The Power of Test-Driven Network Automation

Over the past few years, I’ve seen (and contributed to) a rise of real network engineers taking on the new and sometimes challenging world of network automation. Every time I check in on Jason Edelman’s Network Automation Slack channel, I’m very happy to see the sheer number of folks asking questions, trying to get the the concepts and tools of network automation working in their own environment.

For many, this is all very new, and there’s a lot to soak up. Linux networking has broken onto the scene in a big way. We’ve started using text formats like YAML and Jinja2 to template out network configurations to make more consistent network changes. We’ve started using tools like Ansible to drive those changes in a meaningful way to our network infrastructure. It’s clear that these ideas are useful, and are taking hold in a big way.

At this point, I’d like to ask you this question; with all of this tooling, which admittedly helps us achieve consistency of change, does it really ensure the success of a change? How do we even define success? At what point can we sit back and be able to truly say, “that change did not Continue reading

The Power of Test-Driven Network Automation

Over the past few years, I’ve seen (and contributed to) a rise of real network engineers taking on the new and sometimes challenging world of network automation. Every time I check in on Jason Edelman’s Network Automation Slack channel, I’m very happy to see the sheer number of folks asking questions, trying to get the the concepts and tools of network automation working in their own environment.

For many, this is all very new, and there’s a lot to soak up. Linux networking has broken onto the scene in a big way. We’ve started using text formats like YAML and Jinja2 to template out network configurations to make more consistent network changes. We’ve started using tools like Ansible to drive those changes in a meaningful way to our network infrastructure. It’s clear that these ideas are useful, and are taking hold in a big way.

At this point, I’d like to ask you this question; with all of this tooling, which admittedly helps us achieve consistency of change, does it really ensure the success of a change? How do we even define success? At what point can we sit back and be able to truly say, “that change did not Continue reading

After New York, gigabit public Wi-Fi comes to Berlin

Ask someone in Hanover, Germany, where to find the best public Wi-Fi and the answer may well be "In Berlin," 250 kilometers to the East.That's because free gigabit Wi-Fi for Berliners was one of the first new services announced at the Cebit trade show in Hanover this week.New York got its first taste of free gigabit Wi-Fi in January, when CityBridge turned on its first LinkNYC hotspots, which are gradually replacing payphones in the city.In Berlin, it's not a billboard-advertising-funded startup that's delivering the service, but an established telecommunications operator.To read this article in full or to leave a comment, please click here

Retrieving network elements backup from 5620 SAM

Last week I faced a routine (and quite common) task to get the latest backups of current configuration and BOF files for ~700 routers on a customers network. Sure thing sane man would use some automatization techniques, which could be: 5620 SAM scripts some scripting language to grab latest backups from the global NE backup location

Digiwell will teach you an NFC trick your old dog may already know

Patrick Kramer pulled back his sleeves and reached out an empty hand to offer his business card. His contact details appeared on the smartphone screen as if by magic, but it was a sufficiently advanced technology that made it happen. For an encore, he opened a locked door without a key. When anyone else touched the handle, it remained locked. Unlike other magicians, Kramer willingly explained the secret to the trick, which is so simple a dog could perform it: In the flesh between his left thumb and forefinger, he has inserted a tiny glass bead containing an NFC chip.To read this article in full or to leave a comment, please click here

Don’t feel comforted by an antivirus’s security certification

If you feel comforted by your antivirus vendor’s boast of having a certification from Verizon, then maybe you need to rethink that. Google Project Zero security researcher Tavis Ormandy says the methodology behind Verizon’s certification is “about as ridiculous as you would expect,” but vendors follow the gimpy guideline criteria (pdf), pay the fee to be certified and users tend to view the certification as some sign of excellence to be trusted.To read this article in full or to leave a comment, please click here

EFF uncovers US DoJ spying on you!

