What is SD WAN?

Software Defined Wide Area Networking (SD WAN) –sometimes known as SD-WAN and occasionally as Hybrid WAN– is evidently still the flavor of the month in Silicon Valley. Much as it seemed that anything with the word “Cloud” in it a few years back would have money thrown at it indiscriminately by investors, the current favored (funded) feature surely has to be SD WAN. As there doesn’t seem to be one unifying definition of what constitutes “SD WAN” any more than there’s a precise definition of Software Defined Networking, I’m going to define it in the way that I believe best encompasses the intent behind the current flock of solutions.

SDN is a Solution Looking for a Problem

I’ve said before that SDN is a clever idea and eventually will change the way we do networking. However, many are hesitant to adopt SDN because it’s not always immediately obvious what the benefits are to the typical non-hyperscale datacenter other than having to do a lot of retraining. In other words SDN can potentially solve many problems, but it will most likely be necessary to find a ‘killer app’ that will encourage wider adoption, even in it’s only applicable to a limited Continue reading

Sunrise on Oak Island

DSC01589
One of the neat things about Oak Island is it’s a south facing beach. You don’t get the sun over the beach in the morning, but along the beach, and both sunrise and sunset are over the water at some time in the year. Some days, the sunrise and the sunset are both over the ocean.

LinkedInTwitterGoogle+FacebookPinterest

The post Sunrise on Oak Island appeared first on 'net work.

Flowgrammable as a Tool for Learning OpenFlow Concepts and Programming

At first glance, the Flowgrammable web site looks like a toolbox of tools you collected over time. All those tools have something to do with helping us all towards an SDN world. Two of those tools in particular can help you learn about SDN, particularly about how OpenFlow works, and that’s exactly the kind of topic I look to post about here – so today’s post takes a closer look at what’s available at the Flowgrammable site.

Quick Overview of Flowgrammable

The first sentence of the Flowgrammable web site’s About page both confirms why the content may appear to be a mash of topics, but why it all the topics have a common theme:

Flowgrammable.org is a coalition of researchers and industry engineers dedicated to improving adoption of software-defined networks and networking.

Basically, they’re trying to help us all get there, to an SDN world, in the ways that they can help.

I talked to 5-6 of the Flowgrammable team at ONS in June and learned about their site. As for the people, many are grad students that have worked together to develop the tools shown on the site.

For this post, I’ll mention two of their tools, and Continue reading

Make Your Life Easier by Creating Utilities and Delegating Playbooks

simplicity_blog

Last week we hosted our second session of the Tips & Tricks webinar series and focused on creating utilities and delegating playbooks. We want to make your life easier by helping you to automate tasks and then delegate the execution. Ansible is not a programming language, but you can use it as one. Here’s what you need to know…

#1 Create executables that someone else can use

Leverage the shebang (#!) and use ansible as you would any scripting language to create utilities that can reuse your existing playbooks, roles and task lists.

#2 Use permissions to segment access

Unix permissions (and ACLs) can be used to restrict access to inventory and to the users/keys needed to access the defined hosts. You can also restrict which utilities can be executed (sudo).

#3 Use Ansible to make ad-hoc systems

Ansible is a Unix tool, as such it can be combined with others (cron, incron, netcat, ucspi, etc) to create automated workflows.

Watch the entire webinar now.

If you missed Brian's first Tips & Tricks session on Live Systems, you can watch it here

Next up is Tips & Tricks: QA on September 17, at 3PM Eastern. Register now and Continue reading

More than 80% of healthcare IT leaders say their systems have been compromised

Eighty-one percent of healthcare executives say their organizations have been compromised by at least one malware, botnet or other kind of cyberattack during the past two years, according to a survey by KPMG.The KPMG report also states that only half of those executives feel that they are adequately prepared to prevent future attacks. The attacks place sensitive patient data at risk of exposure, KPMG said.The 2015 KPMG Healthcare Cybersecurity Survey polled 223 CIOs, CTOs, chief security officers and chief compliance officers at healthcare providers and health plans.To read this article in full or to leave a comment, please click here

Musing on Nerd Knobs

Henk left a wonderful comment on my SDN will not solve real-life enterprise problems blog post. He started with a bit of sarcasm:

SDN will give more control and flexibility over the network to the customer/user/network-admin. They will be able to program their equipment themselves, they will be able to tweak routing algorithms in the central controller. They get APIs to hook into the heart of the intelligence. They get more config-knobs. It's gonna be awesome.

