The Large Scale Network Design video Alvaro and I recorded for Pearson is on sale as part of the Cisco Live preshow sale. This is a great video series. It might even keep you entertained until the new book is published (hopefully early next year).
The post Large Scale Network Design Video on Sale appeared first on rule 11 reader.
Networking expert Tom Hollingsworth reflects on Cisco's acquisition of Viptela, what it means for the market, and whether it changes how enterprises evaluate SD-WAN options.
Almost half of US firms that use an IoT network have been hit by a security breach.
If you'd come to me as a networking engineer and say “there's one new thing I want to learn that's outside of my $dayjob” I'd probably say “invest some serious time into learning Git (beyond memorizing the quick recipes) if you haven’t done that already”
Full disclosure: not so long ago I tried to avoid Git as much as possible… and then it suddenly clicked ;)
Read more ...
This Post is now outdated. Particularly the said bug is finally fixed.
Updated version is available HERE
Unfortunately the bug-fixed version of cryptsetup package, caused incompatibilities with the previous version of the workaround. If you see this message when remotely unlocking your server:
“/bin/cryptroot-unlock: line 192: 2: parameter not set“
Run this command instead to boot your system:
sed 's/print $1, $5/print $1, $3/' /bin/cryptroot-unlock > /tmp/cryptroot-unlock; ash /tmp/cryptroot-unlock
And then remove the workaround and rebuild initramfs:
sudo sh -c 'rm /etc/initramfs-tools/hooks/zz-busybox-initramfs-fix && update-initramfs -u'
Thanks to Gabriel Burkholder for reporting this
Not so long ago, remote unlocking of a LUKS-encrypted root partition was difficult to setup. While essential for headless servers, all required steps needed to be done manually and compatibility was a concern.
Luckily, it is much simpler to do so in recent versions of Ubuntu/Debian. Unlocking an encrypted root remotely should be as simple as installing a single package… We’ll see about that in a moment.
I am not going to cover the required steps for setting up LUKS/LVM here. That information is widely available on the net and is only a search a way. Instead, I’m going to do a quick review of the Continue reading
Something different today: Here’s something I learnt about RPM package management, and post-upgrade scripts. It turns out that they don’t work the way I thought they did. Post-uninstall commands are called on both uninstall and upgrade. For my own reference as much as anyone’s here some info about it, and how to deal with it.
RPM is a Linux package management system. It is a way of distributing and managing applications installed on Linux systems. Packages get distributed as .rpm files. These contain the application binaries, configuration files, and application metadata such as dependencies. They can also contain scripts to run pre- and post- installations, upgrades and removal.
Using package management systems is a vast improvement over distributing source code, or requiring users to manually copy files around and run scripts themselves.
There is some effort required to get the spec files used to create packages. But once it has been set up, it is easy to create new versions of packages, and distribute them to users. System administrators can easily check which version they’re running, check what new versions are available, and upgrade.
We use RPMs to distribute StackStorm packages for RHEL/CentOS systems. Similarly, we distribute Continue reading
Something different today: Here’s something I learnt about RPM package management, and post-upgrade scripts. It turns out that they don’t work the way I thought they did. Post-uninstall commands are called on both uninstall and upgrade. For my own reference as much as anyone’s here some info about it, and how to deal with it.
RPM is a Linux package management system. It is a way of distributing and managing applications installed on Linux systems. Packages get distributed as .rpm files. These contain the application binaries, configuration files, and application metadata such as dependencies. They can also contain scripts to run pre- and post- installations, upgrades and removal.
Using package management systems is a vast improvement over distributing source code, or requiring users to manually copy files around and run scripts themselves.
There is some effort required to get the spec files used to create packages. But once it has been set up, it is easy to create new versions of packages, and distribute them to users. System administrators can easily check which version they’re running, check what new versions are available, and upgrade.
We use RPMs to distribute StackStorm packages for RHEL/CentOS systems. Similarly, we distribute Continue reading
Given that within the coming years, another billion people are going come online along with billions more devices thanks to the Internet of things (IoT), we recognize that the community of Internet professionals and organizations cannot legitimately discuss access without addressing sustainability, especially as it relates to energy.
The post Worth Reading: Tracing down flashing dialogs appeared first on rule 11 reader.
One of the current challenges of data center security is the East-West traffic that has become so pervasive as modern applications communicate a great deal between their different components. Conventional perimeter security is poorly placed to secure these lateral flows, to promote a zero-trust model in order to prevent threats moving within each application layer. VMware NSX addresses this, providing virtual firewall at the virtual NIC of each VM with a management framework where micro-segmentation is achievable with a sensible level of overhead. Check Point vSEC can be deployed in conjunction to provide threat and malware protection.
The VMware NSX Distributed Firewall (DFW) protects East-West L2-L4 traffic within the virtual data center. The DFW operates in the vSphere kernel and provides a firewall at the NIC of every VM. This enables micro-segmented, zero-trust networking with dynamic security policy leveraging the vCenter knowledge of VMs and applications to build policy rather than using IP or MAC addresses that may change. Tools for automation and orchestration as well as a rich set of APIs for partner and customer extensibility complete the toolset for security without impossible management overhead. While this is a dramatic improvement in the security Continue reading
