IDG Contributor Network: Why companies are building application-specific edge delivery networks

There’s a trend emerging among many Internet-based companies that I find intriguing: they are creating their own edge delivery networks. Why? So that they can service their applications via these networks to enable greater resilience and performance for their users.Rather than the standard, garden-variety content delivery networks (CDNs), these edge delivery networks are tailored specifically for the applications they’ve been built to service. In some cases, this means the edge networks leverage highly specific connectivity to regional internet service providers or between application facilities; in other cases, it means placing specialized hardware tuned to specific needs of the application in delivery facilities around the world. And most importantly, these networks are operating application-specific software and configurations that are customized beyond what’s possible in general-purpose, shared networks.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why companies are building application-specific edge delivery networks

There’s a trend emerging among many Internet-based companies that I find intriguing: they are creating their own edge delivery networks. Why? So that they can service their applications via these networks to enable greater resilience and performance for their users.Rather than the standard, garden-variety content delivery networks (CDNs), these edge delivery networks are tailored specifically for the applications they’ve been built to service. In some cases, this means the edge networks leverage highly specific connectivity to regional internet service providers or between application facilities; in other cases, it means placing specialized hardware tuned to specific needs of the application in delivery facilities around the world. And most importantly, these networks are operating application-specific software and configurations that are customized beyond what’s possible in general-purpose, shared networks.To read this article in full or to leave a comment, please click here

Mist uses AI to improve wireless network performance

A couple of months ago I was having dinner with a fairly well-known Silicon Valley executive who predicted that success for an IT vendor is based on two things: having lots of data and a robust artificial intelligence (AI) engine to discover new insights.If that is true, then Mist Systems seems to be in a strong position, as the company’s solutions were designed to use AI to solve some of the bigger challenges in Wi-Fi today.This week the wireless network company announced several new access points, as well as use cases, for its solution. Specifics are as follows:Introduction of client service-level expectations (SLE) In telecommunications, the concept of a service-level agreement (SLA) is a threshold that service providers are contracted to meet. The SLE from Mist is similar, although more proactive than a carrier’s SLA. With Mist, administrators can use data to set, monitor and enforce things that impact performance pre and post connection. Examples of this are time to connect, failed connection attempts, roaming, coverage, capacity and AP uptime. The SLEs can be monitored in real time and watched over time to provide up-to-the minute insight as to the health of Wi-Fi.To read this article Continue reading

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

True random numbers are here — what that means for data centers

For many decades, the term “random numbers” meant “pseudo-random numbers” to anyone who thought much about the issue and understood that computers simply were not equipped to produce anything that was truly random.Manufacturers did what they could, grabbing some signals from the likes of mouse movement, keyboard activity, system interrupts, and packet collisions just to get a modest sampling of random data to improve the security of their cryptographic processes.And the bad guys worked at breaking the encryption.We used longer keys and better algorithms.And the bad guys kept at it. And life went on.But something recently changed all that. No, not yesterday or last week. But it was only back in November of last year that something called the Entropy Engine won an Oscar of Innovation award for collaborators Los Alamos National Laboratory and Whitewood Security. This Entropy Engine is capable of delivering as much as 350 Mbps of true random numbers—sufficient to feed an entire data center with enough random data to dramatically improve all cryptographic processes.To read this article in full or to leave a comment, please click here

MPLS Scenario: Manually Configuring a BGP Router ID per VRF

Today I am going to talk about the configuration part of the BGP router id per VRF. In my example we took two different VRFs name NB and ttlbits and defined that VRF configurations.

The IP addresses are used here is for the demo purposes only and has no relevance with any of the enterprise network. These configurations are the demo configurations and will help you out for the configuration on your live network.

Below are the steps to configure the BGP router id per VRF. These steps are

  • Defining VRF_ttlbits on the router
  • Defining VRF_NB on the router
  • Configuring Loopback with the IP address
  • Configuring Ethernet interfaces with VRF
  • Configuring VPNv4 and IPv4 address family


Fig 1.1- Basic Sample MPLS network topology

Below is the basic configuration of defining the VRF

Defining VRF ttlbits on the router
!
ip vrf vrf_ttlbits
 rd 45000:1
 route-target export 50000:50
 route-target import 40000:1
!

Defining VRF NB on the router
!
ip vrf vrf_NB
 rd 65500:1
 route-target export 65500:1
 route-target import 65500:1
!
Configuring Loopback with the IP address
!
interface Loopback0
 ip address 10.10.10.1 255.255.255.255
!
Configuring Ethernet interfaces with the IP address
interface Ethernet0/0
 ip vrf forwarding vrf_ttlbits
 ip address Continue reading

Route where you can , switch where you must – Is it true ?

Route where you can , switch where you must. If you are from networking background most probably you heard this many times. But is it true or like anything else, does it depend on the situation and other parameters ?   Yes, you are right, it depends.   When you hear a quote , at […]

The post Route where you can , switch where you must – Is it true ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either thinking ahead to figure out how people may act in a given situation, or by learning over time by observing what people are doing. Since attackers learn over time by collecting feedback, obfuscating what they get can really mess up what the attackers are able to learn.

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either thinking ahead to figure out how people may act in a given situation, or by learning over time by observing what people are doing. Since attackers learn over time by collecting feedback, obfuscating what they get can really mess up what the attackers are able to learn.

VMworld 2017 Prayer Time

At VMworld 2017 in Las Vegas, I’m organizing—as I have in previous years—a gathering of Christians for a brief time of prayer while at the conference. If you’re interested in joining us, here are the details.

What: A brief time of prayer

Where: Mandalay Bay Convention Center, level 1 (same level as the food court), at the bottom of the escalators heading upstairs (over near the business center)

When: Monday 8/28 through Thursday 8/31 at 7:45am (this should give everyone enough time to grab breakfast before the keynotes start at 9am)

Who: All courteous attendees are welcome, but please note that this will be a distinctly Christian-focused and Christ-centric activity (I encourage believers of other faiths/religions to organize equivalent activities)

Why: To spend a few minutes in prayer over the day, the conference, the attendees, and each other

You don’t need to RSVP or anything like that, although you’re welcome to if you’d like (just hit me up on Twitter). There’s also no need to bring anything other than an open heart, your faith, and your willingness to display that faith in front of others. This is quite casual—we’ll gather together, share a few prayer requests and needs, and Continue reading

VMworld 2017 Prayer Time

At VMworld 2017 in Las Vegas, I’m organizing—as I have in previous years—a gathering of Christians for a brief time of prayer while at the conference. If you’re interested in joining us, here are the details.

What: A brief time of prayer

Where: Mandalay Bay Convention Center, level 1 (same level as the food court), at the bottom of the escalators heading upstairs (over near the business center)

When: Monday 8/28 through Thursday 8/31 at 7:45am (this should give everyone enough time to grab breakfast before the keynotes start at 9am)

Who: All courteous attendees are welcome, but please note that this will be a distinctly Christian-focused and Christ-centric activity (I encourage believers of other faiths/religions to organize equivalent activities)

Why: To spend a few minutes in prayer over the day, the conference, the attendees, and each other

You don’t need to RSVP or anything like that, although you’re welcome to if you’d like (just hit me up on Twitter). There’s also no need to bring anything other than an open heart, your faith, and your willingness to display that faith in front of others. This is quite casual—we’ll gather together, share a few prayer requests and needs, and Continue reading

Slowloris all the things

At DEFCON, some researchers are going to announce a Slowloris-type exploit for SMB -- SMBloris. I thought I'd write up some comments.


The original Slowloris from several years creates a ton of connections to a web server, but only sends partial headers. The server allocates a large amount of memory to handle the requests, expecting to free that memory soon when the requests are completed. But the requests are never completed, so the memory remains tied up indefinitely. Moreover, this also consumes a lot of CPU resources -- every time Slowloris dribbles a few more bytes on the TCP connection is forces the CPU to walk through a lot of data structures to handle those bytes.

The thing about Slowloris is that it's not specific to HTTP. It's a principle that affects pretty much every service that listens on the Internet. For example, on Linux servers running NFS, you can exploit the RPC fragmentation feature in order to force the server to allocate all the memory in a box waiting for fragments that never arrive.

SMBloris does the same thing for SMB. It's an easy attack to carry out in general, the only question is how much resources are required Continue reading
1 1,962 1,963 1,964 1,965 1,966 3,836