BrandPost: IT Professionals Weigh in on Enterprise Automation

IT professionals are singing the praises of automation. It’s a transformative technology practice that allows IT to improve agility and the availability of services while liberating IT staff from time-consuming routine tasks. These are essential factors as organizations transition to digital business.But IT leaders also preach prudence. Automation in IT must be approached with a clear strategy. It must be fully understood, skillfully deployed, and diligently monitored, tested, and optimized.We reached out to influential IT leaders to learn what factors and best practices organizations should consider in order to realize the maximum benefits of automation in the data center. Here’s what they said.To read this article in full or to leave a comment, please click here

Google faces new antitrust investigation in Turkey

Antitrust concerns about Google's tying of its app store and services to use of the Android OS are spreading, as Turkey's Competition Board has opened an inquiry, reversing an earlier decision.Russian search company Yandex filed a complaint with the board in 2015, alleging that Google requires smartphone manufacturers to pre-load Google Play Store, Google Play Services and Google Mobile Services on any Android devices they sell, and to make Google Search the default search provider on those devices.Such behavior would be a concern for Yandex, which offers app store, mobile mapping and search services of its own.To read this article in full or to leave a comment, please click here

Response: Cisco’s Identity Crisis: Complexity, Pride, and SD-WAN

An excellent post from Eyvonne Sharp highlights one of Cisco’s weakest areas, its enduring passion for too many products, too many options, too much complexity:

With that in mind consider Cisco, a company in love with complexity. They’ve built their business making complex systems. Their culture breeds nerd knobs. They’ve built certification tracks — through which many network engineers have built their careers — to develop expert level understanding of their products.

At the same time, engineers operate in a culture were we believe configuration and operational complexity have inherent value. We unconsciously embrace the following logic: Networks are complex. One must be smart to understand networks. I understand networks. Therefore, I’m smart.

We extrapolate this logic and believe that complexity, for complexity’s sake, makes us superior. In truth, our pride has tied gordian knot with complexity and we don’t know how to unravel it.

Using SD-WAN as a use case to highlight Cisco’s love of its own complex technology instead of radically redefining itself. Cisco has limited traction in SD-WAN space because its current technology is hard to design, harder to operate and lacks features. While the business units are doing their best to make it simple, building on Continue reading

Journalists: How hacking details matter

When I write my definitive guide for journalists covering hacking, I'm going to point out how easy it is for journalists to misunderstand the details of a story -- especially when they change the details to fit the story they want to tell.


For example, there is the notorious "CIA hacked Senate computers" scandal. In fact, the computers in question were owned by the CIA, located in a CIA facility, and managed/operated by CIA employees. You can't "hack" computers you own. Yes, the CIA overstepped the bounds of an informal agreement with the Senate committee overseeing them, but in no way did anything remotely like "hacking" occur.

This detail matter. If the CIA had truly hacked the Senate committee, that would be a constitutional crisis. A small misstep breaking an informal agreement is not.


A more recent example is this story, which mentions that AlfaBank-Trump connection, claiming the server was in Trump Tower [*]:
What about the computer server at Trump Tower?
Several news media outlets have reported that investigators last year were puzzled by data transmissions between a computer server at Trump Tower and a computer server associated with a Russian bank. Although Mr. Trump on Twitter Continue reading

How to remotely control your Windows 10 computer via Google Chrome

Google provides a free and powerful tool, Chrome Remote Desktop, that lets you connect to and control your Windows 10 computer over the internet. (It also works with Windows 7 and Windows 8.) The computer has to be running Chrome, of course, and you also need a Gmail account to sign in to Chrome in order to use this feature.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 3.6.17

New products of the weekImage by CertaOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.A10 Networks Thunder CFW, with integrated Gi/SGi firewall capabilitiesImage by a10To read this article in full or to leave a comment, please click here

New products of the week 3.6.17

New products of the weekImage by CertaOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.A10 Networks Thunder CFW, with integrated Gi/SGi firewall capabilitiesImage by a10To read this article in full or to leave a comment, please click here

Review: vArmour flips security on its head

Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We’ve even reviewed dedicated threat-hunting tools that ferret out malware that’s already active inside a network. However, what if there were a different way to approach security? Instead of searching for behaviors that might indicate a threat, what if you could define everything that is allowed within a network? If every process, application and workflow needed to conduct business could be defined, then by default everything outside of those definitions could be flagged as illegal. At the very least, critical programs could be identified and all interactions with them could be tightly defined and monitored. It’s a different way of looking at security, called segmentation.To read this article in full or to leave a comment, please click here(Insider Story)

Review: vArmour flips security on its head

Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We’ve even reviewed dedicated threat-hunting tools that ferret out malware that’s already active inside a network. However, what if there were a different way to approach security? Instead of searching for behaviors that might indicate a threat, what if you could define everything that is allowed within a network? If every process, application and workflow needed to conduct business could be defined, then by default everything outside of those definitions could be flagged as illegal. At the very least, critical programs could be identified and all interactions with them could be tightly defined and monitored. It’s a different way of looking at security, called segmentation.To read this article in full or to leave a comment, please click here(Insider Story)

Review: vArmour flips security on its head

Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We’ve even reviewed dedicated threat-hunting tools that ferret out malware that’s already active inside a network.To read this article in full or to leave a comment, please click here(Insider Story)

The Linux Migration: Other Users’ Stories, Part 2

This post is part of a series of posts sharing the stories of other users who have decided to migrate to Linux as their primary desktop OS. Each person’s migration (and their accompanying story) is unique; some people have embraced Linux only on their home computer; others are using it at work as well. I believe that sharing this information will help readers who may be considering a migration of their own, and who have questions about whether this is right for them and their particular needs.

