9 tips for speeding up your business Wi-Fi

The days are long past when a fast office Wi-Fi connection was a nice-to-have. These days it's essential for your business to provide clients and employees alike with a speedy, reliable wireless network.<aside class="sidebar medium"><h3 class="body">Wi-Fi resources</h3><ul><li><a href="https://www.networkworld.com/article/3541759/test-and-review-of-4-wi-fi-6-routers-whos-the-fastest.html"> Test and review of 4 Wi-Fi 6 routers: Who’s the fastest?</a></li><li><a href="https://www.networkworld.com/article/3356838/how-to-determine-if-wi-fi-6-is-right-for-you.html"> How to determine if Wi-Fi 6 is right for you</a></li><li><a href="https://www.networkworld.com/article/3510461/5-questions-to-answer-before-deploying-wi-fi-6.html">Five questions to answer before deploying Wi-Fi 6</a></li><li><a href="https://www.networkworld.com/article/3563832/wi-fi-6e-when-its-coming-and-what-its-good-for.html"> Wi-Fi 6E: When it’s coming and what it’s good for</a></li></ul></aside>To read this article in full, please click here

Ambiguity and complexity: once more into the breach

Recent research into the text of RFCs versus the security of the protocols described came to this conclusion—

While not conclusive, this suggests that there may be some correlation between the level of ambiguity in RFCs and subsequent implementation security flaws.

This should come as no surprise to network engineers—after all, complexity is the enemy of security. Beyond the novel ways the authors use to understand the shape of the world of RFCs (you should really read the paper; it’s really interesting), this desire to increase security by decreasing the ambiguity of specifications is fascinating. We often think that writing better specifications requires having better requirements, but down this path only lies despair.

Better requirements are the one thing a network engineer can never really hope for.

It’s not just that networks are often used as a sort of “complexity sink,” the place where every hard problem goes to be solved. It’s also the uncertainty of the environment in which the network must operate. What new application will be stuffed on top of the network this week? Will anyone tell the network folks about this new application, or just open a ticket when it doesn’t work right? What about all Continue reading

Cisco 8000 Series routers


Cisco 8000 Series routers are "400G optimized platforms that scale from 10.8 Tbps to 260 Tbps." The routers are built around Cisco Silicon One™ ASICs. The Silicon One ASIC includes the instrumentation needed to support industry standard sFlow real-time streaming telemetry.
Note: The Cisco 8000 Series routers also support Cisco Netflow. Rapidly detecting large flows, sFlow vs. NetFlow/IPFIX describes why you should choose sFlow if you are interested in real-time monitoring and control applications.
The following commands configure a Cisco 8000 series router to sample packets at 1-in-20,000 and stream telemetry to an sFlow analyzer (192.127.0.1) on UDP port 6343.
flow exporter-map SF-EXP-MAP-1
 version sflow v5
 !
 packet-length 1468
 transport udp 6343
 source GigabitEthernet0/0/0/1
 destination 192.127.0.1
 dfbit set
!

Configure the sFlow analyzer address in an exporter-map.

flow monitor-map SF-MON-MAP
 record sflow
 sflow options
  extended-router
  extended-gateway
  if-counters polling-interval 300
  input ifindex physical
  output ifindex physical
 !
 exporter SF-EXP-MAP-1
!

Configure sFlow options in a monitor-map.

sampler-map SF-SAMP-MAP
 random 1 out-of 20000
!

Define the sampling rate in a sampler-map.

interface GigabitEthernet0/0/0/3
 flow datalinkframesection monitor-map SF-MON-MAP sampler SF-SAMP-MAP ingress

Enable sFlow on each interface for complete visibilty into network traffic.

The above configuration instructions are for IOS-XR. Continue reading

Network Break 331: Proofpoint Goes Private In $12 Billion Deal; Defense Dept. Unveils IPv4 Address Cache

Guest analyst Johna Till Johnson, CEO and Founder of Nemertes Research, joins the Network Break to discuss a variety of IT news including the rising price of copper, Proofpoint going private in a $12.3 billion deal, why the US Defense Department suddenly began advertising a huge block of IPv4 addresses, and space networking.

The post Network Break 331: Proofpoint Goes Private In $12 Billion Deal; Defense Dept. Unveils IPv4 Address Cache appeared first on Packet Pushers.

