Podcasts about snmp

AAT—American Amplifier Technologies—might not have been on your radar a few years ago, but they're making some serious noise in the broadcast engineering world. With their TXN line of FM and Digital TV transmitters, plus their recent acquisitions of Shively, Kathrein, and SCALA, AAT is quickly becoming a true one-stop shop for RF and broadcast hardware. Today we're joined by AAT's Chief Technical Officer, Matt Rigdon. He's here to show us emPower, a brand-new monitoring and control system that was designed from day one with broadcast engineers—and our mobile lifestyles—in mind. Under the hood it's powered by SNMP, but what you see on your phone or tablet is a fast, modern, intuitive interface that actually helps you get stuff done. Matt gives us a behind-the-scenes look at how emPower was developed, what problems it solves, and why this kind of mobile-first thinking might just shape the next generation of broadcast infrastructure. Strap in—we're going hands-on with some very cool tech.

New DShield Support Slack Workspace Due to an error on Salesforce s side, we had to create a new Slack Workspace for DShield support. https://isc.sans.edu/diary/New%20DShield%20Support%20Slack/32376 Attackers Exploiting Recently Patched Cisco SNMP Flaw (CVE-2025-20352) Trend Micro published details explaining how attackers took advantage of a recently patched Cisco SNMP Vulnerability https://www.trendmicro.com/en_us/research/25/j/operation-zero-disco-cisco-snmp-vulnerability-exploit.html https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte Framework BIOS Backdoor The mm command impleneted in Framework BIOS shells can be used to compromise a device pre-boot. https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/ SANS.edu Research: Mark Stephens, Validating the Effectiveness of MITRE Engage and Active Defense https://www.sans.edu/cyber-research/validating-effectiveness-mitre-engage-active-defense/

Send us a textWe weigh efficiency against hype as Huawei's open-source quantization aims to shrink LLM costs while AI spending sprints toward $1.5T. From Oracle's blue-sky risk to Cisco's SNMP flaws, Equinix and Alkira's AI networking moves, and a leap into quantum networking, we look for what's real and what's next.• Huawei's SINQ quantization for smaller, cheaper LLM deployments• AI spend approaching $1.5T amid capacity and power constraints• Oracle downside risk and the velocity of money in AI deals• Cisco IOS XE SNMP vulnerabilities and urgent patching guidance• Equinix Fabric Intelligence and AI Solutions Lab for AI interconnects• Alkira MCP and NIA for AI-driven multi-cloud network operations• Cisco's quantum networking prototypes and entanglement chip• Quantum error correction, room‑temperature operation, and security signalsPurchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Monthly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Exploit Attempts Against Older Hikvision Camera Vulnerability Out honeypots observed an increase in attacks against some older Hikvision issues. A big part of the problem is weak passwords, and the ability to send credentials as part of the URL. https://isc.sans.edu/diary/Exploit%20Attempts%20Against%20Older%20Hikvision%20Camera%20Vulnerability/32316 Cisco Patches Already Exploited SNMP Vulnerability Cisco patched a stack-based buffer overflow in the SNMP subsystem. It is already exploited in the wild, but requires admin privileges to achieve code execution. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte SonicWall Anti-Rootkit Update SonicWall released a firmware update for its SMA100 devices specifically designed to eradicate a commonly deployed rootkit. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0015 Extended Windows 10 Support Microsoft will extend free Windows 10 essential support for US and European customers. https://www.straitstimes.com/world/united-states/microsoft-offers-no-cost-windows-10-lifeline

Topics covered in this episode: * pandas is getting pd.col expressions* * Cline, At-Cost Agentic IDE Tooling* * uv cheatsheet* Ducky Network UI Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: pandas is getting pd.col expressions Marco Gorelli Next release of Pandas will have pd.col(), inspired by some of the other frameworks I'm guessing Pandas 2.3.3? or 2.4.0? or 3.0.0? (depending on which version they bump?) “The output of pd.col is called an expression. You can think of it as a delayed column - it only produces a result once it's evaluated inside a dataframe context.” It replaces many contexts where lambda expressions were used Michael #2: Cline, At-Cost Agentic IDE Tooling Free and open-source Probably supports your IDE (if your IDE isn't a terminal) VS Code VS Code Insiders Cursor Windsurf JetBrains IDEs (including PyCharm) You pick plan or act (very important) It shows you the price as the AI works, per request, right in the UI Brian #3: uv cheatsheet Rodgrigo at mathspp.com Nice compact cheat sheet of commands for Creating projects Managing dependencies Lifecycle stuff like build, publish, bumping version uv tool (uvx) commands working with scripts Installing and updating Python versions plus venv, pip, format, help and update Michael #4: Ducky Network UI Ducky is a powerful, open-source, all-in-one desktop application built with Python and PySide6. It is designed to be the perfect companion for network engineers, students, and tech enthusiasts, combining several essential utilities into a single, intuitive graphical interface. Features Multi-Protocol Terminal: Connect via SSH, Telnet, and Serial (COM) in a modern, tabbed interface. SNMP Topology Mapper: Automatically discover your network with a ping and SNMP sweep. See a graphical map of your devices, color-coded by type, and click to view detailed information. Network Diagnostics: A full suite of tools including a Subnet Calculator, Network Monitor (Ping, Traceroute), and a multi-threaded Port Scanner. Security Toolkit: Look up CVEs from the NIST database, check password strength, and calculate file hashes (MD5, SHA1, SHA256, SHA512). Rich-Text Notepad: Keep notes and reminders in a dockable widget with formatting tools and auto-save. Customizable UI: Switch between a sleek dark theme and a clean light theme. Customize terminal colors and fonts to your liking. Extras Brian: Where are the cool kids hosting static sites these days? Moving from Netlify to Cloudflare Pages - Will Vincent from Feb 2024 Traffic is a concern now for even low-ish traffic sites since so many bots are out there Netlify free plan is less than 30 GB/mo allowed (grandfathered plans are 100 GB/mo) GH Pages have a soft limit of 100 GB/mo Cloudflare pages says unlimited Michael: PyCon Brazil needs some help with reduced funding from the PSF Get a ticket to donate for a student to attend (at the button of the buy ticket checkout dialog) I upgraded to macOS Tahoe Loving it so far. Only issue I've seen so far has been with alt-tab for macOS Joke: Hiring in 2025 vs 2021 2021: “Do you have an in-house kombucha sommelier?” “Let's talk about pets, are you donkey-friendly?”, “Oh you think this is a joke?” 2025: “Round 8/7” “Out of 12,000 resumes, the AI picked yours” “Binary tree? Build me a foundational model!” “Healthcare? What, you want to live forever?”

Lauren Basile joins us to show how traffic-aware cost intelligence turns spreadsheet guesswork into one-click, per-slice cost estimates across customers, ASNs, and CDNs. Learn about the SNMP plus contracts foundation, the flow-data leap, and how NetOps teams use cost-per-Mbps and path insights to optimize spend, pricing, and margins.

