Next-Generation Network Telemetry

Late last year, I was pleased to be part of a special Tech Field Day event focused on network analytics. We had a day full of presentations from folks like Netflix, Google, and some goofball with a wrinkly jacket - all focused on what the next-generation networks will look like with respect to analytics.

This was a while ago, but I’ve wanted to write about this ever since, and a recent conversation gave me the spark I needed.

Microservices

First, I want to mention that - in no small part due to the Netflix presentation - this was one of the first times I’ve heard microservices brought up in a network tooling context. Sure, microservices are all the rage and we’ve definitely seen a lot of activity regarding how to bring our networks up to the level required by these new application architectures. However, starting with this event, I’ve also started to notice a tremendous value in approaching the network software itself with a microservices architecture, instead of the monolithic network monitoring/management software we use today.

More on that in a future post.

Out With The “Pull”, In With the “Stream”

If you haven’t watched any of the videos from Continue reading

How to detect TrueCrypt blobs being passed around

So, challenge accepted:

tl;dr: The NSA should be able to go back through it's rolling 90 day backlog of Internet metadata and find all other terrorist cells using this method.

From what we can piece together from the NYTimes article, it appears that ISIS is passing around TrueCrypt container files as a way of messaging. This is really weird. It has the has the property of security through obscurity, which is that it has the nice property of evading detection for a while because we'd never consider that ISIS would do such a strange thing. But it has the bad property that once discovered, it now becomes easier to track. With the keys found on the USB drive, we can now start decrypting things that were a mystery before.

We are going off of very little information at the moment, but let's imagine some fictional things.

First, we need to figure out what is meant by a file or hosting site in Turkey. Such hosting sites are all over the place, as you can find with a Continue reading

Is the Cisco 6500 Series invincible?

The Cisco 6500 Series has proven itself time and time again to be a mainstay in the networking industry. Cisco has done a commendable job with continued enhancements to ensure that the industry’s golden child maintains relevance. If this is the case, why do IT professionals still fear its supposedly impending obsolescence and feel pressure to upgrade to newer models? Let’s just say rumors of its demise are greatly exaggerated.As the industry moves toward 10/40Gig and higher, the need for bandwidth and port density only increases. Software-defined networking (SDN), while certainly worthy of consideration, may not be the best option for all organizations just yet. However, the need for high-speed switching connectivity and robust services remains a concern for the here and now. Enter: The Cisco 6500 Series.To read this article in full or to leave a comment, please click here

Worth Reading: Construction zones on the Ethernet road map

There is never enough bandwidth in a datacenter that is the size of a football field and that is expected to work more or less like a single computer. While 10 Gb/sec Ethernet on the server and 40 Gb/sec Ethernet on the backbone is fine for many enterprises today, hyperscalers, cloud builders, and service providers are pushing up against these limits and crave more bandwidth. -via The Next Platform

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Construction zones on the Ethernet road map appeared first on 'net work.

IDG Contributor Network: What terrorism investigations can teach us about investigating cyber attacks

Having a military background, I tend to look at all security issues with the perspective of someone who’s served in the armed forces. That means using a thorough investigation process that doesn’t treat any action as accidental or an attack as a stand-alone incident and looking for links between seemingly unconnected events.This method is used by law enforcement agencies to investigate acts of terrorism, which, sadly, are happening more frequently. While terror attacks that have occurred in the physical world are making headlines, the virtual world is also under attack by sophisticated hackers. However, not much is said about the similarities between investigating both types of attacks or what security researchers can learn from their law enforcement counterparts. I’ve had this thought for awhile and, fearing that I’d be seen as insensitive to recent events, debated whether to write this blog. After much thought, I decided that the stakes are too high to remain silent and continue treating each breach as a one-off event without greater security implications.To read this article in full or to leave a comment, please click here

FAA doubles altitude limits for business drones

Looking to remove a little red tape from businesses and utilities that may want to use unmanned aircraft systems, the FAA today doubled the “blanket” altitude for certain drones to 400ft from 200 ft.Specifically the altitude increase is for FAA Section 333 exemption holders, or potential holders, which have typically been businesses, governmental or utilities looking to explore the drone applications.+More on Network World: DARPA: Show us how to weaponize benign technologies+Under the new blanket “Certificate of Waiver or Authorization,” the FAA will permit flights at or below 400ft for drone operators with a Section 333 exemption for aircraft weighing less than 55 pounds and for government unmanned operations. Operators must fly under existing daytime Visual Flight Rules, keep the drone within visual line of sight of the pilot and stay certain distances away from airports or heliports:To read this article in full or to leave a comment, please click here

