What to consider when deploying a next-generation firewall

Firewalls have become ubiquitous across enterprises over the past decade, but the combination of new and varied access methods combined with increasingly sophisticated attacks has forced network operators and security professionals to constantly evaluate their defenses. Typically, firewalls are on a five-year refresh cycle, according to Gartner researcher Adam Hils, and that gives organizations the opportunity to evaluate fairly regularly what type of firewall and what features best suit their needs.+MORE AT NETWORK WORLD: What is a firewall? +To read this article in full or to leave a comment, please click here

Exploding Container Usage Behind Prometheus 2.0 Monitoring Update

Past versions were buckling under growing demand.

IDG Contributor Network: Why your company can be sued for using SD-WAN

When you buy your SD-WAN, or for that matter any WAN technology, you sort of assume that the vendor has the legal right to sell it to you.But what happens if they don’t? What happens if you’ve built your WAN on an illegally acquired technology?The question is not just theoretical. Last week, FatPipe sent me a press release pointing out how United States PTO Patent Court upheld a signature claim to its U.S. patent (number 6,775,235) for load balancing across disparate networks. Load balancing is a critical component of all SD-WAN products. As such, FatPipe could, in theory, claim licensing fees from SD-WAN players and their users.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why your company can be sued for using SD-WAN

When you buy your SD-WAN, or for that matter any WAN technology, you sort of assume that the vendor has the legal right to sell it to you.But what happens if they don’t? What happens if you’ve built your WAN on an illegally acquired technology?The question is not just theoretical. Last week, FatPipe sent me a press release pointing out how United States PTO Patent Court upheld a signature claim to its U.S. patent (number 6,775,235) for load balancing across disparate networks. Load balancing is a critical component of all SD-WAN products. As such, FatPipe could, in theory, claim licensing fees from SD-WAN players and their users.To read this article in full or to leave a comment, please click here

Cumulus Linux + Voyager — Bringing cost-effective scalability to internet infrastructure

We’re thrilled to announce that Facebook has partnered with Cumulus Networks to bring you the industry’s first open optical routing platform loaded with Cumulus Linux. That’s right, Cumulus Networks is branching into some exciting new territory (a new voyage… if you will). We couldn’t be more honored and excited to work closely with Facebook to bring scalability and cost-effective hardware and software to the optical space — an industry that is growing rapidly.

Bandwidth for Internet services is becoming a more tangible challenge every single day, but the current proprietary solutions are too expensive and do not scale. As Facebook explained, “the highest-performing ‘bandwidth and reach’ are still fiber-based technologies — in particular, switching, routing, and transport DWDM technologies.” With the popularity of services that require a lot of bandwidth, like VR and video, there has become a critical need for better backhaul infrastructure that is cost-effective and scalable and supports high-performing wireless connectivity. The issue becomes even more critical when considering a variety of geographic conditions. For instance, rural regions need long backhaul pipes, which is cost-prohibitive.

That’s where Voyager comes in. Voyager was designed to bring the Internet to everyone — from dense urban locations to remote Continue reading

WISP Design: Using eBGP and OSPF transit fabric for traffic engineering – YouTube

Cisco Ericsson Partnership Will Miss $1B Revenue Target for 2018

The much-touted partnership appears to be flailing.

Worth Reading: The ROCA Encryption Vulnerability

Yes. It’s serious in practice and in principle. Infineon used a flawed key generation routine, which means those keys are easier to crack, and the routine is used in chips embedded in a wide variety of devices. It’s reckoned that the flawed routine has been in use since 2012 and has probably been used to generate tens of millions of keys. Naturally, many of those keys will have been generated precisely because someone had data or resources that they particularly wanted to secure. –Robin Wilton @ The Internet Society

Keeping OpenStack On The Edge, Bleeding And Otherwise

Nobody likes to talk about the scope and scale of platforms than we do at The Next Platform. Almost all of the interesting frameworks for various kinds of distributed computing are open source projects, but the lack of fit and finish is a common complaint across open source software projects.

As Mark Collier, chief operating officer at the OpenStack Foundation, puts it succinctly: “Open source doesn’t have an innovation problem. It has an integration problem.”

Collier’s chief concern, as well as that of his compatriot, Jonathan Bryce, executive director of the OpenStack Foundation and a former Racker ­– meaning …

Keeping OpenStack On The Edge, Bleeding And Otherwise was written by Timothy Prickett Morgan at The Next Platform.

History Of Networking – Fred Baker – RAVEN and Internet Surveillance

Fred Baker joins Network Collective for a second episode, this time sharing the story about how the IETF came to an official policy regarding systemic Internet surveillance and wiretapping in data networking.

Show Notes

• IETF Policy on Wiretapping – RFC 2804
• IAB and IESG Statement on Cryptographic Technology and the Internet – RFC 1984

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Fred Baker – RAVEN and Internet Surveillance appeared first on Network Collective.

History Of Networking – Fred Baker – RAVEN and Internet Surveillance

Fred Baker joins Network Collective for a second episode, this time sharing the story about how the IETF came to an official policy regarding systemic Internet surveillance and wiretapping in data networking.

Show Notes

• IETF Policy on Wiretapping – RFC 2804
• IAB and IESG Statement on Cryptographic Technology and the Internet – RFC 1984

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Fred Baker – RAVEN and Internet Surveillance appeared first on Network Collective.

