Five reasons threat intelligence fails today, and how to overcome them
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
As cyber security threats have become increasingly sophisticated and pervasive, it’s become impossible to identify and defend against every probable attack with traditional security budgets. That’s where threat intelligence comes in. Effective use of threat intelligence is a way for businesses to pool their resources and overcome internal technical or resource limitations. Theoretically, it allows companies to “crowd source” security and stay one step ahead of malicious entities.
To read this article in full or to leave a comment, please click here
IT/IT: A GUI and a Wizard
One of the brilliant things about conferences like Interop is the hallways (and if you’re not going to Interop, this is why you should be!). It’s not that I don’t enjoy the sessions, but — like the IETF — I often get much more out of the conversations with folks who know networking, and yet have a completely different view of the problems we face in the networking industry, and hence completely different ideas about the way forward in resolving those problems. One of my major problems in life is I often can’t think of a solid answer when I’m sitting there in the conversation itself (one of the reasons I always converted TAC cases to email, rather than sitting on the phone with a customer).
One such conversation (with @cigoodwi) brought out a phrase I thought I’d never hear in the networking world — “a GUI and a wizard.” The context was this: what most x% (your beliefs about the percentage may vary) companies need is a network they can run with a GUI and a wizard. It’s a startling statement, of course, but — in reality — true in many respects. Given this is our Continue reading
SNA was Awful. SDN Isn’t Awful (Yet)
Back in the day, I wasn’t a SNA expert but that was because almost no one was using it. Oh sure, SNA was used by all the big companies to connect their TN5250 terminals to their mainframes using SDLC but back in 1995 there A) weren’t that many companies who could afford to operate a […]
The post SNA was Awful. SDN Isn’t Awful (Yet) appeared first on EtherealMind.
Go crypto: bridging the performance gap
It is no secret that we at CloudFlare love Go. We use it, and we use it a LOT. There are many things to love about Go, but what I personally find appealing is the ability to write assembly code!
That is probably not the first thing that pops to your mind when you think of Go, but yes, it does allow you to write code "close to the metal" if you need the performance!
Another thing we do a lot in CloudFlare is... cryptography. To keep your data safe we encrypt everything. And everything in CloudFlare is a LOT.
Unfortunately the built-in cryptography libraries in Go do not perform nearly as well as state-of-the-art implementations such as OpenSSL. That is not acceptable at CloudFlare's scale, therefore we created assembly implementations of Elliptic Curves and AES-GCM for Go on the amd64 architecture, supporting the AES and CLMUL NI to bring performance up to par with the OpenSSL implementation we use for Universal SSL.
We have been using those improved implementations for a while, and attempting to make them part of the official Go build for the good of the community. For now Continue reading
ARP Processing in Layer-3-Only Networks
John Jackson wrote an interesting comment on my Rearchitecting L3-Only Networks blog post:
What the host has configured for its default gateway doesn't really matter, correct? Because the default gateway in traditional L2 access networks really isn't about the gateway's IP address, but the gateway's MAC address. The destination IP address in the packet header is always the end destination IP address, never the default gateway.
He totally got the idea, however there are a few minor details to consider.
Read more ...Cisco Finally Joins the Intel Network Builders Program
Cisco's David Ward makes surprise appearance at NFV World Congress.
NETCONF and the ncclient
NETCONF is an industry standard (IETF) network management protocol. It’s actually been around for quite awhile and supported by numerous vendors. While NETCONF is not always compatible across network switch platforms, it’s the closest thing I can see that could be a unified multi-vendor API. Of course, there are also vendor extensions for those device-specific features too.
I’m not going to get too much into what NETCONF is because Matt Oswalt has already done that. Check out his post if you haven’t already done so. There are also plenty of other good resources on NETCONF out there.
What I am going to focus on in this post is using Python to interact with NETCONF-enabled network switches.
Let’s get to it.
First, you’ll want to install the ncclient. It is pretty much the de facto Python library to use when you need a NETCONF client to communicate with a NETCONF server, i.e. a network device.
sudo pip install ncclient
This will also install a few other required dependencies such as paramiko and lxml along with the client itself.
The next thing you are going to need is at least one switch (or device) that supports NETCONF. In this post, I’m Continue reading