Microsoft sets up data centers in Germany amid US surveillance concerns

Microsoft is delivering its cloud services, including Azure, Office 365 and Dynamics CRM Online from two new datacenter regions in Germany, in a move that aims to deflect customer concerns about access to their data by U.S. surveillance.The data centers, located in Magdeburg and Frankfurt am Main, will be unusual in that control over the data will not be with Microsoft but with Deutsche Telekom subsidiary T-Systems, which will be acting as a data trustee for Microsoft's customers' data.Access to customer data stored in these new datacenters will be under the control of T-Systems and Microsoft will not be able to access the data without the permission of customers or the data trustee, Microsoft said in a statement Wednesday. If permission is granted by the data trustee, Microsoft will access the data only under its supervision.To read this article in full or to leave a comment, please click here

Microsoft sets up data centers in Germany amid US surveillance concerns

Microsoft is delivering its cloud services, including Azure, Office 365 and Dynamics CRM Online from two new datacenter regions in Germany, in a move that aims to deflect customer concerns about access to their data by U.S. surveillance.The data centers, located in Magdeburg and Frankfurt am Main, will be unusual in that control over the data will not be with Microsoft but with Deutsche Telekom subsidiary T-Systems, which will be acting as a data trustee for Microsoft's customers' data.Access to customer data stored in these new datacenters will be under the control of T-Systems and Microsoft will not be able to access the data without the permission of customers or the data trustee, Microsoft said in a statement Wednesday. If permission is granted by the data trustee, Microsoft will access the data only under its supervision.To read this article in full or to leave a comment, please click here

Review: Cisco ACI shakes up SDN

The concept of object health is present throughout ACI. When problems are detected, an object’s health score drops from 100, with lower scores indicating greater severity. This is hierarchical, so while a port that is disconnected on a single endpoint will show a health score of 0, the fabric node containing that port may show a health score of 50, and the application containing the down endpoint may show a score of 80. This can be traced visually through the Web UI by selecting the Health view on the affected application. This makes it extremely easy to pinpoint problems on a vast fabric.To read this article in full or to leave a comment, please click here(Insider Story)

Review: Cisco ACI shakes up SDN

The concept of object health is present throughout ACI. When problems are detected, an object’s health score drops from 100, with lower scores indicating greater severity. This is hierarchical, so while a port that is disconnected on a single endpoint will show a health score of 0, the fabric node containing that port may show a health score of 50, and the application containing the down endpoint may show a score of 80. This can be traced visually through the Web UI by selecting the Health view on the affected application. This makes it extremely easy to pinpoint problems on a vast fabric.To read this article in full or to leave a comment, please click here(Insider Story)

Hack to cost UK’s TalkTalk up to $53 million

TalkTalk Telecom Group in the U.K. expects the one-off cost of a recent cyberattack to be up to £35 million (US$53 million) but said the number of customers affected may have been far less than had been earlier expected.The company said, while presenting its half-year results Wednesday, that forensic analysis had found that 4 percent of its  customers have any personal data at risk.Giving a breakdown, TalkTalk disclosed that  the total number of customers whose personal details were accessed were 156,959, and of these customers 15,656 bank account numbers and sort codes were accessed. 28,000 obscured credit and debit card numbers were also accessed by the hackers but cannot be used for financial transactions, as they were were 'orphaned', and cannot be identified by the stolen data, the company said.To read this article in full or to leave a comment, please click here

IPv6 and SSL for Yandy.IO

Thanks to Digitalocean the site is now fully IPv6 capable. Also, thanks to the awesome service at Cloudflare, just because I can, Yandy.IO is also now SSL encrypted. Your browser should redirect to...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Thoughts on Two Years of Working from Home

I've spent the past two years working from home as a network engineer for two different companies. At first, I wasn't sure how well the remote lifestyle would suit me, but after a short time I settled into a very comfortable routine. And to my surprise, I discovered that I was much more productive working from the serenity of my home office than I ever was in a cubicle. I'd like to share my observations with the hope of convincing others to try ditching the office as well.

Why Work Remote?

No More Commute

This is the most obvious benefit to working remote. No more sitting in rush hour traffic twice a day. Even if you take public transit and are able to play on your laptop for most of the trip, commuting is a major time sink. Most people will instantly gain back at least an hour of time by foregoing the daily drive to and from the office. What could you do with an extra hour each day?

And beyond time, there are ample corollary benefits. You (or your company) are no longer paying for as much fuel or fare. You're greatly reducing your risk of being injured Continue reading

Thoughts on Two Years of Working from Home

I've spent the past two years working from home as a network engineer for two different companies. At first, I wasn't sure how well the remote lifestyle would suit me, but after a short time I settled into a very comfortable routine. And to my surprise, I discovered that I was much more productive working from the serenity of my home office than I ever was in a cubicle. I'd like to share my observations with the hope of convincing others to try ditching the office as well.

Why Work Remote?

No More Commute

This is the most obvious benefit to working remote. No more sitting in rush hour traffic twice a day. Even if you take public transit and are able to play on your laptop for most of the trip, commuting is a major time sink. Most people will instantly gain back at least an hour of time by foregoing the daily drive to and from the office. What could you do with an extra hour each day?

