NetworkingNexus.net

Update on recent VoIP attacks: What should I do if I’m attacked?

Attackers continue targeting VoIP infrastructure around the world. In our blog from last week, May I ask who’s calling, please? A recent rise in VoIP DDoS attacks, we reviewed how the SIP protocol works, ways it can be abused, and how Cloudflare can help protect against attacks on VoIP infrastructure without impacting performance.

Cloudflare’s network stands in front of some of the largest, most performance-sensitive voice and video providers in the world, and is uniquely well suited to mitigating attacks on VoIP providers.

Because of the sustained attacks we are observing, we are sharing details on recent attack patterns, what steps they should take before an attack, and what to do after an attack has taken place.

Below are three of the most common questions we’ve received from companies concerned about attacks on their VoIP systems, and Cloudflare’s answers.

Question #1: How is VoIP infrastructure being attacked?

The attackers primarily use off-the-shelf booter services to launch attacks against VoIP infrastructure. The attack methods being used are not novel, but the persistence of the attacker and their attempts to understand the target’s infrastructure are.

Attackers have used various attack vectors to probe the existing defenses of targets and try to Continue reading

Oracle Still Hanging In There With Exadata Engineered Systems

It may not seem like it, but Oracle is still in the high-end server business, at least when it comes to big machines running its eponymous relational database. …

Oracle Still Hanging In There With Exadata Engineered Systems was written by Timothy Prickett Morgan at The Next Platform.

VMworld 2021: VMware to pack more security into NSX

When it comes to protecting data-center-based resources in the highly distributed world, traditional security hardware and software components just aren’t going to cut it.That’s the bottom line for enterprises as they move to distributed digital environments according to Tom Gillis, senior vice president and general manager of VMware’s networking & advanced security business group. The idea is that security needs to be put deep into the infrastructure fabric and protect workloads across their lifecycle, Gillis said during an interview with Network World at the company’s VMworld virtual conference.To read this article in full, please click here

VMworld 2021: VMware to pack more security into NSX

Learning from Facebook’s Mistakes

On October 4th Facebook managed to achieve one of the more impactful of outages of the entire history of the Internet, assuming that the metric of "impact" is how many users one can annoy with a single outage. What can we as an industry learn from this outage to ensure that we can avoid a recurrence of such a widespread outage in other important and popular service platforms?

Hedge 103: BGP Security with Geoff Huston

Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.

download

VMware Partners Its Way Deeper into Cloud, Edge, And AI

Software maker VMware has always been about tight partnerships with other tech vendors. …

VMware Partners Its Way Deeper into Cloud, Edge, And AI was written by Jeffrey Burt at The Next Platform.

Day Two Cloud 118: Growing Your Open-Source Community

How does a company building a product from an open-source project get off the ground? How does it communicate its value, attract contributors, and develop a user base? And how does it spread the word without turning off engineers with typical tech marketing? Guest Emily Omier is a positioning consultant who helps companies and projects get it right.

Day Two Cloud 118: Growing Your Open-Source Community

The post Day Two Cloud 118: Growing Your Open-Source Community appeared first on Packet Pushers.

ARP problems in EVPN

In any L2 overlay network, ARP handling will always remain a big pain for network operators.

This post explains why you should always set ARP timeout to less than 5 minutes in L3 EVPN, and always be cautious of potential …

BGP Config Change, Not Cyber Attack, Brought Down Facebook

Enterprise IT takes-aways from the Facebook outage: Tread carefully when making BGP config changes and avoid putting everything (DNS, apps, and more) on one network.

What’s new in Ansible Automation Platform 2: private automation hub

AAP 2 gray rising a

We are excited to announce that the Ansible Automation Platform 2 release includes private automation hub 4.3. Private automation hub provides automation developers the ability to collaborate and publish their own automation content and streamline delivery of Ansible code within their organization.

Private automation hub in Ansible Automation Platform 2 primarily delivers support for automation execution environments. Execution environments are a standardized way to define, build and distribute the environments that the automation runs in. In a nutshell, automation execution environments are container images that allow for easier administration of Ansible by the platform administrator. If you are unfamiliar with execution environments, please refer to this blog written by Technical Marketing manager Anshul Behl.

Private automation hub will serve as the on-premises execution environment container image repository for customers who wish to use this feature, aimed at customers who run the platform on physical or virtual environments. Ansible Automation Platform will seamlessly integrate with private automation hub for publishing and pulling execution environment container images.

Who uses private automation hub?

Private automation hub is intended for curating automation content from creators and making it seamlessly accessible to operators. It makes it easy to share these execution environments, which make Continue reading

Wireless LANS in the 21st Century

The power and potential of the next generation cognitive campus are transformative as the industry undergoes a massive transition to hybrid work in the post-pandemic era. A key underpinning to successful campus networking deployments has been our very first acquisition of Mojo Networks for cognitive Wi-Fi. Arista’s entry into wireless is only in its third year, yet the advances in this space will be profound over the next decade.

Staging TLS Certificate: Make every deployment a safe deployment

We are excited to announce that Enterprise customers now have the ability to test custom uploaded certificates in a staging environment before pushing them to production.

With great power comes great responsibility

If you’re running a website or the API that’s behind a popular app, you know your users have high expectations: it can't just be up and running; it also has to be fast and secure. One of the easiest and most standardized ways to secure connections is with the TLS protocol. To do that, you need to acquire a TLS certificate for your domain.

One way to get a certificate is by using a CDN provider, like Cloudflare. We make the process really easy by issuing certificates on your behalf. Not just that, but when your certificate is getting closer to its expiration date, we are responsible for re-issuing it. But, if you don’t want Cloudflare to issue the certificate on your behalf and want to obtain the certificate yourself, you can do so. You can either keep control of your private key, or generate a Certificate Signing Request (CSR) through Cloudflare, so we maintain the private key, but you can still use the certificate authority (CA) of Continue reading

Worth Reading: Do We Need Segment Routing?

Etienne-Victor Depasquale sent me a pointer to an interesting NANOG discussion: why would we need Segment Routing. It’s well worth reading the whole thread (until it devolves into “that is not how MPLS works” arguments), which happens to be somewhat aligned with my thinking:

SR-MPLS makes perfect sense (excluding the migration-from-LDP fun)
SRv6 (in whatever incantation) is mostly a vendor ploy to sell new chipsets.

Enjoy!

Worth Reading: Do We Need Segment Routing?

SR-MPLS makes perfect sense (excluding the migration-from-LDP fun)
SRv6 (in whatever incantation) is mostly a vendor ploy to sell new chipsets.

Enjoy!

Globalfoundries IPO Shows Just How Tough The Chip Making Business Is

You would have to look far and wide to find a tougher business to be in than chip manufacturing, which is why the many dozens of server makers who used to make their own CPUs – often multiple types – no longer run their own foundries and, with the exception of IBM and now Amazon Web Services, no longer exist. …

Globalfoundries IPO Shows Just How Tough The Chip Making Business Is was written by Timothy Prickett Morgan at The Next Platform.

Facebook outage was a series of unfortunate events

Facebook says the root cause of its outage Monday involved a routine maintenance job gone awry that resulted in rendering its DNS servers unavailable, but first the entire Facebook backbone network had crashed.To make matters worse, the loss of DNS made it impossible for Facebook engineers to remotely access the devices they needed to in order to bring the network back up, so they had to go into the data centers to manually restart systems.To read this article in full, please click here

Facebook outage was a series of unfortunate events

« Previous 1 … 644 645 646 647 648 … 3,835 Next »