Saturday, March 30, 2019

What Does Web Devlopment

Definition - What does Web Development mean? 

 

Web development broadly refers to the tasks associated with developing websites for hosting via intranet or internet. The web development process includes web design, web content development, client-side/server-side scripting and network security configuration, among other tasks.
Web development is also known as website development.


Web Devlopment languages


Top 5 Differences Between VLOOKUP & HLOOKUP in Microsoft Excel

Top 5 differences between VLOOKUP & HLOOKUP in Microsoft Excel

Microsoft Excel is reckoned as one of the best and user-friendly spreadsheet software. Because of this feature this spreadsheet software is widely used around the world. According to the news inputs the latest version Office 365 comes with additional features like cloud services, making it a more powerful spreadsheet software. Microsoft Excel comes with 400 features, which are very easy to use and understand, making data analysis manipulations very easy.
Microsoft Excel offers a Lookup function, that helps you in searching values in a column or row. The letter V in VLookup stands for vertical [column] on the other hand HLookup refers to Horizontal [row]. The knowledge and hands-on experience in using VLookup and HLookup functions are mandatory for some jobs. Initially using these functions may be complicated for the novice users but once they get a clear understanding of this functionality, they will have a better idea where to use these functions to get the optimum results.
The VLookup function is one of the important functions in Microsoft Excel. This function helps you to locate specific information in your spreadsheet. When the user uses VLookup function for finding specific information in MS Excel spreadsheet, each matching information is displayed in the same row but in the next column.  
Microsoft Excel defines HLookup as a function that “looks for a value in the top row of a table or array of values and returns the value in the same column from a row you specify”. The HLookup function retrieves data from the table horizontally. According to some experts most of the data in MS Excel sheet is created with vertical tables, the HLookup function is used less in comparison to VLookup function
Difference 2:
VLookup Syntax
VLOOKUP(lookup_value, table_array, col_index_num, [range_lookup])
In the above VLookup syntax, lookup_value refers to the value that the user is trying to find in a table, and table_array refers to the range or table in which the user is looking for a certain value to match another value. 
HLOOKUP( lookup_value, table_array, row_index_num, [range_lookup] )
In the above syntax lookup_value refers to the value that the user wants to look for, table_array refers to the data or table the user is searching for, and row_index_num in this refers to the row number array, that the user wants the corresponding value to be returned from
The [range_lookup]  is an optional logical argument, which can be set to TRUE or FALSE by the user. If it is set to TRUE and if there is no exact match found, this will return the closest match to the given value. If it is set to FALSE by the user, and if the given value is not found in the spreadsheet then it will return an error message. The user can also make use of wild (“? and *”)characters in their Hlookup function , where" ? "is used to match any single character and (*) is used to match a sequence of characters.
Difference 3:
One of the pre-requisite for using VLookup function is that the value the user is searching must be located in the left-most column of the table/range.
In HLookup syntax, the pre-requisite is that the value the user is searching in the table or range must be in the top-most column. 
Though MS Excel HLookup function is a very useful function for creating horizontal Lookups but is not very popular in comparison to VLookup function because, most of the tables are are vertical MS Excel, and that is the reason this HLookup function is not that popular in comparison to VLookup function.
Difference 5:
HLookup searches for a value in the top row of a table and then returns a value in the same column. The VLookup function displays the searched value in the same row but in the next column. 
The MS Excel spreadsheet software features are very user-friendly, the user can easily use these functions to manipulate and analyze their data in the spreadsheet. VLookup and HLookup functions are two functions that are used for finding specific data in the excel sheet. This function is very useful as it easily locates the data or the value. If we compare both VLookup and HLookup functions, we find that VLookup function is more frequently used by the MS Excel users in comparison to HLookup function.

Friday, March 29, 2019

Web Design Principles

Web Design

Web designers must always begin by considering a client’s website objectives and then move on to an Information Architecture (IA) to set a website’s information hierarchy and help guide the design process. Next, web designers can start creating wireframes and finally move to the design stage. Web designers may use several basic design principles to achieve an aesthetically pleasing layout which also offers excellent user experience.

Design Principles

  • Balance – It’s important for web designers to create a balanced layout. In web design we refer to heavy (large and dark colors) and light (small and lighter colors) elements. Using the correct proportion of each is critical to achieving a balanced website design.

  • Contrast – In color theory, contrasting colors are ones placed opposite one another on the color wheel (see also complementary colors). Web design offers a few other areas where contrast is applicable. Designers look at
    contrasting sizes, textures and shapes to define and draw attention to certain sections of the website.

