Worth Reading: Why you should have a CAA DNS record

This Friday, all certificate authorities will have to honor a Domain Name System (DNS) record that allows HTTPS website owners to restrict who can issue SSL certificates for their domain names. It’s a long-needed defense against the issuance of fraudulent certificates, a security risk that domain owners had few protections for until now. The Problem: There are tens of certificate authorities (CAs) trusted in browsers and operating systems and any one of them can theoretically issue a valid SSL certificate for any website on the internet. Furthermore, many of these certificate authorities have subordinate CAs and resellers that are operated by separate organizations and which can also issue SSL certificates to end users. —Lucian Constantin @ The New Stack

The post Worth Reading: Why you should have a CAA DNS record appeared first on rule 11 reader.

Docker at Microsoft Ignite 2017

Docker at Ignite

Docker will be at Microsoft Ignite in Orlando, FL the week of Sept 24th to showcase the latest release of Docker Enterprise Edition (EE) and the joint solutions with our partner Microsoft. Docker Enterprise Edition is the only platform available to secure and manage Linux and Windows containers in production.

In the Docker Booth #2127

Visit Docker in Booth #2127 for a #DockerSelfie, a chance for cool swag and to learn more about how Docker Enterprise Edition can help you save costs on legacy applications, accelerate your cloud strategy and uniformly secure and manage your Linux and Windows app landscape.

Register Here for daily in-booth talks or to schedule time to ask questions about containers and clouds on Linux and Windows Server.

  • Monday 3pm: Save $ on Legacy Apps with Docker
  • Tuesday 11am: Windows and Linux Together with Docker EE
  • Tuesday 3pm: Docker Enterprise Edition Demo
  • Wednesday 11am: Take Legacy .NET Apps to Azure with Docker
  • Thursday 11am: Docker Enterprise Edition Demo

Add these great sessions to your schedule

Container Fest on Sunday Sept 24th:

Docker will be on hand at the Container Fest Pre Day to discuss the possibilities of Docker Enterprise Edition for modernizing traditional Windows and Continue reading

48% off Sycees Plug-in LED Night Light with Dusk to Dawn Sensor, 6-Pack – Deal Alert

These night lights turn themselves on & off from dusk to dawn, have offset prongs that won't block your second outlet, and feature long lasting LED bulbs that won't make any noticeable impact on your energy bill at only 2.2 Kwh per year. Their frosted white diffuser ring puts out just the right amount of soft light for you to find way in the dark without having to turn on any overhead lights. A pack of 6 is currently discounted 48% down to just $12.59. See this deal on Amazon.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ethernet frames and packets: what’s the difference?

When discussing Ethernet data, the terms frame and packet are often used interchangeably. Frames and packets are the electronic containers that carry our data from point-to-point by navigating LANs and WANs and, as they both serve similar functions, their differences are often misunderstood.So what’s the difference? To simplify matters, imagine frames and packets as envelopes of information that are going to be sent from one person to another. The key difference between a frame and a packet is how they encapsulate the information and that depends on where the information is being sent.Frames explained Imagine a company with inter-department mail where a person can send documents to another person within their private/local organization. The contents are placed in an internal envelope and the sender writes their name and department in the “From” field, then writes the recipient’s name and department in the “To” field. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Ethernet frames and packets: what’s the difference?

When discussing Ethernet data, the terms frame and packet are often used interchangeably. Frames and packets are the electronic containers that carry our data from point-to-point by navigating LANs and WANs and, as they both serve similar functions, their differences are often misunderstood.So what’s the difference? To simplify matters, imagine frames and packets as envelopes of information that are going to be sent from one person to another. The key difference between a frame and a packet is how they encapsulate the information and that depends on where the information is being sent.Frames explained Imagine a company with inter-department mail where a person can send documents to another person within their private/local organization. The contents are placed in an internal envelope and the sender writes their name and department in the “From” field, then writes the recipient’s name and department in the “To” field. To read this article in full or to leave a comment, please click here

Some Q&A About the Migration to Hugo

As you may already know, I recently completed the migration of this site from GitHub Pages (generated using Jekyll) to S3/CloudFront and Hugo for static site generation. Since then, I’ve talked with a few readers who had additional questions about the site migration. I thought others might have the same questions, so I decided to gather the most common questions here and share the answers with everyone.

(For those who need a quick primer on how the site is set up/served, refer to this post.)

I’ll structure the rest of this post in a “question-and-answer” format.

Q: Why migrate away from Jekyll?