Shawn Tierney meets up with Tom Weingartner of PI (Profibus Profinet International) to learn about PROFINET and System Redundancy in this episode of The Automation Podcast. For any links related to this episode, check out the “Show Notes” located below the video. Watch The Automation Podcast from The Automation Blog: Listen to The Automation Podcast from The Automation Blog: The Automation Podcast, Episode 244 Show Notes: Special thanks to Tom Weingartner for coming on the show, and to Siemens for sponsoring this episode so we could release it ad free on all platforms! To learn more PROFINET, see the below links: PROFINET One-Day Training Slide Deck PROFINET One-Day Training Class Dates IO-Link Workshop Dates PROFINET University Certified Network Engineer Course Read the transcript on The Automation Blog: (automatically generated) Shawn Tierney (Host): Welcome back to the automation podcast. My name is Shawn Tierney from Insights and Automation, and I wanna thank you for tuning back in this week. Now on this show, I actually had the opportunity to sit down with Thomas Weingoner from PI to learn all about PROFINET. I actually reached out to him because I had some product vendors who wanted me to cover their s two features in their products, and I thought it would be first it’d be better to actually sit down and get a refresh on what s two is. It’s been five years since we’ve had a PROFINET expert on, so I figured now would be a good time before we start getting into how those features are used in different products. So with that said, I also wanna mention that Siemens has sponsored the episode, so it will be completely ad free. I love it when vendor sponsor the shows. Not only do we get the breakeven on the show itself, we also get to release it ad free and make the video free as well. So thank you, Siemens. If you see anybody from Siemens, thank them for sponsoring the Automation Podcast. As a matter of fact, thank any vendor who’s ever sponsored any of our shows. We really appreciate them. One final PSA that I wanna throw out there is that, speaking like I talked about this yesterday on my show, Automation Tech Talk, As we’ve seen with the Ethernet POCs we’re talking about, a lot of micro POCs that were $250 ten years ago are now $400. Right? That’s a lot of inflation, right, for various reasons. Right? And so one of the things I did this summer is I took a look at my P and L, my pros profit and loss statements, and I just can’t hold my prices where they are and be profitable. Right? So if I’m not breaking even, the company goes out of business, and we’ll have no more episodes of the show. So how does this affect you? If you are a student over at the automation school, you have until mid September to do any upgrades or purchase any, courses at the 2020 prices. Alright? So I I don’t wanna raise the prices. I’ve tried as long as I can, but at some point, you have to give in to what the prices are that your vendors are charging you, and you have to raise the prices. So, all my courses are buy one, sell them forever, so this does not affect anybody who’s enrolled in a course. Actually, all of you folks rolled in my PLC courses, I see it updates every week now. So and those who get the ultimate bundles, you’re seeing new lessons added to the new courses because you get that preorder access plus some additional stuff. So in any case but, again, I wanna reiterate, if you’re a vendor who has an old balance or if you are a student who wants to buy a new course, please, make your plans in the next couple of weeks because in mid September, I do have to raise the prices. So I just wanna throw that PSA out there. I know a lot of people don’t get to the end of the show. That’s what I wanted to do at the beginning. So with that said, let’s jump right into this week’s podcast and learn all about Profinet. I wanna welcome to the show, Tom from Profibus, Profinet North America. Tom, I really wanna just thank you for coming on the show. I reached out to you to ask about ask you to come on to to talk to us about this topic. But before we jump in, could you, first tell the audience a little bit about yourself? Tom Weingartner (PI): Yeah. Sure. Absolutely, Shawn. I’m gonna jump to the next slide then and and let everyone know. As Shawn said, my name is Tom, Tom Weingartner, and I am the technical marketing director at PI North America. I have a fairly broad set of experiences ranging from ASIC hardware and software design, and and then I’ve moved into things like, avionic systems design. But it seemed like no no matter what I was working on, it it always centered around communication and control. That’s actually how I got into industrial Ethernet, and I branched out into, you know, from protocols like MIL standard fifteen fifty three and and airing four twenty nine to other serial based protocols like PROFIBUS and MODBUS. And, of course, that naturally led to PROFINET and the other Ethernet based protocols. I I also spent quite a few years developing time sensitive networking solutions. But now I focus specifically on PROFINET and its related technologies. And so with that, I will jump into the the presentation here. And and, now that you know a little bit about me, let let me tell you a little bit about our organization. We are PROFIBUS and PROFINET International or PI for short. We are the global organization that created PROFIBUS and PROFINET, and we continue to maintain and promote these open communication standards. The organization started back in 1989 with PROFIBUS, followed by PROFINET in the early two thousands. Next came IO Link, a communication technology for the last meter, and that was followed by OmLux, a communication technology for wireless location tracking. And now, most recently, MTP or module type package. And this is a communication technology for easier, more flexible integration of process automation equipment. Now we have grown worldwide to 24 regional PI associations, 57 competent centers, eight test labs, and 31 training centers. It’s important to remember that we are a global organization because if you’re a global manufacturer, chances are there’s PROFINET support in the country in which you’re located, and you can get that support in the country’s native language. In the, lower right part of the slide here, we are showing our technologies under the PI umbrella. And I really wanted to point out that these, these technologies all the technologies within PI umbrella are supported by a set of working groups. And these working groups are made up of participants from member companies, and they are the ones that actually create and update the various standards and specifications. Also, any of these working groups are open to any member company. So, PI North America is one of the 24 regional PI associations, and we were founded in 1994. We are a nonprofit member supported organization where we think globally and act locally. So here in North America, we are supported by our local competence centers, training centers, and test labs. And and competence centers, provide technical support for things like protocol, interoperability, and installation type questions. Training centers provide educational services for things like training courses and hands on lab work. And test labs are, well, just that. They are labs that provide testing services and device certification. So any member company can be any combination of these three. You can see here if you’re looking at the slide, that the Profi interface center is all three, where we have JCOM Automation is both a competent center and a training center. And here in North in North America, we are pleased to have HMS as a training center and Phoenix Contact also as a competent center. Now one thing I would like to point out to everyone is that what you should be aware of is that every PROFINET, device must be certified. So if you make a PROFINET device, you need to go to a test lab to get it certified. And here in North America, you certify devices at the PROFINETERFACE center. So I think it’s important to begin our discussion today by talking about the impact digital transformation has had on factory networks. There has been an explosion of devices in manufacturing facilities, and it’s not uncommon for car manufacturers to have over 50,000 Ethernet nodes in just one of their factories. Large production cells can have over a thousand Ethernet nodes in them. But the point is is that all of these nodes increase the amount of traffic automation devices must handle. It’s not unrealistic for a device to have to deal with over 2,000 messages while it’s operating, while it’s trying to do its job. And emerging technologies like automated guided vehicles add a level of dynamics to the network architecture because they’re constantly entering and leaving various production cells located in different areas of the factory. And, of course, as these factories become more and more flexible, networks must support adding and removing devices while the factory is operating. And so in response to this digital transformation, we have gone from rigid hierarchical systems using field buses to industrial Ethernet based networks where any device can be connected to any other device. This means devices at the field level can be connected to devices at the process control level, the production level, even even the operations level and above. But this doesn’t mean that the requirements for determinism, redundancy, safety, and security are any less on a converged network. It means you need to have a network technology that supports these requirements, and this is where PROFINET comes in. So to understand PROFINET, I I think it’s instructive here to start with the OSI model since the OSI model defines networking. And, of course, PROFINET is a networking technology. The OSI model is divided into seven layers as I’m sure we are all familiar with