0

Hyperconverged storage: Are your network and team up to the task?

There is reality in the hype that moving to a converged storage environment can produce major cost savings while paving the path to advanced virtualization technologies. Part of the appeal comes from the ability to use commodity servers and storage to build a shared storage pool vs. relying on a dedicated appliance that typically comes at a pretty substantial premium. Increased flexibility is another reason for moving in this direction. IT teams gain greater options in how they configure server and storage nodes to meet workload and application demands. Adjusting configurations is straightforward, so adding more disks to nodes is a pretty easy task. To read this article in full or to leave a comment, please click here

0

New products of the week 3.27.17

New products of the weekImage by Array NetworksOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.NetCrunch Tools 2.0Image by adremTo read this article in full or to leave a comment, please click here

0

Cisco and Apple Agree: QoS Marking Is an Application Problem

The last presentation during the Tech Field Day Extra @ Cisco Live Europe event was a Cisco-Apple Partnership presentation, and we expected an hour of corporate marketese.

Can’t tell you how pleasantly surprised we were when Jerome Henry started his very technical presentation explaining the wireless goodies you get when using iOS with IOS.

Read more ...

0

UK official wants police access to WhatsApp messages

A senior U.K. official is asking that law enforcement should be given access to encrypted messages on WhatsApp and similar services, a demand that is likely to fuel an ongoing debate over whether companies should create backdoors into their encryption technologies for investigators.Khalid Masood, the terrorist who killed four people outside Parliament on Wednesday, had sent a message on WhatsApp a little before the attack, according to reports.“We need to make sure that organizations like WhatsApp, and there are plenty of others like that, don't provide a secret place for terrorists to communicate with each other,” Home Secretary Amber Rudd said on BBC One's Andrew Marr Show on Sunday.To read this article in full or to leave a comment, please click here

0

UK official wants police access to WhatsApp messages

A senior U.K. official is asking that law enforcement should be given access to encrypted messages on WhatsApp and similar services, a demand that is likely to fuel an ongoing debate over whether companies should create backdoors into their encryption technologies for investigators.Khalid Masood, the terrorist who killed four people outside Parliament on Wednesday, had sent a message on WhatsApp a little before the attack, according to reports.“We need to make sure that organizations like WhatsApp, and there are plenty of others like that, don't provide a secret place for terrorists to communicate with each other,” Home Secretary Amber Rudd said on BBC One's Andrew Marr Show on Sunday.To read this article in full or to leave a comment, please click here

0

Configuring Microsoft NPS for Aerohive 802.1X Authentication

This post is a starting point for anyone who wants to use 802.1X authentication with Aerohive APs and Microsoft NPS. I will provide configuration screen shots for both of Aerohive’s management platforms and for NPS running on Microsoft Windows 2008 Server. It is not intended to be an exhaustive guide, but should be a decent starting point. Every implementation will be different in some respect, and some of these steps may not be the exact manner in which you configure Microsoft NPS. The steps for Aerohive may also be different depending on what you are trying to accomplish. I’ll make sure to note my particular scenario when appropriate.

Versions Used:

HiveManager Classic/HM6/HMOL – 6.8r7a

HiveManager NG – 11.19.99.0 (March 2017)

Microsoft Windows 2008 Server

Assumptions:

1. Basic understanding of navigation within the HiveManager Classic and/or NG interface.
2. No RADIUS objects or user profiles for 802.1X authentication have been configured within HiveManager Classic or NG. If you have already configured some of them, just skip the steps that cover the creation of those objects.
3. Microsoft NPS is installed and a server certificate for the NPS machine has been issued and installed.

Scenario

Company XYZ wants to authenticate Continue reading

0

Learn Programming or Perish(?)

I was honored to return to Packet Pushers for a discussion on programming skillsets in the networking industry. I verbalized some thoughts there, but even 60 minutes isn’t enough for a conversation like this. To be clear, this post is written primarily to my followers in the networking industry, since that’s largely where this conversation is taking place. Scripting is NOT Programming I want to put something to rest right now, and that is the conflation of scripting and software development.

0

Learn Programming or Perish(?)

I was honored to return to Packet Pushers for a discussion on programming skillsets in the networking industry. I verbalized some thoughts there, but even 60 minutes isn’t enough for a conversation like this.

