Role Based Access Control in IOS

I don't believe this is well known: Cisco IOS has Role Based Access Control (RBAC) which can be used to create and assign different levels of privileged access to the device. Without RBAC there are two access levels in IOS: a read-only mode with limited access to commands and no ability to modify the running config (also called privilege level 1) and enable mode with full administrative access. There is no middle ground; it's all or nothing. RBAC allows creation of access levels somewhere between nothing and everything. A common use case is creating a role for the first line NOC analyst which might allow them to view the running config, configure interfaces, and configure named access-lists.

IDG Contributor Network: Optical fiber soon to see performance gains

We're seeing a surge in successful experiments with alternative, atom-thin materials that are going to speed up and reduce the size of computer chips. Black phosphorus is the latest super-material that promises efficiency in electronics. This one promises speed gains too.Adding the substance, commonly found in match heads and tracer bullets, to optical circuits made out of silicon increases data speeds, according to a University of Minnesota research team, and reported by Dexter Johnson in the Institute of Electrical and Electronics Engineers' IEEE Spectrum publication.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Optical fiber soon to see performance gains

We're seeing a surge in successful experiments with alternative, atom-thin materials that are going to speed up and reduce the size of computer chips. Black phosphorus is the latest super-material that promises efficiency in electronics. This one promises speed gains too.Adding the substance, commonly found in match heads and tracer bullets, to optical circuits made out of silicon increases data speeds, according to a University of Minnesota research team, and reported by Dexter Johnson in the Institute of Electrical and Electronics Engineers' IEEE Spectrum publication.To read this article in full or to leave a comment, please click here

First look: VMware vSphere 6 keeps its edge

In the not so distant past, VMware held a long and commanding lead in the server virtualization space, offering core features that were simply unmatched by the competition. In the past few years, however, competition in virtualization has been fierce, the competitors have drawn near, and VMware has been left with fewer ways to distinguish itself.The competition may have grown over the years, and VMware may not enjoy quite as large a lead as it once did -- but it still enjoys a lead. With useful improvements to a number of key features, as well as the bundling of functions such as backup and recovery that were previously available separately, vSphere 6 is a worthy addition to the vSphere line. That said, some of the major advances in this version, such as long-distance vMotion, will matter most to larger vSphere shops.To read this article in full or to leave a comment, please click here

Qualcomm’s Raspberry Pi-like computer has wireless capabilities

Raspberry Pi has inspired many board computers, and Qualcomm is now offering one of its own with a range of features never before seen in the low-price end of the market.The DragonBoard 410c is an uncased computer a little larger than a credit card, with all the important components on one board. With Wi-Fi, Bluetooth, location tracking and 64-bit Snapdragon chips, it offers many capabilities not yet available in other low-cost boards.Qualcomm is best-known for its smartphone and tablet chips, but the board could be used to make robots, drones and wearables. The chip maker’s high-end developer boards have been used to develop self-learning robots.To read this article in full or to leave a comment, please click here

Qualcomm’s Raspberry Pi-like computer has wireless capabilities

Raspberry Pi has inspired many board computers, and Qualcomm is now offering one of its own with a range of features never before seen in the low-price end of the market.The DragonBoard 410c is an uncased computer a little larger than a credit card, with all the important components on one board. With Wi-Fi, Bluetooth, location tracking and 64-bit Snapdragon chips, it offers many capabilities not yet available in other low-cost boards.Qualcomm is best-known for its smartphone and tablet chips, but the board could be used to make robots, drones and wearables. The chip maker’s high-end developer boards have been used to develop self-learning robots.To read this article in full or to leave a comment, please click here

New ransomware program targets gamers

A new malware program attempts to extort money from gamers by encrypting game saves and other user-generated files for popular computer games.The new threat, which claims to be a variant of the notorious CryptoLocker ransomware, targets 185 file types, over 50 of which are associated with computer games and related software.This is the first ransomware program to specifically target games, according to researchers from security firm Bromium, which recently found it. It was distributed via a drive-by download attack from a compromised website that directed users to the Angler exploit kit.The malicious program encrypts game saves, maps, profiles, replays, mods—in other words, custom content that users would not be able to recover by simply reinstalling the game.To read this article in full or to leave a comment, please click here

FCC releases 400-page net neutrality order

The 400-page net neutrality order released by the U.S. Federal Communications Commission includes a long legal defense of the commission’s vote last month to reclassify broadband as a regulated telecommunications service.The order, released Thursday in the wake of the commission’s vote to approve net neutrality rules in late February, establishes “clear and enforceable rules” to protect consumers, an FCC official said.While the order is long, the actual changes to the Code of Federal Regulations that the FCC approved amount to eight pages, running from pages 283 to 290 in Appendix A of the order. An executive summary describing the changes runs from page 7 to page 18.To read this article in full or to leave a comment, please click here

VMware expands desktop virtualization to Linux

VMware’s VMware Horizon desktop virtualization software suite will soon deliver virtual Linux desktops over a network, in addition to the Microsoft Windows desktops it has long provided for remote workers.The company has launched an early access program for customers to test a version of Horizon 6 that can package server-based Red Hat and Ubuntu Linux desktops so they can be accessed from remote computers and mobile devices.Although Windows remains the dominant platform for enterprise desktops, at least a small percentage of organizations use Linux instead, according to market reports.To read this article in full or to leave a comment, please click here