by now, starting with the physical layer. And this is where we get access to the wire, internal electrical signals into bits. Layer two is the data link layer, and this is where we turn bits into bytes that make up an Ethernet frame. Layer three is the network layer, and this is where we turn Ethernet frames into IP packets. So I like to think about Ethernet frames being switched around a local area network, and IP packets being routed around a wide area network like the Internet. And so the next layer up is the transport layer, and this is where we turn IP packets into TCP or UDP datagrams. These datagrams are used based on the type of connection needed to route IP packets. TCP datagrams are connection based, and UDP datagrams are connectionless. But, really, regardless of the type of connection, we typically go straight up to layer seven, the application layer. And this is where PROFINET lives, along with all the other Ethernet based protocols you may be familiar with, like HTTP, FTP, SNMP, and and so on. So then what exactly is PROFINET, and and what challenges is it trying to overcome? The most obvious challenge is environmental. We need to operate in a wide range of harsh environments, and, obviously, we need to be deterministic, meaning we need to guarantee data delivery. But we have to do this in the presence of IT traffic or non real time applications like web servers. We also can’t operate in a vacuum. We need to operate in a local area network and support getting data to wide area networks and up into the cloud. And so to overcome these challenges, PROFINET uses communication channels for speed and determinism. It uses standard unmodified Ethernet, so multiple protocols can coexist on the same wire. We didn’t have this with field buses. Right? It was one protocol, one wire. But most importantly, PROFINET is an OT protocol running at the application layer so that it can maintain real time data exchange, provide alarms and diagnostics to keep automation equipment running, and support topologies for reliable communication. So we can think of PROFINET as separating traffic into a real time channel and a non real time channel. That mess messages with a particular ether type that’s actually eighty eight ninety two, and the number doesn’t matter. But the point here is that the the the real time channel, is is where all PROFINET messages with that ether type go into. And any other ether type, they go into the non real time channel. So we use the non real time channel for acyclic data exchange, and we use the real time channel for cyclic data exchange. So cyclic data exchange with synchronization, we we classify this as time critical. And without synchronization, it is classified as real time. But, really, the point here is that this is how we can use the same standard unmodified Ethernet for PROFINET as we can for any other IT protocol. All messages living together, coexisting on the same wire. So we take this a step further here and and look at the real time channel and and the non real time channel, and and these are combined together into a concept that we call an application relation. So think of an application relation as a network connection for doing both acyclic and cyclic data exchange, and we do this between controllers and devices. This network connection consists of three different types of information to be exchanged, and we call these types of information communication relations. So on the lower left part of the slide, you can see here that we have something called a a record data communication relation, and it’s essentially the non real time channel for acyclic data exchange to pass information like configuration, security, and diagnostics. The IO data communication relation is part of the real time channel for doing this cyclic data exchange that we need to do to periodically update controller and device IO data. And finally, we have the alarm communication relation. So this is also part of the real time channel, because, what we need to do here is it it’s used for alerting the controller to device false as soon as they occur or when they get resolved. Now on the right part of the slide, is we can see some use cases for, application relations, and and these use cases are are either a single application relations for controller to device communication, and we have an optional application relation here for doing dynamic reconfiguration. We also use an application relation for something we call shared device, and, of course, why we are here today and talking about applications relations is actually because of system redundancy. And so we’ll get, into these use cases in more detail here in a moment. But first, I wanted to point out that when we talk about messages being non real time, real time, or time critical, what we’re really doing is specifying a level of network performance. Non real time performance has cycle times above one hundred milliseconds, but we also use this term to indicate that a message may have no cycle time at all. In other words, acyclic data exchange. Real time performance has cycle times in the one to ten millisecond range, but really that range can extend up to one hundred milliseconds. So time critical performance has cycle times less than a millisecond, and it’s not uncommon to have cycle times around two hundred and fifty microseconds or less. Most applications are either real time or non real time, while high performance applications are considered time critical. These applications use time synchronization to guarantee data arrives exactly when needed, but we also must ensure that the network is open to any Ethernet traffic. So in order to achieve time critical performance here, and we do this for the most demanding applications like high speed motion control. And so what we did is we added four features to basic PROFINET here, and and we call this PROFINET ISOCRANESS real time or PROFINET IRT. These added features are synchronization, node arrival time, scheduling, and time critical domains. Now IRT has been around since 02/2004, but in the future, PROFINET will move to a new set of I triple e Ethernet standards called time sensitive networking or TSN. PROFINET over TSN will actually have the same functionality and performance as PROFINET IRT, but we’ll be able to scale to faster and faster, networks and and as bandwidth is is increasing. So this chart shows the differences between PROFINET, RT, IRT, and TSN. And the main difference is, obviously, synchronization. And these other features that, guarantee data arrives exactly when needed. Notice in in the under the, PROFINET IRT column here that that, the bandwidth for PROFINET IRT is a 100 mil a 100 megabits per second. And the bandwidth for PROFINET RT and TSN are scalable. Also, for those device manufacturers out there looking to add PROFINET IRT to their products, there are lots of ASICs and other solutions available in the market with IRT capability. Alright. So let’s take a minute here to summarize all of this. We have a a single infrastructure for doing real time data exchange along with non real time information exchange. PROFINET uses the same infrastructure as any Ethernet network. Machines that speak PROFINET do so, using network connections called application relations, and these messages coexist with all other messages so information can pass from devices to machines, to factories, to the cloud, and back. And so if you take away nothing else from this podcast today, it is the word coexistence. PROFINET coexists with all other protocols on the wire. So let’s start talking a little bit here about the main topic, system redundancy and and and why we got into talking about PROFINET at all. Right? I mean, what why do we need system redundancy and things like like, application relations and dynamic reconfiguration? Well, it’s because one of the things we’re pretty proud of with PROFINET is not only the depth of its capabilities, but also the breadth of its capabilities. And with the lines blurring between what’s factory automation, what’s process automation, and what’s motion control, we are seeing all three types of automation appearing in a single installation. So we wanna make sure PROFINET meets requirements across the entire range of industrial automation. So let’s start out here by looking at the differences between process automation versus factory automation, and then we’ll get into the details. First off, process signals typically change slower on the order of hundreds of milliseconds versus tens of milliseconds in factory automation. And process signals often need to travel longer distances and potentially into hazardous or explosive areas. Now with process plants operating twenty four seven, three sixty five, system must systems must provide high availability and support changes while the plant is in production. This is where system redundancy and dynamic reconfiguration come in. We’ll discuss these again here in in just a minute. I just wanted to finish off this slide with saying that an estop is usually not possible because while you can turn off the automation, that’s not necessarily gonna stop the chemical reaction or whatever from proceeding. Sensors and actuators and process automation are also more complex. Typically, we call them field instruments. And process plants have many, many, many more IO, tens of thousands of IO, usually controlled by a DCS. And so when we talk about system redundancy, I actually like to call it scalable system redundancy because it isn’t just one thing. This is where we add components to the network for increasing the level of system availability. So there are four possibilities, s one, s two, and r one, r two. The letter indicates if there are single or redundant network access points, and the number indicates how many application relations are supported by each network access point. So think of the network