Why yes, I will have more pie.
View this email in your browser
IN THIS WEEK'S ISSUE: How Do You Learn?; Network Security In Decline. Hey, turn on those images, they might be amusing. Or not. Probably not. But it's worth a try. 
Table of Contents
(aka The Project Plan)

Issue Number 70

 

11/22/2017

 
The "Learning" issue. 
 

Thought For The Week:

"The leftovers are my favorite part."
 

1. How Do You Learn? (An Honest Question!)

by Ethan Banks


Before you read this, understand that it comes with a bit of responsibility on your part. I’m asking you to provide us with feedback on how you learn in our distracted world. A major initiative at Packet Pushers is to create deeper, focused presentations on topics important in the world of IT architecture. The question is how best to communicate that information.
 

As an off-again-on-again technical instructor, I often consider how best to visually support what I’m teaching.

Should I have a massive slide deck that itemizes everything I want to communicate? Or should I limit supporting visuals?

Of late, I tend towards sparser supporting slides. I put just enough information on a slide so that the audience knows where we are in the discussion and can visualize challenging concepts.

Only rarely do I use text walls, complex builds, or multi-layered diagrams.

Right or wrong, my philosophy behind this approach is as follows:

  1. I want people to focus. I believe people can focus on slides or on what’s being said, but not both. Focusing on what's being said is more crucial, in that effective instruction builds as it progresses. There’s a train of thought--a story arc. To understand the story, you need to stay tuned in, not tune out as a new slide issues a meat CPU interrupt to process.

  2. I prefer people take notes. That's because for me, the most effective way to ingest information is to take notes. I type major points and sub-points of the material, restating in my own words what the instructor is sharing. I often generate hundreds of words per half-hour of lecture.

    In this way, I force myself to comprehend the information in real time. I do not rely on slides to make up for my lack of timely attention. I have tried the time-shifted approach, but I find that “later” never comes.

  3. I hope to provoke questions. Perhaps some view technical instruction as a one-to-many format where the one talks and the many shut up. That’s true, but only to a point. Understanding a new technical fact will often raise questions about things you already know, making technical instruction a two-way street.

    If you’re half paying attention, half browsing Amazon because you plan to run through the slides later, you won’t achieve the depth of focus required for good questions to materialize in your mind.

And Now, Back To You...

Despite my point of view, I worry that my version of slideware needs an upgrade for effective online learning, and that I should be including more visual aids to bring points home. Assuming I’m right, I intend to create learning modules using three key elements.

  1. Short video series. To gain all of the knowledge, you’ll have to watch all of the videos. Each video will cover a single major concept in no more than 8 minutes. In this way, you can fit individual videos into your week whenever is convenient, eventually getting through the entire series.

  2. Sparse slides supported by live whiteboarding or screen capture. I can video capture from my tablet. Paired with a stylus and drawing app, a tablet becomes a whiteboard. My thought is to talk through a slide to introduce a concept, and then illustrate the concept with a whiteboard drawing. Alternatively, I can screen cap a GUI or CLI.

  3. Audio instruction. Over the top of the light slides and heavy screen captures, you will hear talking--the story arc. Sharing with you what’s being discussed from my point of view.

If you’re keen on this sort of content, let us know your thoughts via this simple form. Here’s an idea of what we’d like to get your feedback on.

  • In principle, would a format like this work for you?

  • Do you think you need “heavy” slides? Do you think you need slides at all in this context? Why or why not? (For instance, maybe a title in the lower third of the screen would be good enough for you.)

  • Do you learn effectively with the whiteboard method, where a live drawing is being generated to illustrate a concept?

  • Is it especially helpful to see GUI and CLI for concepts (say, learning about how spanning-tree works in a vendor agnostic way) or just for specific tasks (because you want to learn a vendor-specific configuration)?

  • In what other ways do you learn something technical so that it sticks with you?

Sponsor: A10 Networks

Uncover Hidden Threats In Encrypted Traffic


Bad actors and malicious insiders are concealing threats in encrypted traffic in an attempt to infiltrate networks or steal sensitive data. Their rationale: if it’s out of sight, it’s out of mind.

Catch A10 on November 27th's “Network Break” hosted by Greg Ferro and Drew Conry-Murray, and learn why visibility into encrypted traffic is imperative and how A10 Thunder SSLi  ensures these shielded threats don’t pass into or out of your network.

A10 Thunder SSLi is dedicated decryption solution that decrypts enterprise traffic and enables security devices to analyze that traffic without compromising performance.