And beyond time, there are ample corollary benefits. You (or your company) are no longer paying for as much fuel or fare. You're greatly reducing your risk of being injured Continue reading

Thoughts on Two Years of Working from Home

I've spent the past two years working from home as a network engineer for two different companies. At first, I wasn't sure how well the remote lifestyle would suit me, but after a short time I settled into a very comfortable routine. And to my surprise, I discovered that I was much more productive working from the serenity of my home office than I ever was in a cubicle. I'd like to share my observations with the hope of convincing others to try ditching the office as well.

Why Work Remote?

No More Commute

This is the most obvious benefit to working remote. No more sitting in rush hour traffic twice a day. Even if you take public transit and are able to play on your laptop for most of the trip, commuting is a major time sink. Most people will instantly gain back at least an hour of time by foregoing the daily drive to and from the office. What could you do with an extra hour each day?

And beyond time, there are ample corollary benefits. You (or your company) are no longer paying for as much fuel or fare. You're greatly reducing your risk of being injured Continue reading

Ransomware for Mac is nothing to worry about — for now

Apple computers haven't been impacted by ransomware, a pervasive and insidious class of malware that encrypts files on a computer in exchange for a ransom.That's not because Apple's operating system is any more secure than Windows; it's more that malware writers haven't gotten around to writing ransomware for OS X since infecting Windows machines has been so profitable.However, a Brazilian security researcher, Rafael Salema Marques, decided to show how easy it would be for malware writers to target OS X in a polished experiment that took him a couple of days.To read this article in full or to leave a comment, please click here

ProtonMail comes back online, shores up DDoS defenses

ProtonMail, the Switzerland-based encrypted email service, has found its footing again after a wild ride over the past week.The free service has said it was hit by two different groups using distributed denial-of-service attacks (DDoS) that took it offline.Now it has partnered with Radware, which offered its DDoS mitigation service for a "reasonable price," allowing service to resume, ProtonMail wrote in a blog post on Tuesday."The attackers hoped to destroy our community, but this attack has only served to bring us all together, united by a common cause and vision for the future," the company wrote.To read this article in full or to leave a comment, please click here

A Handy CLI Tool for Working with JSON

While I was at Kubecon this past week, one of the presenters showed off a handy CLI tool for working with JSON. It’s called jq, and in this post I’m going to show you a few ways to use jq. For the source of JSON output, I’ll use the OpenStack APIs.

If you’re not familiar with JSON, I suggest having a look at this non-programmer’s introduction to JSON. Also, refer to this article on using cURL to interact with a RESTful API for a bit more background on some of the commands I’m going to use in this post.

Let’s start by getting an authorization token for OpenStack, using the following curl command:

curl -d '{"auth":{"passwordCredentials":
{"username": "admin","password": "secret"},
"tenantName": "customer-A"}}' 
-H "Content-Type: application/json" 
http://192.168.100.100:5000/v2.0/tokens

This will return a pretty fair amount of JSON in the response, and it presents the first opportunity to use jq. Let’s say you only wanted the authorization token, and not all the other output. Simply add the following jq command to the end of your curl request:

curl -d '{"auth":{"passwordCredentials":
{"username": "admin","password": "secret"},
"tenantName": "customer-A"}}' 
-H "Content-Type: application/json" 
http://192.168.100.100:5000/v2.0/tokens | 
 Continue reading

Anycast For DMVPN Hubs

Dynamic assignment of DMVPN spoke tunnel addresses isn't just a matter of convenience. It provided the foundation for a recent design which included the following fun requirements:
  • There are many hub sites.
  • Spokes will be network-near exactly one hub site.
  • Latency between hub sites is high.
  • Bandwidth between hub sites is low.
  • Spoke routers don't know where they are in the network.
  • Spoke routers must connect only to the nearest hub.
The underlay topology in this environment1 made it safe for me to anycast the DMVPN hubs, so that's what I did. This made the "connect to the nearest hub" problem easy to solve, but introduced some new complexity.

Hub Anycast Interface
Each DMVPN router has a loopback interface with address 192.0.2.0/32 assigned to the front-door VRF. It's configured something like this:

 interface loopback 192020
  description DMVPN hub anycast target  
  ip vrf forwarding LTE_TRANSIT  
  ip address 192.0.2.0 255.255.255.255

The 192.0.2.0 /32 prefix was redistributed into the IP backbone. If this device were to fail, then the next-nearest instance of 192.0.2.0 would be selected by the IGP.

Spoke Configuration
Spokes look pretty much exactly like Continue reading

CCIE Three Months Later

A short take on my journey to becoming CCIE #49800. This wouldn't be possible without the so very important people in my life. Thank You!...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Patch Tuesday November 2015: Microsoft releases 12 fixes, 4 rated critical

For Patch Tuesday November 2015, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important.Rated CriticalMS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. You should deploy this as soon as possible.To read this article in full or to leave a comment, please click here

1 3,206 3,207 3,208 3,209 3,210 3,795