A: Some of this is tied up with GitHub Pages (see the next question), but the key things that drove me away were very slow build times (in excess of five minutes), limited troubleshooting, dealing with Ruby dependencies in order to run local Jekyll builds (needed to help with troubleshooting), and limited functionality (due in part to GitHub Pages’ restrictive support for plugins).

Q: Why migrate away from GitHub Pages?

A: If you’re happy with Jekyll (and it’s a fine static site generator for lots of folks), having it integrated on the backend with GitHub Pages Continue reading

5 Ways to Secure Wi-Fi Networks

Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.But there’s a lot more to Wi-Fi security than just setting a simple password. Investing time in learning about and applying enhanced security measures can go a long way toward better protecting your network. Here are six tips to betters secure your Wi-Fi network.Use an inconspicuous network name (SSID) The service set identifier (SSID) is one of the most basic Wi-Fi network settings. Though it doesn’t seem like the network name could compromise security, it certainly can. Using a too common of a SSID, like “wireless” or the vendor’s default name, can make it easier for someone to crack the personal mode of WPA or WPA2 security. This is because the encryption algorithm incorporates the SSID, and password cracking dictionaries used by hackers are preloaded with common and default SSIDs. Using one of those just makes the hacker’s job easier.To read this article in full, please click here

5 Ways to Secure Wi-Fi Networks

Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.But there’s a lot more to Wi-Fi security than just setting a simple password. Investing time in learning about and applying enhanced security measures can go a long way toward better protecting your network. Here are six tips to betters secure your Wi-Fi network.Use an inconspicuous network name (SSID) The service set identifier (SSID) is one of the most basic Wi-Fi network settings. Though it doesn’t seem like the network name could compromise security, it certainly can. Using a too common of a SSID, like “wireless” or the vendor’s default name, can make it easier for someone to crack the personal mode of WPA or WPA2 security. This is because the encryption algorithm incorporates the SSID, and password cracking dictionaries used by hackers are preloaded with common and default SSIDs. Using one of those just makes the hacker’s job easier.To read this article in full or to leave a comment, please click here

5 Ways to Secure Wi-Fi Networks

Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.But there’s a lot more to Wi-Fi security than just setting a simple password. Investing time in learning about and applying enhanced security measures can go a long way toward better protecting your network. Here are six tips to betters secure your Wi-Fi network.Use an inconspicuous network name (SSID) The service set identifier (SSID) is one of the most basic Wi-Fi network settings. Though it doesn’t seem like the network name could compromise security, it certainly can. Using a too common of a SSID, like “wireless” or the vendor’s default name, can make it easier for someone to crack the personal mode of WPA or WPA2 security. This is because the encryption algorithm incorporates the SSID, and password cracking dictionaries used by hackers are preloaded with common and default SSIDs. Using one of those just makes the hacker’s job easier.To read this article in full or to leave a comment, please click here

DWDM – The Innovation Technology

Today I am going to talk about the technology named as DWDM, DWDM stands for Dense Wavelength Division Multiplexing.  So the question now is why and where we are using the DWDM technology and Who are using these technology.

DWDM is a technology used to used to increase bandwidth over existing fiber optics backbone and is generally used by the service provider across the globe. The need to have the higher bandwidth in the backbone because the count of the users and the customers increases day by day and service provider required higher bandwidth in the core or backbone networks.

The Technology behind the DWDM is used the multiple signals together at different wavelength on the same fiber. DWDM became market in the year of 1995 whilst CWDM (Coarse WDM) emerged after 2000, stimulated by using the telecom crisis. CWDM brings less complicated technological standards as compared to DWDM, reducing down costs, but suits just the lower transmission ability markets, together with the metro and corporation networks. extra recently,  new paradigmatic revolutions have made their manner into the optical communique market: ROADM (Reconfigurable Optical upload-Drop Multiplexing) and Coherent Optical systems. whilst those optical technology are the suitable solutions to fulfil Continue reading

WATCH LIVE: the “25 under 25” Award Ceremony, Monday, 18 September, at 9:00am PDT

Want to learn more about our “25 Under 25” award recipients?  How are they using the Internet to change the communities in which they live?  On Monday, September 18, 2017, at 9:00am US Pacific (16:00 UTC), you will have the chance to learn about the amazing work they are doing. The awards ceremony will be streaming live out of Los Angeles on both Livestream.com and Facebook. You can watch at:

22 of the awardees will be in L.A. to receive their awards. (Three were denied visas.) One of the initiatives supporting the Internet Society’s 25th Anniversary, the program recognizes 25 young people from around the globe who are passionate about using the Internet to make a positive impact in their communities and the world.

