Response: CAM Table Basics

Greg Ferro T-Shirt

This post is a response to Greg Ferro’s recent Basics posts on (Content Addressable Memory) CAM tables. As this is a response post, you can assume that I don’t agree entirely with all of his definitions. Alternatively, perhaps I am totally wrong and I need to go back and relearn how CAM works. Either way, Greg loves a good spar, so maybe together with our readers we can determine the truth in an understandable format for the betterment of everybody who isn’t a hardcore digital electronics engineer.

Greg’s Posts

Before continuing, I’d recommend should go reading these posts as context, since they are the basis for this post:

Basics: What is Content Addressable Memory (CAM) ?
Basics: What is Binary CAM (BCAM) ?
Basics: What is Ternary Content Address Memory (TCAM) ?

I’ll now address my concerns post by post below.

What is CAM

A CAM cell in the chip actually consists of two SRAM cells. SRAM requires requires extensive silicon gates to implement that require a lot of power per gate for fast switching. In a chip, power consumption generates heat and leads to limits on thermal dissipation by the limited footprint of a chip. This is a key factor on the Continue reading

Rio Olympics pose security risks to travelers

Police officers held up a sign saying "Welcome to Hell" at the Rio airport last week, according to local and international news reports, and the region's acting governor warned of a total collapse in public security. More funding is on its way, but it might not be enough to make a difference in time for the Olympic games. Meanwhile, physical safety isn't the only thing that travelers need to worry about -- security experts warn that travelers need to be extremely careful when they access computer networks, as well.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers "The Rio situation is a mess," said Shaun Murphy, CEO at communication security firm PrivateGiant. "I would suspect that from a cyber security front, it's going to be just as messy."To read this article in full or to leave a comment, please click here

Rio Olympics pose security risks to travelers

IDG Contributor Network: Smartphone upgrade cycle dramatically slowing, study finds

Despite a barrage of new handsets launched by phone manufacturers on an annual or half-yearly basis, consumers are drastically curtailing their phone upgrades, new research has found.And many are now waiting for “phones to die before replacing them,” speculates eMarketer, which has been writing about digital advertising company Fluent’s replacement cycle study.The reason for the slowdown is said to be a combination of the demise of the two-year phone contract from mobile network operators (MNOs) and a lack of ground-breaking technology exciting consumers.To read this article in full or to leave a comment, please click here

Twistlock Raises $10M for Container Security

Containers are hot, but container security is still in its early stages.

IDG Contributor Network: Twistlock scoops up $10M to secure all the containers

It has been interesting watching the conversation around the rise of Docker and the general attention that containers have received in the past few years. Most fascinating has been the reaction of vendors who make their revenue primarily through virtualization technologies. These vendors have been quick to assert that containers are not secure and that in order to assure certainty for an organization, either containers shouldn't be used at all (their preference, obviously) or they should be used within the ongoing context of virtualized servers.Against this narrative runs two forces. First, the container companies (notably, Docker), while being careful to not alienate their virtualization vendor partners, try to assure customers that containers are actually inherently safe. The second narrative comes from third-party vendors that offer security solutions for containers. These players agree that containers have some fundamental flaws, but their solution resolves these issues.To read this article in full or to leave a comment, please click here

9 Tech Startups Blazing New Trails This Summer

New startups have burst onto the scene, promising to shake up networking and storage.

13 top paying cities for software engineers

High demandSoftware engineers are in high demand across the United States, and depending upon where you live, you can make a killing at this job. But don’t overlook what you’re really making, when you factor in the cost of living. Online jobs marketplace Glassdoor has crunched the numbers by looking at the ratio of each city’s local median software engineer base salary to its official cost of living figures from the federal government.To read this article in full or to leave a comment, please click here

Who needs a GUI? How to live in a Linux terminal.

The best Linux shell apps for handling common functionsEver consider the idea of living entirely in a Linux terminal? No graphical desktop. No modern GUI software. Just text—and nothing but text—inside a Linux shell. It may not be easy, but it’s absolutely doable. I recently tried living completely in a Linux shell for 30 days. What follows are my favorite shell applications for handling some of the most common bits of computer functionality (web browsing, word processing, etc.). With a few obvious holes. Because being text-only is hard.To read this article in full or to leave a comment, please click here

SDN Lessons From Assembly Lines

Infrastructure standardization is key to achieving the cost benefits of SDN.

Veriflow, Applying Formal Verification to Security, Lands $8.2M Series A

$veriflow-security-formal-verification-math-outage-breach-enterprise-network-configuration$ Yes, it's possible to check every possible data flow. Kind of.

