DDIIPAMNetwork AutomationPython Library for SOLIDserverIn the infrastructure as code and orchestration spaces, engineers frequently use programmatic languages such as Python. When using higher level automation tools like Ansible or Puppet the underlying language used is mostly one which is well known Python, Ruby or Golang. Communication with the network and system components needs to be performed with simple methods, REST APIs are very well designed for this purpose, they are easy to manipulate, actions are atomic, require no complex session to set up and...
DNSDNS SecurityIPAMZero Trust: Verifying beyond perimeters, DNS security is keyZero trust architecture is a paradigm focusing on a client rather than networks. It can be complex to set up, but a first simple step is possible with an appropriate DNS security solution. Perimeter security is not enough Most enterprise networks are based on security topology separating the internal and the external networks. The internal where the users are located, and the external which connects to the Internet and partners. Most of the time, intermediate zones are built to allow...
DNSDNS SecuritySecure Your Network with DNS: Episode 3 – Ensuring Security Through IntegrityThis blog is the third of four episodes which help describe best practices for utilizing DNS to protect your overall network. End users most likely don’t care much about the domain name resolution process. It simply works – otherwise they feel their internet connection is broken. Yet, DNS is the key component of their network directing them to the service/content they expect to reach. But could they detect a trap if they were being routed by a fake traffic officer?...
DDIDHCPDNS SecurityBreaking LTE on Layer Two – DNS Over TLS ResponseRecent disclosure of a paper describing an attack (aLTEr) against LTE networks titled “Breaking LTE on Layer Two” is surprisingly drawing a lot of attention to DNS security over mobile networks. The fact is, this paper refers to a combination of multiple “vulnerabilities” within the implementation of LTE networks. It describes how it’s possible to corrupt mobile network traffic, by targeting, as an example, DNS packets. But beware- any unencrypted protocol is at risk. In the end, this alarming paper...
