Draw network diagrams online [2016 Edition]

In this post from 2011 I was explaining that my preferred online tool to draw network diagrams is LucidChart.com. Since then LucidChart.com developed really good and added constantly new features. Unfortunately with the new great additions some not so nice restrictions appeared for the free account.
Those restrictions (like 5 active documents) really make it difficult for me to work with this tool as I got used to a different style.

I’m not a cheap guy! If I would use this tool professionally there would be no problem to buy a subscription package, but at work Visio is saint (unfortunately) and the rest of the time, especially when I’m on my Mac, I just need a fast tool to draw brief network diagrams like for my blog or fast explanation to somebody online.

LucidChart.com is my recommendation if you rely on online tool to work with Visio documents. Last time when I checked their Visio import tool was doing a great job.

Back to this story, I was looking online for another tool when I came across Draw.io.

Draw.io doesn’t need an account creation, rather it just give you direct access to the tool.
Since Continue reading

Apple’s Tim Cook woos app developers in India

In a bid to win over more Indian developers, Apple on Wednesday announced it would set up by early next year a facility to help developers on best practices and to improve the design, quality and performance of their apps on the iOS platform.The facility in Bangalore, called a Design and Development Accelerator, aims to provide specialized support for the “tens of thousands” of developers in the country, who develop applications for the iOS operating system.Bangalore has a large base of developers, working for the research and development centers of multinational companies or in startups, besides others who work independently. Apple estimates that over 1 million people in the city work in the tech sector, with over 40 percent of graduates from local universities specializing in engineering or IT.To read this article in full or to leave a comment, please click here

Fragmenting IPv6

The design of IPv6 represented a relatively conservative evolutionary step of the Internet protocol. Mostly, it's just IPv4 with significantly larger address fields. Mostly, but not completely, as there were some changes. IPv6 changed the boot process to use auto-configuration and multicast to perform functions that were performed by ARP and DHCP in IPv4. IPv6 added a 20-bit Flow Identifier to the packet header. IPv6 replaced IP header options with an optional chain of extension headers. IPv6 also changed the behaviour of packet fragmentation. Which is what we will look at here.

CCDE – I passed the CCDE Practical in Madrid!

Hi everyone.

I’ve not been posting lately because I have been studying very hard for the CCDE practical.

Passed the lab in Madrid? Isn’t this guy from the North? I was supposed to take this exam in Frankfurt on Tuesday the 17th of May. Wise from my trips to the CCIE lab in Brussels I took a flight that landed around noon on Monday. I have a routine I like to use the day before a big exam. I had just scouted the Pearson Professional Centre (PPC) location and got back to my room. At 14.05 I receive an e-mail from Pearson Vue saying they can’t deliver my exam. Can you imagine the panic I felt? I had been preparing for months of furious studying for this day. The CCDE practical is only delivered every three months so I would have to wait for three more months to take it if I could even get a seat then. I had prepared for this day and my plan was to try to pass it and if I didn’t, come back in three months and pass it then.

There was no time to waste. I found an open seat in Madrid Continue reading

Black hole detection

The Broadcom white paper, Black Hole Detection by BroadView™ Instrumentation Software, describes the challenge of detecting and isolating packet loss caused by inconsistent routing in leaf-spine fabrics. The diagram from the paper provides an example, packets from host H11 to H22 are being forwarded by ToR1 via Spine1 to ToR2 even though the route to H22 has been withdrawn from ToR2. Since ToR2 doesn't have a route to the host, it sends the packet back up to Spine 2, which will send the packet back to ToR2, causing the packet to bounce back and forth until the IP time to live (TTL) expires.

The white paper discusses how Broadcom ASICs can be programmed to detect blackholes based on packet paths, i.e. packets arriving at a ToR switch from a Spine switch should never be forwarded to another Spine switch.

This article will discuss how the industry standard sFlow instrumentation (also included in Broadcom based switches) can be used to provide fabric wide detection of black holes.

The diagram shows a simple test network built using Cumulus VX virtual machines to emulate a four switch leaf-spine fabric like the one described in the Broadcom white paper (this network is Continue reading

CyberChaff: HaLVM unikernels protecting corporate networks

Unikernel technologies, specifically the libraries, are applicable in many ways (e.g. the recent Docker for Mac and Windows products). However, unikernels themselves can enable new categories of products. One of the most prominent products is a network security tool called CyberChaff, based on open source HaLVM unikernels. Today Formaltech, a Galois subsidiary, revealed that Reed College is one of their happy CyberChaff users!

Defending a Network With CyberChaff

CyberChaff is designed to detect one of the early and critical steps in a security breach: the point when an attacker pivots from their initial entry point to the more juicy parts of the network. This step, the pivot, typically involves scanning the network for hosts that may be better positioned, appear to have more privileges, or are running critical services.

