Worth Reading: Security and the Internet of Things
The post Worth Reading: Security and the Internet of Things appeared first on 'net work.
Python – Learning Python with Kirk Byers Python for Network Engineers
As you have seen lately on the blog I’ve been fiddling around in Python. One of the best resources out there to learn Python for Network Engineers is the free e-mail course by Kirk Byers. Kirk is a CCIE emeritus with extensive knowledge and experience of Python. He offers both free and paid courses over at his site. Kirk is very active in the community and the guy behind Netmiko and the IOS driver in NAPALM. He’s also an active member of the Network to Code Slack group. I recommend that you check out Kirk’s stuff!
I plan to go through all of his exercices and write about them on my blog. That will help me in my learning and hopefully it can help you as well. Kirk publishes the answers to the exercises at Github but my plan is to be a bit more verbose and explain the code. I plan to write my posts here and also put up my answers on Github to get some exposure to using Git. My code will likely not be elegant, the most effective or good looking but hopefully we can learn from each other as I put these posts up. I Continue reading
Intel’s Ticking Atom Bomb
It started somewhat innocently. Cisco released a field notice that there was an issue with some signal clocks on a range of their networking devices. This by itself was a huge issue. There had been rumblings about this issue for a few months. Some proactive replacement of affected devices to test things. Followed by panicked customer visits when the news broke on February 2nd. Cisco looked like they were about to get a black eye.
The big question that arose was whether or not this issue was specific to Cisco devices or if it was an issue that was much bigger. Some investigative work from enterprising folks like Tony Mattke (@tonhe) found that there was a spec document from Intel that listed a specific issue with the Intel Atom C2000 System on Chip (SoC) that caused it to fail to provide clock signal for onboard chips. The more digging that was done, the more dire this issue turned out to be.
Tick, Tick, Tick
Clock signaling is very important in modern electronics. It ensures that all the chips on the board are using the correct timing to process electronic impulses. If the clock signal starts drifting, you start Continue reading
Introducing Docker Secrets Management
Containers are changing how we view apps and infrastructure. Whether the code inside containers is big or small, container architecture introduces a change to how that code behaves with hardware – it fundamentally abstracts it from the infrastructure. Docker believes that there are three key components to container security and together they result in inherently safer apps.
A critical element of building safer apps is having a secure way of communicating with other apps and systems, something that often requires credentials, tokens, passwords and other types of confidential information—usually referred to as application secrets. We are excited to introduce Docker Secrets, a container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform.
With containers, applications are now dynamic and portable across multiple environments. This made existing secrets distribution solutions inadequate because they were largely designed for static environments. Unfortunately, this led to an increase in mismanagement of application secrets, making it common to find insecure, home-grown solutions, such as embedding secrets into version control systems like GitHub, or other equally bad—bolted on point solutions as an afterthought.
Introducing Docker Secrets Management
We fundamentally believe that apps are safer if Continue reading
Introducing Docker Datacenter on 1.13 with Secrets, Security Scanning, Content Cache and more
It’s another exciting day with a new release of Docker Datacenter (DDC) on 1.13. This release includes loads of new features around app services, security, image distribution and usability.
Check out the upcoming webinar on Feb 16th for a demo of all the latest features.
Let’s dig into some of the new features:
Integrated Secrets Management
This release of Docker Datacenter includes integrated support for secrets management from development all the way to production.
This feature allows users to store confidential data (e.g. passwords, certificates) securely on the cluster and inject these secrets to a service. Developers can reference the secrets needed by different services in the familiar Compose file format and handoff to IT for deployment in production. Check out the blog post on Docker secrets management for more details on implementation. DDC integrates secrets and adds several enterprise-grade enhancements, including lifecycle management and deployment of secrets in the UI, label-based granular access control for enhanced security, and auditing users’ access to secrets via syslog.
Image Security Scanning and Vulnerability Monitoring
Another element of delivering safer apps is around the ability to ensure trusted delivery of the code that makes up that app. In addition to Continue reading