targeting critical internal services that can have been identified by reconnaissance from the compromised devices. In addition, scanning activity associated with reconnaissance for additional devices can itself overload internal resources and cause outages.

In both cases, most of the critical activity occurs behind the corporate firewall, making it extremely challenging to detect and mitigate these threats.

The talk discusses a number of techniques that service providers use to secure their networks that enterprises will need to adopt Continue reading

Free 5-Part Webcast Series on NSX

 

Mark your calendars now for this free VMware NSX: Things You Need to Know webcast series presented by VMware Education Services. Each 60-minute session is delivered by VMware Certified Instructors and offered at 3 different times so you can choose what works for your schedule.

  • Feb 1: Simplify Network Provisioning with Logical Routing and Switching using VMware NSX
  • Feb 22: Automate Your Network Services Deployments with VMware NSX and vRealize Automation
  • Mar 8: Design Multi-Layered Security in the Software-Defined Datacenter using VMware vSphere 6.5 and VMware NSX 6.4
  • Mar 29: Advanced VMware NSX: Demystifying the VTEP, MAC, and ARP Tables
  • Apr 19: That Firewall Did What? Advanced Troubleshooting for the VMware NSX Distributed Firewall

RSVP for one or all five here. (See below for more info.)

Feb 1:
Simplify Network Provisioning with Logical Routing and Switching using VMware NSX
Did you know it’s possible to extend LANs beyond their previous boundaries and optimize routing in the data center? Or decouple virtual networkoperations from your physical environment to literally eliminate potential network disruptions for future deployments? Join us to learn how VMware NSX can make these a reality. We’ll also cover the networking components of NSX to Continue reading

Intel’s Glass House Is Definitely More Than Half Full

An unexpected jump in enterprise spending coupled with the ongoing heavy spending by hyperscalers, cloud builders, and communications companies revamping their networks of gear coupled with the ramp of the “Skylake” Xeon SP processors launched last July gave Intel the best overall quarter in its history, gauged by revenues and profits, and the best one also that its Data Center Group has ever posted.

Many are wondering if this boom can last. Intel’s top brass are not among them, but they do concede that the fourth quarter of 2017 was an unusually good one. It is hard to see if

Intel’s Glass House Is Definitely More Than Half Full was written by Timothy Prickett Morgan at The Next Platform.

What is MU-MIMO and why you need it in your wireless routers

The only thing techies love more than creating acronyms is the chance to create even longer ones. Such is the case with wireless acronym MIMO (multiple input, multiple output), which got some additional letters with the release of MU-MIMO a few years ago and is on the verge of becoming more popular with the release of the forthcoming 802.11ax wireless standard.MU-MIMO stands for multi-user, multiple input, multiple output, and is wireless technology supported by routers and endpoint devices. MU-MIMO is the next evolution from single-user MIMO (SU-MIMO), which is generally referred to as MIMO. MIMO technology was created to help increase the number of antennas on a wireless router that are used for both receiving and transmitting, improving capacity for wireless connections.To read this article in full, please click here

Startup Builds GPU Native Custom Neural Network Framework

It is estimated that each day over a million malicious files are created and kicked to every corner of the web.

While there are plenty of options for security against these potential attacks, the methods for doing so at the pace, scope, and complexity of modern nasty files has left traditional detection in the dust—even those that are based on heuristics or machine learning versus signature-based.

With those traditional methods falling short of what large enterprises need for multi-device and system security the answer (to everything in IT in 2018 it seems) is to look to deep learning. But this

Startup Builds GPU Native Custom Neural Network Framework was written by Nicole Hemsoth at The Next Platform.

Stuff The Internet Says On Scalability For January 26th, 2018

Hey, it's HighScalability time: 

 

10,000 marvelous classic movie posters documenting a period in US history even Black Mirror could not imagine. 

 

If you like this sort of Stuff then please support me on Patreon. And I'd appreciate your recommending my new book—Explain the Cloud Like I'm 10—to anyone who needs to understand the cloud (who doesn't?). I think they'll like it. Now with twice the brightness and new chapters on Netflix and Cloud Computing.