To impair this step of the attack, CyberChaff introduces hundreds (or thousands) of false, lightweight nodes on the network. These hosts are indistinguishable from real hosts when scanned by the attacker, and are each implemented as their own HaLVM unikernel. See the diagram below where green nodes are the real hosts and the orange nodes are HaLVM CyberChaff nodes. This means that an attacker is faced with a huge Continue reading

Publisher of LA Times and Chicago Tribune sends IT jobs overseas

Tribune Publishing Co., a major newspaper chain, is laying off as many as 200 IT employees as it shifts work overseas.The firm, which owns the Los Angeles Times, The Baltimore Sun, Chicago Tribune, Hartford Courant and many other media properties, told IT employees in early April that it's moving work to India-based Tata Consultancy Services.Interestingly, the Tribune IT employees were notified within weeks of a similar announcement involving IT employees at the McClatchy Company, another major newspaper chain.To read this article in full or to leave a comment, please click here

Microsoft and Amazon look to scoop up SAP workloads headed to the cloud

As SAP holds its annual Sapphire Now user conference in Orlando this week, two of the leading IaaS providers are making the case for running SAP apps on their public clouds.Microsoft CEO Satya Nadella joined SAP CEO Bill McDermott during the Sapphire keynotes on Tuesday to announce a broad partnership between the two companies that will optimize the Azure public cloud to run SAP workloads.Not to be outdone, early this morning before the keynote even kicked off Amazon Web Services issued a press release announcing a handful of customers – including General Electric, Brooks Brothers and Lionsgate are running SAP apps on its public cloud.To read this article in full or to leave a comment, please click here

John Deere is plowing IoT into its farm equipment

John Deere is taking the Internet of Things out into the field by developing new technologies and embracing existing ones to boost the efficiency of prepping, planting, feeding and harvesting with the goal of improving per-acre crop yields.+More on Network World: 10 Internet of Things companies to watch+ Ron ZinkTo read this article in full or to leave a comment, please click here

IDG Contributor Network: Paper to be an IoT-connected device

Regular paper, of the kind one writes and prints on, can be embedded with radio frequency tags, researchers say. That could ultimately allow internet connectivity.Not only could the internet paper be manufactured with tags added at the mill, but an end user could actually draw the tagged antennas on by hand using conductive ink in a school or the workplace.By responding to commands via gestures, the paper can be made to “do anything from controlling music using a paper baton to live polling in a classroom,” the University of Washington says in a press release.To read this article in full or to leave a comment, please click here

Worth Reading: Lego Robots versus Gesture Security

A DARPA-funded report titled “Robotic Robbery on the Touch Screen” published recently in the journal ACM Transactions on Information and System Security looks at gestural authentication through the eyes of a more sophisticated hacker. It presents two Lego-driven robotic attacks on a touch-based authentication system—one is based on gestural statistics collected over time from a large population of users and the other is based on stealing gestural data directly from a user. Both were pretty effective. -via Motherboard

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Lego Robots versus Gesture Security appeared first on 'net work.

Microsoft is joining the tech cry for Britain to stay in the EU

Microsoft has come out against a proposal for the U.K. to leave the European Union, joining other tech giants that oppose the controversial measure.The so-called Brexit (Britain exit) referendum will ask U.K. voters on June 23 whether the country should leave the 28-state EU. Proponents say membership in the union has hurt Britain’s economy and opens the country up to too much immigration.Boris Johnson, London’s colorful former mayor, has compared the EU to Hitler. Polls suggest the vote may be tight.IBM, Cisco Systems, and Hewlett Packard Enterprise also oppose Brexit. As multinational companies, they often rely on flows of capital and employees across borders.To read this article in full or to leave a comment, please click here

New F5 software addresses the needs of an increasingly digital world

Digital has become the way. Look through any business publication or trade magazine, and you’ll see a plethora of articles about digital transformation. A digital business is highly dependent on the underlying infrastructure to enable new services that can give it a competitive advantage. The underlying technology not only needs to seamlessly deliver the services, but also provide the highest levels of security, orchestration capabilities and many other requirements unique to this era of business. + Also on Network World: Why 2015 was the year of the cloud, and 2016 will be too +To read this article in full or to leave a comment, please click here

SAP seeks to simplify IT with a beefier new version of Hana

SAP has updated its flagship Hana in-memory computing platform with a raft of new features designed to make IT simpler while giving organizations a better handle on their data.The updates, announced Tuesday at the company's annual Sapphire Now conference in Florida, include a new hybrid data management service in the cloud and a new version of the company's Hana Edge edition for SMBs."We’ve taken an already rock solid platform and further hardened security, enhanced availability, unified the development and administration experience, and expanded advanced analytic capabilities," Michael Eacrett, vice president of product management for SAP, wrote in a blog post detailing the new release.To read this article in full or to leave a comment, please click here

Thinking about side channel attacks

When Cyrus wanted to capture Babylon, he attacked the river that flows through the city, drying it out and then sending his army under the walls through the river entrance and exit points. In a similar way, the ventilator is a movie favorite, used in both Lord of the Rings and Star Wars, probably along with a thousand other movies and stories throughout time. What do rivers and ventilators have to do with network security?

Side channel attacks. Now I don’t know if the attacks described in these papers, or Cyrus’ attack through the Euphrates, are considered side channel, or just lateral, but either way: the most vulnerable point in your network is just where you assume you can’t be attacked, or that point where you haven’t thought through security. Two things I read this week reminded me of the importance of system level thinking when it comes to security.

security-netThe first explores the Network Time Protocol (NTP), beginning with the general security of the protocol. Security in a time protocol is particularly difficult, as the entire point of encryption is to use algorithms that take a lot of time for an attacker to calculate—and there’s probably some relationship between Continue reading

1 2,954 2,955 2,956 2,957 2,958 3,837