KulCloud DemoFriday Q&A + Video: PRISM – Scale Up Your OpenStack Cloud with Scale Out On-Demand Network Disaggregation
KulCloud's Dipjyoti Saikia and Nikhil Malik discussed the primary use cases where PRISM can play a defining role. Read the full Q&A here!
Technology ‘net 0x1339ECA: 2015 Measured and Plumbed
One of the great things about APNIC is the amount of information about the state of the Internet Geoff Huston puts out each year. He’s recently posted two studies on the state of BGP and the state of IPv4 addresses as of 2015; they’re both well worth reading in full, but here are several key takeaways of particular interest.
BGP in 2015
Addressing in 2015
First, the size of the global (DFZ) table has crossed 512,000 routes. While the actual table size varies by your view of the network (BGP is a path vector protocol, which has many of the same attributes as a distance-vector protocol, including multiple views of the network), this is the first time the route view servers have actually crossed that number. Why is 512,000 a magic number? If there are 512,000 routes, there are likely 512,000 FIB entries (unless there’s some sort of FIB compression involved), and there are a number of older boxes that cannot support 512,000 routes in their FIB.
Second, the DFZ has been growing at a rate of about 7%-8% per year for a number of years. Given the number of new devices being added to the Internet, how can this Continue reading
Trying out Docker in Windows
Few folks recently asked me how to try out Docker in Windows machine to get familiar with Docker and Containers. This is not the same as running Docker engine in Windows, there is some active work going on to achieve this. The easiest way to try out Docker is to use Docker Toolbox. I covered … Continue reading Trying out Docker in Windows
Skyport Systems: Fortress Infrastructure
The attitude of breach presumption is one that has fostered a family of seek-and-destroy security products. Find the infected system and fix it. Fair enough. Breach presumption is perhaps a wise posture to take, but it doesn’t mean we have to give up the perimeter. While some security consultants I’ve talked to tell me they […]
The post Skyport Systems: Fortress Infrastructure appeared first on Packet Pushers.
Skyport Systems: Fortress Infrastructure
The attitude of breach presumption is one that has fostered a family of seek-and-destroy security products. Find the infected system and fix it. Fair enough. Breach presumption is perhaps a wise posture to take, but it doesn’t mean we have to give up the perimeter. While some security consultants I’ve talked to tell me they […]
The post Skyport Systems: Fortress Infrastructure appeared first on Packet Pushers.
8 New Network Standards You Need To Know
Emerging standards for WiFi, Ethernet and more are poised to shatter the limitations of enterprise networking.
Dark Fiber: Embracing The Dark Side
Leveraging unused fiber optic cables is becoming practical for more than large corporations.
Why Compatibility And Support Don’t Justify $1000 Optics
Howdy. By now I hope y’all realize I don’t pull any punches and no subject is off-limits. Having said that, I want be upfront and say this subject is very near and dear to my heart and is one of my main areas of work for almost two years. I’ll do my best to be […]
The post Why Compatibility And Support Don’t Justify $1000 Optics appeared first on Packet Pushers.
Why Compatibility And Support Don’t Justify $1000 Optics
Howdy. By now I hope y’all realize I don’t pull any punches and no subject is off-limits. Having said that, I want be upfront and say this subject is very near and dear to my heart and is one of my main areas of work for almost two years. I’ll do my best to be […]
The post Why Compatibility And Support Don’t Justify $1000 Optics appeared first on Packet Pushers.
Debug Generator – Fortigate Flow Trace
I’ve found that when working with Fortigate firewalls and needing to be able to use the debug flow command set, it takes a bit too long to manually type out the commands. If you’re in a pressurised environment saving a few seconds here and there can be valuable. First we need to grab the script […]
The post Debug Generator – Fortigate Flow Trace appeared first on Packet Pushers.
Debug Generator – Fortigate Flow Trace
I’ve found that when working with Fortigate firewalls and needing to be able to use the debug flow command set, it takes a bit too long to manually type out the commands. If you’re in a pressurised environment saving a few seconds here and there can be valuable. First we need to grab the script […]
The post Debug Generator – Fortigate Flow Trace appeared first on Packet Pushers.
Understanding the BGP Table Version – Part 2: Example
More on BGP Table Version – the most unknown and unexplained, BGP concept/value that I rarely ever troubleshoot without This is part 2 in the 3 part series of “Understanding the BGP Table Version”. If you haven’t already read part... Read More ›
The post Understanding the BGP Table Version – Part 2: Example appeared first on Networking with FISH.
Should Firewalls Track TCP Sequence Numbers?
It all started with a tweet by Stephane Clavel:
@ioshints @BradHedlund I'm puzzled NSX dFW does not track connections seq #. Still true? To me this is std fw feature.
— stephaneclavel (@stephaneclavel) January 31, 2016Trying to fit my response into the huge Twitter reply field I wrote “Tracking Seq# on FW should be mostly irrelevant with modern TCP stacks” and when Gal Sagie asked for more elaboration, I decided it’s time to write a blog post.
Read more ...Some notes on the Norse collapse
Recently, cybersec company "Norse Security" imploded. Their leaders and most the employees were fired, and their website is no longer available. I thought I'd write up some notes on this.All VC-funded startups are a scam
Here's how VCs think. They see that there is a lot of industry buzz around "threat intel". They'll therefore fund a company in that space. This company will spend a 5% of that money to create a cool prototype, and 95% in marketing and sales. They'll have fancy booths at trade shows. They'll have a PR blitz to all the reporters who cover the industry. They'll bribe Gartner to be named a Cool Vendor or Magic Quadrant Leader. They'll win industry kudos. They have some early sales 'wins' with some major customers. These customers will give glowing reviews of the product they bought -- even before turning it on.
In other words, it's a perfect "Emperor Has No Clothes" story, where neither customers, nor Gartner, nor the press is competent to realize the Emperor is not wearing clothes.
VCs know it's a scam, but they are hoping it'll become real. As a well-known leader in this space, employees with the needed expertise will flock Continue reading