Juniper vSRX Automation with Ansible

Virtual appliances not only provide for a great lab environment, but are the future of how network services will be tested, validated, and delivered within an Enterprise. And Juniper gets this – they spent a lot of time covering the vSRX and vMX product lines at the most recent Networking Field Day event.

Over the next few months, I’ll more than likely be spending a lot of time on Juniper gear, and it will be the virtual platforms, so it was good timing to get to be in the room to learn more about them along with many of the automation capabilities Juniper supports across their product families.

NETCONF Rules All for Juniper

While I have not spent as much time on Juniper kit as I would have liked over the past few years, the one awesome thing to see and experience first-hand is that they have a unified API (NETCONF) across all of their products.

Why is this so valuable? Well, for one, we get to use the same libraries and integrations across platforms. As an example, we can use the Juniper Ansible modules across any of their devices. In this post, we’ll take a look at using one Continue reading

Obama advisors: Encryption backdoors would hurt cybersecurity, net infrastructure vendors

Making encryption backdoors available to law enforcement would be bad for cybersecurity in general and hurt vendors that make encryption gear, a presidential advisory group says.While the FBI argues that it needs legislation to require access points into encryption platforms, the National Security Council is preparing to tell President Obama that the downsides include weakening the privacy of Internet communications, according to a draft NSC report obtained by the Washington Post.“[B]ecause any access point to encrypted data increases risk, if government efforts to secure access are successful, this approach would reduce cybersecurity,” the document says.To read this article in full or to leave a comment, please click here

There are two sides to every story

In today's "clock" controversy, the clock didn't look like these:


Instead, this is the picture of the device (from the police department):



It's in a "pencil case", not a briefcase. You can compare the size to the plug on the right.

They didn't think it was a bomb, but a "hoax bomb". If they thought it might be a real bomb, they would've evacuated the school. Texas has specific laws making illegal to create a hoax bomb -- it is for breaking this "hoax bomb" law that the kid was arrested.

This changes the tenor of the discussion. It wasn't that they were too stupid they thought it was a bomb, it was that they were too fascist believing it was intentionally a hoax.

These questioned him, and arrested him because his answers were "passive aggressive". This is wrong on so many levels it's hard to know where to begin. Of course, if the kid's innocent his answers are going to be passive aggressive, because it's just a clock!!!

It was the english teacher who turn him in. Probably for using a preposition at the end of a sentence. The engineering teacher thought it was a good project.

It's actually Continue reading

CloudFlare + WHMCS: Faster Websites For Your Customers

We’re at the cPanel Conference in Denver this week, so feel free to drop by our booth and say hello. It’s a great opportunity to connect with our partners and better understand their needs. We’re always trying to streamline our partners’ user experience, and we thought it would be a fitting time to walk through our recently updated WHMCS integration.

CloudFlare’s WHMCS 6.0 plugin lets hosting providers and registrars extend all the benefits of CloudFlare directly to their customers. You can offer your entire user base a global CDN with 62 points of presence, automatic web content optimization, basic DDoS protection, reputation-based threat protection, and much more with virtually no extra work.

These benefits are seamlessly integrated into your WHMCS client. All your customers need to do is click a button, and a new CloudFlare account will be configured for them.

Screenshot of WHMCS CloudFlare Integration

While signing up for an account on www.cloudflare.com only takes a few minutes, users do need to point the relevant DNS records to CloudFlare’s nameservers. Offerring a one-click solution via our WHMCS integration is a great opportunity for hosting providers and registrars to streamline the process for their customers.

Universal SSL with WHMCS

CloudFlare’s Universal Continue reading

Maybe with less hate

I wanted to point out President's rather great tweet in response to Ahmed Mohamed's totally-not-a-bomb:


The reason this tweet is great is that it points out the great stupidity of the teachers/police, but by bringing Ahmed up rather than bringing them down. It brings all America up. Though the school/police did something wrong, the President isn't attacking them with hate.

The teachers/police were almost certainly racist, of course, but they don't see themselves that way. Attacking them with hate is therefore unlikely to fix anything. It's not going to change their behavior, because they think they did nothing wrong -- they'll just get more defensive. It's not going change the behavior of others, because everyone (often wrongly) believes they are part of the solution and not part of the problem.

Issues like Ahmed's deserve attention, but remember that reasonable people will disagree. Some believe the bigger issue is the racism. Other's believe that the bigger issue is the post 9/11 culture of ignorance and suspicion, where Continue reading

7 security and privacy concerns at the polls

Presidential raceImage by ReutersA recent poll by Wakefield Research delved into the psyche of the American voter asking them many questions about who will lead them through cyberspace the next four years. According to the survey, which was sponsored by PKWARE, the majority (64 percent) of registered U.S. voters believe it is likely that a 2016 presidential campaign will be hacked.To read this article in full or to leave a comment, please click here

Killer SDN Applications: A view in 2015

Whilst on the DLR in London earlier this year (2015) a set of thoughts came to light whilst pondering centralised decision making for part of a network. It’s not uncommon to hear “Product X is a great platform that just needs the killer app”. Why the DLR? No drivers, swipe-in-swipe-out ticketing and a well defined service. A train still takes you from A to B, but the whole service around it has completely changed to keep up with the requirements. Thought provoking stuff.

