Konversi dari command PIX/ASA 7.2(x) ke ASA 9.x.
Perbedaan di NAT dan Access Rule antara versi sebelum ASA 8.3 dan setelah ASA 8.3.
Versi draft sebelum presentasi ke customer.
9:40 am InfluxDB 2.0 and Flux – The Road Ahead Paul Dix, Founder and CTO | ...InfluxData
Paul will continue to chart the road ahead by outlining the next phase of development for InfluxDB 2.0 and for Flux, InfluxData’s new data scripting and query language. He will discuss Flux’s role in multi-data source environments and explain how InfluxDB can be deployed in on-premise, multi-cloud, and hybrid environments.
Apache Cassandra 2.0 is out - now there's no reason not to ditch that ol' legacy relational system for your important online applications. Cassandra 2.0 includes big impact features like Light Weight Transactions and Triggers. Do you know about the other new enhancements that got lost in the noise. Let's put the spotlight on all the things! Changes in memory management, file handling and internals. Low hype but they pack a big punch. While we were at it, we also did a bit of house cleaning.
Effective testing for spark programs Strata NY 2015Holden Karau
This session explores best practices of creating both unit and integration tests for Spark programs as well as acceptance tests for the data produced by our Spark jobs. We will explore the difficulties with testing streaming programs, options for setting up integration testing with Spark, and also examine best practices for acceptance tests.
Unit testing of Spark programs is deceptively simple. The talk will look at how unit testing of Spark itself is accomplished, as well as factor out a number of best practices into traits we can use. This includes dealing with local mode cluster creation and teardown during test suites, factoring our functions to increase testability, mock data for RDDs, and mock data for Spark SQL.
Testing Spark Streaming programs has a number of interesting problems. These include handling of starting and stopping the Streaming context, and providing mock data and collecting results. As with the unit testing of Spark programs, we will factor out the common components of the tests that are useful into a trait that people can use.
While acceptance tests are not always part of testing, they share a number of similarities. We will look at which counters Spark programs generate that we can use for creating acceptance tests, best practices for storing historic values, and some common counters we can easily use to track the success of our job.
Relevant Spark Packages & Code:
https://github.com/holdenk/spark-testing-base / http://spark-packages.org/package/holdenk/spark-testing-base
https://github.com/holdenk/spark-validator
This talk was given during Lucene Revolution 2017.
They say optimize is bad for you, they say you shouldn't do it, they say it will invalidate operating system caches and make your system suffer. This is all true, but is it true in all cases?
In this presentation we will look closer on what optimize or better called force merge does to your Solr search engine. You will learn what segments are, how they are built and how they are used by Lucene and Solr for searching. We will discuss real-life performance implications regarding Solr collections that have many segments on a single node and compare that to the Solr where the number of segments is moderate and low. We will see what we can do to tune the merging process to trade off indexing performance for better query performance and what pitfalls are there waiting for us. Finally, at the end of the talk we will discuss possibilities of running force merge to avoid system disruption and still benefit from query performance boost that single segment index provides.
9:40 am InfluxDB 2.0 and Flux – The Road Ahead Paul Dix, Founder and CTO | ...InfluxData
Paul will continue to chart the road ahead by outlining the next phase of development for InfluxDB 2.0 and for Flux, InfluxData’s new data scripting and query language. He will discuss Flux’s role in multi-data source environments and explain how InfluxDB can be deployed in on-premise, multi-cloud, and hybrid environments.
Apache Cassandra 2.0 is out - now there's no reason not to ditch that ol' legacy relational system for your important online applications. Cassandra 2.0 includes big impact features like Light Weight Transactions and Triggers. Do you know about the other new enhancements that got lost in the noise. Let's put the spotlight on all the things! Changes in memory management, file handling and internals. Low hype but they pack a big punch. While we were at it, we also did a bit of house cleaning.
Effective testing for spark programs Strata NY 2015Holden Karau
This session explores best practices of creating both unit and integration tests for Spark programs as well as acceptance tests for the data produced by our Spark jobs. We will explore the difficulties with testing streaming programs, options for setting up integration testing with Spark, and also examine best practices for acceptance tests.
Unit testing of Spark programs is deceptively simple. The talk will look at how unit testing of Spark itself is accomplished, as well as factor out a number of best practices into traits we can use. This includes dealing with local mode cluster creation and teardown during test suites, factoring our functions to increase testability, mock data for RDDs, and mock data for Spark SQL.
Testing Spark Streaming programs has a number of interesting problems. These include handling of starting and stopping the Streaming context, and providing mock data and collecting results. As with the unit testing of Spark programs, we will factor out the common components of the tests that are useful into a trait that people can use.
While acceptance tests are not always part of testing, they share a number of similarities. We will look at which counters Spark programs generate that we can use for creating acceptance tests, best practices for storing historic values, and some common counters we can easily use to track the success of our job.
Relevant Spark Packages & Code:
https://github.com/holdenk/spark-testing-base / http://spark-packages.org/package/holdenk/spark-testing-base
https://github.com/holdenk/spark-validator
This talk was given during Lucene Revolution 2017.