From our "Your Tax Dollars At Work" department: You, my friend, are being spied on ... but you probably already knew that. But what you might not know is that besides the usual suspects, the NSA (thanks to Edward Snowden) and probably every other TLA (Three Letter Agency) with any kind of signals intelligence mission, it turns out that the Department of Justice (DoJ) has also been secretly snagging your cell phone data by overflying urban areas with light aircraft equipped with a device called a “Dirtbox,” a successor or maybe more accurately, a sibling, to an earlier device called the StingRay.To read this article in full or to leave a comment, please click here

Microservices

Figure 1: Visibility and the software defined data center
In the land of microservices, the network is the king(maker) by Sudip Chakrabarti, Lightspeed Venture Partners, makes the case that visibility into network traffic is the key to monitoring, managing and securing applications that are composed of large numbers of communicating services running in virtual machines or containers.
While I genuinely believe that the network will play an immensely strategic role in the microservices world, inspecting and storing billions of API calls on a daily basis will require significant computing and storage resources. In addition, deep packet inspection could be challenging at line rates; so, sampling, at the expense of full visibility, might be an alternative. Finally, network traffic analysis must be combined with service-level telemetry data (that we already collect today) in order to get a comprehensive and in-depth picture of the distributed application.
Sampling isn't just an alternative, sampling is the key to making large scale microservice visibility a reality. Shrink ray describes how sampling acts as a scaling function, reducing the task of monitoring large scale microservice infrastructure from an intractable measurement and big data problem to a lightweight real-time data center wide visibility solution for monitoring, managing, Continue reading

Auditing network configurations with Nelkit

Audit Checklist Form

Even if you have tools in place to automate your network configuration, there’s a good chance that someone has made some manual changes. Perhaps some of your routers were overlooked the last time you send out that access-list, or a new site has been deployed using an old template. In those situations you want to audit the configuration of your network devices. Network configuration audit is one of the features of Nelkit.

Continue reading

Auditing network configurations with Nelkit

Audit Checklist FormEven if you have tools in place to automate your network configuration, there’s a good chance that someone has made some manual changes. Perhaps some of your routers were overlooked the last time you send out that access-list, or a new site has been deployed using an old template. In those situations you want to audit the configuration of your network devices. Network configuration audit is one of the features of Nelkit.
Continue reading

SDxCentral Weekly News Roundup — March 11, 2016

sdxcentral-news-roundup-march-11-2016 Here’s a roundup of the week’s news related to  software defined networking (SDN) and network functions virtualization (NFV) and the rest of the SDxCentral universe, starting with a few tidbits from the OCP U.S. Summit: Radisys joined the Open Compute Project (OCP) as a silver member and launched DCEngine, an OCP-based design for hyperscale data center... Read more →

Wireless Gets Serious

Drew Lentz, chair of Interop's Wireless & Mobility Track, discusses the increasing demands placed on networks as the type of clients, number of clients, and functionality changes. He explains how pressures from the Internet of Things, location-based services, and expansive campus networks are prompting new investments in wireless networks and requiring careful consideration.

Learn more about the Wireless & Mobility Track and register for Interop, May 2-6 in Las Vegas.

No, you backoff on backdoors or else

Speaking at #SXSW, President Obama threatened the tech community, telling us to backdoor our encryption ourselves or else congress will mandate a worse solution later.

No, Mr. President, it works the other way around. You'd better backoff on your encryption demands, or else the tech community will revolt, That's what's already happen with Apple's encryption efforts, as well as app developers like Signal and Wickr. Every time you turn the screws, we techies increase the encryption.

It's not a battle you can win without going full police-state. Sure, you can force Apple to backdoor its stuff, but then what about the encrypted apps? You'd have to lock them down as well. But what about encrypted apps developed in foreign countries? What about software I write myself? You aren't going to solve the "going dark" problem until you control all crypto.

If you succeed in achieving your nightmare Orwellian scenario, I promise you this: I'll emigrate to an extradition-free country, to continue the fight against the American government.

Your crypto backdoors creates a police-state beyond what even police-state advocates like Michael Hayden and Linsdey Graham can tolerate. Your point on "balance" is a lie. We've become radically unbalanced toward mass Continue reading
1 3,074 3,075 3,076 3,077 3,078 3,818