Hilarious video of Apple engineer explaining the story behind the new MacBook

Apple's new 12-inch MacBook might be a point of controversy for some. In order to attain a certain level of thinness, Apple completely removed all of the familiar ports and replaced it with just one – USB C.Now, in this hilarious parody video, we get an "insider" perspective from an "Apple engineer" on what that development process was like. It's a must watch! To read this article in full or to leave a comment, please click here

Lyft raises $530 million in latest funding round

Lyft has raised US$530 million in its latest funding round, and plans to use the money to beef up its IT staff, expand its footprint and boost existing services.Japanese e-commerce company Rakuten led the round. With the latest cash infusion, Lyft has raised a total of $862 million from investors. The ride-hailing company is now reportedly valued at $2.5 billion.Lyft, based in San Francisco, said Wednesday it will use the funding to increase its presence in the 65 U.S. cities where it operates and to expand to other markets.To read this article in full or to leave a comment, please click here

Cumulus Networks Support — Community Style

Sometimes, it’s not what you know, it’s who you know. Today we launch a new method of support to the Cumulus Networks family, a community question and answer site. This is a place where you can ask either a simple question for which you couldn’t find an answer, or maybe something you’ve always wanted to know. It’s also a place to engage in conversation with other users that may be experiencing things you have seen in the past or may encounter in the future.

To be sure, Cumulus Networks employees will be on hand to assist and direct you to the documentation and knowledge base as appropriate. If a question is too complex, we will assess your needs based upon your support entitlements and work with you to open a ticket so our excellent support team can assist you in figuring out your issue. The community portal is a supplement to the support team, not a replacement.

Our growth is directly related to you, our community, and in that vein, we want to offer more ways that you can be involved — this is just the beginning. Look for more to come in upcoming blog posts.

The post Cumulus Networks Continue reading

BGPMon Joins OpenDNS

Dear BGPmon.net user,

I’m excited to announce that BGPmon has been acquired by OpenDNS. OpenDNS is a leading cloud-delivered network security company known for engineering predictive intelligence technology that stops malicious activity before it can threaten a network.

Over the last few years BGPmon has grown from a community service into a successful business that helps thousands of network engineers from around the world monitor their networks. Throughout this journey, we’ve developed close relationships with many of you and together, worked on some truly fascinating cases.

Becoming a part of OpenDNS is a logical next step for BGPmon. With its engineering resources, massive scale and cloud delivery model, OpenDNS is the right direction to continue growing the BGPmon service. I’m confident that moving forward BGPmon will only get better.

The transition plan is straightforward. OpenDNS will invest in building out the service even more but also is committed to keeping the free features free. Simply put, nothing regarding the service will change other than we’ll continue adding new functionality.

On a personal note, I’d like to thank all of you for your continued support and encouragement. I am excited for the changes ahead and personally being a part of Continue reading

Network Break 31

Over-opinionated analysis on data network and IT Infrastructure. And virtual doughnuts.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

TwitterFacebookGoogle+LinkedIn

The post Network Break 31 appeared first on Packet Pushers Podcast and was written by Greg Ferro.

A Quick Update on OpenStack Congress

OpenStack Congress, a project aimed at providing “policy as a service” for OpenStack clouds, is a project I’ve had the privilege of being involved in from very early days. I first mentioned Congress almost a year ago, and since then the developers have been hard at work on the project. Recently, one of the lead developers posted a summary of some pretty impressive performance improvements that have been made with Congress.

I won’t repeat all the sordid details here; for all the details, I encourage you to go read the full post over at ruleyourcloud.com. Just to give you a quick highlight of some of the performance gains they’ve been able to realize, consider these numbers:

  • A 500x improvement in query performance
  • A 20,000x increase in data import speed
  • A 6x reduction in memory overhead

Given the nature of Congress—that it must, by its very definition, import data from multiple cloud services and perform queries across that data to determine policy violations—the performance improvements seen in query performance and data import speeds are quite significant.

For the detailed explanation of how the developers were able to see such incredible performance improvements, see the full post. If you’re interested in Continue reading

Routing Leak briefly takes down Google

216.58.223.0_24_1426150200-2

This morning, users of Google around the world were unable to access many of the company’s services due to a routing leak in India. Beginning at 08:58 UTC Indian broadband provider Hathway (AS17488) incorrectly announced over 300 Google prefixes to its Indian transit provider Bharti Airtel (AS9498).

Bharti in turn announced these routes to the rest of the world, and a number of ISPs accepted these routes including US carriers Cogent (AS174), Level 3 (AS3549) as well as overseas incumbent carriers Orange (France Telecom, AS5511), Singapore Telecom (Singtel, AS7473) and Pakistan Telecom (PTCL, AS17557). Like many providers around the world, Hathway peers with Google so that their customers have more direct connectivity with Google services. But when that private relationship enters the public Internet the result can be accidental global traffic redirection.

Last fall, I wrote two blog posts here and here about the issues surrounding routing leaks such this one. Routing leaks happen regularly and can have the effect of misdirecting global traffic. Last month, I gave a talk in the NANOG 63 Peering Forum entitled “Hidden Risks of Peering” that went over some examples of routing leaks like this one.

Below is a graph showing the Continue reading

1 3,441 3,442 3,443 3,444 3,445 3,696