access point as a physical interface to the network. And from our earlier discussion, think of an application relation as a network connection between a controller and a device. So you have s one has, single network access points. Right? So each device has single network access points with one application relation connected to one controller. S two is where we also have single network access points, but with two application relations now connected to different controllers. R one is where we have redundant network access points, but each one of these redundant network access points only has one application relation, but those are connected to different controllers. And finally, we could kinda go over the top here with r two, and and here’s where we have redundant network access points with two application relations connected to different controllers. Shawn Tierney (Host): You know, I wanna just stop here and talk about s two. And for the people who are listening, which I know is about a quarter of you guys out there, think of s two is you have a primary controller and a secondary controller. If you’re seeing the screen, you can see I’m reading the the slide. But you have your two primary and secondary controllers. Right? So you have one of each, and, primary controller has the, application one, and secondary has application resource number two. And each device that’s connected on the Ethernet has both the one and two. So you went maybe you have a rack of IO out there. It needs to talk to both the primary controller and the secondary controller. And so to me, that is kinda like your classic redundant PLC system where you have two PLCs and you have a bunch of IO, and each piece of IO has to talk to both the primary and the secondary. So if the primary goes down, the secondary can take over. And so I think that’s why there’s so much interest in s two because that kinda is that that that classic example. Now, Tom, let me turn it back to you. Would you say I’m right on that? Or Tom Weingartner (PI): Spot on. I mean, I think it’s great, and and and really kinda emphasizing the point that there’s that one physical connection on the network access point, but now we have two connections in that physical, access point there. Right? So so you can then have one of those connections go to the primary controller and the other one to the secondary controller. And in case one of those controllers fails, the device still can get the information it needs. So, yep, that that’s how we do that. And and, just a little bit finer point on r one, if you think about it, it’s s two, but now all we’ve done is we’ve split the physical interface. So one of the physical interfaces has has, one of the connections, and the other physical interface has a has the other connection. So you really kinda have, the same level of redundant functionality here, backup functionality with the secondary controller, but here you’re using, multiple physical interfaces. Shawn Tierney (Host): Now let me ask you about that. So as I look at our one, right, it seems like they connect to port let’s I’ll just call it port one on each device to switch number one, which in this case would be the green switch, and port number two of each device to the switch number two, which is the blue switch. Would that be typical to have separate switches, one a different switch for each port? Tom Weingartner (PI): It it it doesn’t have to. Right? I I I think we chose to show it like this for simplicity kinda to Shawn Tierney (Host): Oh, I don’t care. Tom Weingartner (PI): Emphasize the point that, okay. Here’s the second port going to the secondary controller. Here’s the first port going to the primary controller. And we just wanted to emphasize that point. Because sometimes these these, diagrams can be, a bit confusing. And you Shawn Tierney (Host): may have an application that doesn’t require redundant switches depending on the maybe the MTBF of the of the switch itself or your failure mode on your IO. Okay. I’m with you. Go ahead. Tom Weingartner (PI): Yep. Yep. Good. Good. Good. Alright. So, I think that’s some excellent detail on that. And so, if you wouldn’t mind or don’t have any other questions, let’s let’s move on to the the, the the next slide. So you can see in that previous slide how system redundancy supports high availability by increasing system availability using these network access points and application relations. But we can also support high availability by using network redundancy. And the way PROFINET supports network redundancy is through the use of ring topologies, and we call this media redundancy. The reason we use rings is because if a cable breaks or the physical connection, somehow breaks as well or or even a device fails, the network can revert back to a line topology keeping the system operational. However, supporting network redundancy with rings means we can’t use protocols typically used in IT networks like, STP and RSTP. And this is because, STP and RSTP actually prevent network redundancy by blocking redundant paths in order to keep frames from circulating forever in the network. And so in order for PROFINET to support rings, we need a way to prevent frames from circulating forever in the network. And to do this, we use a protocol called the media redundancy protocol or MRP. MRP uses one media redundancy manager for each ring, and the rest, of the devices are called media redundancy clients. Managers are typically controllers or PROFINET switches, and clients are typically the devices in the network. So the way it works is this. A manager periodically sends test frames, around the network here to check the integrity of the ring. If the manager doesn’t get the test frame back, there’s a failure somewhere in the ring. And so the manager then notifies the clients about this failure, and then the manager sets the network to operate as a line topology until, the failure is repaired. Right? And so that’s how we can get, network redundancy with our media redundancy protocol. Alright. So now you you can see how system redundancy and media redundancy both support high availability. System redundancy does this by increasing system availability, Walmart. Media redundancy does this by increasing network availability. Obviously, you can use one without the other, but by combining system redundancy and media redundancy, we can increase the overall system reliability. For example, here we are showing different topologies for s one and s two, and these are similar to the the the topologies that were on the previous slide. So, if you notice here that, for s one, we can only have media redundancy because there isn’t a secondary controller to provide system redundancy. S two is where we combine system redundancy and media redundancy by adding an MRP ring. But I wanted to point out here that that even though we’re showing this MRP ring as as as a possible topology, there really are other topologies possible. It really depends on the level of of system reliability you’re trying to achieve. And so, likewise, on on this next slide here, we are showing two topologies for adding media redundancy to r one and r two. And so for r one, we’ve chosen, again, probably for simplistic, simplicity’s sake, we we add an MRP ring for each redundant network access point. With for r two, we do the same thing here. We also have an MRP ring for each redundant network access point, but we also add a third MRP ring for the controllers. Now this is really just to try to emphasize the point that you can, you you can really, come up with just about any topology possible, but it because it really depends on the number of ports on each device and the number of switches in the network and, again, your overall system reliability requirements. So in order to keep process plants operating twenty four seven three sixty five, dynamic reconfiguration is another use case for application relations. And so this is where we can add or remove devices on the fly while the plant is in production. Because if you think about it, typically, when there is a new configuration for the PLC, the PLC first has to go into stop mode. It needs to then re receive the configuration, and then it can go back into run mode. Well, this doesn’t work in process automation because we’re trying to operate twenty four seven three sixty five. So with dynamic reconfiguration, the controller continues operating with its current application relation while it sets up a new application relation. Right? I mean, again, it’s it’s really trying to get this a a new network connection established. So then the the the controller then switches over to the new application relation after the new configuration is validated. Once we have this validation and the configuration’s good, the controller removes the old application relations and continues operating all while staying in run mode. Pretty handy pretty handy stuff here for for supporting high availability. Now one last topic regarding system redundancy and dynamic reconfiguration, because these two PROFINET capabilities are compatible with a new technology called single pair Ethernet, and this provides power and data over just two wires. This version of Ethernet is now part of the I triple e eight zero two dot three standard referred to as 10 base t one l. So 10 base t one l is the non intrinsically saved version of two wire Ethernet. To support intrinsic safety, 10 base t one l was enhanced by an additional standard called Ethernet APL or advanced physical layer. So when we combine PROFINET with this Ethernet APL version of 10 base t one l, we simply call it PROFINET over APL. It not only provides power and data over the same two wires, but also supports long cable runs up to a kilometer, 10 megabit per second communication speeds, and can be used in all hazardous areas. So intrinsic safety is achieved by ensuring both the Ethernet signals