EVPN – Single-active redundancy

In the previous 2 posts I looked at the basics of EVPN including the new BGP based control-plane, later I looked at the integration between the layer-2 and layer-3 worlds within EVPN. However – all the previous examples were shown with basic single site networks with no link or device redundancy, this this post I’m going to look at the first and simplest EVPN redundancy mode.

First – consider the new lab topology:

The topology and configuration remains pretty much the same, except that MX-1 and MX-2 each connect back to EX4200-1, for VLAN 100 and VLAN 101, with the same IRB interfaces present on each MX router, essentially a very basic site with 2 PEs for redundancy.

Let’s recap the EVPN configuration on each MX1, I’ve got the exact same configuration loaded on MX-2 and MX-3, the only differences being the interface numbers and a unique RD for each site.

MX-1: 

IDG Contributor Network: Smartphones not productive, managers say

Despite the hype of business chat messaging and a perception of smartphones introducing a connected work-everywhere lifestyle, a surprisingly large number of bosses are not at all happy with the proliferation of the devices.The honchos say mobile devices are killing productivity, according to employment firm CareerBuilder research. The problem appears to stem from the fact that employees are indeed using smartphones at work—just not for work.That the majority of workers with smartphones (65 percent) don’t have work email setup on the devices is one issue, the CareerBuilder study found.To read this article in full or to leave a comment, please click here

ContainerX Ships Its ‘vSphere for Containers’

That includes Windows containers, as ContainerX likes to tell enterprises.

Why your password policy still sucks

Password policies don't prevent problems, they cause them. Humans are predictable, and generic password policies help attackers crack (or guess) passwords faster.

Google revs its AI engines with a new European research group

Google has made no secret of its AI ambitions, and on Thursday it announced the next step in its bold plans to realize them: a brand-new research group in Europe focused squarely on machine learning.Based in Google Research offices in Zurich, Switzerland, the new group will focus on three key areas of artificial intelligence: machine intelligence, machine perception, and natural language processing and understanding, according to a blog post by Emmanuel Mogenet, head of Google Research for Europe.To read this article in full or to leave a comment, please click here

Flaws expose Cisco small-business routers, firewalls to hacking

Three models of Cisco wireless VPN firewalls and routers from the small business RV series contain a critical unpatched vulnerability that attackers can exploit remotely to take control of devices. The vulnerability is located in the Web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router. It can be easily exploited if the affected devices are configured for remote management since attackers only need to send an unauthenticated HTTP request with custom user data. This will result in remote code execution as root, the highest privileged account on the system, and can lead to a complete compromise.To read this article in full or to leave a comment, please click here

Flaws expose Cisco small-business routers, firewalls to hacking

Three models of Cisco wireless VPN firewalls and routers from the small business RV series contain a critical unpatched vulnerability that attackers can exploit remotely to take control of devices. The vulnerability is located in the Web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router. It can be easily exploited if the affected devices are configured for remote management since attackers only need to send an unauthenticated HTTP request with custom user data. This will result in remote code execution as root, the highest privileged account on the system, and can lead to a complete compromise.To read this article in full or to leave a comment, please click here

Flaws expose Cisco small-business routers, firewalls to hacking

Three models of Cisco wireless VPN firewalls and routers from the small business RV series contain a critical unpatched vulnerability that attackers can exploit remotely to take control of devices. The vulnerability is located in the Web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router. It can be easily exploited if the affected devices are configured for remote management since attackers only need to send an unauthenticated HTTP request with custom user data. This will result in remote code execution as root, the highest privileged account on the system, and can lead to a complete compromise.To read this article in full or to leave a comment, please click here

Virtualized Networks Invite Cyber Espionage

The cybersecurity and security solutions landscape is in constant flux.

Asus challenges the iPad Mini with the less-pricey ZenPad Z8

At $249.99, Asus' new Android-based ZenPad Z8 tablet could make you ponder why you should buy Apple's iPad Mini 4, which starts at $399.The Asus tablet will be available exclusively through Verizon Wireless, and will ship starting on June 23. It is ready for Verizon's LTE network in the U.S, and can be ordered online.The cellular-ready ZenPad Z8 will come with the latest Android version, Android M OS. A cellular-ready version of the iPad Mini 4 starts at $529.From a pure hardware standpoint, the Android tablet is comparable, and in some respects, offers more than than the iPad Mini 4. It ultimately comes down to whether you want Android or iOS on this sort of device.To read this article in full or to leave a comment, please click here

Federal Cybersecurity Boondoggle: The Software Assurance Marketplace (SWAMP)

