Country wide outage in Azerbaijan

AZoutageIt doesn’t happen often that a country with hundreds of prefixes is affected by a massive outage, however earlier today this unfortunately happened to Azerbaijan. Starting at 12:04 UTC approximately 94% of the prefixes out of Azerbaijan became unreachable.  At the time of writing the outage is still active.
The event was reported on @bgpstream and details plus a replay can be found here: https://bgpstream.com/event/7981

The image below shows the impact on traffic from Azerbaijan to OpenDNS. It’s clear that almost all of the traffic from Azerbaijan disappeared at the time of outage.

Traffic from Azerbaijan

Traffic from Azerbaijan

The main Internet Service provider in Azerbaijan is AS29049, Delta Telecom Ltd. The majority of the country relies on Delta Telecom for connectivity to the rest of the Internet.  The outage is reportedly the result of a fire damaging the equipment of Delta Telecom. As a result all routes for AS29049, Delta Telecom Ltd. and all of the networks that rely on Delta Telecom disappeared from the Internet.

The graph below shows the number of prefixes observed in the BGP routing tables for Azerbaijan. Clearly visible is the drop in reachable networks starting at 12:04.

Visisble BGP prefixes for Azerbaijan

Visible BGP prefixes for Azerbaijan

Networks out of Continue reading

Intel’s fastest chip ever will appear in supercomputers next year

There's been a slight delay, but the latest version of Intel's fastest processor ever will finally reach supercomputers early next year.The Xeon Phi chip, code-named Knights Landing, offers an array of new technologies that collectively deliver performance breakthroughs. The chip is also a springboard for new memory, I/O and storage technologies destined to reach desktops and laptops in the coming years.Intel didn't provide details on the first supercomputers with Knights Landing. The U.S. Department of Energy, however, said that the chip will be used in Cori, a 9,300-core supercomputer that will be deployed in the latter half of 2016 at the National Energy Research Scientific Computing Center in Berkeley, California.To read this article in full or to leave a comment, please click here

Ted Koppel discusses the inevitable cyberattack on U.S. infrastructure

Ted Koppel, anchor of ABC TV’s “Nightline” for 25 years, from 1980-2005, is the author of “Lights Out,” which argues that not only is the nation’s critical infrastructure at grave risk of a catastrophic cyber attack that could leave as much as a third of the nation without electricity for months or even a year, but that there is no government plan to respond to such an attack.[ ALSO ON CSO: Read our review of the book and if the industry agrees with Koppel ]Koppel spoke briefly with CSO earlier last week about those issues:What kind of feedback on your book are you getting from information security professionals? Do they think you’ve overstated the risk or not?To read this article in full or to leave a comment, please click here

Top tech turkeys of 2015

Turkey timeJust in time for Thanksgiving, here’s our annual rundown of the tech industry’s “turkeys” for the year.Looking back: Top tech turkeys 2014Top tech turkeys 2013To read this article in full or to leave a comment, please click here

The State of Cyber Insurance

All this year I’ve been researching the burgeoning cyber insurance market. Admittedly, this is a bit of a detour from covering endpoint security, network security, and security analytics, but cyber insurance is becoming an increasingly important puzzle piece in any organization’s risk mitigation strategy, so it’s worth paying attention to. Given all of the highly visible data breaches over the past few years, it shouldn’t be surprising that cyber insurance is on fire. Between 30% and 40% of companies have some type of cyber insurance today, and the market is growing at 35% or more on an annual basis. It is estimated that the U.S. market for cyber insurance is around $2.5 billion today with about 50 insurance companies competing for business. PWC estimates that this market will grow to over $7.5 billion by 2020.To read this article in full or to leave a comment, please click here

The 10 mightiest supercomputers in the world

Biggest, fastest, occupying the most racksImage by ThinkstockThe latest Top500 supercomputer rankings are out today, to coincide with the annual SC15 conference, which is being held this year in Austin, Texas. While there are plenty of names familiar to Top500 watchers in the new top 10, there are also some new faces. Or, there would be if supercomputers had faces. Have a look.To read this article in full or to leave a comment, please click here

Castle versus Cannon: It’s time to rethink security

P1120249In case you’re confused about the modern state of security, let me give you a short lesson.

