If anything, last week’s news about the hotfix released for Apple’s MacOS X High Sierra left me ashamed. Ashamed about Apple’s apparent lack of quality control, but maybe be even more about myself. I didn’t do the one thing Rejo Zenger of Bits of Freedom says we should always do: Question everything!
The date has been set. On March 21, 2018, at the same time as the local elections, the Dutch have the chance to voice their opinion on the Intelligence Bill that comes in effect on January 1, 2018. But whether you are going to vote in this referendum or not, it will not matter.
When we have to do maintenance on the network or an uplink, we try to do this with the smallest possible impact. Sometimes that means that we have to shut down a BGP session before the maintenance. This should not be a problem; routers will automatically find another route to reach other networks, but it still can mean that there is temporary packet loss. So what if we could let the Internet know that there is maintenance coming up? Well, we now can. And we will!
Big news at a Juniper Customer Event in Eindhoven the other day: Networks will become fully automated. No need for human interaction anymore, controllers will configure the complete network. But who will configure the controller?
A while ago, when I was doing maintenance on a router, which we had to downgrade to an older version, suddenly a thought popped up into my mind: is this older version actually safe from the recent Network Time Protocol (NTP) bug?
A few weeks ago I read this in the news: “The Netherlands are not ready for a cyberattack”. This intrigued me and a couple of things sprung to mind. First off: ‘Haven’t I read this before?’ And secondly: ‘Why would you report this?’
I am a hands-on guy. If I need to change a switch or a setting on a network, I draw up the schematics and get started. But sometimes it is good to take a step back and see if that is the most efficient way to do the job. This is my second after-summer resolution.
Usually people reflect at the end of the year how things went and then they come up with resolutions to do things better the next year. I like to think that the summer break is also a good moment to think about resolutions.
There has been some commotion last week, when the Dutch senate passed a bill giving intelligence services more power to watch electronic communications. They can now also tap communications from affiliates of suspects. To be honest; I think it is great to have this commotion.
A major part of the life of an engineer is about troubleshooting: a network is down or an application isn’t working, and we have figure out what is wrong. For those who have to deal with this, here are the basics of troubleshooting again – it looks like people keep forgotting them along the way.
Is it hard to hack a webshop and retrieve personal data? All you need is a URL that shows what the structure of the underlying database is and you could find a lot of personal data on that server and harm it. Change a few numbers in the URL or place a semicolon and watch the database crash. It is the first step of ‘hacking’. And also the first step programmers should protect!
The Internet in the Netherlands has always been fast, much faster than the world average. But as of this month, we have dropped out of the top 10 of countries with the fastest connections in the world. We can thank just one company for this: KPN.
Yet again there has been an attack on innocent people, this time in Manchester. Police and intelligence services have identified the attacker as a British man. And again the perpetrator ‘was known up to a point’ by these same intelligence services.
That was a first here at the RIPE Meeting in Budapest, Hungary and the meeting was not even a day old. At RIPE, speakers talk about solutions for technical issues, about applications of new technology and since this edition also a little bit about… politics.
We need to be online all the time. To ensure our continued online presence, a lot of the services on the Internet are built redundantly. If there is a problem, traffic to that service will be rerouted and the service will still be online. A good thing, but… just don’t overdo it.
Let me ask you a question. Are you fully complying with the law on Data Breach Notifications that was introduced in 2016? Because there are a lot of rules attached with that law and yet there are not a lot of people or institutions that check if they are
It is remarkable to see that ever since the Internet came to the Netherlands, our government has always been one step behind the industry. Whenever they introduce new legislation or policies, it looks like they came up with it a year too late, or have no idea what they are doing.
Knowing the status of your network is very important. But what do you actually know about your network? Do you know how much traffic there is at any given time, and what kind of traffic it is and where it is going?
At the end of last year we told you about what 2017 would have in store for us. We would not just migrate our servers to the Amsterdam Data Tower, we are also migrating ourselves to a new office. And we told you about the new customer portal.
The infrastructure of the digital world consists of hardware in racks, connected with each other via actual cables. And the bigger your company and therefor you infrastructure grows, the more devices you have to connect. That means more and more cables. The problem with that is, they tangle up easy.
There is nothing more frustrating than calling a helpdesk because you have a problem with your system and you have to plough through menus to get to the right person to help you. You just want to speak to someone that can help you right away.
We have only just started the year 2017 and already it is being dominated by stories of hacking. The press is having a field day with it; not just the ‘normal’, but also the ‘fake’ news outlets that we read and even more, believe. If this is any indicator, it is going to be a long year.
It has been quite a year, 2016. Luckily for us, it has been a good year for the most part. We had the chance to work on some great projects and the chance to expand Fusix Networks. And we will continue doing so in 2017. Quite literally, as we double the capacity of our network and will move into a new office which is twice the size of the current one.
So, here is one sentence you don’t hear a lot any more these days: “Do we have a floppy disk to update the firmware?” Yes, we were looking for a floppy disk to help us out. It prompted a question among us. How often do you need to update the management software in the BIOS of your server?