The 4 Definitions of Multicloud: Part 4 — Traffic Portability

With the goal of bringing more productive discussions on this topic into focus and understanding which types of multicloud capabilities are worth pursuing, this series concludes with a look at multicloud through the lens of traffic portability. Traffic Portability Armon Dadgar Armon is co-founder and CTO of HashiCorp, where he brings his passion for distributed systems to the world of DevOps tooling and cloud infrastructure. Multicloud traffic portability means you can shift traffic between environments dynamically. If you have geographically dispersed users, traffic portability would allow you to route traffic to the nearest cloud provider that could service them. So, if your app can run on Azure and AWS, maybe there’s a closer AWS data center to your customer than Azure. Or maybe one cloud vendor works better for data sovereignty in Europe, so you route to a particular vendor only for those requests. In most cases, the goal of traffic portability is to have the ability to dynamically shift traffic very quickly between multiple cloud platforms and on-premises data centers. This could also mean you’re balancing 50/50 traffic between AWS and Azure. Or maybe you’re doing maintenance in your Google Cloud environments, so you move 100% of traffic to Continue reading

Extreme CEO talks AI, automation, chip shortages

Fresh off one of the strongest quarters in the company’s 25 year history where it hit double-digit, year-over-year revenue growth and a fourth consecutive quarter of growth, Extreme Networks is betting heavily on automation, AI and cloud management to keep the party going. Extreme Networks Extreme CEO Ed MeyercordTo read this article in full, please click here

Object Storage Makes A Push Into HPC

Four years ago, Cloudian was a six-year-old startup in an object storage space that, while the technology had been around for more than a decade, was seeing a surge of interest from cloud providers desperate for a storage architecture that only could scale to meet the demands of their rapidly growing datacenters, the massive amounts of data that was being generated and the need to be able to more easily move it between core on-premises datacenters and multiple cloud environments – and in the coming years the edge.

Object Storage Makes A Push Into HPC was written by Jeffrey Burt at The Next Platform.

The Week in Internet News: India Tries to Censor Online Critics

"In the news" text on yellow background

Shut your mouth: The government in India has tried to silence critics of its response to the COVID-19 pandemic there as cases spike in the country, BuzzFeed News reports. India’s IT ministry recently ordered Twitter to block more than 50 tweets from being seen in the country, and Facebook, Instagram, and YouTube also had content critical […]

The post The Week in Internet News: India Tries to Censor Online Critics appeared first on Internet Society.

Handling OOB Network Changes

In this blog I would like to showcase the power of Ansible Content Collections to build powerful abstractions. Collections are a distribution format for Ansible content that can include playbooks, roles, modules and plugins. For this blog post, let us address an Infrastructure as Code(IaC) use case for network configuration management of BGP. We will walk through examples for both Cisco IOS and Arista EOS devices.

First, let us define a data-model that encapsulates the vendor-agnostic configuration.

bgp_global:
    as_number: '65000'
    bgp:
        log_neighbor_changes: true
        router_id:
            address: 192.168.1.1
    neighbor:
    -   activate: true
        address: 10.200.200.2
        remote_as: 65001
bgp_address_family:
    address_family:
    -   afi: ipv4
        neighbor:
        -   activate: true
            address: 10.200.200.2
        network:
        -   address: 10.25.25.0
            mask: 255.255.255.0
        -   address: 10.25.26.0
            mask: 255.255.255.0
        -   address: 10.100.100.0
            mask: 255.255.255.0
        -   address: 10.200.200.0
            mask: 255.255.255.0
        -   address: 172.16.0.0
        -   address: 192.168.1.1
            mask: 255.255.255.255

As you might have observed, this data-model matches exactly the input expected by the <vendor>.bgp_global and  bgp_address_family modules within the IOS and EOS Continue reading

IBM updates its storage-systems portfolio

IBM announced a pair of additions to its storage portfolio designed to improve the access to and management of data across hybrid-cloud environments and offer faster, higher capacity.The first is container-native software defined storage (SDS) called IBM Spectrum Fusion that’s due out in the second half of 2021. It will initially come in the form of a container-native hyperconverged infrastructure (HCI) system that integrates compute, storage, and networking. Next year, IBM plans to release an SDS-only version of Spectrum Fusion.To read this article in full, please click here

IBM updates its storage-systems portfolio

IBM announced a pair of additions to its storage portfolio designed to improve the access to and management of data across hybrid-cloud environments and offer faster, higher capacity.The first is container-native software defined storage (SDS) called IBM Spectrum Fusion that’s due out in the second half of 2021. It will initially come in the form of a container-native hyperconverged infrastructure (HCI) system that integrates compute, storage, and networking. Next year, IBM plans to release an SDS-only version of Spectrum Fusion.To read this article in full, please click here

