Blog

Blue Team and Red Team

Jun 1, 2019
Security

One of the most common questions is the difference between the red and blue teams. People are also confused about why there are two teams in cybersecurity and can one replace the other? In short, there are two teams by standing on two perspectives in cybersecurity, and we need them both. The blue team stands on the defender’s side, in which the team focuses on visibility, context, and control. On the other hand, the red team is on the attacker’s point to test the strength of points in defense. ...

I have a CCIE, so what's my level of security

May 5, 2019
Security, CCIE

CCIE is a good proof of what you have learnt, but it may be far away from what you will experience. The past 2018, I hosted a couple of security workshops all over the world. During them, I was asked the same question for many times: “I am trying to have/have passed a certificate of xxx, what’s my level in the security area?” Like what I always suggest people who ask a similar question of CCIE, I’d like to use the most well-known terminology in the networking industry: It depends, which can be illustrated in two perspectives. ...

Security devices aren't good enough because they aren't bought properly

Feb 5, 2019
Security

Through my consulting experience started from last year, there were a couple of times when attendees were talking about the performance and usability issues of their security products. Interestingly enough, I found most of these issues were not related to the performance and features at all. Instead, they were more close to how devices are bought. Among the discussions, a shared process is locking a brand, then deciding which models had the best fit in their environment and finally sought partners for the final procurement. ...

When a paper plane scales up to a Boeing 747 — escalation problems for a network

Jun 2, 2018
Scaling

Scaling up a network will face a lot of issues that don’t appear when it’s small. In this post, let’s look at what problems are they. Stateful applications One of the most important decisions that make the Internet possible is to make the network stateless and push applications which are usually need to store states to end users. In the development of the network, stateful applications are inserted for certain purposes. ...

What is Segment Routing

Sep 10, 2016
Protocol, Segment Routing

When networks are getting deeper and deeper into our everyday work life, they have become more and more complex. Opposed to traditional networks, their functionalities are wider and wider, which challenge the principles existed. Today’s networks demand better performance, scalability, flexibility, better operational cost efficiency and maximize link capacities. All the requirements force the network to have certain automation and can be managed by a centralized controller. This idea of managing the network is call software-defined-network (SDN). ...

Better process for zsh virtualenvwrapper plugin

May 20, 2016
plugin, python, shell, virtualenv, zsh

Virtualenvwrapper is one of the must-have scripts for building a Python development environment. With the power of zsh oh-my-zsh plugin framework, we can automate some processes such as activate & deactivate. But the build-in virtualenvwrapper fails to work sometimes what it should be. I decided to fix it by myself after googling for existed solutions. virtualenvwrapper plugin analyze & optimize The existed virtualenvwrapper plugin is quite useful in most of the time, but it would malfunction occasionally. ...

How to install ffmpeg on OpenShift

May 2, 2016
FFMpeg, Linux, OpenShift

We, ProjectMercury, recently wanted to move encoding jobs into OpenShift to make our workflow more efficiently. After some effort, we made it work. Here is a quick note of the process Pre-requests: git rhc I assume you already have both of them After sshed into your openshift virtual machine. Using following commands to install ffmpeg cd $OPENSHIFT_DATA_DIR mkdir bin wget http://www.tortall.net/projects/yasm/releases/yasm-1.2.0.tar.gz wget http://ffmpeg.org/releases/ffmpeg-2.0.1.tar.gz tar -xvf yasm-1.2.0.tar.gz cd yasm-1.2.0 . ...

Huawei is providing outsourcing management services for SPs

Apr 30, 2016
Huawei, ISP

I recently had a chance to speak with a supervisor, who is called such by his colleagues, from Huawei. He mentioned that Huawei was trying doing outsourcing IT management service for SP customers. This approaching reminds me that Cisco is also thriving to bring management service into China. I don’t think this is a coincidence that two biggest companies in the same industry are doing the same. The only difference is that Huawei is expecting to have a proliferation out of China mainland, while Cisco is trying to bring this concept into China. ...

Real World Network Simulation

Apr 29, 2016
Simulation

Why we need network simulation As a network engineer, I have to spend a lot of time in the lab or test environment on testing concepts, configuration, troubleshooting and so on. This is also true for people whose work environment is related to a network such as developers, DBAs. The problem here is that the lab sometimes so perfect that it cannot emulate the real world flaws like latency, packet loss, re-order or bandwidth limitation. ...

Controller discussion is excessive, we need more about other aspects

Apr 24, 2016
controller, SDN

Ever since SDN has been revealed and considered as the future in the industry by the public. There are abundant discussions about OpenFlow, ACI, NSX, etc. The main focus right now is the software part including southern API, northern API and more. The discussion about those new features which SDN could bring us has instigated the aspires of this Old-thought-with-new-implementation for network fellows who have been suffered for a long time for the poor management & controllability of network entities. ...