All of us want to be online all the time and connect everything to the Internet, and so ‘the cloud’ has to be in perfect shape. Our sector is in need of good engineers that know how to keep the Internet online.
Do you remember the time when you had to install Linux from ten 3.5 inch floppy disks and for some reason you were always missing a file? It took days to install a workstation properly. Not to mention all the bugs that were on networks and servers.
Being in the ISP world, our business is really specialized. Of course you have to have the necessary technical knowledge if you want to succeed, and specialities to become outstanding. But what about the basics?
In The Netherlands, it is a cliché to make fun of them. And they probably do the same thing with us. But while on a short holiday in Belgium, it dawned on me that when it comes to being ready for the future of the Internet, we can learn a lot from the Belgians.
We knew this time was coming, so we were prepared. And being prepared is the key element when you start a big migration project: planning. Because there are a lot of things you need to think about when you migrate from one data center to another. Michal Kolaczyk is our expert on this.
Every day we try our best to do our job. To maintain our clients’ networks. When something is down, we fix it. But sometimes, this is out of our hands and all we can do is wait. And that is frustrating.
Whenever there is an online incident, people speculate as to the cause of it. Look at the major breakdown of KPN’s internet services last week. Is it a hack, why is not everybody effected by it, why can people still watch TV, but not go online? There are numerous theories, but no one really knows. Even we don’t.
Whenever I go through the logs and graphs of our networks at night, my wife looks at me as if she is wondering what I see in those graphs when I ‘glance’ at them. Well, I am doing my job. Managing the networks of our clients.
Whenever your network is down, be it due to a technical problem or a DDOS-attack, the first thing you need to do is get your ‘emergency vehicles’ at the scene and assess the situation. But how to get them there if the main road is blocked, in this case with packets? Well, you use the service road.
With a lot of people going on vacation, and therefore fewer people around to act on network problems and security threats, this time of year is one for the favourite times for those who like to attack your system. Maybe not as much as during the Christmas break, but still. So, besides checking if you have your passport and toothbrush packed, have you checked your network security?
You have probably heard this before, and it is still the best way to prevent problems. Before you close up shop for the holiday, just run a checklist on your security. Make sure you have the latest security updates for your operating systems installed. For instance, right before the holiday period started, Juniper announced they found a number of breaches in their JUNOS operating system. Patches were released to make sure the breaches were closed. This was caught early, so everybody could act on it quickly, but it could be harmful if you don’t act on such a warning and just wait until after you are back. Who is going to check your system when you are gone?
Not only should you check your own security, you should also check if your contact information in your supplier’s database is still accurate. Call their NOC number, to check for real. Make sure your credentials are still accurate and known to your upstreams. If you are away and something does happen, the stress of that alone is enough to rile you up. You don’t want to have to search for the right credentials or contact information to add to that stress.
Much like people make a checklist at home to see if they have packed everything, at work make a list to check your security. You don’t want to spend your holiday thinking about ‘What if?’ or ‘Did I really check that?’ all the time, right?
In many of the quotes that Fusix sends out, IPv4 addresses are the biggest cost factor. As anyone reading this article will know, the technology of the successor IPv6 is here, has been proven to work fine and yes, people want it, because in the long run it is cheaper to implement. Let’s start forgetting about the cost of implementing IPv6 and make it the standard!
Marco Hogewoning, External Relations Officer at RIPE NCC and my former colleague, started this discussion and I am on the same page as he is. He argued that instead of looking at the cost of implementing IPv6 and basing our decisions on that, we have to start looking at how much we can save by not having to continue the use of IPv4. And he is right about that.
Right now we are almost out IPv4-addresses. To acquire new ones is possible, but pricy, and it is not going to get cheaper. Yes you can still get IPv4 addresses from the RIPE NCC and there are IPv4 broker companies trading addresses for a fee. But the irony is that at the same time, anyone can get as many IPv6 addresses as they want, all for free!
Companies planning the implementation of IPv6 sometimes claim that investing in IPv6 is not worth the price. They have all kinds of arguments but fail to realize that in the end it will be cheaper to implement IPv6 than to uphold the infrastructure needed to run IPv4 protocols – where not just IPv4 addresses need to be acquired, but also Carrier Grade NAT boxes need to be deployed, both of which cost serious money. “But no one is using IPv6.” Also not true. Today in Belgium, one in two Internet connections has IPv6. And they can stream Netflix as well as we do, and Facebook, Youtube and Microsoft are as reachable as they are in The Netherlands with our IPv4 preference. Our Southern neighbours can teach us in that respect. They are by far the most advanced country in Europe when it comes to implementation of IPv6.
Marco Hogewoning is right (and I can tell you, at the time we worked together, he was usually right, too!). Think of all the money you can save by not having to buy more IPv4 addresses and invest in CGNAT equipment. Forget IPv4, let’s go IPv6!
Like a lot of people, I was shocked when Britain voted to leave the EU. The ramifications of this decision are large. For those of us remaining here in Europe, but most of all for those in the UK. The biggest blow will be economical, of course. And it will be felt throughout the UK.
