It’s in a race with vendors doing similar work.
CloudFlare customers are automatically protected against the recently disclosed DROWN Attack. We do not have SSLv2 enabled on our servers.
We publish our SSL configuration here so that others can use it. We currently accept TLS 1.0, 1.1 and 1.2.
We are proactively testing our customers' origin web servers to detect vulnerable servers and will be reaching out to any that have a server that is vulnerable to DROWN.
In the interim, ensure that SSLv2 is fully disabled and/or that private keys are not shared with servers that still need to have SSLv2.
Should you take a multi-vendor approach to your network or is a homogeneous network the best bet?
Continuing our bridging loops discussion Christoph Jaggi sent me another question:
Theoretically STP should avoid bridging loops, and yet you claim they cause data center meltdowns. What am I missing?
In theory, STP avoids bridging loops. In practice, there are numerous reasons STP got a bad name.
Read more ...Some networking pros may still scoff at the impending Internet of Things, but ignore it at your peril.
Cisco recently launched the 2800 and 3800 series 802.11ac wave-2 access points. The 3800 Datasheet quotes a theoretical maximum throughput of 5.2Gbps when operating in Dual 5GHz radio mode (2 x 2.6Gbps). If you ran two cables to your AP you could use the second ethernet port to create a 2 x 1Gbps LAG. However there is still some debate about whether 2Gbps of throughput is sufficient for a single-radio Wave2 AP.
Some companies may not be willing to invest the time and expense to swap out their copper for fiber or run yet more copper to their APs. The NBase-T standard 802.3bz provides an alternative approach, promising speeds of 2.5Gbps or 5Gbps over Cat5e cabling over 100 Meter runs.
Peter Jones from Cisco is the chair of the NBase-T alliance and presented to us in Tech field day on the new 802.3bz standard and the technology behind it. Cisco terminology for NBase-T-like functionality is ‘MultiGigabit Ethernet’. Currently the Cisco Catalyst 2k, 3K, and 4K switching line have specific models or line cards which support a number of combined UPoE/MultiGig ports. The reason for new hardware is that new digital signal processors (DSPs) are required to achieve the 2.5Gbps Continue reading
Cisco recently launched the 2800 and 3800 series 802.11ac wave-2 access points. The 3800 Datasheet quotes a theoretical maximum throughput of 5.2Gbps when operating in Dual 5GHz radio mode (2 x 2.6Gbps). If you ran two cables to your AP you could … Continue reading
The post Does your Wave2 AP need NBase-T? appeared first on The Network Sherpa.
In my last blog, I have discussed how a software defined visibility network could open up exciting applications for mobile operators. In this post, I would like to touch upon some typical operational challenges faced by implementation engineers and network operations staff when deploying and supporting network packet brokers. Operators often have a high-level understanding... Read more →
I thought it would be a good idea to revisit my last Kubernetes build in which I was using Salt to automate the deployment. The setup worked well at the time, but much has changed with Kubernetes since I initially wrote those state files. That being said, I wanted to update them to make sure they worked with Kubernetes 1.0 and above. You can find my Salt config for this build over at Github…
https://github.com/jonlangemak/saltstackv2
A couple of quick notes before we walk through how to use the repo…
-While I used the last version of this repo as a starting point, I’ve stripped this down to basics (AKA – Some of the auxiliary pods aren’t here (yet)). I’ll be adding to this constantly and I do intend to add a lot more functionality to the defined state files.
-All of the Kubernetes related communication is unsecured. That is – it’s all over HTTP. I already started work on adding an option to do SSL if you so choose.
That being said, let’s jump right into how to use this. My lab looks like this…
Here we have 3 Continue reading
Cloud Security Alliance cites potential security issues with network functions virtualization.
The NIC vendor is trying something new with its NFV work-in-progress.
On this week's Network Break we analyze Spotify's move to Google Cloud Platform, a rumored Cisco hyperconverged play, and some creepy Big Data efforts around employee health. We get the latest Apple/FBI updates, review vendor financials, and more.
The post Network Break 76: Spotify’s Cloud Play; Big Data Or Big Brother? appeared first on Packet Pushers.
On this week's Network Break we analyze Spotify's move to Google Cloud Platform, a rumored Cisco hyperconverged play, and some creepy Big Data efforts around employee health. We get the latest Apple/FBI updates, review vendor financials, and more.
The post Network Break 76: Spotify’s Cloud Play; Big Data Or Big Brother? appeared first on Packet Pushers.