Next-gen networks: Feds have cash for good ideas

The National Science Foundation (NSF) is not inclined to wait for next-generation (NextG) networks. And who can blame it? NextG promises faster cellular, Wi-Fi, and satellite networks, all of which can be used to enhance data streaming, wireless communications, analytics, and automation.For the NSF, this translates into improved national defense, education, public health and safety, transportation, and digital infrastructure. For enterprises, NextG means greater efficiency, flexibility, business insights, and more opportunities to replace human workers with robots. (I’m just sayin’.)To read this article in full, please click here

Tech employers focus on training for IT pros

IT teams are dealing with rapid technology changes with increased retraining and skill development, according to a report by trade association CompTIA.Seven in 10 HR professionals surveyed who work with IT personnel said they plan a substantially increased effort to help workers re-skill in the coming year, with larger firms reporting a particularly strong emphasis in that area. Nearly 80% of IT HR professionals employed at such companies rated re-skilling or up-skilling as “more important” for the coming year, in contrast to 68% at medium-sized firms and 52% at smaller businesses.Network training 2021: Businesses grow their own expertise These numbers mark a changed relationship between employers and tech, according to CompTIA director of education and ed tech Stephanie Morgan, adding that the pandemic helped force companies to rethink the way they deal with their workers. “Businesses have realized they have to talk about people like they’re people, not like they’re assets,” she said.To read this article in full, please click here

Feedback: Microsoft Azure Networking

Azure and AWS have decent documentation (I always found it relatively easy to figure out what they’re doing), but what they implemented is sometimes so far away from what we’re used to that it’s hard to bridge the gap. Here’s how Olle Wilhelmsson solved that challenge:

I would just like to send a huge thank you, I’ve been a fan of your appearances on tech field day as a voice of reason, and different podcasts all around. Happy to finally be able to contribute and purchase an IPspace subscription, and was not disappointed.

This series on Azure networking was fantastic, it’s been frustrating to find any kind of good material on this topic. Even if Microsofts documentation is generally good, they really don’t have any resources to compare it to “regular” networking in physical equipment. So just a huge thank you, this has definitely saved me countless hours of reading and googling questions!

Feedback: Microsoft Azure Networking

Azure and AWS have decent documentation (I always found it relatively easy to figure out what they’re doing), but what they implemented is sometimes so far away from what we’re used to that it’s hard to bridge the gap. Here’s how Olle Wilhelmsson solved that challenge:

I would just like to send a huge thank you, I’ve been a fan of your appearances on tech field day as a voice of reason, and different podcasts all around. Happy to finally be able to contribute and purchase an IPspace subscription, and was not disappointed.

This series on Azure networking was fantastic, it’s been frustrating to find any kind of good material on this topic. Even if Microsofts documentation is generally good, they really don’t have any resources to compare it to “regular” networking in physical equipment. So just a huge thank you, this has definitely saved me countless hours of reading and googling questions!

Weekend Reads 050121


Attacks on virtual private networks, like those this week targeting a trio of known vulnerabilities in Pulse Secure appliances, have intensified in recent months along with the increase in remote and hybrid work environments since the outbreak of COVID-19.


Over the last couple of years, policy-making institutions have been putting greater focus on the study of various aspects of Artificial Intelligence (AI). This doesn’t come as a surprise.


Forty-six percent of all malware uses the cryptographic protocol to evade detection, communicate with attacker-controlled servers, and to exfiltrate data, new study shows.


One position I think more people should be aware of is a CISO. What does this actually mean – besides being made redundant when a breach is announced? I have personally worked within a CISO-as-a-Service position, but I wanted to get some more insight from those who are working in the trenches daily in an in-house CISO position.


According to Help Net Security, organizations in the pharmaceutical and biotech sectors witnessed a 50% increase in digital attacks between 2019 and 2020. It appears that at least part of those attacks originated from nation-state actors who specifically sought to steal COVID-19 vaccine research.


As further proof of this, new research Continue reading

VyControl – Web UI for VyOS Firewall

VyControl project is a single frontend interface to manage a single or multiple VyoS servers. It was developed by Roberto Berto and is written in Django/Python. It currently supports firewall and static routes configuration. Additional features are planned such as IPSEC, openvpn and basic dynamic routing. My goal is to provide easy-to-reproduce installation steps so […]
Continue reading...
1 689 690 691 692 693 3,791