For starters, services like Netflix will become more expensive in the UK. UK citizens will also miss out on the new European deals for low cellular data roaming cost. And on a larger scale, it is going to hurt the position of the country, more specifically London, as a telecommunications hub for fibre optic cables. Today, many of the cables that connect the European mainland and the US still run through London.
I think that in future new cable systems will be planned around the uncertain situation in the UK, probably choosing Ireland instead. It is already happening; Telefonica is running their cable directly from Spain to Virginia in the US, where in the past they would have naturally chosen London in the middle. I am not saying this specific has to do with Brexit, but I do feel it is a sign on the wall and this will happen more and more in the future.
Another thing I heard a lot of people talking about, is data protection. UK inhabitants may feel “liberated from the European rules” in this regard. However the UK has their own Data Protection Act of 1999 instituted by the UK itself – not mandated by the EU – which enabled the UK to do business with EU countries, more specifically: storing data of European citizens. I’m sure they still want this business and keep their own Data Protection Act in place. So your data is safe!
Whatever will happen now that Britain chose to leave the EU, is anybody’s guess. I know that I will think twice about expanding to the UK with networks and my business. Given the uncertainty of what will happen economically, we will see European Internet Exchanges flourish and keep growing while LINX in London in the longer term will suffer a blow and not grow as quickly as their mainland colleagues. We’ll see – in the end, only time will tell.
In an earlier post I talked about how buying Cisco never gets you fired. Some readers have interpreted this as if I was trying to bash Cisco, while others thought it was an endorsement. The truth is that it was neither. In my work I am always trying to find the solution that fits the client’s network best, regardless of brands of hardware or software. Whatever works best to meet the needs of the client, works best for me. Sometimes it is hardware from the big names that’s the best, and sometimes it isn’t.
Working in the cloud is the way to go nowadays. As many will promise, cloud services are always up and always working. That puts heavy demands on the hardware and even heavier on the software that is used to keep the network running. And you know what, I think that software has just become too complicated to keep things stable.
Early this year I spoke about how 2016 will be all about security. Now as we are almost half way through, it looks like I was right. In the US, the FBI is still investigating the use of a private email server by presidential hopeful Hillary Clinton. And now it seems we have a Dutch version, with a notable reasoning for it.
Is it the name of the product that makes for the best solution, or is it the product that fits the needs, regardless of the name? To many the former, to me the latter. Not everything has to be Cisco Systems (or Juniper Networks, for that matter). There are alternatives that sometimes fit the needs better. It is not just all in the name.
If there is one thing that we here in The Netherlands are good at, it is data collection. Our records are so meticulous, we know basically everything of everyone. And now they want to go through all that data to hunt for criminals.
Using fibre to send data is nothing new. But still there is a lot unknown about how it works and how to get the right connectivity. Basic questions, like what kind of connectors you need, complicated questions about wave amplification or even, surprisingly, which provider you can use. Almost all ISPs say have their own fibre glass network, but do they really?
Lately there has been a lot of news surrounding data and encryption. The FBI wants Apple to create a backdoor in their iOS – just this once, of course – and in The Netherlands, ‘Stichting Brein’ has been given the green light to mine through data to find uploaders of copyrighted material.
You do not need to have that air-conditioned room any more where your servers used to be. The Fusix cable will be enough. You still have your own servers, in your own network, but without the hardware.
Most of you will recognize it: that room at the end of the hall that has a state of the art air conditioning, some fire extinguishers and locked most of the time. It is your company’s server room. In it a lot of cables, racks and the servers of the company. Maintaining the hardware in the server room is a costly and time-consuming effort. Are there any options?
What if you are being forced to migrate by your data centre? For a lot of businesses this is going to happen this year. Telecity 1 will move to a new building this year. So now is the time to think about your options.
The speed of your network is what you rely on for your daily operations. That’s why you want to know how it is performing: how fast it is and what route it takes. Because no matter how fast your network is, if it takes a longer way to reach its destination, your data transfer will take a longer time to reach its receiver.
Like in any business, the human factor in the IT-business is the factor where most, unintentional, mistakes come from: a typing error is easily made. Not to mention those with bad intentions that deliberately ‘make a mistake’ or attack your servers.
You have probably been asked these questions a hundred times: When is the last time you changed your password for your accounts, devices or WIFI? And with each time, you thought to do something about it. But it just did not happen yet, because there are a lot of things to check and change. So here is a tip: try to do something about your security every day, even if it is just a small thing.
If there is anything we can learn from last year, it will be that the threats to our online security will continue in 2016. There have been some big breaches in 2015, and you can expect more of them this year. And they will leave marks behind.
The holiday season is full of traditions and unfortunately one of them is a higher number of cyberattacks. For some it is still a popular pastime to launch a DDOS attack, like the one late last November on the network of Dutch public broadcaster NPO. But with fewer staff at the office this time of year, what can you do if your network is being attacked?