TL;DR

Many people talk about killer apps and are seemingly waiting for them to pop in to existence. This post goes someway to come to terms with the lack of emerging killer apps and why we’re one paradigm shift away from seeing it happen.

The Rub

I’ve said this a million times, but traditional networking skill sets view the network as a CLI that is linked to features. Separation of the monolith seems mad! Why separate something out when what we have today works? Well, that’s the key issue.

The IPEngineer Laws of Humans

Networking as we mostly know it today:

a) Is massively reliant on error prone humans
b) Humans are an expensive resource to have Continue reading

5 Lessons and 8 Industry Changes Over 5 Years as Etsy CTO

Endings are often a time for reflection and from reflection often comes wisdom. That is the case for Kellan Elliott-McCrea, who recently announced he was leaving his job after five successful years as the CTO of Etsy. Kellan wrote a rather remarkable going away post: Five years, building a culture, and handing it off, brimming with both insight and thoughtful commentary.

This post is just a short gloss of the major points. He goes into more depth on each point, so please read his post.

The Five Lessons:

  1. Nothing we “know” about software development should be assumed to be true.
  2. Technology is the product of the culture that builds it.
  3. Software development should be thought of as a cycle of continual learning and improvement rather a progression from start to finish, or a search for correctness.
  4. You build a culture of learning by optimizing globally not locally.
  5. If you want to build for the long term, the only guarantee is change.

The Eight Industry Changes

  1. Five years ago, continuous deployment was still a heretical idea. 
  2. Five years ago, it was crazy to discuss that monitoring, testing, debugging, QA, staged releases, game days, user research, and prototypes Continue reading

How the Internet Really Works

Way back in April of 2014, I started a series over on Packet Pushers called “How the Internet Really Works.” This is a long series, but well worth reading if you want to try and get a handle around how the different companies and organizations that make up the ecosystem of the ‘net actually do what they do.

Overview
DNS Lookups
The Business Side of DNS (1)
The Business Side of DNS (2)
Reverse Lookups and Whois
DNS Security
Provider Peering Types
Provider Peering and Revenue Streams (1)
Provider Peering and Revenue Streams (2)
Standards Bodies
IETF Organizational Structure
The IETF Draft Process
Reality at the Mic (Inside the IETF, Part 1)
Reality at the Mic (Inside the IETF, Part 2)
Reality at the Mic (Inside the IETF, Part 3)
Internet Exchange Points
That Big Number Database in the Sky (IANA)
NOG World (Network Operator Groups)
The Internet Society

The slides that go with this set of posts are available on slideshare, as well. This set is in Ericsson format, but I have older sets in “vendor neutral” formatting, and even cisco formatting (imagine that!).

LinkedInTwitterGoogle+FacebookPinterest

The post How the Internet Continue reading

8 ways to fend off spyware, malware and ransomware

Spyware, malware, phishing and, more recently, ransomware -- the list of online threats can be confusing and daunting. Knowing what you’re up against is half the battle. Each of these types of attacks have specific characteristics:Spyware – software that collects information about you or your computer without your knowledge.Malware – a broad category of software (including viruses, worms, Trojan horses, etc.) that damages your computer, in either a minor or major way.Phishing – an attempt to get your personal information (usernames, passwords, credit card numbers and), usually for nefarious reasons. Usually accomplished by electronic communication (e.g., email), but also by "social engineering" (tricking people into abandoning standard security protocol).To read this article in full or to leave a comment, please click here

Why startup leaders need to set the tone for security

Federal consumer-protection authorities have called on the entrepreneurs building tech startups to prioritize cybersecurity from the earliest stages of the development process.[ Related: Tech startups need to get serious about security ]But a variety of factors -- cost, lack of technical expertise, rush to market, etc. -- can make security seem like more of a burden or an impediment to the startup's growth than anything else.To read this article in full or to leave a comment, please click here

Corebot cleverly written botnet malware with growth potential

There's a new botnet malware on the loose, called Corebot, that researchers believe has the potential to develop into a significant threat.The malware was first spotted by IBM Security X-Force, and Damballa followed up with a deep dive into how the malware works, and what else the malware's author is working on.The malware itself is particularly clever, said Loucif Kharouni, senior threat researcher at Damballa, in that it is written from scratch to be modular, making it easy for the author to add plugins to do specific tasks.MORE ON CSO: How to spot a phishing email "Most malware is based on older malware, on Zeus code for example," he said. "This one looks like it was built new, from scratch."To read this article in full or to leave a comment, please click here

1 3,311 3,312 3,313 3,314 3,315 3,834