  • Emphasis – We touched on this a bit when discussing contrast. Emphasis is a design principles founded in the intentional “highlighting” of certain important elements of the website layout. It’s important to note that if you emphasize everything on the page you end up emphasizing nothing. Imagine a page in a book where 80% of the content is highlighted in yellow…does anything really stand out? This is the time to take a look at that Information Architecture for direction.

  • Consistency – Also called repetition or rhythm, consistency is a critical web design principle. For example, clean and consistent navigation provides the best user experience for your website visitors.

  •          
    Unity
     – Unity is the relationship between the various parts of the website layout and the composition as a whole. Based in the Gestalt theory, unity deals with how the human brain visually organizes information by grouping elements into categories.

Operation of IP Data Networks


Operation of IP Data Networks
The IP protocol or internet protocol is the principal communications protocol in the Internet Protocol suite. It’s used for relaying datagrams across network boundaries. Its routing function enables internetworking and essentially establishes the internet.
IP is the primary protocol in the internet layer of the Internet Protocol suite has the task of delivering packets from the source host to the destination host solely based on the IP address in the packet headers.

As you can see IP is the highest layer protocol which is implemented on both routers and hosts. The delivery service associated with IP is minimal.
IP provides an unreliable, connectionless, best effort service also called Datagram service.
·         Unreliable: IP does not make an attempt to recover lost packets.
·         Connectionless: Each packet is handled independently IP is not aware that packets between hosts may not be sent in logical Sequence.
·         Best-effort: IP does not make guarantees on the service (no throughput guarantee, no delay guarantee)
The consequences of this is that higher-level protocols have to deal with losses or duplicate packets and packets may be delivered out of sequence.
IP supports the following services
·         one-to-one communication or unicast
·         communication 1 – all communication or broadcast communication
·         1 to several communication or multicast communication
That being said IP multicast requires the support of other protocols such as IGMP or multicast routing.

As I mentioned before IP is unreliable and connection less. It relies on higher-level protocols such as TCP and UDP to ensure packets have no errors and that all packets arrive and are correctly reassembled.

Out of the two protocols that are used, the first one is UDP.
·         UDP provides unreliable connectionless delivery servicing the Internet Protocol.
·         Application programs utilizing UDP accept full responsibility for packet reliability including message loss delay and out of sequence packets
With transmission control protocol or TCP
·         TCP provides a reliable connection-oriented service using the Internet Protocol
·         It provides reliable packet delivery, packet sequencing, error control and multiplexing


Reliability Growth in Six Sigma

Image result for Reliability Growth in Six Sigma

More on Six Sigma:
 
To understand reliability growth in Six Sigma, it is important to understand the six sigma concept. It is a strategic methodology and a management philosophy that was first developed by Motorola and it aims on have 99.99966% of products statistically free from any defect. This is achieved by setting very high objectives before the project starts, collecting as much relevant data as possible and maintaining stringent standards while analyzing the data. The goal is to eliminate the defects in a systematic manner and get the product or service as close as possible to perfection. If one has to achieve Six Sigma, a company cannot produce more than 3.4 defects in every million opportunities, where an opportunity is defined as a chance for non-conformance. Many companies made it possible to reduce their costs and enhance their productivity, thanks to Six Sigma process. It can also be used as a management system by linking all the crucial goals of an organization to the implementation and using the Six Sigma processes.
 
Two processes are comprised in Six Sigma, which are: 
  • Six Sigma DMADV
  • Six Sigma DMAIC 
Each letter in the 5 lettered-term stands for major steps that are involved in any process. Six Sigma DMADV is a process that Defines, Measures, Analyzes, Designs, and Verifies any process, product or service that is trying to achieve the Six Sigma quality. On the other hand, Six Sigma DMAIC is a process that Defines, Measures, Analyzes, Improves and Controls all the existing processes that need to attain the Six Sigma quality. Following these methods, the results will be sustainable over a long period of time.
 
Integrating Reliability with Six Sigma:
 
Reliability can be defined as the probability of a process performing its duty without failing for a specified period of time when it is operated in a particular environment and conditions. Since the Six Sigma process allows almost negligible defects, reliability analysis holds utmost importance. Reliability is usually measured based on the failures of the process, which in turn represents any defect in the reliability process. Once these failures are identified and eliminated, the reliability performance will improve.
 