They say optimize is bad for you, they say you shouldn't do it, they say it will invalidate operating system caches and make your system suffer. This is all true, but is it true in all cases?
In this presentation we will look closer on what optimize or better called force merge does to your Solr search engine. You will learn what segments are, how they are built and how they are used by Lucene and Solr for searching. We will discuss real-life performance implications regarding Solr collections that have many segments on a single node and compare that to the Solr where the number of segments is moderate and low. We will see what we can do to tune the merging process to trade off indexing performance for better query performance and what pitfalls are there waiting for us. Finally, at the end of the talk we will discuss possibilities of running force merge to avoid system disruption and still benefit from query performance boost that single segment index provides.
BIND DNS IPWorks Introduction To AdvancedMustafa Golam
In This Presentation, Following Topics for BIND DNS Basics to advanced,
with details of E// IPWorks Implemenation, are clarified and presented.
(o) DNS Basics
(o) Architecture, HW Details
(o) Role of DNS in Data Network ( 3G/LTE )
(o) ZONE, Query and TPS
(o) SW Platforms, DB, ASDNS
(o) Configuration
(o) O&M And Backup
Netfilter: Making large iptables rulesets scalebrouer
Howto make large iptables firewall rulesets scale under Linux.
Presentation given at OpenSourceDays 2008 (and similar at Netfilter Developers Workshop 2008).
12cR1 new features. I have tried to cover all new features of 12cR1 and many more may be missing. These are all my own views and do not necessarily reflect the views of Oracle. Requesting all visitors to comment on it to improve further.
Are you considering deploying DirectAccess? DirectAccess is Microsoft’s next generation remote access solution providing a seamless corporate network connectivity experience. The session will cover a number of issues that IT professionals deploying DirectAccess should be aware of including load balancing, certificates, and IP Infrastructure requirements.
A network address translation (NAT) gateway to enable instances in a private subnet to connect to the internet or other AWS services, and then sends the response back to the instances but prevent the internet from initiating a connection with those instances.
LinkedIn https://www.linkedin.com/today/author/mohan-reddy-79a57014b
youtube https://www.youtube.com/user/VepsunTechnologies
vepsun http://www.vepsun.in/
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Netgear Italia
LI nuovi access point professionali Prosafe che implementano la tecnologia 11AC, maggiori prestazioni, maggiore affidabilità e semplicità di gestione.
Offrono nuove funzionalità e supportano un Captive Portal interno ed una nuova modalità di gestione centralizzata denominata ENSEMBLE che permette di promuovere un AP a controllore di altri AP dello stesso modello.
Ansible Tower Integration with ManageIQ by Drew Bomhof and Brandon Dunne at ManageIQ Design Summit 2016
EC2 Minecraft Demo: https://youtu.be/hdTBpNkzWGk
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Asa 7 to 9 migration
1. ASA 7.2 to 9.1
Command Migration
APPLIANCE MIGRATION FROM ASA 5540 TO ASA 5545-X
(DRAFT) V1.0
2. Migrated Features
Real IP addresses in access lists
for several supported features, you must use the real, untranslated
IP address and ports
NAT
The NAT feature has been redesigned for increased flexibility and
functionality
Named Network and Service Objects
Network and service objects are automatically created for
NAT.
3. Features That Use Real IP Addresses
access-group command
Modular Policy Framework match access-list command
Botnet Traffic Filter dynamic-filter enable classify-list
command
AAA aaa ... match commands
WCCP wccp redirect-list group-list command (not
automatically migrated)
4. Features That Use Real IP Addresses
ASDM
Real IP addresses are now used in the following features instead of
mapped addresses:
Access Rules
AAA Rules
Service Policy Rules
Botnet Traffic Filter classification
WCCP redirection (not automatically migrated)
5. Features That Continue to Use
Mapped IP Addresses
The following features use access lists, but these access lists will
continue to use the mapped values as
seen on an interface:
IPSec access lists
capture command access lists
Per-user access lists
Routing protocol access lists
All other feature access lists...
6. Sample Real IP Address Migration
Static NAT with ingress access group
Old Configuration
static (inside,outside) 172.23.57.1 10.50.50.50 netmask 255.255.255.255
access-list 1 permit ip any host 172.23.57.1
access-group 1 in interface outside
Migrated Configuration
access-list 1 permit ip any host 10.50.50.50
access-group 1 in interface outside
7. Sample Real IP Address Migration
Access group with deny/permit ACEs
Old Configuration
global (outside) 1 10.10.10.128-10.10.10.255
nat (inside) 1 172.16.10.0 255.255.255.0
access-list 100 extended deny ip any host 10.10.10.210
access-list 100 extended permit ip any 10.10.10.211
255.255.255.128
access-group 100 in interface outside
Migrated Configuration
access-list 100 extended deny ip any 172.16.10.0 255.255.255.0
access-group 100 in interface outside
8. NAT Migration
The NAT feature has been redesigned for increased flexibility and
functionality
Almost all NAT configurations will migrate seamlessly. In the rare
cases when user intervention is required, you will be notified. There
will never be an unreported loss of security after migration.