IDG Contributor Network: Half of Americans now stream video, says consultant

Streaming and binge watching have taken over from live television consumption among some demographics, a major consulting firm says.A significant 70% of American consumers overall “now binge watch an average of five episodes at a time,” says Deloitte in a press release about its 10th annual, and latest, Digital Democracy Survey (Summary PDF).Half of consumers (46%) now “subscribe to streaming video services,” the consultant says it’s found.To read this article in full or to leave a comment, please click here

If you care about your encrypted data, get rid of your iPhone 5c

If the FBI can hack the iPhone, others can, too, which means the encrypted content on countless phones is no longer secure. Owners of these phones who care about securing their content should think about upgrading to something else. Newer iPhones, for example, might not have the same weakness and so would be less vulnerable, at least for a while. The FBI has dropped its court action that might have forced Apple to help undermine security that blocked a brute-force attack against the passcode on the iPhone 5c used by a terrorist in San Bernardino. That’s because the FBI found someone else - reportedly Israeli mobile-forensics company Cellebrite – to do it for them.To read this article in full or to leave a comment, please click here

Reaction: Should routing react to the data plane?

Over at Packet Pushers, there’s an interesting post asking why we don’t use actual user traffic to detect network failures, and hence to drive routing protocol convergence—or rather, asking why routing doesn’t react to the data place.

I have been looking at convergence from a user perspective, in that the real aim of convergence is to provide a stable network for the users traversing the network, or more specifically the user traffic traversing the network. As such, I found myself asking this question: “What is the minimum diameter (or radius) of a network so that the ‘loss’ of traffic from a TCP/UDP ‘stream’ seen locally would indicate a network outage FASTER than a routing update?”

This is, indeed, an interesting question—and ones that’s highly relevant in our current software defined/drive world. So why not? Let me give you two lines of thinking that might be used to answer this question.

First, let’s consider the larger problem of fast convergence. Anyone who’s spent time in any of my books, or sat through any of my presentations, should know the four steps to convergence—but just in case, let’s cover them again, using a slide from my forthcoming LiveLesson on IS-IS:

Convergence Steps

There Continue reading

Georgia Tech awarded patent for dragonfly-inspired MAV

Well it’s springtime and if you are the type to embrace nature and hang out near freshwater, then you may see dragonflies. The next time you see one, consider that its robotic counterpart has finally been granted a patent.Wait, haven’t you seen dragonfly-like MAVs for years now? Probably. Georgia Tech Research Corporation filed the patent in 2012. At any rate, the patent says that in order for DARPA to consider an aerial vehicle as a MAV, it must be “smaller than 6 inches in any direction or must not have a gross takeoff weight greater than 100 grams” (about .22 pounds or roughly the same weight as 100 Skittles.)To read this article in full or to leave a comment, please click here

Sponsored Post: TechSummit, zanox Group, Varnish, LaunchDarkly, Swrve, Netflix, Aerospike, TrueSight Pulse, Redis Labs, InMemory.Net, VividCortex, MemSQL, Scalyr, AiScaler, AppDynamics, ManageEngine, Site24x7

Who's Hiring?

  • The zanox Group are looking for a Senior Architect. We're looking for someone smart and pragmatic to help our engineering teams build fast, scalable and reliable solutions for our industry leading affiliate marketing platform. The role will involve a healthy mixture of strategic thinking and hands-on work - there are no ivory towers here! Our stack is diverse and interesting. You can apply for the role in either London or Berlin.

  • Swrve -- In November we closed a $30m funding round, and we’re now expanding our engineering team based in Dublin (Ireland). Our mobile marketing platform is powered by 8bn+ events a day, processed in real time. We’re hiring intermediate and senior backend software developers to join the existing team of thirty engineers. Sound like fun? Come join us.

  • Senior Service Reliability Engineer (SRE): Drive improvements to help reduce both time-to-detect and time-to-resolve while concurrently improving availability through service team engagement.  Ability to analyze and triage production issues on a web-scale system a plus. Find details on the position here: https://jobs.netflix.com/jobs/434

  • Manager - Performance Engineering: Lead the world-class performance team in charge of both optimizing the Netflix cloud stack and developing the performance observability capabilities Continue reading
1 2,845 2,846 2,847 2,848 2,849 3,611