Your network is pictured to the left. When I first started working on networks in the USAF we were just starting to build well designed DMZs, sort of a gate system for the modern network. “Firewalls” (a term I’m coming to dislike immensely), guard routers, VPN concentrators, and other systems were designed to keep your network from being “penetrated.” Standing at the front gate you’ll find a few folks wearing armor and carrying swords, responsible for letting only the right people inside the walls — policies, and perhaps even an IDS or two.

The world lived with castles for a long time — thousands of years, to be precise. In fact, the pride of the Roman Legion really wasn’t the short sword and battle formation, it was their ability to work in concrete. Certainly they had swords, but they could also build roads and walls, as evidenced by the Roman style fortifications dotting the entire world.

But we don’t live inside concrete walls any longer. Instead, our armies today move on small and large vehicles, defending territory through measure and countermeasure. They gather Continue reading

Cisco CEO not big on spin-ins

Cisco’s emphasizing the establishment of small internal “start-ups” for innovation rather than forming, funding and acquiring spin-in companies to develop new products for key markets. CEO Chuck Robbins says Cisco is setting up small teams internally to “give them big hairy problems to solve” in areas the company prioritizes for product development and revenue growth. Such areas include data center, security, service provider routing, software programmability – including automation and orchestration -- collaboration, and analytics for the Internet of Things.To read this article in full or to leave a comment, please click here

State-sponsored cyberspies inject victim profiling and tracking scripts in strategic websites

Web analytics and tracking cookies play a vital role in online advertising, but they can also help attackers discover potential targets and their weaknesses, a new report shows.Security researchers from FireEye have discovered an attack campaign that has injected computer profiling and tracking scripts into over 100 websites visited by business executives, diplomats, government officials and academic researchers.The researchers believe the compromised websites attract visitors involved in international business travel, diplomacy, energy production and policy, international economics and official government work. They include sites belonging to embassies, educational and research institutions, governments, visa services, energy companies, media organizations and non-profit organizations.To read this article in full or to leave a comment, please click here

General – Behavior Of QoS Queues On Cisco IOS

I have been running some QoS tests lately and wanted to share some of my results. Some of this behavior is described in various documentation guides but it’s not really clearly described in one place. I’ll describe what I have found so far in this post.

QoS is only active during congestion. This is well known but it’s not as well known how congestion is detected. the TX ring is used to hold packets before they get transmitted out on an interface. This is a hardware FIFO queue and when the queue gets filled, the interface is congested. When buying a subrate circuit from a SP, something must be added to achieve the backpressure so that the TX ring is considered full. This is done by applying a parent shaper and a child policy with the actual queue configuration.

The LLQ is used for high priority traffic. When the interface is not congested, the LLQ can use all available bandwidth unless an explicit policer is configured under the LLQ.

A normal queue can use more bandwidth than it is guaranteed when there is no congestion.

When a normal queue wants to use more bandwidth than its guaranteed, it can if Continue reading

New products of the week 11.16.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Blue Jeans 3.0Key features: new integrations and centralized control, ROI and management tools. Specifically, Blue Jeans 3.0 will include: A refreshed and unified user interface offering new audio capabilities and one-click connections; WebRTC support for Google Chrome, including a new user interface, new audio capabilities, and usability improvements for frictionless meeting entry. More info.To read this article in full or to leave a comment, please click here

New products of the week 11.16.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Blue Jeans 3.0Key features: new integrations and centralized control, ROI and management tools. Specifically, Blue Jeans 3.0 will include: A refreshed and unified user interface offering new audio capabilities and one-click connections; WebRTC support for Google Chrome, including a new user interface, new audio capabilities, and usability improvements for frictionless meeting entry. More info.To read this article in full or to leave a comment, please click here

REVIEW: Best VPN routers for small business

We looked at six VPN routers designed for small businesses, ranging from the popular Cisco brand to lesser-known names like DrayTek and UTT Technologies. We setup and evaluated each to determine how they compare in regards to price, features, and user-friendliness. When choosing a VPN router, you want to pick one that supports the VPN protocol of your choice. If you’re look for an IPSec VPN, consider those that provide a way to simplify the configuration, such as the Cisco, Linksys or Netgear units. If you’re looking for a wide variety of VPN options, consider D-Link. If you’re looking for an inexpensive option, consider UTT Technologies. And if you’re looking for unique features, consider the DrayTek unit, or their other models with integrated Wi-Fi, fiber, or VoIP support.To read this article in full or to leave a comment, please click here

1 3,101 3,102 3,103 3,104 3,105 3,696