IDG Contributor Network: How to use the IoT for continuous business improvement

Few things are drawing as much attention in today’s markets and society alike as the Internet of Things. Almost entirely unknown to the public but a few years ago, today’s IoT is continuously reshaping our lives, changing how we communicate, do business, and share our ideas. Given that few businesses seem to know where to begin when it comes to leveraging the IoT for continuous improvements to their commercial models, then, what steps should managers be taking today to improve their future?A quick review of the IoT’s positive impact on business efficacy shows just how vital it is for corporate CEOs and small business owners alike to get moving immediately when it comes to IoT investment. It’s a brave new interconnected world out there, and those who don’t learn how to manipulate the IoT for their own success will quickly find themselves left in the dust.To read this article in full or to leave a comment, please click here

Datanauts 109: Run VMware Apps In The Cloud With Ravello (Sponsored)

Battle Scars from OpenStack Are Just Cloud Problems

How SAP is making the shift to industrial IoT

The view of the industrial Internet of Things (IoT) as billions of sensors connected into intelligent systems distracts from its true role: digital transformation. The gargantuan task and investment of making all these connections, reliably and securely, is pointless unless there is a solid business reason — and there are two very good ones.2 reasons manufacturers invest in IoT The first reason big companies invest in IoT is they are worried about being digitally disrupted by a Tesla, Uber, or the next AirBnb in their industries — disrupt or be disrupted.The second reason: a company’s slowing growth and the need for increased productivity. BCG’s Olivier Scalabre explained that driver during a 2016 Ted talk.To read this article in full or to leave a comment, please click here

Computing Is Bigger Than The Datacenter

For several years there has been the ongoing debate about ARM and its future in the datacenter. That debate goes on, but the talk is changing.

At the beginning of the decade, ARM Holdings, the company behind the ARM chip architecture that is now owned by Japanese high-tech conglomerate Softbank, said its low-power system-on-a-chip (SoC) designs were a good alternative to Intel’s dominant Xeon and derivative processors for servers and other hardware at a time when energy efficiency in systems was becoming increasingly important.

Over the years that has been speculation about when ARM-based chips would find a foothold …

Computing Is Bigger Than The Datacenter was written by Jeffrey Burt at The Next Platform.

15% off APC 11-Outlet Surge Protector with USB Charging Ports and SurgeArrest – Deal Alert

Be it a lightning strike that destroys a home entertainment center or consistently fluctuating power that degrades the performance and shortens the life of your electronics – surges, lightning, and other power disturbances can have a devastating impact on the valuable electronics you rely on every day. The P11U2 from APC offers guaranteed surge protection. Connect and protect up to 11 electronics, and conveniently charge your mobile devices via 2 additional USB ports. Installation is convenient and easy with a 180-degree rotating power cord and right-angle plug. Lastly, three LED indicators inform you if there is any overload, unit, or wall wiring issues. The P11U2 averages 4.5 out of 5 stars from over 1,800 people on Amazon (read reviews), where its typical list price of $34.25 is discounted 15% to $28.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

15% off APC 11-Outlet Surge Protector with USB Charging Ports and SurgeArrest – Deal Alert

Be it a lightning strike that destroys a home entertainment center or consistently fluctuating power that degrades the performance and shortens the life of your electronics – surges, lightning, and other power disturbances can have a devastating impact on the valuable electronics you rely on every day. The P11U2 from APC offers guaranteed surge protection. Connect and protect up to 11 electronics, and conveniently charge your mobile devices via 2 additional USB ports. Installation is convenient and easy with a 180-degree rotating power cord and right-angle plug. Lastly, three LED indicators inform you if there is any overload, unit, or wall wiring issues. The P11U2 averages 4.5 out of 5 stars from over 1,800 people on Amazon (read reviews), where its typical list price of $34.25 is discounted 15% to $28.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

Introduction to TACACS and TACACS+ (Terminal Access Controller Access Control System)

Today I am going to talk about the TACACS and TACACS+ basics with you. I am sure most of you already knew TACACS and TACACS+ as many of you worked and configured the configuration on your devices whether it will Cisco, Juniper or any other vendor in your network.

Here in this article I am Just talk about TACACS and TACACS+ as follow.

What is TACACS and TACACS+ ?

Well all of you already listern this term so many times but many of you confuse what is TACACS and TACACS+.

Terminal Access Controller Access Control System or called as TACACS is a authentication protocol and is commonly used within the UNIX based networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system.

TACACS and TACACS+

TACACS is a simple UDP-based access control protocol originally developed by BBN for MILNET. TACACS+ is an enhancement to TACACS and uses TCP to ensure reliable delivery.

Fig 1.1- TACACS and TACACS+ Server

TACACS+ is an enhancement to the TACACS security protocol. TACACS+ improves on TACACS by separating the functions of authentication, authorization, and accounting (AAA) and Continue reading

How to Tag Docker Images with Git Commit Information

I’ve recently been working on a very simple Flask application that can be used as a demo application in containerized environments (here’s the GitHub repo). It’s nothing special, but it’s been useful for me as a learning exercise—both from a Docker image creation perspective as well as getting some additional Python knowledge. Along the way, I wanted to be able to track versions of the Docker image (and the Dockerfile used to create those images), and link those versions back to specific Git commits in the source repository. In this article, I’ll share a way I’ve found to tag Docker images with Git commit information.

Before I proceed any further, I’ll provide the disclaimer that this information isn’t unique; I’m building on the work of others. Other articles sharing similar information include this one; no doubt there are countless more I haven’t yet seen. I’m presenting this information here simply to show one way (not the only way) of including Git commit information with a Docker image.

Getting the necessary information from Git is actually far easier than one might think. This variation of the git log command will print only the full hash of the last commit Continue reading