The Six Sigma methods can be integrated with the reliability processes to maintain a reliability growth at various stages. There are various steps that are involved in ensuring reliability growth. They are:
  • Thorough Data Analysis
  • Developing new strategies 
  • Maintaining the developed strategies
  • Detecting faulty designs and improving them
  • Note down if any process is dysfunctional or not up to the standards and fix them accordingly
When there is a flawless integration between the right Six Sigma process and reliability process, any company can count on getting the desired growth and development. The strengths of both the processes should be linked and aligned properly. When that is done you will get valuable insights of solving difficult reliability issues, an opportunity to design better solutions, maintain the defects to a minimum and  project better results.
 
Way Ahead:
 
Maintaining the performance to the Six Sigma level is not an easy task at all. This is the reason why companies highlight their Six Sigma achievements if they attain them. Integrating different practices that will help enhance various processes in an organization becomes vital to touch the Six Sigma level.

Thursday, March 28, 2019

The Concept of Asymmetric routing


The Concept of Asymmetric routing

Asymmetric routing in general is a normal, but unwanted situation in an IP network. Asymmetric routing is a situation where for one reason or another packets flowing in i.e. TCP connections flow through different routes to different directions. As a rough example: Host A and B located in different continents are communicating through a TCP connection. Segments sent from host A to host B reach the destination through Sprint link but segments sent from B to A reach the destination through MCI link.
Asymmetric routing in general is a normal, but unwanted situation in an IP network. Asymmetric routing is a situation where for one reason or another packets flowing in i.e. TCP connections flow through different routes to different directions. As a rough example: Host A and B located in different continents are communicating through a TCP connection. Segments sent from host A to host B reach the destination through Sprint link but segments sent from B to A reach the destination through MCI link.


Asymmetric routing as described above is not a problem for current TCP/IP implementations, since TCP connection does not care which route a certain IP packet takes as long as it reaches its destination in a reasonable time.
Asymmetric routing can occur in a smaller scale also. It could happen in a situation where an organization uses two different routes, like a VPN and a leased line, for instance, to their branch office. In Full Cluster technology context, we speak about asymmetric routing when we have a situation where segments on a single connection come in to the network through one node and go out through another node. Below is the another example of Asymmetric traffic.

Asymmetric routing is not a problem by itself, but will cause problems when Network Address Translation (NAT) or firewalls are used in the routed path. For example, in firewalls, state information is built when the packets flow from a higher security domain to a lower security domain. The firewall will be an exit point from one security domain to the other. If the return path passes through another firewall, the packet will not be allowed to traverse the firewall from the lower to higher security domain because the firewall in the return path will not have any state information. The state information exists in the first firewall.

Traffic between the user PC and either the finance server or the WWW server can flow in an asymmetric manner at several points along the network. Between the PC and the finance server, switches S1 and S3 are the main location it can occur. Between the PC and the WWW server, traffic could take an asymmetric route at S1 and S2 or at the Internet when returning through ISP A or ISP B.So far, this is network design 101. Most network designers don’t have any problem with asymmetric traffic because IP networks are asymmetric by nature. At each point in the transmission, an IP router makes a forwarding decision based on its view of the network.
Now asymmetric flows really start to cause problems! Again, consider the PC communicating with server HTTP://WWW. A perfectly reasonable packet flow might have the outgoing connection flow through S4, S1, FW1, Inet_RTR_1, ISP A, and then to server HTTP://WWW. Along the way, FW1 learns that the PC is trying to communicate with server WWW, and so it adds an entry in its state table to enable the return traffic to flow when it comes back from server HTTP://WWW. Unfortunately, the return path for the packet from server WWW to the user PC happens to be ISP B, Inet_RTR_2, FW2, S2, S4, user PC. The packet never reaches the PC, though, because FW2 doesn’t have any state information for the communication. As far as it is concerned, server WWW is initiating new communications to the user PC that are blocked based on the configured security policy.
This problem can be further complicated by intrusion detection systems (IDS) deployed within the campus or near the firewalls. If traffic flows by an IDS in an asymmetric manner, it won’t see all of the data. Consequently, it might alarm on traffic that is benign (false positive), or it might miss an attack altogether (false negative).
I wish there were an easy answer to this problem, but unfortunately there isn’t. This section is included as much to bring the problem to your attention as it is to offer possible solutions. You do have some options, however:
·         Make your routing symmetric.
·         Load balance per flow rather than per packet.
·         Use state-sharing security devices.
·         Consider L2 redundancy as a workaround.
·         Manipulate flows by using routing or NAT.
·         Use stateless security features.