and power on the wire are within explosion safe levels. And even with all this, system redundancy and dynamic reconfiguration work seamlessly with this new technology we call PROFINET over APL. Now one thing I’d like to close with here is a is a final thought regarding a new technology I think I think everyone should become aware of here. I mean, it’s emerging in the market. It’s it’s quite new, and it’s a technology called MTP or module type package. And so this is a technology being applied first here to, use cases considered to be a hybrid of both process automation and factory automation. So what MTP does is it applies OPC UA information models to create standardized, non proprietary application level descriptions for automation equipment. And so what these descriptions do is they simplify the communication, between equipment and the control system, and it does this by modularizing the process into more manageable pieces. So really, the point is to construct a factory with modular equipment to simplify integration and allow for better flexibility should changes be required. Now with the help of the process orchestration layer and this OPC UA connectivity, MTP enabled equipment can plug and operate, reducing the time to commission a process or make changes to that process. This is pretty cutting edge stuff. I think you’re gonna find and hear a lot more about NTP in the near future. Alright. So it’s time to wrap things up with a summary of all the resources you can use to learn even more about PROFINET. One of the things you can do here is you can get access to the PROFINET one day training class slide deck by going to profinet2025.com, entering your email, and downloading the slides in PDF format. And what’s really handy is that all of the links in the PDF are live, so information is just a click away. We also have our website, us.profinet.com. It has white papers, application stories, webinars, and documentation, including access to all of the standards and specifications. This is truly your one stop shop for locating everything about PROFINET. Now we do our PROFINET one day training classes and IO link workshops all over The US and parts of Canada. So if you are interested in attending one of these, you can always find the next city we are going to by clicking on the training links at the bottom of the slide. Shawn Tierney (Host): Hey, guys. Shawn here. I just wanted to jump in for a minute for the audio audience to give you that website. It’s us.profinet.com/0dtc or oscardeltatangocharlie. So that’s the website. And I also went and pulled up the website, which if you’re watching, you can see here. But for those listening, these one day PROFINET courses are coming to Phoenix, Arizona, August 26, Minneapolis, Minnesota, September 10, Newark and New York City, September 25, Greenville, South Carolina, October 7, Detroit, Michigan, October 23, Portland, Oregon, November 4, and Houston, Texas, November 18. So with that said, let’s jump back into the show. Tom Weingartner (PI): Alan, one of our most popular resources is Profinet University. This website structures information into little courses, and you can proceed through them at your own pace. You can go lesson by lesson, or you can jump around. You can even decide which course to take based on a difficulty tag. Definitely make sure to check out this resource. We do have lots of great, webinars on on the, on on the website, and they’re archived on the website. Now some of these webinars, they they rehash what we covered today, but in other cases, they expand on what we covered today. But in either case, make sure you share these webinars with your colleagues, especially if they’re interested in any one of the topics that we have listed on the slide. And finally, the certified network engineer course is the next logical step if you would like to dive deeper into the technical details of PROFINET. It is a week long in Johnson City, Tennessee, and it features hands on lab work. And if you would like us to provide training to eight or more students, we can even come to your site. If you would like more details about any of this, please head to the website to learn more. And with that, Chai, I think that is, my last slide and, covered the topics that I think we wanted some to cover today. Shawn Tierney (Host): Yeah. And I just wanna point out that to you guys, this, training goes out through all around The US. I definitely recommend getting up there. If you’re using PROFINET and you wanna get some training, they usually fill the room, like, you know, 50 to a 100 people. And, it’s you know, they do this every year. So check those dates out. If you need to get some hands on with PROFINET, I would definitely check out those. And, of course, we’ll have all the links in the description. I also wanna thank Tom for that slide. Really defining s one versus s two versus r one and r two. You know, a lot of people say we have s two compatibility. A matter of fact, we’re gonna be looking at some products that have s two compatibility here in the future. And, you know, just trying to understand what that means. Right? You know, when somebody just says s two, it’s like, what does that mean? So I really if that slide really doesn’t for you guys listening, I thought that slide really kinda lays it out, kinda gives you, like, alright. This is what it means. And, so in in in my from my perspective, that’s like it’s you’re supporting redundant controllers. Right? And so if you have an s two setup of redundant, seamless controllers that or CPUs, then you’ll be that product will support that. And that’s important. Right? Because if you had a product that didn’t support it, it’s not gonna work with your application. So I thought that and the the Ethernet APL is such a big deal in process because I you know, the the distance, right, and the fact that it’s it’s, intrinsically safe and supports all those zones and and areas and whatnot, that is, and everybody everybody all the instrumentation people are all over. Right? The, the, the Rosemonts, the fishes, the, the endless houses, everybody is is on that working group. We’ve covered that on the news show many times, and, just very interesting to see where that goes, but I think it’s gonna take over that part of the industry. So, but, Tom, was there anything else you want to cover in today’s show? Tom Weingartner (PI): No. I I think that that really, puts puts a a fine finale on on on this here. I I do wanted to maybe emphasize that, you you know, that point about network redundancy being compatible with, system redundancy. So, you know, you can really hone in on what your system reliability requirements are. And and also with with this this, PROFINET over APL piece of it, completely compatible with with PROFINET, in in of itself. And and, also, you don’t have to worry about it not supporting, system redundancy or or anything of of the like, whether, you know, you you wanted to get, redundant even redundant devices out there. So, that’s that’s, I think that’s that’s about it. Shawn Tierney (Host): Alright. Well, I again, thank you so much for coming on. We look forward to trying out some of these s two profanet devices in the near future. But with that, I I really wanted to have you on first to kinda lay the groundwork for us, and, really appreciate it. Tom Weingartner (PI): No problem. Thank you for having me. Shawn Tierney (Host): Well, I hope you guys enjoyed that episode. I did. I enjoyed sitting down with Tom, getting up to date on all those different products, and it’s great to know they have all these free hands on training days coming across United States. And, you know, what a great refresher from the original 2020 presentation that we had somebody from Siemens do. So I really appreciate Tom coming on. And speaking of Siemens, so thankful they sponsored this episode so we could release it ad free and make the video free to everybody. Please, if you see Siemens or any of the vendors who sponsor our episodes, please tell them to thank you from us. It really helps us keep the show going. Speaking of keeping the show going, just a reminder, if you’re a student or a vendor, price increases will hit mid September. So if you’re a student, you wanna buy another course, now is the time to do it. If you’re a vendor and you have a existing balance, you will want to schedule those podcasts before mid September or else you’ll be subject to the price increase. So with that said, I also wanna remind you I have a new podcast, automation tech talk. I’m reusing the old automation new news headlines podcast. So if you already subscribed to that, you’re just gonna get in the new the new show for free. It’s also on the automation blog, on YouTube, on LinkedIn. So I’m doing it as a live stream every lunchtime, just talking about what I learned, in that last week, you know, little tidbits here and there. And I wanna hear from you guys too. A matter of fact, I already had Giovanni come on and do an interview with me. So at one point, I’ll schedule that as a lunchtime podcast for automation tech talk. Again, it still shows up as automation news headlines, I think. So at some point, I’ll have to find time to edit that to change the name. But in any case, with that, I think I’ve covered everything. I wanna thank you guys for tuning in. Really appreciate you. You’re the best audience in the podcast world or the video world, you know, whatever you wanna look at it as, but I really appreciate you all. Please feel free to send me emails, write to me, leave comments. I love to hear from you guys, and I just wanna wish you all good health and happiness. And until next time, my friends, peace. Until next time, Peace ✌️  If you enjoyed this content, please give it a Like, and consider Sharing a link to it as that is the best way for us to grow our audience, which in turn allows us to produce more content

