Re: [AusNOG] SDWAN Security

2021-05-31 Thread dusty 
Heya,

How are those solutions more suited to swapping in for an MPLS network?
Aren't they all just some flavour of vpn with a cloud frontend, and some
neat fail over behaviours?

I am in the unenviable positive of having to prove "why not meraki", rather
than "what's the best option". Hopefully that comes later, but the meraki
solution has some...investment...to overcome.

And that can only be done with hard facts


On Mon, 31 May 2021, 7:22 pm Radek Tkaczyk,  wrote:

> Hi Dusty,
>
> I don’t think you will find that Cisco meraki is not a proper SDWAN
> solution. It’s just a glorified VPN with a cloud dashboard. If you call
> that SDWAN then SDWAN has been around for 30 years then.
>
> You need to be looking at proper SDWAN solutions like Velocloud(VMware),
> Cisco Viptella, Peplink, etc. These are proper SDWAN solutions that can
> replace an MPLS.
>
> Sent from my iPhone
>
> On 31 May 2021, at 4:09 pm, Dale Shaw  wrote:
>
> 
> Hi Dusty,
>
> Full disclosure: I work for VMware (we have a SD-WAN offering) but I’ll
> keep it agnostic—
>
> On Mon, 31 May 2021 at 12:49 pm, dusty  wrote:
>
>> Hi Folks,
>>
>> After a number of years being more managerial than technical, I find
>> myself staring at a proposal to swap a perfectly good MPLS network with
>> some Meraki shenanigans.
>>
>> This, frankly, gives me the heebie jeebies.
>>
>> I've done a bunch of poking around but, alas, it is remarkably difficult
>> to locate reliable analyses of the actual security (or lack thereof) of
>> these solutions - plenty of glossy marketing and whizzbang, not a lot of
>> facts.
>>
>> Can anyone point me in the direction of some decent whitepapers, blogs,
>> etc about the relative merits of these things?
>>
>> Thanks!
>> --dusty (in Brisbane)
>>
>
> (tl;dr: talk to your friendly vendor SE.)
>
> What sort of collateral would you look for, to give warm fuzzies, if you
> were evaluating a traditional WAN routing platform?
>
> You should be able to find security whitepapers and other technical
> documents that describe management and data plane security, use of
> crypto/PKI etc.
>
> Vendors targeting enterprise customers should be putting their products
> through security evaluation frameworks such as Common Criteria — look for
> certification, in-flight or completed, against the Network Device
> collaborative Protection Profile (NDcPP) plus optional modules like VPN.
> Crypto libraries may be FIPS 140-2 [US centric] certified.
>
> For vendors offering things as-a-service, certifications and statements of
> conformance against other regulatory frameworks should be applicable (SOC,
> FedRAMP [again US centric], IRAP etc. may exist).
>
> Cheers,
> Dale
>
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

[AusNOG] SDWAN Security

2021-05-30 Thread dusty 
Hi Folks,

After a number of years being more managerial than technical, I find myself
staring at a proposal to swap a perfectly good MPLS network with some
Meraki shenanigans.

This, frankly, gives me the heebie jeebies.

I've done a bunch of poking around but, alas, it is remarkably difficult to
locate reliable analyses of the actual security (or lack thereof) of these
solutions - plenty of glossy marketing and whizzbang, not a lot of facts.

Can anyone point me in the direction of some decent whitepapers, blogs, etc
about the relative merits of these things?

Thanks!
--dusty (in Brisbane)
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Common Sense needs to prevail

2018-10-08 Thread dusty 
Funny, I was going to say the same thing to you.

On Tue, 9 Oct 2018 at 12:24 pm, Skeeve Stevens <
skeeve+aus...@eintellegonetworks.com> wrote:

> You're now part of the problem, not the solution.
>
>
> ...Skeeve
>
> *Skeeve Stevens - Founder & Chief Architect - *eintellego Networks Pty Ltd
> ske...@eintellegonetworks.com ; www.eintellegonetworks.com
>
> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
>
> facebook.com/eintellegonetworks ;  
> linkedin.com/in/skeeve
> Cumulus Linux / Open Networking - Cloud - Consulting - Juniper - Cisco - IPv4
> Brokering
>
>
> On Tue, Oct 9, 2018 at 10:15 AM John Edwards  wrote:
>
>> Flirting with "a cute guy or girl" at an industry function is
>> inappropriate.
>>
>> There are apps for that now, save the face to face for professional
>> relationship building.
>>
>> Imagine thinking that someone was interested in you for your skills or
>> experience, only to find that you misread "innocent flirting". That might
>> affect your career choices and the industry as a whole would be poorer for
>> it. At the very least it wasted your time in exploring legitimate
>> networking opportunities.
>>
>> Bonus "PC gone mad" points for sharing a mildly racist anecdote and
>> obliviously lowering the tone of the place a little bit more.
>>
>> John
>>
>>
>>
>> On Tue, 9 Oct 2018 at 08:02, Skeeve Stevens <
>> skeeve+aus...@eintellegonetworks.com> wrote:
>>
>>> I hate to do this. I'm going to contradict my previous post about this
>>> not being the forum for such discussions.
>>>
>>> This post is not to start another thread war, so if you want to abuse or
>>> say something else to me, please do it off-list.
>>>
>>> I've been catching up on the posts re Sexual Harassment in our industry.
>>> I didn't read all of them, there were just too many. So I don't know if
>>> this perspective was addressed.
>>>
>>> Firstly, I will state categorically that Sexual Harassment is wrong.
>>> SEXUAL HARASSMENT is wrong. Flirting or saying hi to a cute girl (or guy)
>>> is not wrong.
>>>
>>> I hate seeing people go politically correct mad and destroying perfectly
>>> good situations because of a few idiots who should be punished. That said,
>>> the incident should be looked into to make sure facts/accusations are
>>> accurate, as a misunderstanding or wrong accusation can easily destroy
>>> someone as badly as being actually sexually harassed. Bevan was right to
>>> make the announcement, and right to send the warning of what would occur
>>> next time.
>>>
>>> But we need to make sure our industry doesn't have all the fun and
>>> opportunity to meet new people squeezed out of it. I'd hate to see events
>>> where people are afraid to even say hi to someone they fancy (damn I'm old)
>>> due to incidents such as these.
>>>
>>> I say this because I have a different experience than most people here
>>> in that I met my wife at an Ausnog event.
>>>
>>> It was an industry drinks (pre-conference I believe for Ausnog #2)...
>>> there was a cute girl named Shanti (white) and her friend Lynette (Sri
>>> Lankan) which I found highly amusing based on their names. We had lots of
>>> fun with that and there was much flirting to be had.  I wasn't too naughty
>>> (based on the result), but I do recall my staff carrying me out of that
>>> event due to way too much alcohol.
>>>
>>> It turns out Shanti was the one managing the event on loan from Vocus.
>>> As a sponsor of Ausnog #2, I had some interactions with Shanti the
>>> following few days (my staff were previously doing it - but I was smitten),
>>> and during the actual conference spent most of the time outside doing more
>>> flirting with this amazingly cute girl who for some reason was giving me
>>> the time of day.
>>>
>>> I don't recall any of that event really except Vijay Gill being awesome
>>> and Geoff Huston doing his thing. Apart from that... no idea.. I was a
>>> little smitten.
>>>
>>> A few days later I headed to Christchurch for my first APNIC event (#26)
>>> on James Spenceleys recommendation and by some stroke of luck (for me),
>>> James brought along Shanti too.  Well, that was that. It was my first
>>> APNIC, and James asked Shanti to 'keep me amused' [it was all his fault!!]
>>> as we were obviously getting on well. Well, that was the end of that.
>>>
>>> 10 years later, and recently having our 7th Wedding anniversary, and
>>> being the happiest husband ever that I met and fell for one of the very few
>>> women at the AusNOG conference.
>>>
>>> So. Sexual Harassment is bad bad bad... and anyone who does anyone that
>>> is not welcome should be taken care of harshly. But, trying to meet people,
>>> is not a bad thing, and as long as people are respectful, people should
>>> continue to continue to have fun at these events and not be scared of
>>> meeting new people, for whatever reasons.
>>>
>>> ...Skeeve
>>>
>>> *Skeeve Stevens - Founder & Chief Architect - *eintellego Networks Pty
>>> Ltd
>>>

Re: [AusNOG] Sexual harassment in our industry.

2018-10-02 Thread dusty 
“Merit-based selection”
False equivalences
#metoo denialism (ohnoes won’t someone think of the poor menfolk??)
“Virtue signalling”

Anyone else hit redpill bingo from this email alone?