Make Your Routing Symmetric

This might seem easy, but in real network designs it can be a significant challenge. Even still, you would be surprised to see how many large networks use symmetric routing at certain parts of their network to enable state-aware security devices to function or to solve other networking issues. This is particularly common at Internet edges, where it is not unheard of to see an entire connection to an ISP lying dormant while the primary connection handles all of the load. Another example of Asymmetric route below.

Load Balance Per Flow Rather Than Per Packet

Most L3 devices can be configured to do one of two things when equal-cost paths exist for a given network destination. In the first option, packets are simply balanced in round-robin format, with each successive packet going to the next available upstream router. This option causes the most heartache with internal security systems such as IDS. The second, more preferred, option is to load balance based on a given flow. This means traffic with a particular source and destination IP address and port (often called a four tuple) is always sent by a specific upstream router. This allows IDS systems and other state-aware devices to at least see half of the communication in a consistent manner. Unfortunately, this does nothing to the return traffic, which still might flow over a different link.

Use State-Sharing Security Devices

As the problem of asymmetric traffic manifests itself more and more in networks, network security vendors are starting to offer options allowing the state information within one security device to be shared with another.  FWs 1 and 2 could exchange their state table information to ensure that if the other device sees part of a given flow, it will know to permit the traffic. Often, the amount of information exchanged is significant and requires that dedicated links be configured between the firewalls to exchange the state information.

Consider L2 Redundancy as a Workaround

With the careful introduction of L2 redundancy as opposed to L3, technologies such as Virtual Router Redundancy Protocol (VRRP) or Hot Standby Router Protocol (HSRP) can allow traffic to flow through a single location while still providing redundancy. This option works best on high-speed connections where the use of only one path instead of two or more does not affect network performance.
The result is that normally asymmetric flows can be made symmetric for short distances in the network, such as while traffic passes through a firewall. If FWs 1 and 2 were connected on both sides to the same L2 network, they could use something like VRRP to appear as a single firewall to the upstream and downstream routers. This means that traffic can flow in an asymmetric manner out to the Internet and to the internal network but in a symmetric manner when passing through the firewall. This is generally impossible when the two devices are not in close geographic proximity to one another. For example, if FW 1 is in Brussels, Belgium, and FW 2 is in Hackensack, New Jersey, you are out of luck.

Manipulate Flows by Using Routing or NAT

Because this is a book on security, the ins and outs of BGP path preference have no place within the text. It is worth noting, however, that there are a number of things that can be done with routing protocols to affect the paths that packets take. To some degree, you can also influence which path outside networks take when they must communicate with you. Although not very elegant, some other workarounds involve using different NAT pools based on which security device a packet passes through. Return packets can then be forced to a specific security device based on the unique NAT pool they allocate from.

Use Stateless Security Features

Even though firewalls have been around for many years, a number of companies still use basic ACLs instead of stateful firewalls for, among other things, this asymmetric issue. Some security functionality is clearly lost. Basic ACLs don’t track state information, but if your traffic flows are fairly easy to categorize, you can still achieve some security without needing symmetric traffic flows. Remember that if you have properly implemented a true security system as defined in Chapter 1, the access control function of a firewall is only one part of the overall security story.
With IDS, the signatures that work improperly in asymmetric environments can be turned off to prevent false positives. Again, this will reduce the security such systems provide but will still allow a number of signatures to fire properly.


Introduction to ITIL 4 practices

Related image
The evolution of processes to practices is in progress. These can simply be plugged in as activities when needed. This is just one of several changes. In the table below, you can see a number of new practices (formerly known as processes) that were not available before.
General management practicesService management practicesTechnical management practices
Architecture managementAvailability managementDeployment management
Continual ImprovementBusiness AnalysisInfrastructure & platform management
Information security managementCapacity & Performance managementSoftware development and management
Knowledge managementChange control 
Measurement and reportingIncident management 
Organizational change managementIT asset management 
Portfolio managementMonitoring & event management 
Project managementProblem management 
Relationship managementRelease management 
Risk managementService catalogue management 
Service Financial ManagementService configuration management 
Strategy managementService continuity management 
Supplier managementService Design 
Workforce & talent management
Service Desk
 
 
Service Level management
 
 
Service request management
 
 
Service validation & testing
 
ITIL 4 is the result of more than 10 years of experience and research that results in an impressive update. It has benefitted from other methodologies such as Agile, DevOps, and Lean. This means that it provides a cutting edge framework for organizations. It takes a new approach to even complex practices such as software development and Change Management.