Parce que… c'est l'épisode 0x610! Shameless plug 12 au 17 octobre 2025 - Objective by the sea v8 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2026 Description Introduction et contexte Dans cet épisode technique du podcast, les participants explorent les défis complexes de l'implémentation des technologies de télémétrie de sécurité dans les environnements de technologie opérationnelle (OT). Ils abordent particulièrement la transposition des concepts familiers du monde IT, comme les EDR (Endpoint Detection and Response), XDR (Extended Detection and Response) et NDR (Network Detection and Response), vers l'univers industriel. Les fondements de la télémétrie de sécurité Les technologies de détection et de réponse reposent sur deux piliers principaux : la détection (génération de télémétrie intelligente) et la réponse (capacité d'intervention automatisée). Du côté IT, ces systèmes permettent d'intervenir sur les terminaux en les isolant ou en bloquant certaines actions, tandis qu'au niveau réseau, ils peuvent bloquer le trafic identifié comme malveillant. Cette approche, bien maîtrisée en IT, pose des défis considérables lorsqu'elle est transposée dans les environnements OT. Les défis spécifiques à l'environnement OT L'installation d'un EDR sur un automate industriel s'avère impossible, contrairement à un poste Windows traditionnel. Les équipements industriels génèrent une télémétrie primaire et limitée, rendant difficile l'extraction de signaux de sécurité pertinents. Les experts recommandent de se concentrer sur les actifs plus évolués fonctionnant sous Windows ou Linux, car la majorité des attaquants privilégient ces plateformes familières plutôt que les systèmes industriels propriétaires. Cette approche s'appuie sur la “théorie du 99%”, qui stipule que les actifs IT ont une capacité de défense autonome contrairement aux actifs OT. Les attaques sophistiquées ciblant directement les systèmes industriels, comme Stuxnet ou Triton, demeurent exceptionnelles avec seulement quatre cas documentés en vingt ans. La plupart des incidents se limitent au niveau 3 du modèle de référence industriel, où se trouvent les serveurs et stations de travail Windows. L'enjeu patrimonial et la durée de vie des équipements L'environnement OT présente une caractéristique unique : la longévité exceptionnelle des équipements. Contrairement au monde IT où les systèmes sont régulièrement renouvelés, les installations industrielles peuvent fonctionner pendant 40 ans. Cette durée de vie étendue s'explique par les coûts élevés des équipements (plusieurs millions par pièce) et leur cycle de vie utile prolongé, particulièrement dans des secteurs comme la santé. Cette situation crée des défis de sécurité considérables, certaines installations fonctionnant encore sur des systèmes obsolètes comme Windows 3.11 ou NT4. Les organisations développent parfois des solutions de contournement, comme l'isolement par air gap et la réinstallation périodique des stations de travail pour gérer les infections persistantes. Complexité d'implémentation des EDR en OT L'implémentation d'EDR dans l'environnement OT nécessite une analyse de risque approfondie. Le confinement automatique, fonction standard des EDR, peut s'avérer catastrophique dans un contexte industriel. Les experts rapportent des incidents où un fichier de programmation d'automate (ladder logic) a été incorrectement identifié comme malveillant, provoquant le confinement automatique d'un serveur critique. La configuration des EDR en OT exige une adaptation minutieuse, notamment la désactivation des fonctions de réponse automatique. De plus, ces systèmes demandent des ressources significatives et ne peuvent pas être déployés sur des serveurs déjà saturés ou ayant des capacités limitées, situation fréquente dans l'industrie. Défis de la télémétrie personnalisée Contrairement aux systèmes IT où les événements sont standardisés, les automatismes industriels génèrent une télémétrie sur mesure. Il existe peu d'experts capables d'interpréter les signaux industriels pour détecter des anomalies sécuritaires. Cette analyse nécessite généralement l'expertise d'ingénieurs de procédé familiers avec les systèmes spécifiques. Les solutions de surveillance passive existent mais requièrent un investissement considérable en configuration et en compréhension de l'environnement. L'établissement d'une baseline de trafic normal peut prendre près d'un an de travail pour atteindre un niveau de visibilité comparable à celui obtenu en IT. Architecture et cloisonnement réseau Le transfert des signaux OT vers les consoles IT pose des défis architecturaux majeurs. Les environnements industriels sont généralement cloisonnés, nécessitant la création de pipelines d'ingestion de données complexes. Ces systèmes de relais permettent de traverser les barrières réseau tout en maintenant la sécurité, mais rendent les projets de visibilité particulièrement laborieux. La remontée des signaux vers une console de sécurité unifiée nécessite souvent une infrastructure dédiée côté OT, créant un “réseau dans le réseau” pour observer les systèmes cloisonnés depuis l'extérieur. Contraintes des fournisseurs et garanties Les fournisseurs d'équipements industriels imposent souvent des restrictions strictes sur les solutions de sécurité autorisées. Dans les installations récentes sous garantie, seules certaines solutions approuvées peuvent être déployées. Le non-respect de ces contraintes peut entraîner l'annulation de garanties couvrant parfois 10 à 15 ans d'exploitation. Cette situation oblige les organisations à valider toute solution de sécurité en laboratoire avant le déploiement, avec une représentation miniature de l'environnement de production. Certains éditeurs d'EDR montrent peu d'affinité avec les environnements cloisonnés, privilégiant des approches IT traditionnelles. Évolution vers le cloud et nouveaux paradigmes L'industrie OT évolue progressivement vers des solutions cloud, même pour les scanners passifs traditionnellement conçus pour des environnements isolés. Cette transition soulève des questions sur l'ouverture contrôlée d'accès Internet dans les couches basses du modèle de Purdue, remettant en question l'isolement total historiquement privilégié. Les solutions modernes nécessitent un flux continu de renseignements sur les menaces pour détecter efficacement les menaces émergentes. Le transport traditionnel de signatures s'avère trop lent face à l'évolution rapide des cybermenaces. Perspectives et recommandations Les experts recommandent de se concentrer sur la consolidation des journaux Windows et des événements SNMP comme point de départ pour améliorer la visibilité. Cette approche pragmatique permet d'obtenir rapidement des gains significatifs dans des environnements actuellement dépourvus de toute visibilité sécuritaire. L'implémentation réussie de ces technologies requiert une collaboration étroite entre les équipes IT et OT, traditionnellement en tension. La cybersécurité en OT doit être perçue comme un mode de défaillance supplémentaire à surveiller, au même titre que les paramètres opérationnels traditionnels. Conclusion L'adaptation des technologies xDR aux environnements OT représente un défi multifacette nécessitant une approche sur mesure. Bien que les concepts IT puissent servir de base, leur transposition directe s'avère inadéquate. Le succès dépend d'une compréhension fine des contraintes industrielles, d'une analyse de risque rigoureuse et d'une architecture respectant les impératifs de sécurité et de continuité opérationnelle. L'évolution vers une visibilité sécuritaire complète en OT demeure un processus long et complexe, mais nécessaire face à l'évolution des menaces cybernétiques. Collaborateurs Nicolas-Loïc Fortin Steve Bélanger Camille Felx Leduc Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