On Wed, 3 Oct 2018 at 15:58, James Troy 
wrote:

> Ive long been a member of Ausnog mailing list, I find the information that
> is often posted here to be quite valuable; I have also been watching this
> thread with a particular keen interest.
>
>
>
> Particularly as I was waiting to see how long the #MeToo and ‘gender
> diversity’ was going to get pushed.
>
>
>
> Firstly let me say, any assault, sexual or otherwise is not acceptable.
> Yes IT as an industry is over-represented by males; however to second you
> start to include someone in something like a board selection based solely
> on their genitalia is the second you loose any credibility. I wholy
> subscribe to the idea of the ‘best person for the job’
>
>
>
> If that means 25% of one gender and 75% of another then fine, they are all
> selected on their merits.
>
>
>
> Anything short of selection based on merits (ie: Gender) opens an entirely
> different can. Ie: is there someone of
> Asian/African/Australia/aboriginal/TSI background? No? wow wouldn’t that be
> racist?
>
>
>
> Suddenly people talk gender and its acceptable.
>
>
>
> I believe that IT, Along with many industries still has a long way to go
> to be fully inclusive of all participants, regardless of
> race/religion/gender/background – but selection based on gender,
> percentages, inclusion policies is _*not*_ the way to get the recognition
> that some hard-working people deserve. If I worked in a female dominated
> industry (teaching, midwifery, childcare, etc) I would want to be selected
> for something like this based on my work ethics, input, and recognition –
> not simply to be the token male.
>
>
>
> We as an industry – and as humans – should be there to support our
> colleagues when they get targeted and victimised, however I also agree that
> if an accusation is made, and reported to the ‘other company’ then it
> should also be accompanied with proof – too often we are seeing the #MeToo
> being used as a weapon to destroy people – predominately men – without a
> shread of proof.
>
>
>
> I do however agree that an ausnog post is not the correct forum for that
> proof and that is best handled between the direct parties – it was
> suggested at the CEO level – this protects the victim, the **Alleged** (I
> use this term deliberately as until it is proof we have due process –
> innocent until PROVEN guilty – same as the media reporting on items that
> are before the courts.) aggressor until a chain of evidence can be
> established and only then actioned upon.
>
>
>
> Im sure I will cop back-lash on this, virtue signalling and all…
>
>
>
> James Troy
>
> Senior Systems Administration
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *From:* AusNOG  *On Behalf Of *dusty
> *Sent:* Wednesday, 3 October 2018 12:33 PM
> *To:* Matthew Young 
> *Cc:* aus...@ausnog.net List 
>
>
> *Subject:* Re: [AusNOG] Sexual harassment in our industry.
>
>
>
>
>
>
>
> On Wed, 3 Oct 2018 at 14:59, Matthew Young  wrote:
>
> “While we're at it though, there needs to be female representation on the
> Ausnog board.”
>
> People should be appointed based on their merits, not based on their
> gender.
>
>
>
> Show me a man with a bias-free recruitment/selection process, and I’ll
> show you a deluded patriarchal fool.
>
>
>
>
>
>
>
> *From:* AusNOG [mailto:ausnog-boun...@lists.ausnog.net] *On Behalf Of *Paul
> Wilkins
> *Sent:* Tuesday, 2 October 2018 5:50 PM
> *To:* aus...@ausnog.net List 
> *Subject:* Re: [AusNOG] Sexual harassment in our industry.
>
>
>
> "Seems you've never been to a meeting."
>
>
>
> The verity of this statement cannot be overexaggerated.
>
>
>
> Kind regards
>
>
> Paul Wilkins
>
>
>
>
>
> On Tue, 2 Oct 2018 at 17:42, Mark Smith  wrote:
>
> On Tue, 2 Oct 2018 at 16:50, Paul Wilkins 
> wrote:
> >
> > The need for a Code of Conduct has been raised and it's a good point.
> >
> > While we're at it though, there needs to be female representation on the
> Ausnog board. I see where there's 5 directors been appointed, and they're
> all men. I'm wondering who is doing the appointing.
> >
>
> Seems you've never been to a meeting. That's covered in the closing
> session.
>
>
>
> > That they couldn't find a woman up to the required standard gives rise
> to an unfortunate impression of the board acti

Re: [AusNOG] Sexual harassment in our industry.

2018-10-02 Thread dusty 
On Wed, 3 Oct 2018 at 14:59, Matthew Young  wrote:

> “While we're at it though, there needs to be female representation on the
> Ausnog board.”
>
> People should be appointed based on their merits, not based on their
> gender.
>

Show me a man with a bias-free recruitment/selection process, and I’ll show
you a deluded patriarchal fool.