Will you transition to ITIL 4? 3 recommendations:

1. Are you a student of ITIL v3? Are you concerned that you are now learning an older version of ITIL? No need to worry. Continue learning v3 and gain a good understanding of it. ITIL 4 will be rolled out during 2019. Following this, each organization will apply its strategy. You will then be able to build on your understanding of v3 by transitioning to ITIL 4 during 2020 or 2021. Do not stop your education as you will need to sit ITIL 4 Foundation level examinations again.
2. Many have already taken intermediate training. If so, continue your education since there will be transition learning and exams. 
3. A key component of ITIL 4 is capacity management. This is the practice of right-sizing IT resources to meet current and future needs. This means that ITIL has been designed to change and adapt according to the organization. Keep a close eye on its application in your organization.

Wednesday, March 27, 2019

Application Security Groups now generally available in all Azure regions


Application Security Groups now generally available in all Azure regions
We are pleased to announce the general availability of Application Security Groups (ASG) in all Azure regions. This feature provides security micro-segmentation for your virtual networks in Azure.



Network security micro segmentation
ASGs enable you to define fine-grained network security policies based on workloads, centralized on applications, instead of explicit IP addresses. Provides the capability to group VMs with monikers and secure applications by filtering traffic from trusted segments of your network.
Implementing granular security traffic controls improves isolation of workloads and protects them individually. If a breach occurs, this technique limits the potential impact of lateral exploration of your networks from hackers.
Security definition simplified
With ASGs, filtering traffic based on applications patterns is simplified, using the following steps:
·         Define your application groups, provide a moniker descriptive name that fits your architecture. You can use it for applications, workload types, systems, tiers, environments or any role.
·         Define a single collection of rules using ASGs and Network Security Groups (NSG), you can apply a single NSG to your entire virtual network on all subnets. A single NSG gives you full visibility on your traffic policies, and a single place for management.
·         Scale at your own pace. When you deploy VMs, make them members of the appropriate ASGs. If your VM is running multiple workloads, just assign multiple ASGs. Access is granted based on your workloads. No need to worry about security definition again. More importantly, you can implement a zero-trust model, limiting access to the application flows that are explicitly permitted.
Single network security policy
ASGs introduce the ability to deploy multiple applications within the same subnet, and isolate traffic based on ASGs. With ASGs you can reduce the number of NSGs in your subscription. In some cases, you can use a single NSG for multiple subnets of your virtual network. ASGs enable you to centralize your configuration, providing the following benefits in dynamic environments:
·         Centralized NSG view: All traffic policies in a single place. It’s easy to operate and manage changes. If you need to allow a new port to or from a group of VMs, you can make a change to a single rule.
·         Centralized logging: In combination with NSG flow logs, a single configuration for logs has multiple advantages for traffic analysis.
·         Enforce policies: If you need to deny specific traffic, you can add a security rule with high priority and enforce administrative rules.
Filtering east-west traffic
With ASGs, you can isolate multiple workloads and provide additional levels of protection for your virtual network.
In the following illustration, multiple applications are deployed into the same virtual network. Based on the security rules described, workloads are isolated from each other. If a VM from one of the applications is compromised, lateral exploration is limited, minimizing the potential impact of an attacker.
In this example, let’s assume one of the web server VMs from application1 is compromised, the rest of the application will continue to be protected, even access to critical workloads like database servers will still be unreachable. This implementation provides multiple extra layers of security to your network, making this intrusion less harmful and easy to react on such events.
Filtering north-south traffic
In combination with additional features on NSG, you can also isolate your workloads from on premises and azure services in different scenarios.
In the following illustration, a relatively complex environment is configured for multiple workload types within a virtual network. By describing their security rules, applications have the correct set of policies applied on each VM. Similar to the previous example, if one of your branches is compromised, exploration within the virtual network is limited therefore minimizing the potential impact of an intruder.
In this example, let’s assume someone on one of your branches connected using VPN, compromise a workstation and has access to your network. Normally only a subset of your network is required for this branch, by isolating the rest of your network; all other applications will continue to be protected and unreachable. ASGs another layers of security to your entire network.
Another interesting scenario, assuming you have detected a breach on one of your web servers, a good idea would be to isolate the VM for investigation. With ASGs, you can easily assign a special group predefined for quarantine VMs on your first security policy. These VMs lose access providing an additional benefit to help you react and mitigate this treats.



Which Python course is best for beginners?

Level Up Your Python Prowess: Newbie Ninjas: Don't fret, little grasshoppers! Courses like "Learn Python 3" on Codecade...