SNMP is still widely used in today’s networks. But modern telemetry and network observability are bringing changes to network monitoring. Today’s Heavy Networking is a roundtable discussion about alternatives to SNMP and real-world use cases for those alternatives. This episode was inspired by a request from listener Nikolay. He says… While telemetry (gRPC, etc.) is... Read more »

SNMP is still widely used in today’s networks. But modern telemetry and network observability are bringing changes to network monitoring. Today’s Heavy Networking is a roundtable discussion about alternatives to SNMP and real-world use cases for those alternatives. This episode was inspired by a request from listener Nikolay. He says… While telemetry (gRPC, etc.) is... Read more »

SNMP is still widely used in today’s networks. But modern telemetry and network observability are bringing changes to network monitoring. Today’s Heavy Networking is a roundtable discussion about alternatives to SNMP and real-world use cases for those alternatives. This episode was inspired by a request from listener Nikolay. He says… While telemetry (gRPC, etc.) is... Read more »

Following last week's introduction to network monitoring, we discuss the Simple Network Management Protocol (SNMP), one of the most implemented types of network monitoring. We discuss how it is organized, operations that SNMP can perform, and versions of SNMP. This week's bonus conversation is a discussion on the future for SNMP. Episode Links: MIB tree... Read more »

Following last week's introduction to network monitoring, we discuss the Simple Network Management Protocol (SNMP), one of the most implemented types of network monitoring. We discuss how it is organized, operations that SNMP can perform, and versions of SNMP. This week's bonus conversation is a discussion on the future for SNMP. Episode Links: MIB tree... Read more »

Join hosts Bill Sutton, Todd Smith, and Geremy Meyers for episode 175 of the Citrix Session Podcast as they dive into the critical aspects of upgrading to XenServer 8. In this episode, they discuss the impending end-of-life status of Citrix Hypervisor 8.2 cu1, scheduled for June 25th, 2025, highlighting the necessity for users to transition to the newer XenServer 8. The team outlines the enhanced features, including support for Windows 11 with VTPM, integrated PvS accelerator, added support for Nagios and SNMP, and the revolutionary Xen Conversion Manager which eases VM conversions. They also navigate through operational tips, such as leveraging a content delivery network for updates and the benefits of infrastructure as code with Terraform support. Whether you're planning a migration or looking to optimize your Citrix workloads, this episode offers invaluable insights into making the most of XenServer 8's capabilities.

Traditional network monitoring was built around SNMP and logs. And while there’s still a role for these sources, network observability aims to incorporate more data to help you build a holistic picture of the network and its behavior and performance. These sources can include flows, streaming telemetry, APIs, NETCONF, the CLI, deep packet inspection, synthetic... Read more »

Traditional network monitoring was built around SNMP and logs. And while there’s still a role for these sources, network observability aims to incorporate more data to help you build a holistic picture of the network and its behavior and performance. These sources can include flows, streaming telemetry, APIs, NETCONF, the CLI, deep packet inspection, synthetic... Read more »

Traditional network monitoring was built around SNMP and logs. And while there’s still a role for these sources, network observability aims to incorporate more data to help you build a holistic picture of the network and its behavior and performance. These sources can include flows, streaming telemetry, APIs, NETCONF, the CLI, deep packet inspection, synthetic... Read more »

Traditional network monitoring was built around SNMP and logs. And while there’s still a role for these sources, network observability aims to incorporate more data to help you build a holistic picture of the network and its behavior and performance. These sources can include flows, streaming telemetry, APIs, NETCONF, the CLI, deep packet inspection, synthetic... Read more »

Dylon Wilson and Brandon Pierce are joined by the always exciting Andrew Grady (AKA Mike Tyson) In this episode we speak on the season opener for the CARS Tour kevinsaysyes.com 125 at Southern National.This episode is brought to you by OneWraps.Onewraps LLC is a full service wrap and sign shop located in Hicory, NC. We offer unbeatable prices, professional installations, and full service graphic design.Email OnedesignsNC@gmail.com to get a free quote!

People who know Alex Hartman realize that he tends to be way ahead of the pack. Alex is typically just beyond the cutting edge of technology implementation. That often makes his comments hard to understand. But when you get to know Alex and understand his ideas and concerns, they usually do make very good sense. He’s also good at “breaking things”, revealing weak points in design. Today we’re discussing people, skills, and the uncertain future of talent sourcing. Alex has some real concerns and ideas about this. In his position at Wisconsin Public Media, Alex is hands-on with basic audio tech, but also data centers and managing fleets of equipment, computing, and sometimes people. Show Notes:Alex says SNMP is passé. MQTT: The Standard for IoT MessagingTutorial Video: How to Get Started with MQTT Guest:Alex Hartman - Wisconsin Public Media Engineering Host:Kirk Harnack, The Telos Alliance, Delta Radio, Star94.3, & South Seas BroadcastingFollow TWiRT on Twitter and on FacebookTWiRT is brought to you by:Nautel’s new GV2 FM transmitters are here - chock full of features!Broadcasters General Store, with outstanding service, saving, and support. Online at BGS.cc. Broadcast Bionics - making radio smarter with Bionic Studio, visual radio, and social media tools at Bionic.radio.Angry Audio and the new Rave analog audio mixing console. The new MaxxKonnect Broadcast U.192 MPX USB Soundcard - The first purpose-built broadcast-quality USB sound card with native MPX output. Subscribe to Audio:iTunesRSSStitcherTuneInSubscribe to Video:iTunesRSSYouTube

Can a team of engineers resolve thousands of engineering trouble tickets each month, and do it efficiently and keep with good engineering practice? iHeartMedia is doing it and Mike Sprysenski is leading that team. From an office in Orlando, Mike Spry and a team of radio engineers and IT professionals resolve engineering issues at nearly 900 radio stations, keeping those stations on-the-air. Many issues are even handled preemptively, before they affect what the public is hearing over the air or online. Chris Tarr and Kirk Harnack discuss this approach with Mike on this episode of TWiRT. Show Notes:Chris Tarr likes SNMP hardware interfaces from https://denkovi.com/ Guest:Mike Sprysenski - CPBE, Engineering Response Team Lead, iHeartMedia Technology Solutions Center Hosts:Chris Tarr - Group Director of Engineering at Magnum.MediaKirk Harnack, The Telos Alliance, Delta Radio, Star94.3, & South Seas BroadcastingFollow TWiRT on Twitter and on FacebookTWiRT is brought to you by:Nautel’s new GV2 FM transmitters are here - chock full of features!Broadcasters General Store, with outstanding service, saving, and support. Online at BGS.cc. Broadcast Bionics - making radio smarter with Bionic Studio, visual radio, and social media tools at Bionic.radio.Angry Audio and the new Rave analog audio mixing console. The new MaxxKonnect Broadcast U.192 MPX USB Soundcard - The first purpose-built broadcast-quality USB sound card with native MPX output. Subscribe to Audio:iTunesRSSStitcherTuneInSubscribe to Video:iTunesRSSYouTube

We receive our audio editor but first of all DataCenter guru Kris Vandecruys. He tells us about SAN and the storage technologies, FiberChannel, the difference between NAS and SAN as well as the time where an SNMP monitoring script killed the whole datacenter.

AI and machine learning are finally being applied to networking in meaningful ways. On today's sponsored show we talk with Selector about its AIOps platform, which ingests networking logs, flows, configurations, SNMP, and other telemetry to detect patterns, spot problems, and provide contextual insights to help network engineers do their jobs better. We speak with Selector about what it is, how it works, and concrete use cases.

AI and machine learning are finally being applied to networking in meaningful ways. On today's sponsored show we talk with Selector about its AIOps platform, which ingests networking logs, flows, configurations, SNMP, and other telemetry to detect patterns, spot problems, and provide contextual insights to help network engineers do their jobs better. We speak with Selector about what it is, how it works, and concrete use cases. The post Heavy Networking 707: Getting Real With Selector's AIOps (Sponsored) appeared first on Packet Pushers.

AI and machine learning are finally being applied to networking in meaningful ways. On today's sponsored show we talk with Selector about its AIOps platform, which ingests networking logs, flows, configurations, SNMP, and other telemetry to detect patterns, spot problems, and provide contextual insights to help network engineers do their jobs better. We speak with Selector about what it is, how it works, and concrete use cases.

AI and machine learning are finally being applied to networking in meaningful ways. On today's sponsored show we talk with Selector about its AIOps platform, which ingests networking logs, flows, configurations, SNMP, and other telemetry to detect patterns, spot problems, and provide contextual insights to help network engineers do their jobs better. We speak with Selector about what it is, how it works, and concrete use cases. The post Heavy Networking 707: Getting Real With Selector's AIOps (Sponsored) appeared first on Packet Pushers.

AI and machine learning are finally being applied to networking in meaningful ways. On today's sponsored show we talk with Selector about its AIOps platform, which ingests networking logs, flows, configurations, SNMP, and other telemetry to detect patterns, spot problems, and provide contextual insights to help network engineers do their jobs better. We speak with Selector about what it is, how it works, and concrete use cases.

AI and machine learning are finally being applied to networking in meaningful ways. On today's sponsored show we talk with Selector about its AIOps platform, which ingests networking logs, flows, configurations, SNMP, and other telemetry to detect patterns, spot problems, and provide contextual insights to help network engineers do their jobs better. We speak with Selector about what it is, how it works, and concrete use cases. The post Heavy Networking 707: Getting Real With Selector's AIOps (Sponsored) appeared first on Packet Pushers.

Subscriber-only episode

Interoperability - what does that mean? After this 1-hour conversation with Robbie Green and Chris Tarr, I would say it means “controlling or checking on one device by using another device or system”. Scaled up intelligently, it implies having control and understanding of complex systems from a single location, or doing so automatically. So, rather than separately checking on an automation system, an audio processor, an audio router, a satellite receiver, a transmitter, or a security system, these individual systems can connect meaningfully to a central monitoring and control (“M&C”) system and/or to each other as appropriate. GPIO is a low-bar baseline for interoperability. Serial control, RS-422, and CanBUSS moved us forward, but a variety of TCP/IP protocols, including SNMP, have brought us to a good level of general interoperability if we’re willing to do the work and research to implement them. These ideas have motivated Robbie Green and Chris Tarr to implement interoperabilities that make broadcast operations more reliable, stable, and convenient. Show Notes:Robbie mentioned the LANTRONIX UDS2100 as a good Serial Device ServerWe mentioned live, on-line demos of some Inovonics devices, which are also interoperableConnect SNMP to other protocols with these...https://www.controlbyweb.com/x600m/Robbie’s example of vMix TCP integration - https://www.vmix.com/help26/TCPAPI.htmlMessaging on various display platforms, like Paravel's WallTime Guest:Robbie Green - Product Manager, Communication Products at Telos Alliance Hosts:Chris Tarr - Group Director of Engineering at Magnum.MediaKirk Harnack, The Telos Alliance, Delta Radio, Star94.3, & South Seas BroadcastingFollow TWiRT on Twitter and on FacebookTWiRT is brought to you by:Nautel brings you Transmission Talk Tuesday Discussions. Easy, free registration is here.Broadcasters General Store, with outstanding service, saving, and support. Online at BGS.cc. Broadcast Bionics - making radio smarter with Bionic Studio, visual radio, and social media tools at Bionic.radio.Angry Audio - with StudioHub cables and adapters. Audio problems disappear when you get Angry at AngryAudio.com. And MaxxKonnectWireless - Prioritized High Speed Internet Service designed for Transmitter Sites and Remote Broadcasts. Subscribe to Audio:iTunesRSSStitcherTuneInSubscribe to Video:iTunesRSSYouTube

When Chuck Kelly recommends a new technique or technology, it’s important to pay attention. TX-Control is a networked and cloud-based monitoring, alarm, analysis, and control system designed for broadcast equipment. In Europe TX-Control is monitoring over 1,500 transmitter sites, providing custom reports on trends, outages, automatic remediation, and more. It leverages SNMP, a monitoring and control protocol which is built-in to more and more broadcast equipment. Chuck is joined by Aimé Diattà to help us understand this technology and service that’s watching over critical broadcast infrastructure. Show Notes:The TX-Control web site is highly informative with graphical explanations of the system.The TX-Control brochure shows layout diagrams to help explain the concept and operation. Guests:Chuck Kelly - Broadcast Industry Technology ConsultantAimé Diattà - Consulting, Business Development & Relazioni Istituzionali - 22hbg.com Hosts:Chris Tarr - Group Director of Engineering at Magnum.MediaKirk Harnack, The Telos Alliance, Delta Radio, Star94.3, & South Seas BroadcastingFollow TWiRT on Twitter and on FacebookTWiRT is brought to you by:Nautel brings you Transmission Talk Tuesday Discussions. Easy, free registration is here.Broadcasters General Store, with outstanding service, saving, and support. Online at BGS.cc. Broadcast Bionics - making radio smarter with Bionic Studio, visual radio, and social media tools at Bionic.radio.Angry Audio - with StudioHub cables and adapters. Audio problems disappear when you get Angry at AngryAudio.com. And MaxxKonnectWireless - Prioritized High Speed Internet Service designed for Transmitter Sites and Remote Broadcasts. Subscribe to Audio:iTunesRSSStitcherTuneInSubscribe to Video:iTunesRSSYouTube

When Chuck Kelly recommends a new technique or technology, it's important to pay attention. TX-Control is a networked and cloud-based monitoring, alarm, analysis, and control system designed for broadcast equipment. In Europe TX-Control is monitoring over 1,500 transmitter sites, providing custom reports on trends, outages, automatic remediation, and more. It leverages SNMP, a monitoring and control protocol which is built-in to more and more broadcast equipment. Chuck is joined by Aimé Diattà to help us understand this technology and service that's watching over critical broadcast infrastructure.

When Chuck Kelly recommends a new technique or technology, it's important to pay attention. TX-Control is a networked and cloud-based monitoring, alarm, analysis, and control system designed for broadcast equipment. In Europe TX-Control is monitoring over 1,500 transmitter sites, providing custom reports on trends, outages, automatic remediation, and more. It leverages SNMP, a monitoring and control protocol which is built-in to more and more broadcast equipment. Chuck is joined by Aimé Diattà to help us understand this technology and service that's watching over critical broadcast infrastructure.

An airhacks.fm conversation with Vinicius Senger (@vsenger) about: msx computer, delivering pizza to buy computer with 12 years, learning Basic to write games, learning dBASE, arduino and Java, writing dBase software for real estate management, the step clipper functions, harbour project or clipper on linux, learning C, the reset boy, Delphi vs. Visual Basic, NetWare LANtastic, writing Perl for Sun Microsystems, teaching Java, SL-275, SL-285, SL-310, OO-226, SL-425, SL-500, SNMP and traps, Sun Tech Days, the Globalcode company, The Developer's Conference (TDC), the Sun SPOTs, the network is the computer, Amazon Corretto openJDK, Vinicius on Github: vsenger, Java on AWS Vinicius Senger on twitter: @vsenger

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it.

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it. The post Tech Bytes: Configure Devices, Stream Telemetry With Nokia's Free, Open-Source gNMIc (Sponsored) appeared first on Packet Pushers.

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it. The post Tech Bytes: Configure Devices, Stream Telemetry With Nokia's Free, Open-Source gNMIc (Sponsored) appeared first on Packet Pushers.

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it.

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it.

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it. The post Tech Bytes: Configure Devices, Stream Telemetry With Nokia's Free, Open-Source gNMIc (Sponsored) appeared first on Packet Pushers.

Sponsor and startup Augtera Networks joins Day Two Cloud to discuss Augtera's proactive network analysis and operations product, which is meant to make you aware of problems before they become…problems. Augtera brings together traditional network sources such as flows and SNMP, plus telemetry and metadata to provide actionable information across networks you own and networks you don't.