9. Old NAT Commands
The following commands are no longer supported; they are migrated
to new commands, and are then removed from the configuration.
Alias
Global
nat (old version)
nat-control
Static
sysopt nodnsalias—This command is not migrated; instead,
configure the dns option within the new NAT commands.
10. New NAT Commands
Network Object NAT (Typically used for regular NAT configurations)
nat dynamic
object network name
nat [(real_ifc,mapped_ifc)] dynamic
{[mapped_inline_host_ip] [interface] |
[mapped_obj] [pat-pool mapped_obj [round-robin]]
[interface]} [dns]
nat static
object network name
nat [(real_ifc,mapped_ifc)] static
{mapped_inline_ip | mapped_obj | interface}
[dns | service {tcp | udp} real_port mapped_port]
[no-proxy-arp] [route-lookup]
The no-proxy-arp, route-lookup, pat-pool, and round-robin keywords were added in
8.4(2).
12. Preserving the Order of NAT Rules
The new NAT order uses a table with three sections:
Section 1 (twice NAT rules)—These rules are assessed based on the
order they appear in the configuration. For migration purposes, this
section includes migrated policy NAT rules.
Section 2 (network object NAT (generated) rules)—These rules are
assessed according to internal rules; the order they appear in the
configuration does not matter
Section 3 (twice NAT rules that you specifically want to be evaluated
after the network object NAT
rules)
13. NAT Migration Guidelines and
Limitations
Dynamic identity NAT (the nat 0 command) will not be migrated.
Static identity NAT is treated like any other static command, and is
converted depending on whether it is regular or policy NAT.
NAT exemption (the nat 0 access-list command) is migrated
differently depending on the release to which you are upgrading.
When upgrading to 8.4(2) from 8.3(1), 8.3(2), or 8.4(1), migration for
identity NAT will occur to preserve existing functionality.
Regular NAT commands with the dns option will be migrated. The
dns option in static PAT andpolicy NAT commands will be ignored.
14. NAT Migration Guidelines and
Limitations
Connection Settings in old NAT commands—Options such as conn-
max, emb-limit, norandomseq, or nailed will be moved to service
policies.
The following naming conventions are used for the new service
policies:
class-map—class-conn-param-protocol-n
access-list—acl-conn-param-protocol-n
policy-map—policy-conn-param-interface
15. Supported Features for Objects
Version 8.3 introduces named network and service objects for use with
the following features:
NAT—You can no longer use a named IP address (using the name
command) in NAT.
Access lists—access-list command. You can no longer use a named
IP address (using the name command) in an access list.
Object groups—object-group network and object-group service
commands. Named IP addresses are still allowed in object groups,
as well as network objects.
16. Object Migration
New network and service objects (the object network and object
service commands) are substituted into existing commands in the
following cases:
For each network object NAT command, an object network
command is created to represent the real IP address that you want
to translate.
When new nat commands require an object instead of an inline
value, network and service objects are automatically created.
If you use a named IP address in NAT (using the name command)
and the names command is enabled, then a network object is
created even if an inline IP address could be used in the new nat
command.
17. Object Migration
If an access-list command includes an IP address that was used in NAT,
and the NAT migration created a network object for that IP address,
then the network object replaces the IP address in the
access-list command.
If you use a named IP address in the access-list command (using the
name command) and the names command is enabled, then an object
replaces the name.
For multiple global commands that share the same NAT ID, a network
object group is created that contains the network objects created for
the inline IP addresses.
18. Objects are not created for the following cases:
A name command exists in the configuration, but is not used in a
nat or access-list command.
An inline value that is still allowed in the nat command.
name commands used under object-group commands.
IP addresses used in access-list commands that are not used in NAT
or named with a name command.
19. name Command Naming
Conventions
When the names command is enabled, then for migrated name
commands, the same name is used for the object network command.
For example:
for the following name command used in NAT
name 10.1.1.1 test
An object network command is created:
object network test
host 10.1.1.1
20. Inline IP Address Naming
Conventions
For migrated IP addresses used inline, network objects are created
using the following naming convention:
Hosts and subnets—obj-a.b.c.d.
Ranges—obj-a.b.c.d-p.q.r.s
21. Inline Protocol Naming
Conventions
For migrated protocols used inline, service objects are created using
the following naming convention, obj-inline_text.
22. Network Object Naming Conventions
with Multiple global Commands with
the Same NAT IDFor multiple global commands that share the same NAT ID, a network object group is
created that contains the network objects created for the inline IP addresses. The
following naming convention is used: og-global-interface_nat-id.
Old Configuration
global (outside) 1 10.76.6.111
global (outside) 1 10.76.6.109-10.76.6.110
New Network Objects and Groups
object network obj-10.76.6.111
host 10.76.6.111
object network obj-10.76.6.109-10.76.6.110
range 10.76.6.109-10.76.6.110
object-group og-global-outside_1
network-object obj-10.76.6.111
network-object obj-10.76.6.109-10.76.6.110
23. Information About Activation Key
Compatibility
Your activation key remains compatible if you upgrade to the latest
version from any previous version.