However, he thinks (and I agree) that this vision doesn’t make sense:

Read more ...

Creating Templates for TextFSM and ntc_show_command

Less than two weeks ago I wrote a post about an Ansible module called ntc_show_command. For those that didn’t read that post, you should, but ntc_show_command is a multi-vendor module that can automate converting raw text from show commands into structured data, namely JSON.

We’ve already had several pull requests enhancing the architecture, so the community support is off to a great start! But in order to really make an impact, we (me, you, and fellow network engineers) need to continue to contribute templates to the project repository. Templates are key to converting the raw text into JSON.

This post will walk through how to create a template for two different commands. We’ll take a look at show version for Cisco NX-OS and display version for HP Comware 7.

The first thing that we’ll need to do is get the raw text output that we want to JSONify. We’ll start with show version.

Below is the sample output that we’ll work with and this file will be saved as tests/cisco_nxos/cisco_nxos_show_version.raw within our project directory.

Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (C) 2002-2014, Cisco and/or its affiliates.
All rights reserved.
The copyrights to certain  Continue reading

Codec Negotiations in Your CCIE Collaboration Preparation

Codec negotiation is a topic that gets glossed over without much consideration in the studies of most students. There’s really not much to it, right? All we have to do is slap a couple of Regions on two different system endpoints and…voila, we have successfully negotiated a codec! Can it be that simple? Like most answers to rhetorical questions in the tech world, “It depends.” A simplistic approach like the one just described above is a great place to start, but it doesn’t take into account key call flow elements such as early/delayed offer, Audio Codec Preference Lists, or call routing across CUBE, CUCM or CUCME. What if the codec should be different based on the originator of the call? These are all examples of key issues involving codec negotiation that we must wrap our mind around if we are to be successful in our CCIE Collaboration endeavors.

Let’s examine the requirement of routing a call between a 9971 Phone registered to the HQ CUCM cluster (HQ Phone 1) and a 7965 Phone registered to the SB CUCM cluster (SB Phone 1). In this example, consider that a SIP Trunk is configured directly between clusters in order to route Continue reading

Linux Core 6.3 as Routing and Switching VMware Appliance

Two weeks ago I finished creating a network host based on Linux Core 6.3 installed on WMware x86-64 virtual machine. I loaded Core Linux with several network extensions that allows host to generate, measure, route network traffic and scan networks. I also wrote a short article that contains a list of loaded extension.

Then I went further with the ​project and my goal was to build L3 switch and router based on  Core Linux 6.3 loaded with Open vSwitch, Quagga, Bird and Keepalived extension. Those are the right extensions that turned the network host  to routing and switching appliance. Furthermore the routing daemons Quagga and Bird and multilayer switch Open vSwitch are used in many large production networks.

The R&S appliance I built can be used for learning networking on Linux, routing and switching. It is available for download in Download section. For those who are interested in installation steps the whole process of extension installation  is described in this article.

The virtual VMware appliance is based on Linux Core network host image and it contains all the extensions listed here plus the following extensions:

openvswitch - 2.4.90
quagga - 0.99.24.1
bird - 1.5.0
keepalived - 1.2.19

Note Continue reading

Smart refrigerator hack exposes Gmail login credentials

A team of hackers recently discovered a man-in-the-middle vulnerability in a Samsung smart refrigerator that can be exploited to steal Gmail users' login credentials, The Register reported this week.Hackers from security company Pen Test Partners discovered the flaw while participating in an Internet of Things (IoT) hacking challenge at the Def Con security conference earlier this month. The smart refrigerator, Samsung model RF28HMELBSR, is designed to integrate the user's Gmail Calendar with its display. Samsung implemented SSL to secure the Gmail integration, but the hackers found that the device does not validate SSL certificates, opening the opportunity for hackers to access the network and monitor activity for the user name and password used to link the refrigerator to Gmail.To read this article in full or to leave a comment, please click here

1 3,350 3,351 3,352 3,353 3,354 3,849