 

  • $172 billion: amount Hackers stole in 2017; $100B: Netflix's value; 400G: ethernet; 2005: resurrection of a NASA satellite; 800: kilograms of oil equivalent needed per capita per year;

  • Quotable Quotes:
    • Edgar D. Mitchell: You develop an instant global consciousness, a people orientation, an intense dissatisfaction with the state of the world, and a compulsion to do something about it. From out there on the moon, international politics look so petty. You want to grab a politician by the scruff of the neck and drag him a quarter of a million miles out and say, ‘Look at that, you son of a bitch.”
    • Laura Gilmore: It wasn’t by accident that I ended up Continue reading

When IoT met blockchain

At first glance, they may not seem like they have anything to do with each other. But when technology trends as hot as the Internet of Things (IoT) and blockchain are involved, you can bet that lots of smart, ambitious people are working overtime to find ways to leverage both at the same time.Read also: AI and IoT: Like peanut butter and chocolate? The biggest connection, naturally, revolves around security issues. Many companies and pundits see blockchain as a powerful way to bring scalable, decentralized security and trust to IoT devices, applications and platforms, which are similarly distributed and decentralized.To read this article in full, please click here

IDG Contributor Network: A ‘GaN-do’ attitude for networking

CES 2018 did not disappoint, with a gaggle of networking-enabled gadgets for your home, car and bathroom. But many of these technologies demand more data, putting strain on wireless networks.Imagine if all 125 million U.S. households suddenly invested in a smart toilet?  When the number of low- and high-bandwidth devices multiply, cable TV networks and cellular base stations bear the burden. So, what’s a network provider to do?The answer – somewhat surprisingly – is to borrow from the defense industry. When times get tough in the commercial electronics space, network providers seek to adopt high-gain, high-power RF solutions from defense radar and communications systems, including many that depend on gallium nitride.To read this article in full, please click here

IDG Contributor Network: A ‘GaN-do’ attitude for networking

CES 2018 did not disappoint, with a gaggle of networking-enabled gadgets for your home, car and bathroom. But many of these technologies demand more data, putting strain on wireless networks.Imagine if all 125 million U.S. households suddenly invested in a smart toilet?  When the number of low- and high-bandwidth devices multiply, cable TV networks and cellular base stations bear the burden. So, what’s a network provider to do?The answer – somewhat surprisingly – is to borrow from the defense industry. When times get tough in the commercial electronics space, network providers seek to adopt high-gain, high-power RF solutions from defense radar and communications systems, including many that depend on gallium nitride.To read this article in full, please click here

Cisco, Mellanox, Ixia and Cumulus: Last Day of NFD17!

In case you have missed the noise on my Twitter feed (@mrtugs) in the last couple of days, I’m currently at Networking Field Day 17 in Silicon Valley, and today (Friday, January 26) is the last day of presentations. So far this week, along with eleven other lucky delegates, we’ve been treated to presentations from Juniper, Thousand Eyes, Extreme Networks and VMware, including Velocloud from VMware. As usual, it has been a firehose of information and thankfully all the videos will be posted soon so I can go back and figure out what I might have missed.

The last two days of presentations have seen a very strong focus on automation, network fabric (including cloud connectivity) and hybrid cloud services. It’s uncanny how everything aligns, sometimes!

Today is the last day of NFD17 and we’re going to be starting at Cisco at 8AM PST, then after lunch we’re hearing from Mellanox, Ixia and Cumulus, all beginning at 1:30PM PST. We live stream all the presentations, so if you want to tune in and join us, pop over to the NFD17 site and the stream will be live on that page. If you are watching in real time and have a Continue reading

Legacy IT Is Not A Monument

During Networking Field Day 17, there was a lot of talk about legacy IT constructs, especially as they relate to the cloud. Cloud workloads are much better when they are new things with new applications and new processes. Existing legacy workloads are harder to move to the cloud, especially if they require some specific Java version or special hardware to work properly.

We talk a lot about how painful legacy IT is. So why do we turn it into a monument that spans the test of time?’

Keeping Things Around

Most monuments that we have from ancient times are things that we never really intended to keep. Aside from the things that were supposed to be saved from the beginning, most iconic things were never built to last. Even things like the Parthenon or the Eiffel Tower. These buildings were always envisioned to be torn down sooner or later.

Today, we can’t imagine a world without those monuments. We can’t conceive of a time without them. And, depending on Continue reading

Meltdown, Spectre and Security Automation

Keeping computer systems secure is one of those never ending tasks. You could be forgiven for thinking of it like "Painting the Forth Bridge". Most of the time it's 'put new software' in place, and you're good. Every now and then it’s, well, a bit more complicated.

The first week of January saw two flaws announced, called “Meltdown” and “Spectre.” Both involved the hardware at the heart of more or less every computing device on the planet – the processor. There is a great in-depth review of the two flaws here. You can also find some additional information in this blog by Red Hatter Jon Masters.

In the complex world of IT, keeping on top of security can be less painful with the help of an easy automation tool. One of our Ansible engineers, Sam Doran, has written a couple of Ansible plays to patch systems. While Meltdown and Spectre are not completely mitigated, we'd like to share these plays with you to demonstrate how to easily deploy the patches that are available; you can find them here:

If you make any improvements to them we'd welcome pull requests!

1 1,782 1,783 1,784 1,785 1,786 3,877