To be clear, this post is written primarily to my followers in the networking industry, since that’s largely where this conversation is taking place.

Scripting is NOT Programming

I want to put something to rest right now, and that is the conflation of scripting and software development. You may be hesitant to pick up any skills in this area because you feel like you have to boil the ocean in order to be effective, which is not true.

As I briefly mention in the podcast, I spent the first 4 years or so of my career making networking my day job. Because of that, I picked up a lot of useful knowledge in this area. However, as I started to explore software, I realized that networking wasn’t something I wanted to do as a day job anymore, but I still greatly value the networking skillset I retain from this experience.

Making this leap over 2 years ago revealed a multitude of subskills, fundamental knowledge, and daily Continue reading

0

Learn Programming or Perish(?)

I was honored to return to Packet Pushers for a discussion on programming skillsets in the networking industry. I verbalized some thoughts there, but even 60 minutes isn’t enough for a conversation like this.

To be clear, this post is written primarily to my followers in the networking industry, since that’s largely where this conversation is taking place.

Scripting is NOT Programming

I want to put something to rest right now, and that is the conflation of scripting and software development. You may be hesitant to pick up any skills in this area because you feel like you have to boil the ocean in order to be effective, which is not true.

As I briefly mention in the podcast, I spent the first 4 years or so of my career making networking my day job. Because of that, I picked up a lot of useful knowledge in this area. However, as I started to explore software, I realized that networking wasn’t something I wanted to do as a day job anymore, but I still greatly value the networking skillset I retain from this experience.

Making this leap over 2 years ago revealed a multitude of subskills, fundamental knowledge, and daily Continue reading

0

The Linux Migration: Corporate Collaboration, Part 2

This post is part 2 in a series of posts describing how I’ve integrated my Fedora Linux laptop into my employer’s corporate communication and collaboration systems. Part 1 tackled e-mail; this post tackles the topic of calendaring and scheduling. Unlike e-mail, which was solved relatively easily, this issue is one that I don’t consider fully solved.

As I mentioned in part 1, my employer uses Office 365 (O365). While O365 supports standard protocols like IMAP and STMP for mail, it does not support standard protocols like CalDAV for calendaring. This means that Linux users like me are left with only a few options:

1. You can use Mozilla Thunderbird with the Lightning add-on, but you’ll also need an Exchange provider. (The paid Exquilla add-on only handles mail and contacts, not calendaring. There’s a Lightning provider available here, but I haven’t tested it.)
2. You can use Evolution.
3. You can use GNOME Calendar (which leverages the Evolution back-end along with Evolution’s support for Exchange Web Services [EWS]).
4. You can use Microsoft Outlook, either via a VM (or possibly via WINE, though I haven’t tested the latter approach).

I’d already ruled out Evolution for e-mail, so it didn’t make a Continue reading

0

iPhone 8 release date still anticipated for September

As is par for the course in the build-up to any new iPhone release, we've been seeing a lot of conflicting information surrounding Apple's highly anticipated iPhone 8. Over the past few weeks, we've seen quite a few reports claim that the iPhone 8 release date might be pushed all the way back to November due to a more complex manufacturing process.Most recently, a report surfaced just a few weeks ago claiming that iPhone 8 production might be delayed due to the time needed for STMicroelectronics (one of Apple's manufacturing partners) to produce enough 3D camera modules to meet what will unquestionably be remarkably high, if not unprecedented demand.To read this article in full or to leave a comment, please click here

0

Microsoft axed Docs.com search option after private files were shared publicly

Docs.com, Microsoft’s site which is described as “showcase and discover Microsoft Word, Excel, PowerPoint, OneNote, Sway and PDF document for free,” came under fire over the weekend as Twitter users started complaining that users of the site had inadvertently shared private and sensitive information with the world.The site had a search functionality which would allow anyone to search through millions of files. When some users had uploaded private information, they had not changed the permissions from the default setting to share content publicly. Yet after people started tweeting screenshots of sensitive information, Microsoft quietly removed the search functionality on Saturday.To read this article in full or to leave a comment, please click here