Way back in February, I wrote a blog about President Obama’s proposed Cybersecurity National Action Plan (CNAP).  As part of this plan, the President called for $19 billion for cybersecurity as part of the 2017 fiscal year federal budget, a 35% increase over 2016 spending. While CNAP has a lot of thoughtful and positive proposals, I’m troubled by the fact that federal cybersecurity programs seem to have a life of their own with little oversight or ROI benefits.  I often cite DHS’s Einstein project as an example of this type of government cybersecurity waste.  In my humble opinion, the feds are spending hundreds of millions of dollars on custom research and development for Einstein when commercial off-the-shelf (COTS) network security products could do the same job at a fraction of the cost.To read this article in full or to leave a comment, please click here

Federal Cybersecurity Boondoggle: The Software Assurance Marketplace (SWAMP)

Way back in February, I wrote a blog about President Obama’s proposed Cybersecurity National Action Plan (CNAP).  As part of this plan, the President called for $19 billion for cybersecurity as part of the 2017 fiscal year federal budget, a 35% increase over 2016 spending. While CNAP has a lot of thoughtful and positive proposals, I’m troubled by the fact that federal cybersecurity programs seem to have a life of their own with little oversight or ROI benefits.  I often cite DHS’s Einstein project as an example of this type of government cybersecurity waste.  In my humble opinion, the feds are spending hundreds of millions of dollars on custom research and development for Einstein when commercial off-the-shelf (COTS) network security products could do the same job at a fraction of the cost.To read this article in full or to leave a comment, please click here

Security Sessions: How CSOs can reduce alert fatigue

In the latest episode of Security Sessions, Hexadite CEO Eran Barak joins CSO Editor-in-Chief Joan Goodchild to discuss the problem of security alert fatigue, in which a company receives so many alerts from their systems that they end up potentially ignoring or missing critical alerts.

Cavium Snaps Up QLogic in $1.36B Deal

$45 million in synergies is expected from the deal.

Samsung enters the cloud market

For years those who track the cloud computing market have predicted consolidation. The market is young enough, promising enough, and the barriers to entry for companies that want a slice of this market are high enough that mergers and acquisitions are to be expected. Stephen Lawson At its 2016 developer conference in San Francisco this week, the company worked to get developers excited about its software and services as well as its hardware platforms.To read this article in full or to leave a comment, please click here

Worth Reading: The danger of macros

Back in 2012, faced with the need to write the identical thing—language regarding FISA minimization procedures—many, many times, NSA tried to develop some efficiency by automating a portion of their Word templates. This worked fine, until for whatever reason, NSA Hawaii redesigned its network to block external access from other parts of the NSA. -Lawfare

The post Worth Reading: The danger of macros appeared first on 'net work.

Gartner on doing business in China: Privacy? What’s that?

Tim Greene Jie Zhang NATIONAL HARBOR, Md. -- Jie Zhang says that as a child in China she played a game picking up marbles with chopsticks and performing the delicate task of carrying them to another room without dropping them. That’s what doing business in China is like for Westerners, she told a breakfast gathering today at Gartner’s Security and Risk Management Summit.They have to get used to long-standing customs and practices that violate some basic business principles respected outside of China and some new ones that deal specifically with technology.To read this article in full or to leave a comment, please click here

Gartner on doing business in China: Privacy? What’s that?

Tim Greene Jie Zhang NATIONAL HARBOR, Md. -- Jie Zhang says that as a child in China she played a game picking up marbles with chopsticks and performing the delicate task of carrying them to another room without dropping them. That’s what doing business in China is like for Westerners, she told a breakfast gathering today at Gartner’s Security and Risk Management Summit.They have to get used to long-standing customs and practices that violate some basic business principles respected outside of China and some new ones that deal specifically with technology.To read this article in full or to leave a comment, please click here

Help Docker’s Initiatives to Promote Tech Diversity Including Bump Up at DockerCon

Docker is actively working to improve opportunities for women and underrepresented minorities throughout the global ecosystem and promote diversity in the larger tech community.

We’re proud to have contributed close to $100,000 in sponsorships, scholarships and complementary tickets to DockerCon. In addition to these funds, the Docker Team has launched and supports several ongoing initiatives with like-minded partners. Continue reading

Cisco Tetration: The timing is right for Cisco to jump into analytics

Cisco has always been a master at picking the right adjacent markets to move into at the right time, and it often becomes one of the leaders in that space. Think of the impact the company has had in telephony, blade servers and security—to name just a few.This week at an event with a lot of pomp and circumstance that included CEO Chuck Robbins, Cisco announced it is moving into the analytics market. At first glance, one might ask what the heck Cisco is doing in analytics.The timing for Cisco is right, though. Many of the building blocks of the digital enterprise—technologies such as Internet of Things, cloud computing, mobility and security are network centric today. By harnessing network data, Cisco can provide data and insights that another vendor could not. To read this article in full or to leave a comment, please click here