*From:* AusNOG [mailto:ausnog-boun...@lists.ausnog.net] *On Behalf Of *Paul
> Wilkins
> *Sent:* Tuesday, 2 October 2018 5:50 PM
> *To:* aus...@ausnog.net List 
> *Subject:* Re: [AusNOG] Sexual harassment in our industry.
>
>
>
> "Seems you've never been to a meeting."
>
>
>
> The verity of this statement cannot be overexaggerated.
>
>
>
> Kind regards
>
>
> Paul Wilkins
>
>
>
>
>
> On Tue, 2 Oct 2018 at 17:42, Mark Smith  wrote:
>
> On Tue, 2 Oct 2018 at 16:50, Paul Wilkins 
> wrote:
> >
> > The need for a Code of Conduct has been raised and it's a good point.
> >
> > While we're at it though, there needs to be female representation on the
> Ausnog board. I see where there's 5 directors been appointed, and they're
> all men. I'm wondering who is doing the appointing.
> >
>
> Seems you've never been to a meeting. That's covered in the closing
> session.
>
>
>
> > That they couldn't find a woman up to the required standard gives rise
> to an unfortunate impression of the board acting as a boy's club.
> >
> > Kind regards
> >
> > Paul Wilkins
> >
> >
> > On Tue, 2 Oct 2018 at 16:10, David Hughes  wrote:
> >>
> >>
> >> We thank Bevan for raising this important issue and bringing it to our
> attention.
> >>
> >> This is a complex situation and we take any allegation of this nature
> very seriously.  We hope to discuss this further with those concerned in an
> attempt to establish specifics, while maintaining the confidentiality of
> all parties.  If there are any actionable details we will offer assistance
> to the party involved if they wish to escalate the matter further.
> >>
> >> Even though issues regarding the behaviour of delegates at our events
> have never been raised with us, we want our attendees to feel safe and
> supported.  We have commenced a review of policies and processes from other
> organisations and will work with our solicitors to draft a policy suitable
> for AusNOG events and mailing lists.
> >>
> >> The organisers of AusNOG believe that behaviour of this nature is not
> acceptable at any conference, function, or workplace in our industry.  We
> will attempt to engage the leaders of our industry to push for a broader
> solution.
> >>
> >>
> >>
> >> David - on behalf of the AusNOG Board
> >> ...
> >> ___
> >> AusNOG mailing list
> >> AusNOG@lists.ausnog.net
> >> http://lists.ausnog.net/mailman/listinfo/ausnog
> >
> > ___
> > AusNOG mailing list
> > AusNOG@lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
>
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Captive Portal + Daily Usage

2018-06-13 Thread dusty 
Aruba will do what you're wanting - although like Meraki it ain't the
cheapest.

On Thu, 14 Jun 2018 at 09:07, Saxton, Joseph (SYD-FED) <
joseph.sax...@interpublic.com> wrote:

> How about Meraki? Could be a little more pricey compared to some of the
> other vendors in your list.
>
>
>
>
>
>
>
> *From: *AusNOG  on behalf of Cameron
> Murray 
> *Date: *Thursday, 14 June 2018 at 8:56 am
> *To: *"" 
> *Subject: *[EXTERNAL] [AusNOG] Captive Portal + Daily Usage
>
>
>
> Guys,
>
>
>
> In a bind and needing some recommendations for products/solutions urgently
> to support a Public Wireless network (local council) allowing guests to
> Self-Register and be assigned a account with no expiry however limitations
> imposed on throughput up/down and a daily transfer limit.
>
>
>
> I've looked at the following products and their captive portal offerings
> and none appear to do exactly what the requirements call for;
>
>
>
>- UBNT Unifi
>- Open-Mesh
>- Mikrotik User Manager
>- Ruckus
>- Xirrus
>- Aerohive
>- MyWiFi Networks
>- IronWifi
>
> The difficult part appears to be the daily usage limits.
>
>
>
> Thanks in advance
>
>
>
> Cameron
>
> This message contains information which may be confidential and
> privileged. Unless you are the intended recipient (or authorized to receive
> this message for the intended recipient), you may not use, copy,
> disseminate or disclose to anyone the message or any information contained
> in the message.  If you have received the message in error, please advise
> the sender by reply e-mail, and delete the message.  Thank you very much.
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog