netbox integration with KEA DHCP Server

netbox is an asset management system, which includes IPAM and DCIM functions. In an IT environment it serves as the source of truth. So all other services should use netbox as its backend. In this article I want to describe how to setup the integration between netbox and the KEA …

Continue reading

Create firewalld Rules from netbox

The netbox asset management system offers the possiblity to add services to devices and virtual machines. With full automation installed to create virtual machines from netbox it would be cool to also create the firewall rules for new machines from the information stored in netbox.

netbox Service Field

For every …

Continue reading

Onboarding Interfaces with netbox

Michael Schwartzkopff , 21 Nov 2020

Onboarding new devices is a nice new feature of netbox. But the onboarding does not include interfaces. In this article I want to present a method to read out the interfaces of devices and add them to netbox automatically. It uses ansible, but plain python with napalm as abstraction layer …

Continue reading

Device Discovery with netbox

netbox is a cool asset management system that serves as source of truth. Configurations are derived from netbox and deployed with ansible or saltstack. But how does netbox get the information about all devices? In this article I want to discuss a method to discover new devices based on known …

Continue reading

Fast Provisioning with Netbox and Ansible

Motivation

Administrators of services need new servers fast. They do not want to wait until the master of the virtualization environment has time to setup their new machines.

The solution is automation. The administrators get access to the inventory tool and can click their new machines themselves. Clever automation in …

Continue reading

Upgrade IOS with ansible

Motivation

A reoccuring task of a network administrator is the upgrade of all kinds of devices in the network. A boring task that takes its time. A worthy task for automation. In this artice I want to present a collection of playbooks that will do the upgrade.

My intention was …

Continue reading

S/MIME-Verschlüsselung in neomutt einrichten und nutzen

Patrick Ben Koetter , 16.09.2019

S/MIME-Zertifikate in neomutt einbinden ist mit Hilfe des Programms gpgsm kinderleicht geworden. Hier zeige ich wie es geht.

Bei sys4 verschlüsseln wir E-Mail standardmäßig – fallweise weichen wir davon ab. Wenn ich von Verschlüsselung spreche, dann meine ich damit Ende-zu-Ende- und Transportverschlüsselung. In diesem kleinen HOWTO soll es darum gehen …

Continue reading

Monitoring amavis

This article describes how to monitor amavis for fault and performance.

Monitoring Basics

If you operate an application, you have to monitor it. You want to be the first one to know when things go wrong. You also want to know how well your application performs. That is why you …

Continue reading

Neuer Mindeststandard für TLS

Kurz aufeinanderfolgend haben das Nationaal Cyber Security Centrum (kurz: NCSC, IT-Sicherheitsbehörde der Niederlande) und das deutsche BSI neue Mindeststandards für TLS veröffentlicht. Beide, NCSC und BSI, empfehlen von nun an entweder TLS 1.3 oder TLS 1.2 mit DH für Forward Secrecy zur Verschlüsselung der Transportschicht zu verwenden.

Beide …

Continue reading