Representing 19 countries on five continents, the 25 Under 25 awardees’ initiatives include creating an anti-cyberbullying youth movement in Australia, providing e-health education to teens in Tanzania, and using ICTs to break the cycle of poverty for families in Costa Rica.

Join us to be inspired in how these young people are working to #ShapeTomorrow!

The post WATCH LIVE: the Continue reading

This Week: Data Center Deployment with EVPN/VXLAN

Brand new book – This Week: Data Center Deployment with EVPN/VXLAN.

Author did a great job explaining and showing various examples of real world implementations of EVPN-VXLAN and DCI.
Definitely must read for anybody aiming for JNCIE-DC lab. I wish I’ve read this before my lab attempt – this book really helps to update and systematize all EVPN-VXLAN related knowledge.
But that’s for sure not the first book to read if you doesn’t know anything about EVPN-VXLAN. I recommend firstly read all materials from this post, and only after that this book will be really useful to you.

Network Engineer Jobs


So you want to work for Google as Network Engineer? Check out one of the job ads here. I pasted the screenshot below just in case the ad is removed once the position is no longer available.

"You'll build software for distributed services, abstractions and the components of the system that operates and powers Google." OK, even this is not common in Network Engineer job description, it makes sense since Google is running one of the world's largest networks to connect its data centers that are scattered all around world. As minimum requirement, you must have experience in software development in one or more modern programming languages e.g. C++, Java, Python, Go, etc. And learn how to code using "Teach yourself Python in 24 hours" won't be enough since it is expected for you to have experience in data structures, complexity analysis and software design.

Is Google really looking for Network Engineer (NE), and not Software Engineer (SWE)? Yup, you still need to have expertise in networking protocols and technologies, including end-to-end packet flow, forwarding and routing. Google knows that a world class distributed computing infrastructure must run on world class networking infrastructure that is operated reliably and Continue reading

The Concept of Native VLAN

Today I am going to talk about one of the most interesting topic and its none other than Native VLAN. I knew most of you guys know the concept and the requirement of the Native VLAN and most of you already using and configuring the same in your network environment. But there are so many people just starting studying the basics of the networking and this is one of the most important topic to understand the basics of switching. 

In my example I am taking the Cisco devices where I will show the Native VLAN working and the configurations of the Native VLAN on the devices.

So my first question is What is Native VLAN ?
What is the Use of the Native VLAN ?
When and where to use the Native VLAN concept ? 
Standards of the Native VLANs ?

I knew there are lot of questions in your mind, So lets start with the beginning on the Native VLAN part. The IEEE 802.1Q trunking protocol describes some thing called the “native VLAN”. All site visitors sent and acquired on an interface that is configured for 802.1Q gained have a tag on its Ethernet body. whilst you look Continue reading

Discovery Protocols- CDP and LLDP

Today I am going to talk about the CDP and LLDP protocols. As you guys already knew of CDP, I think most of you are using this command in your daily use to find the connected devices in Cisco devices environment while LLDP is same as CDP but it is a standard protocol for all other Vendors.

So If I am talking about the CDP, CDP Stands for Cisco Discovery Protocol and LLDP stands for Link Layer Discovery Protocol. The role and the working is same for both of these protocols.

CDP is a Cisco proprietary protocol and can be used only on Cisco devices While  LLDP is the standard protocol and can be used for interworking between different network vendors. We need to know only CDP with regards to discovery protocols. But it is always good to go beyond and above what is required in the exam topics. You might find yourself in the situation where you have to monitor and configure a multi-vendor network. LLDP knowledge will come in handy in that situation.

Fig 1.1- CDP Protocol

Some of the important facts about CDP Protocols are given below:-
  • CDP is used to discover the directly related neighboring gadgets, Continue reading

MPLS Design Scenario : Penultimate Hop Popping (PHP)

Today I am going to talk about one of the best practices we are doing while we configuring MPLS in our network. This post is basically for the Service Providers who provide MPLS services to their clients. Let's talk about the concept PHP in details. PHP Stands for penultimate hop popping.

Before you go with this article, Lets review all the articles which can be relevant with the service Provider Domain. Below are the links of these articles.


Now Let's talk about the PHP,  PHP is penultimate hop popping which means remove the label one hop before its destination.It refers to the process whereby the outermost label of an MPLS tagged packet is removed by a Label Switch Router (LSR) before the packet is passed to an adjacent Label Edge Router.

Below is the diagram showing the PHP operation in MPLS environment

Fig 1.1- PHP in MPLS

The process is important in a Layer 3 MPLS VPN environment as it reduces the load on Continue reading
1 1,894 1,895 1,896 1,897 1,898 3,835