IDG Contributor Network: Veriflow raises cash to develop network security toolkit

If software is indeed "eating the world," as famed venture capitalist and prognosticator on pretty much everything Marc Andreessen once opined, then it goes without saying that the pipes that have the unenviable task of carrying that software become ever more critical. The more important the internet, the more the underlying network of undifferentiated "dumb pipes" becomes important. This has led to the rise of myriad vendors that all help to ensure those "dumb pipes" keep working. A case in point is Veriflow, a company that is bringing a new approach to network breach and outage detection via mathematical network verification.To read this article in full or to leave a comment, please click here

Private jets, personal security and more pricey CEO perks

Compensation extras add up for tech CEOsTech CEOs enjoyed a wide range of perks, from corporate aircraft and auto usage to home security, club memberships and financial planning services. Here are the 12 tech CEOs who indulged the most.RELATED: 20 highest paid tech CEOs | Biggest raises and pay cuts | single-page chart of 62 tech CEOs' total pay |To read this article in full or to leave a comment, please click here

IDG Contributor Network: Veriflow raises cash to develop network security toolkit

Private jets, personal security and more pricey CEO perks

Why Is Every SDN Vendor Bashing the Networking Engineers?

This blog post was written almost two years ago (and sat half-forgotten in a Word file somewhere in my Dropbox), but as it seems not much has changed in the meantime, it’s time to publish it anyway.

I was listening to the fantastic SDN Trinity podcast while biking around Slovenian hills and almost fell off the bike while furiously nodding to a statement along the lines of “I hate how every SDN vendor loves to bash networking engineers.”

Poland’s Poznań Science and Technology Park Upgrades Its Infrastructure-as-a-Service Model with VMware NSX

Poznań Science and Technology Park—known in Polish as Poznańskiego Parku Naukowo-Technologicznego, or PPNT—supports the incubation of start-ups and technology companies in Poland through co-operation with science, business, and technology enterprises. Its facilities and services include laboratories, office space, and specialized research equipment, as well as IT infrastructure services like server colocation and hosting, system monitoring servers, storage space, and data transmission infrastructure leasing.

To build a virtual, multi-tenant, private infrastructure-as-a-service cloud, on a flexible billing schedule, for its demanding customers, PPNT opted for an integrated solution that included VMware vSphere, VMware vCloud Director, and VMware NSX. The business benefits became clear immediately. PPNT’s new, high-performance environment enabled robust management capabilities, and guaranteed security and fault-tolerant access. Plus, resource provisioning time was reduced from days to seconds.

Says manager of the PPNT DataCenter Tomasz Łukaszewicz: “VMware NSX, the network virtualization platform for the Software-Defined Data Center, enables our customers to create, save, delete, and restore virtual networks on demand, without reconfiguring the physical network. It also provides a better security model.”

Read the complete case study

The post Poland’s Poznań Science and Technology Park Upgrades Its Infrastructure-as-a-Service Model with VMware NSX appeared first on The Network Virtualization Blog.

Court decision raises issues about sharing passwords

An appeals court has ruled that a former employee of a company, whose computer access credentials were revoked, had acted “without authorization” in violation of the Computer Fraud and Abuse Act, when he and other former employees used the login credentials of a current employee to gain access to data on the employer’s computers.The opinion of the court is likely to be controversial as it is expected to have implications on commonplace sharing of passwords by husbands, co-workers and friends even for innocuous purposes.One of the three judges, Stephen Reinhardt, for example, dissented from the majority opinion, stating that “people frequently share their passwords, notwithstanding the fact that websites and employers have policies prohibiting it.”To read this article in full or to leave a comment, please click here

Court decision raises issues about sharing passwords

Firepower Threat Defense — DNS Sinkholing

A few days ago I wrote an article that described Firepower DNS Policies. One item that probably warrants a little more discussion is DNS Sinkholing. Although the title of this article indicates Firepower Threat Defense, this will also work with Firepower and Firepower Services.

For this article, I would like to first share some of the challenges around getting security intelligence visibility from DNS requests. A typical enterprise environment will have an internal DNS server. So even though we know we can return “Domain Not Found” with an FTD DNS policy, that might not give us the visibility necessary to remediate a problem.

So if the host in the diagram below makes a DNS request for bad.site.com, what happens? Basically that request is sent to the DNS Resolver. The DNS Resolver will look to the Root Hints and eventually get the request to an Internet based DNS server that has the appropriate domain ownership. The problem with this is that the only request seen by the Firewall (FTD in our example) is the one made by the DNS Resolver. The problem here is that there is no way the Firewall can tell which host needs to be scrubbed by Continue reading

« Previous 1 … 2,856 2,857 2,858 2,859 2,860 … 3,855 Next »