In this podcast, A10 Networks Senior Systems Engineer Michael Wheeler addresses:
  • The importance of SSL decryption
  • The security challenges of encrypting data
  • Pitfalls of decrypting with point solutions, like firewalls
  • How to maintain high performance and scalability
Listen to this episode and learn how you can eliminate the blind spot in your network and wipe out encrypted threats.

Learn how much you could save with a dedicated decryption solution, try our ROI Calculator. To read more about the power of A10 Thunder SSLi, please see our data sheet.

 

2. Network Security In Decline

by Greg Ferro

The era of “network security” is over. For a while. You cannot trust the network, there is no perimeter, and data in motion must have integrity.
 

Security Vs. Networking

For the last 20 years, perimeter security has been a foundational assumption of enterprise IT design. You establish a perimeter with firewalls, monitor it with security appliances, and hope that nothing gets through.

This caused all sorts of problems. The most fundamental design principle of the TCP and UDP protocols is that a packet will traverse the network end to end without modification. The CRC check ensures that data hasn't been corrupted.

 

Network Services

Network makers have been keen to add value to their products, but once you have connected everything together, there isn't much more to do. The last generation of 'network innovation' happened in the late 1990s when Tag Switching/MPLS arrived.

So vendors began to exploit weaknesses in TCP/UDP and started selling middleboxes. Network Address Translation (NAT) broke the network path (path asymmetry) but added value for public IP addressing and Internet access in the late 1990s.

Proxy servers exploited HTTP via the lack of encryption. By intercepting the packet flow and reading the clear text HTTP payload, proxy servers modified the content.

Because caching (bandwidth reduction) was a key feature, the proxy was popular when bandwidth was limited. When bandwidth got cheap and easy, the proxy pivoted to become a security appliance for user monitoring and malware scanning.

The mid-2000s trend for 'QoS everywhere' also breaks the end to end model. TCP and UDP have flow control mechanisms that worked fine in uncontrolled multi-hop networks, but failed when QoS was applied on only some devices or, worse, applied erratically across different software/hardware combinations.

 

The Pain Of Value Add

All of these network services were intended to add value. For some this was true, but mostly this has created larger problems, such as reduced security.

Google has been promoting QUIC to replace HTTP over TCP. In simple terms, QUIC is HTTP over UDP (more correctly, it is HTTP/2 over UDP).  Why?

TCP is less relevant now that network quality is high. Packet drops are rare, so retransmissions are statistically rare. TCP wastes hundreds of milliseconds to create a TCP session using the three-way handshake. Meanwhile, UDP is faster when passing through NAT rebinding, which reduces end-to-end path latency.

During field research, Google found that HTTP/2 was blocked as an unsupported protocol by a substantial number of Internet middleboxes. UDP is largely ignored and more likely to pass untouched.

 

Was Value Added?

I see this a story of change being prevented by "value adding." Whenever we place security in the network, we break basic design principles and create problems.

We know that building and securing a perimeter isn't working anymore. Just look around. The cost and ubiquity of public WAN/Internet is making private networks rapidly obsolete. Where can you build a perimeter? What network security can you apply to manage risk?

Every network filter, inspection, protection, and mediation tool that we use creates technical debt. In part, this debt is quickening the demise of private WAN/MPLS networks as their complexity and operational difficulty is not worth solving. It seem to me that few SDN vendors are taking on that challenge because it's not worth winning.

 

The EtherealMind View

This is why I think Network Security, as a principle, is on hold. The pendulum is swinging towards endpoint security.

Stop laughing; I know endpoint security has been a disaster while Microsoft dominated the endpoint. But if I look at Apple iOS/MacOS I'm seeing an endpoint that is secure enough. Apps are reasonably safe, reliably updated, and well controlled. For contrast, look at Google Android and its litany of security failures.

It’s going to take a while but I think that network security will decline over the next few years.

References

Link: Bufferbloat on the Internet backbone

Link: The QUIC Transport Protocol

Sponsor: LiveAction

Turn SD-WAN Disruption into Business Transformation with Machine Learning Insights

 
The ROI in adopting an SD-WAN intelligent overlay to a carrier-agnostic transport is now clear, but the added complexity can cause delays and potentially increase risks to these strategic initiatives.
 
Check out a Webcast with LiveAction’s CTO John Smith and the Packet Pushers' Ethan Banks as they discuss best practices to reduce the complexity of SD-WAN technology adoption, provide service assurance governance with proactive insights, and deliver promised performance enhancement for a better application experience.
 
