Private networks still the best option for global companies

The rise of SD-WANs has raised an interesting debate. Is the internet good enough to replace a private network for an enterprise WAN?A decade ago, no one would have even considered this, but broadband speeds have increased and more things have moved to the cloud. Also, SD-WAN technology allows for dynamic path selection, which protects the WAN from outages so companies can use multiple broadband connections instead of something like MPLS.Global SD-WAN vendor Aryaka recently examined this question in its “State of SD-WAN Connectivity” report (registration required), which measured and compared data transport from the same pairs of locations using both the internet and over Aryaka’s own global private network. The test run was a randomly created 100 KB file, and connect time and transfer time were captured. The application response time was then calculated as the sum of these two metrics.To read this article in full or to leave a comment, please click here

Private networks still the best option for global companies

The rise of SD-WANs has raised an interesting debate. Is the internet good enough to replace a private network for an enterprise WAN?A decade ago, no one would have even considered this, but broadband speeds have increased and more things have moved to the cloud. Also, SD-WAN technology allows for dynamic path selection, which protects the WAN from outages so companies can use multiple broadband connections instead of something like MPLS.Global SD-WAN vendor Aryaka recently examined this question in its “State of SD-WAN Connectivity” report (registration required), which measured and compared data transport from the same pairs of locations using both the internet and over Aryaka’s own global private network. The test run was a randomly created 100 KB file, and connect time and transfer time were captured. The application response time was then calculated as the sum of these two metrics.To read this article in full or to leave a comment, please click here

How to speed up IoT deployment: Give each device an identity

Most enterprises are in the process of evaluating how the Internet of Things (IoT) will affect their organization, especially how devices targeted at the Enterprise of Things (EoT) will be deployed.Indeed, companies that deploy “things” need to worry about security, manageability, longevity/availability and robustness — unlike consumers who generally don’t concern themselves with such things. I recently discussed what I see as a real lack of focus on IoT security from a device perspective. What I’d like to discuss now is the need make it easier to deploy and manage devices, especially those focused on enterprise deployments. This can be relatively easily accomplished by creating a unique unalterable identity for each device.To read this article in full or to leave a comment, please click here

How to speed up IoT deployment: Give each device an identity

Most enterprises are in the process of evaluating how the Internet of Things (IoT) will affect their organization, especially how devices targeted at the Enterprise of Things (EoT) will be deployed.Indeed, companies that deploy “things” need to worry about security, manageability, longevity/availability and robustness — unlike consumers who generally don’t concern themselves with such things. I recently discussed what I see as a real lack of focus on IoT security from a device perspective. What I’d like to discuss now is the need make it easier to deploy and manage devices, especially those focused on enterprise deployments. This can be relatively easily accomplished by creating a unique unalterable identity for each device.To read this article in full or to leave a comment, please click here

Turn Your Ansible Playbook into a Bash Command

In one of the previous blog posts I described the playbook I use to collect SSH keys from network devices. As I use it quite often, it became tedious to write ansible-playbook path-to-playbook every time I wanted to run the collection process.

Ansible playbooks are YAML documents, and YAML documents use # to start comments, so I thought “what if I’d use a YAML comment to add shebang and turn my YAML document into a script”

TL&DR: It works. Now for the longer story…

Discussion about SFP, SFP+, QSFP, QSFP+, XFP and CFP Modules/Connectors

Today I am going to talk about the hardware generally used in many of the devices for the fiber/copper connectivity with the devices in the network.

I will talk about the various kinds of modules which includes the following types

• SFP
• SFP+
• QSFP, QSFP+, QSFP14, QSFP28
• XFP
• CFP

Fig 1.1- Sample QSFP+ to SFP+ Connectivity

Lets start with the SFP module discussion, then we will go with the SFP+, QSFP, QSFP+, XFP and then CFP modules. I will talk about the usage, Wavelength, data rate speed and so many factors which describe these modules in details. I hope with this article you will easily understand the various types of modules uses in industries now a days with the capacity and the data rate speed of these different modules.


SFP: SFP stands for small form factor pluggable, With the help of SFP you can extend the switching capability by connecting the fiber/copper cable between two devices. SFP is the way of technology to connect the devices. You can use as a Single fiber, Dual Fiber, DWDM, WDM. It can support maximum of 150 Km. SFP is based on IEEE802.3 and SFF-8472. SFP transceivers are designed to support Continue reading

Linux Networking

Linux Networking

Sorry, Network Jobs Are Changing

There’s a lot of angst in the networking community about programming, SDN, automation, and what it means for networking careers. Plenty of people will tell you don’t worry about it, focus on the fundamentals, there’s plenty of work, you will be fine.

There is some truth in that. There are still lots of jobs in networking. People with solid skillsets should have no problem finding a good job.

But.

Don’t fool yourself. Things are changing.

I’ve seen some research from Gartner that indicates that organisations have been steadily decreasing their Network Operations teams over the last five years. They have also been reducing their Data Networks spend. (Sadly I don’t have publication rights for this research, so you’ll just have to take my word for it).

This is going to put pressure on networking engineers. Your role will be forced to change, if for no other reason than that you are going to have less budget, and fewer people to do the work.

So you’d better think about what that means for how your role might change.

Do you need to change jobs today? No. You don’t have to outrun the lion’ - but you do want to make Continue reading

Puppet Adds Characters and Depth to its Automation Show

Enterprises have seen automation success, but not enough to justify further investments.

Least Privilege Container Orchestration

The Docker platform and the container has become the standard for packaging, deploying, and managing applications. In order to coordinate running containers across multiple nodes in a cluster, a key capability is required: a container orchestrator.

Orchestrators are responsible for critical clustering and scheduling tasks, such as:

• Managing container scheduling and resource allocation.
• Support service discovery and hitless application deploys.
• Distribute the necessary resources that applications need to run.

Unfortunately, the distributed nature of orchestrators and the ephemeral nature of resources in this environment makes securing orchestrators a challenging task. In this post, we will describe in detail the less-considered—yet vital—aspect of the security model of container orchestrators, and how Docker Enterprise Edition with its built-in orchestration capability, Swarm mode, overcomes these difficulties.

Motivation and threat model

One of the primary objectives of Docker EE with swarm mode is to provide an orchestrator with security built-in. To achieve this goal, we developed the first container orchestrator designed with the principle of least privilege in mind.

In computer science,the principle of least privilege in a distributed system requires that each participant of the system must only have access to  the information and resources that are necessary for its legitimate purpose. No Continue reading

Datanauts 105: Cryptocurrencies And The Blockchain

What is a firewall?

Network-based firewalls have become almost ubiquitous across US enterprises for their proven defense against an ever-increasing array of threats.A recent study by network testing firm NSS Labs found that up to 80% of US large businesses run a next-generation firewall. Research firm IDC estimates the firewall and related unified threat management market was a $7.6 billion industry in 2015 and expected to reach $12.7 billion by 2020.What is a firewall? Firewalls act as a perimeter defense tool that monitor traffic and either allow it or block it. Over the years functionality of firewalls has increased, and now most firewalls can not only block a set of known threats and enforce advanced access control list policies, but they can also deeply inspect individual packets of traffic and test packets to determine if they’re safe. Most firewalls are deployed as network hardware that processes traffic and software that allow end users to configure and manage the system. Increasingly, software-only versions of firewalls are being deployed in highly virtualized environments to enforce policies on segmented networks or in the IaaS public cloud.To read this article in full or to leave a comment, please click here

What is a firewall?

Network-based firewalls have become almost ubiquitous across US enterprises for their proven defense against an ever-increasing array of threats.A recent study by network testing firm NSS Labs found that up to 80% of US large businesses run a next-generation firewall. Research firm IDC estimates the firewall and related unified threat management market was a $7.6 billion industry in 2015 and expected to reach $12.7 billion by 2020.What is a firewall? Firewalls act as a perimeter defense tool that monitor traffic and either allow it or block it. Over the years functionality of firewalls has increased, and now most firewalls can not only block a set of known threats and enforce advanced access control list policies, but they can also deeply inspect individual packets of traffic and test packets to determine if they’re safe. Most firewalls are deployed as network hardware that processes traffic and software that allow end users to configure and manage the system. Increasingly, software-only versions of firewalls are being deployed in highly virtualized environments to enforce policies on segmented networks or in the IaaS public cloud.To read this article in full or to leave a comment, please click here

What is a firewall?

Network-based firewalls have become almost ubiquitous across US enterprises for their proven defense against an ever-increasing array of threats.A recent study by network testing firm NSS Labs found that up to 80% of US large businesses run a next-generation firewall. Research firm IDC estimates the firewall and related unified threat management market was a $7.6 billion industry in 2015 and expected to reach $12.7 billion by 2020.What is a firewall? Firewalls act as a perimeter defense tool that monitor traffic and either allow it or block it. Over the years functionality of firewalls has increased, and now most firewalls can not only block a set of known threats and enforce advanced access control list policies, but they can also deeply inspect individual packets of traffic and test packets to determine if they’re safe. Most firewalls are deployed as network hardware that processes traffic and software that allow end users to configure and manage the system. Increasingly, software-only versions of firewalls are being deployed in highly virtualized environments to enforce policies on segmented networks or in the IaaS public cloud.To read this article in full or to leave a comment, please click here

New Paper on Online Privacy in the Wake of Pervasive Surveillance Revelations

In 2015, I was lucky enough to give an invited keynote at the 20th anniversary of the Ethicomp conference. I found that many of the issues up for discussion were ones in which the Internet Society also has a keen interest: for example — responsible innovation, the ethics of autonomous systems, and what do in the wake of Edward Snowden’s revelations about pervasive state monitoring of the Internet. The conference has now produced a special edition of the Journal of Information, Communication and Ethics in Society (JICES), specifically to report on a global set of surveys on the responses to Snowden. I was invited to write a paper for this special edition, to accompany the more traditional academic analyses of the surveys. My full article, “After Snowden – the evolving landscape of privacy and technology” is now available.

Writing the paper gave me a chance to step back and look at how the privacy advocacy community’s work has changed since Snowden – one of those rare moments in which the frog gets to hop out of the rapidly warming water and contemplate the saucepan. Here are a few of the trends I noted.

First, there has been Continue reading

The Promise of P4 Runtime and How It’s Propelling the ONF

With P4 developers can program the forwarding plane.

ShiftLeft Software Analyzes Source Code ‘Security DNA’

The startup emerged from stealth mode and closed a $9.3 million Series A funding round.

Zodiac WX – Northbound Networks

“Responsible encryption” fallacies

The importance of law enforcement