0

Microsoft axed Docs.com search option after private files were shared publicly

Docs.com, Microsoft’s site which is described as “showcase and discover Microsoft Word, Excel, PowerPoint, OneNote, Sway and PDF document for free,” came under fire over the weekend as Twitter users started complaining that users of the site had inadvertently shared private and sensitive information with the world.The site had a search functionality which would allow anyone to search through millions of files. When some users had uploaded private information, they had not changed the permissions from the default setting to share content publicly. Yet after people started tweeting screenshots of sensitive information, Microsoft quietly removed the search functionality on Saturday.To read this article in full or to leave a comment, please click here

0

Update: Virtual Switches in vSphere Environment

Just FYI: a week after I wrote this (don't forget to go through the comments), VMware made it official:

…we’ve found that VMware’s native virtual switch implementation has become the de facto standard for greater than 99% of vSphere customers today. … Moving forward, VMware will have a single virtual switch strategy that focuses on two sets of native virtual switch offerings – VMware vSphere® Standard Switch and vSphere Distributed Switch™ for VMware vSphere, and the Open virtual switch (OVS).

0

40% off TurboTax Deluxe 2016 Tax Software Federal & State – Deal Alert

TurboTax coaches you every step of the way and double checks your return as you go to handle even the toughest tax situations, so you can be confident you’re getting every dollar you deserve. Its typical list price of $59.99 has been reduced a generous 40% to $35.79, a deal that is exclusive to Amazon. Learn more, or take advantage of the deal now, on Amazon.To read this article in full or to leave a comment, please click here

0

The Gearhead Toolbox: Raspberry Pi tools

I opened the Gearhead Toolbox to see what I hadn’t covered and, wow, there’s a lot in here so, today, let’s pick out a few Raspberry Pi-oriented goodies … Mark Gibbs Tonido Personal Cloud Server: Create a Pi cloudTonido Server is one of those gems that’s been around for a long time but doesn't seems to have got the love it deserves. Using this feature rich system you can build your own personal cloud service running on various Linux distributions including Debian, Ubuntu, Fedora, and OpenSUSE, as well as macOS, iOS, Android, Windows, and Windows Phone, and on multiple architectures including x86, PowerPC, MIPS, and, for your Raspberry Pi pleasure, ARM.To read this article in full or to leave a comment, please click here

0

Ansible Tower Part 1

This is the first part of a three part series on Ansible Tower. In this series we will download, install, and configure Ansible Tower with user, groups and to execute jobs. Code versions used for this lab Python - 2.7.5 Ansible - 2.2.1 Centos 7 - minimal 1511 Ansible Tower -...

0

Ansible Tower Part 1

Download, install and license Ansible Tower.

0

Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability

Serious and easily exploited flaws in older Cisco IOS software. Commonly used, but old, switches used for Campus and SME Data Centres. Serious problem.

Thoughts:

• Demonstrates how older Cisco devices are fundamentally insecure.
• Cisco wasn’t focussed on security back then. They were happy if it even worked properly.
• Cisco was slow to adopt SSH in IOS because customers weren’t asking for it. Microsoft should shoulder a lot of blame for not including an SSH client and we slowed operational adoption 1 (seriously, getting putty installed in many enterprises was a major problem)
• Cisco has responded promptly and professionally to offer fix.
• Customers should replace most of this kit, not fix it. You can expect many more security flaws in these NOS’s because security was a minor design issue for Cisco at that time.

The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors

• The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and
• The incorrect processing of malformed CMP-specific Telnet Continue reading

0

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs [updated] | Ars Technica

Its become clear that the only way to improve security of certificate authorities is to follow through on threats. Symantec has been delinquent since 2012 in securing their processes and software. We have seen multiple instances of certificate falsely issued to domains (including Google’s domain). As the owner of Chrome browser, it has decided that Symantec is no longer fit to be considered a root authority for TLS (SSL) certificate.

Effective immediately, Chrome plans to stop recognizing the extended validation status of all certificates issued by Symantec-owned certificate authorities, Ryan Sleevi, a software engineer on the Google Chrome team, said Thursday in an online forum. Extended validation certificates are supposed to provide enhanced assurances of a site’s authenticity by showing the name of the validated domain name holder in the address bar. Under the move announced by Sleevi, Chrome will immediately stop displaying that information for a period of at least a year. In effect, the certificates will be downgraded to less-secure domain-validated certificates.

This is necessary. Politically this is a sound move. Taking down a major company that is US-based following removed of Chinese and Eastern European CA root certificates sends a message of fairness and balance. The repeat Continue reading