Data Plane Quirks in Virtual Network Devices

Have you noticed an interesting twist in the ICMP Redirects saga: operating systems of some network devices might install redirect entries and use them for control plane traffic – an interesting implementation side effect of the architecture of most modern network devices.

A large majority of network devices run on some variant of Linux or *BSD operating system, the only true exception being ancient operating systems like Cisco IOS1. The network daemons populate various routing protocol tables and compute the best routes that somehow get merged into a single routing table that might still be just a data structure in some user-mode process.

Read more …

Data Plane Quirks in Virtual Network Devices

Have you noticed an interesting twist in the ICMP Redirects saga: operating systems of some network devices might install redirect entries and use them for control plane traffic – an interesting implementation side effect of the architecture of most modern network devices.

A large majority of network devices run on some variant of Linux or *BSD operating system, the only true exception being ancient operating systems like Cisco IOS1. The network daemons populate various routing protocol tables and compute the best routes that somehow get merged into a single routing table that might still be just a data structure in some user-mode process.

Read more …

5G connections to hit 1 billion this year, and will double by 2025

5G connections will represent one-fifth of all worldwide mobile connections as of this year, putting those connections above the 1 billion mark for the first time, and that number will double by 2025, according to the GSMA (GSM Association).The GSMA’s Mobile Economy Report, published Wednesday, also said that 5G penetration is moving faster than either of the two previous major generations of mobile networking technology — while neither 3G nor 4G topped 2.2% of mobile connections until more than a year and a half after their introduction, 5G has already accounted for 5.5% in that time frame.There are currently almost 200 live 5G networks in 70 different countries, according to the GSMA report, which credits high demand for the rapid pace of the rollout.To read this article in full, please click here

Day Two Cloud 136: The Role And Responsibilities Of A Kubernetes Operator (Sponsored)

Today on the Day Two Cloud podcast we examine the role and responsibilities of Kubernetes operators; that is, the humans in charge of running Kubernetes. Kubernetes operators have to support application and security teams, handle capacity planning, keep an eye on versioning, and more. This episode is sponsored by F5's NGINX team. Our guests are Jenn Gile, Sr Manager of Product Marketing; and Brian Ehlert, Sr Product Manager.

iCloud Private Relay: information for Cloudflare customers

iCloud Private Relay: information for Cloudflare customers
iCloud Private Relay: information for Cloudflare customers

iCloud Private Relay is a new Internet privacy service from Apple that allows users with iOS 15, iPadOS 15, or macOS Monterey on their devices and an iCloud+ subscription, to connect to the Internet and browse with Safari in a more secure and private way. Cloudflare is proud to work with Apple to operate portions of Private Relay infrastructure.

In this post, we’ll explain how website operators can ensure the best possible experience for end users using iCloud Private Relay. Additional material is available from Apple, including “Set up iCloud Private Relay on all your devices”, and “Prepare Your Network or Web Server for iCloud Private Relay” which covers network operator scenarios in detail.

How browsing works using iCloud Private Relay

The design of the iCloud Private Relay system ensures that no single party handling user data has complete information on both who the user is and what they are trying to access.

To do this, Private Relay uses modern encryption and transport mechanisms to relay traffic from user devices through Apple and partner infrastructure before sending traffic to the destination website.

Here’s a diagram depicting what connection metadata is available to who when not using Private Relay Continue reading

Forecasting and tracking the ROI of automation

Great ideas start with coffee, but business innovation starts with automation. Just like that morning jolt of warm friendly caffeine, Red Hat Ansible Automation Platform has the ability to enhance, optimize and make your technology stack flow like the beloved beverage most of the world consumes on a daily basis.

It is easy to discuss all the technical benefits that Ansible Automation Platform can bring to organizations, but what about the business benefits? How can you observe the state of your automation and return on investment (ROI)? How can you explain the financial impact of automation to key stakeholders? The answer to all of these questions is Red Hat Insights for Red Hat Ansible Automation Platform.

Red Hat Insights is an analytics platform to help you understand your automation efforts. It lets your data work for you by proactively identifying and correcting issues. Included as a hosted service offering with Ansible Automation Platform, Insights provides a visual dashboard to indicate automation performance, health notifications, organizational statistics, and more.

The most relevant features within Insights for IT business leaders and decision makers  who want to validate their automation strategy are Reports, Savings Planner and Automation Calculator

Tracking how automation Continue reading

Multifactor Authentication Is Being Targeted by Hackers

It was only a matter of time. While multifactor authentication (MFA) makes logging into systems safer, it doesn’t make it “safe.” As well-known hacker KnownBe4, showed in 2018 it’s easy to Proofpoint has found transparent reverse proxy. Typically transparent reverse proxies, such as the open source man-in-the-middle (MitM) attacks to steal credentials and session cookies. Why go to this trouble? Because, as an MFA company 78% of users now use MFA, compared to just 28% in 2017. That’s good news, but it’s also given cybercrooks the incentive they needed to target MFA. A Range of Kits To make it easy for wannabe hackers. Proofpoint found today’s phishing kits range from “simple open-source kits with human-readable code and no-frills functionality Continue reading

How to inventory server software with PowerShell

Being able to quickly identify what software is installed on your servers has value for a host of reasons. Managing software licensing costs and entitlements, planning upgrade budgets, identifying candidates for server consolidation, or even responding to security incidents are all common reasons for performing a software inventory.There are of course enterprise tools for tracking software inventory. But these tools can be expensive and complex, or could have access limited to specific groups or individuals in your organization. Fortunately PowerShell can help with some of the leg work in analyzing the software on your systems in order to help drive your planning and incident response.To read this article in full, please click here

How to inventory server software with PowerShell

Being able to quickly identify what software is installed on your servers has value for a host of reasons. Managing software licensing costs and entitlements, planning upgrade budgets, identifying candidates for server consolidation, or even responding to security incidents are all common reasons for performing a software inventory.There are of course enterprise tools for tracking software inventory. But these tools can be expensive and complex, or could have access limited to specific groups or individuals in your organization. Fortunately PowerShell can help with some of the leg work in analyzing the software on your systems in order to help drive your planning and incident response.To read this article in full, please click here

Gartner: 5 ways to deal with network equipment shortages

How bad is the chip supply shortage? Gartner reports that clients are complaining about lead times as long as 400 days to get networking equipment, plus pricing increases and missed ship dates.“We expect lead times to remain high through early 2023, at which point we expect slow incremental improvement over the course of months,” Gartner wrote in a report titled, "What Are My Options for Dealing With Long Lead Times on Network Equipment?" Read more: Chip shortage has networking vendors scramblingTo read this article in full, please click here

FCC looks into BGP vulnerabilities, in light of Russian hacking threat

The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet.The move, announced Monday, was issued in response to "Russia's escalating actions inside of Ukraine," according to the commission's notice of inquiry.BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes.To read this article in full, please click here

FCC looks into BGP vulnerabilities, in light of Russian hacking threat

The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet.The move, announced Monday, was issued in response to "Russia's escalating actions inside of Ukraine," according to the commission's notice of inquiry.BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes.To read this article in full, please click here

1 552 553 554 555 556 3,833