Ethan and John share SD-WAN market feedback and use cases, and walk through a platform demonstration highlighting three key enabling technologies:
  1. Real-time network visualization and topology maps for complete situational awareness.
  2. Continuous machine learning from customer data to provide real-time ‘human in the loop’ insights for better service management.
  3. Dashboard, reports, and systems integration for service assurance governance.
 
We look forward to sharing our customers' success with you.
 
Watch now!
 
Get ready for SD-Wan: 3 Challenges to Consider as You Approach SD-WAN Monitoring


 

Thanks, Internet

All kinds of amusing things wash up in our social feeds. Here's one that caught my eye.
Join the Packet Pushers' new membership program and get benefits including our weekly Link Propagation newsletter and more. Click here for details and to sign up.

Internets Of Interest 

A collection of pre-loved links that might interest you. "Pre-loved" because I liked them enough to put into this newsletter. It's not true love. 

By Greg Ferro and Drew Conry-Murray

RIP net neutrality: FCC chair releases plan to deregulate ISPs


Here we go again. Jon Brodkin at Ars Technica, who has done a great job of covering Net Neutrality over the past few years, reports on the latest effort by the FCC to remove Net Neutrality protections and dramatically loosen regulations on cable companies, carriers, and telcos.

The FCC will vote on a plan to "reverse the commission's classification of home and mobile ISPs as common carriers, eliminating the legal justification for the net neutrality rules and numerous other consumer protections," according to the article.

If you'd like to see Net Neutrality preserved, you know the drill: call your representatives and demand that consumer protections be kept in place, and ask your family and friends to do the same.


LINK
Join the Datanauts on their mission to bust silos and explore the latest developments in cloud, convergence, data centers, and more. Sign up free here.
Network Break is a weekly podcast that delivers news & analysis on the networking industry in a fun, fast-paced style. Subscribe here!

Product News


Find out about interesting new products, or get essential information about things you might already be using.

Research: Towards an Open, Disaggregated Network Operating System – AT&T


AT&T’s white paper “Towards an Open, Disaggregated Network Operating System” is breathtaking in its scope. I believe its goal is to create a community to build and maintain a universal NOS for hardware and software network devices.

LINK

LiveAction Adds Machine Learning To Its Network Performance Management Software


LiveAction has announced version 7 of its LiveNX network performance management software.

LiveAction gathers and analyzes flow records, SNMP data and other information to give network operators a detailed view of network topology and end-to-end visibility into how applications are performing on the network.


LINK

Spectra7 And Smaller Active Coaxial Cables

I’ve been idly wondering when coax cables will shrink to a smaller diameter. The weight of the coax alone causes some amount of failure when people don’t use cable management.

Spectra7 has released a thinner-gauge coax cable.


LINK

Briefings In Brief: A New Packet Pushers Podcast


Want more tech news? Subscribe to our newest podcast channel, Briefings In Brief. We take five minutes or less to summarize and analyze tech news, product announcements, or other interesting items that come across our desks.

LINK

Recent Podcasts

The last five podcasts published on Packet Pushers

PacketPushers.net - The Last Five

Full Stack Journey tells personal stories about the ongoing quest to become a full stack engineer. Subscribe today!
Priority Queue tackles niche and nerdy tech topics and cutting-edge research projects. Subscribe here!

Quick Survey: The Best Pie


The annual American feast of thankfulness, gluttony, and shopping is upon us. What kind of pie is your favorite to have at Thanksgiving? Or, if you're not from the U.S., what is your favorite pie to have on a Thursday in November?

A. Apple
B. Pecan
C. Pumpkin
D. Sweet potato

E. Raspberry Pi (sorry, couldn't resist)
F. Other

Last Issue's Survey Results

Did We Miss Something? 


Got an link or an article to share? Email it to humaninfrastructure@packetpushers.net

The End Bit

Sponsorship and Advertising - Send an email to humaninfrastructure@packetpushers.net for more information. You could reach 5,013 people. 

Human Infrastructure is bi-weekly newsletter with view, perspectives, and opinions. It is edited and published by Greg Ferro and Drew Conry-Murray from PacketPushers.net. If you'd like to contribute, email Drew at drew.conrymurray@packetpushers.net.

We don't give away your email address or personal details because that would suck. 

Copyright © 2017 Packet Pushers Interactive LLC, All rights reserved.


unsubscribe from this list    update subscription preferences