For more information about other migrations, see part 1 or part 2 of the series.

This time around we’re sharing the story of Rynardt Spies.

Q: Why did you switch to Linux?

In short, I’ve always been at least a part-time Linux desktop user and a heavy RHEL server user. My main work machine is Windows. However, because of my work with AWS, Docker, etc., I find that being on a Linux machine with all the Linux tools at hand (especially OpenSSL and simple built-in tools like SSH) is invaluable when working in a Linux world. However, I’ve always used Linux Mint, or Ubuntu (basically Debian-derived distributions) for my desktop Continue reading

iPhone 8 Rumor Rollup: new Lightning twist; Apple getting schooled; delivery delay?

Despite the fact that Apple had no presence at the big Mobile World Congress event in Barcelona this past week, rumors about the iPhone 8 or iPhone X did not subside.Sure, Android and Windows had their week in the spotlight at MWC, but inquiring minds also wanted to know what's up with rumors about a possible new port on the next flagship iPhone.LIGHTNING FAST CHARGING The Wall Street Journal and others reported that a USB Type-C port might be coming to the iPhone 8 to deliver faster charging and data transfer speeds. But by the end of the week, in part because of commentary from KGI Securities analyst Ming-Chi Kuo (revealed by MacRumors), the consensus seemed to be that the USB Type-C connecter will indeed come to the next iPhone, but on the other end of the cord from the Lightning connector. That's similar to what you find in the 12.9-inch iPad Pro.To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing, the Pennsylvania Senate Democratic Caucus website was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text, since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing, the Pennsylvania Senate Democratic Caucus website was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text, since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic Senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing on Sunday, the site was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Ransomware attack hit Pennsylvania Democratic Senators

The Pennsylvania Senate Democratic Caucus was hit with a ransomware attack, locking 16 Democratic senators and their staff out of their computer network.The attack was discovered on Friday morning; at the time of publishing on Sunday, the site was still down and displayed an “error establishing a database connection” message. The same error displays when trying to view each Democratic senator’s website.“Officials from the caucus have been in contact with law enforcement to investigate the incident and are working with Microsoft to restore the IT system,” according to a written statement text-messaged to reporters and obtained by The Hill. It was sent via text since the caucus could not use its email. “There is currently no indication that the caucus system was targeted or that any data has been compromised.”To read this article in full or to leave a comment, please click here

Netops with Emacs and Org mode

Org mode is a package for Emacs to “keep notes, maintain todo lists, planning projects and authoring documents”. It can execute embedded snippets of code and capture the output (through Babel). It’s an invaluable tool for documenting your infrastructure and your operations.

Here are three (relatively) short videos exhibiting Org mode use in the context of network operations. In all of them, I am using my own junos-mode which features the following perks:

  • syntax highlighting for configuration files,
  • commit of configuration snippets to remote devices, and
  • execution of remote commands.

Since some Junos devices can be quite slow, commits and remote executions are done asynchronously1 with the help of a Python helper.

In the first video, I take some notes about configuring BGP add-path feature (RFC 7911). It demonstrates all the available features of junos-mode.

YouTube video #e9sjhbxWJNE

In the second video, I execute a planned operation to enable this feature in production. The document is a modus operandi and contains the configuration to apply and the commands to check if it works as expected. At the end, the document becomes a detailed report of the operation.

YouTube video #jCH-gO7RfFE

In the third video, a cookbook has been prepared to execute Continue reading

NSX-V 6.3: Control Plane Resiliency with CDO Mode

NSX-V 6.3, released last month, introduced many new features. In my last blog post, NSX-V 6.3: Cross-VC NSX Security Enhancements, I discussed several new Cross-VC NSX security features. In this post I’ll discuss another new feature called Controller Disconnected Operation (CDO) mode which provides additional resiliency for the NSX control plane.

The NSX Controllers already offer inherint resiliency for the control plane by design in several ways:

  • complete separation of control plane and data plane (even if entire controller cluster is down, data plane keeps forwarding)

  • controller cluster of three nodes allows for loss of controller with no disruption to NSX control plane

  • vSphere HA provides additional resiliency by recovering the respective NSX controller on another node if host it’s running on fails

For the reasons mentioned above, it’s a rare event and unlikely that communication would be lost with the entire NSX Controller Cluster. In NSX-V 6.3, this control plane resiliency is enhanced even further via CDO mode.

CDO mode targets specific scenarios where control plane connectivity is lost, for example, a host losing control plane connectivity, losing control plane connectivity to the controller cluster, or NSX controllers are down. CDO mode enhances control plane Continue reading

1 2,111 2,112 2,113 2,114 2,115 3,696