The principles that define the information security field are decades older than computing, and we'd do well to learn from the lessons that precede our industry. We as security professionals naively construct an "our stuff versus them" model when attempting to defend our networks in our early career. As we …

Read More

Have you ever wondered what happened to all the privately-addressed traffic coming from any home network? Well, if it isn't explicitly blocked by the business, it's routed, and this is not good. Imagine what data leakage can occur when a user mistypes a destination IP - the traffic goes out to the Service Provider, who …

Read More

Idempotence and Declarative Methods - not just buzzwords Idempotence Coined by Benjamin Peirce, this term indicates that a mathematical operation will produce a consistent result, even with repetition. Idempotence is much more complicated subject in mathematics and computer science. IT and DevOps use a simplified …

Read More

Have you ever seen this error before? This is a really important issue in enterprise infrastructure because unauthenticated TLS connections teach our end users to be complacent and ignore this error. TLS Authentication SSL/TLS for internal enterprise administration typically only addresses the confidentiality aspects …

Read More

VMworld 2021 is online this year I'll really miss some of the sessions and exploration we've had in past years in person, but I think VMware made the right call this year. We can expect to see a fundamental shift with online conventions - and this will need some unique strategy compared to previous years. The Basics I …

Read More

One major advantage to NSX-T is that Edge Transport Nodes (ETNs) are transitive Transitivity (Wikipedia) (Consortium GARR) is an extremely important concept in network science, and in computer networking. In simple terms, a network node (any speaker capable of transmitting or receiving on a network) can have the …

Read More

Since NSX-T 2.5 just came out, it's about time to do a full rebuild and getting started guide. NSX-T differs greatly from NSX-V in that the initial setup is quite a bit more complicated and doesn't have many guardrails or direct paths to initial set-up. We'll be skipping the appliance deployment, because if you have …

Read More

Now that NSX-T Datacenter 2.5 is downloadable, it's time to try this out in my home lab. First things first, if you log in more than 90 days out, you'll be locked out of the appliance completely. If you make any changes the normal linux way (passwd and chage) the appliance will automatically revert it in about a …

Read More

As of 19 September 2019, NSX-T 2.5 has been officially released and is available for download! It's been a bit since the announcement, so let's cover some of the new capabilities of interest with NSX-T 2.5. This is a summary of what I found interesting, the complete release notes are here NSX Intelligence VMWare will …

Read More

I cheated/pivoted a little bit - decided to simulate a bit more closely what I'd be using at work. I bootstrapped a CentOS VM and followed the instructions in: https://github.com/PaloAltoNetworks/minemeld-ansible 1sudo yum install -y wget git gcc python-devel libffi-devel openssl-devel zlib-dev sqlite-devel bzip2-devel …

Read More