Securing BGP: A Case Study (9)
There are a number of systems that have been proposed to validate (or secure) the path in BGP. To finish off this series on BGP as a case study, I only want to look at three of them. At some point in the future, I will probably write a couple of posts on what actually seems to be making it to some sort of deployment stage, but for now I just want to compare various proposals against the requirements outlined in the last post on this topic (you can find that post here).
The first of these systems is BGPSEC—or as it was known before it was called BGPSEC, S-BGP. I’m not going to spend a lot of time explaining how S-BGP works, as I’ve written a series of posts over at Packet Pushers on this very topic:
Part 1: Basic Operation
Part 2: Protections Offered
Part 3: Replays, Timers, and Performance
Part 4: Signatures and Performance
Part 5: Leaks
Considering S-BGP against the requirements:
- Centralized versus decentralized balance:S-BGP distributes path validation information throughout the internetwork, as this information is actually contained in a new attribute carried with route advertisements. Authorization and authentication are implicitly centralized, however, with the Continue reading
Brocade Braces for a Disappointing Q2, Citing IP Headwinds
The macro storm is far from over.
Stronger protection and more control over security settings with CloudFlare’s new cPanel plugin
CloudFlare has released a new version of our plugin for cPanel with two new features and more control over the security settings of your website.
The new plugin (v6.0) uses the latest cPanel PHP-based APIs, and is completely re-architected to make adding new features easier, allowing for more frequent updates.
We’ve always focused on making integration with CloudFlare as easy as possible. As a customer of one of our hosting partners you can quickly start using CloudFlare features and routing your website traffic through CloudFlare’s global network by clicking on the CloudFlare icon from your cPanel interface.
New features offering stronger protection
Add domains to CloudFlare through Full Zone Provisioning. A huge benefit of Full Zone Provisioning is that it enables all of CloudFlare’s protection, including DDoS mitigation, at the root domain (yourdomain.com) as well the subdomain (www.yourdomain.com).
If your website is experiencing Layer 7 DDoS attacks, you can now click on the 'Enable “I'm under attack" mode ’ button to filter out malicious traffic while allowing legitimate visitors to reach your site. When this is in place, visitors will receive a temporary page for about five seconds while we analyze the traffic to make Continue reading
The Uptake Of Broadwell Xeons Begins
Servers are still monolithic pieces of machinery and the kind of disaggregated and composable infrastructure that will eventually be the norm in the datacenter is still many years into the future. And that means organizations have to time their upgrade cycles for their clusters in a manner that is mindful of processor launches from their vendors.
With Intel dominating the server these days, its Xeon processor release dates are arguably the dominant component of the overall server cycle. But even taking this into account, there is a steady beat of demand for more computing in the datacenters of the world …
The Uptake Of Broadwell Xeons Begins was written by Timothy Prickett Morgan at The Next Platform.
Docker at EMC World 2016
It’s the time again, this week EMC will welcome thousands of its customers and partners for EMC World 2016 in Las Vegas. Come visit Docker with the EMC {code} team in booth #1044 to learn about Docker is transforming modern … ContinuedGone Fishin’
Well, not exactly Fishin', but I'll be on a month long vacation starting today. I won't be posting (much) new content, so we'll all have a break. Disappointing, I know. Please use this time for quiet contemplation and other inappropriate activities. See you on down the road...
