Archive

Category Archives for "Networking"

Cisco’s $15B backlog: China COVID worries, impact of war in Ukraine

Global uncertainties created by ongoing COVID closures and the war in Ukraine continues to impact business for Cisco and its networking competitors.Cisco’s 3Q earnings announced this week show another round of backlog growth—this time to $15 billion with an additional $2 billion in software backlog and a $200 million earnings hit from the company pulling business from Russia over its invasion of Ukraine. Overall quarterly revenue of $12.8B was flat year-over-year while total product revenue was up 3%.Two big factors affected Q3 earnings the most, according to Cisco CEO Chuck Robbins. "The first is the war in Ukraine which resulted in us ceasing operations in Russia and Belarus and had a corresponding revenue impact,: he said. "The second relates to COVID-related lock down in China, which began in late March. These lockdowns resulted in an even more severe shortage of certain critical components."To read this article in full, please click here

Is OpenFlow Still Kicking?

Continuing the how real is the decade-old SDN hype thread, let’s try to figure out if anyone still uses OpenFlow. OpenFlow was declared dead by the troubadour of the SDN movement in 2016, so it looks like the question is moot. However, nothing ever dies in networking (including hop-by-hop IPv6 extension headers), so here we go.

Why Would One Use OpenFlow?

Ignoring for the moment the embarrassing we solved the global load balancing with per-flow forwarding academic blunders1, OpenFlow wasn’t the worst tool for programming forwarding exceptions (ACL/PBR) into TCAM.

Pure Storage, Snowflake partner for on-premises data warehousing

Pure Storage and data-warehouse developer Snowflake have partnered to bring Snowflake’s cloud-based data-warehousing technology on-premises.Under the new relationship, the Snowflake Data Cloud compute engine will be run on Pure Storage’s FlashBlade file- and object-storage array. Pure has another line of storage devices, called FlashArray, but those serve a different purpose, notes Rob Lee, CTO of Pure Storage.“I look at FlashArray as our scale-up platform, and FlashBlade as our scale out platform,” he said. “We tend to see FlashArray applied much more to transactional database-type workloads, like OLTP, trading databases, billing databases, where you have high update rates, and we tend to see FlashBlade applied to data warehouses or analytics types of environments where you don't have a ton of transactional change, but you've got a lot of analysis, a lot of read-type workloads,” he said.To read this article in full, please click here

Pure Storage, Snowflake partner for on-premises data warehousing

Pure Storage and data-warehouse developer Snowflake have partnered to bring Snowflake’s cloud-based data-warehousing technology on-premises.Under the new relationship, the Snowflake Data Cloud compute engine will be run on Pure Storage’s FlashBlade file- and object-storage array. Pure has another line of storage devices, called FlashArray, but those serve a different purpose, notes Rob Lee, CTO of Pure Storage.“I look at FlashArray as our scale-up platform, and FlashBlade as our scale out platform,” he said. “We tend to see FlashArray applied much more to transactional database-type workloads, like OLTP, trading databases, billing databases, where you have high update rates, and we tend to see FlashBlade applied to data warehouses or analytics types of environments where you don't have a ton of transactional change, but you've got a lot of analysis, a lot of read-type workloads,” he said.To read this article in full, please click here

Suprise! The internet of things doesn’t necessarily include the internet

When the now-familiar concept of the Internet of Things (IoT) was new, what we really were envisioning a massive deployment of “things”, mostly sensors, connected directly to the internet and, like the internet, available to many companies to form the basis for new applications. Neither the business model nor the privacy/security issues of that approach were easily validated, so we’ve fallen back to something that largely takes the internet out of IoT. But what replaces it?Answer: The Network of Things or NoT, and if you’ve never heard of that concept, you’re at the first step of understanding the problem.To read this article in full, please click here

Internship Experience: Software Development Intern

Internship Experience: Software Development Intern

Before we dive into my experience interning at Cloudflare, let me quickly introduce myself. I am currently a master’s student at the National University of Singapore (NUS) studying Computer Science. I am passionate about building software that improves people’s lives and making the Internet a better place for everyone. Back in December 2021, I joined Cloudflare as a Software Development Intern on the Partnerships team to help improve the experience that Partners have when using the platform. I was extremely excited about this opportunity and jumped at the prospect of working on serverless technology to build viable tools for our partners and customers. In this blog post, I detail my experience working at Cloudflare and the many highlights of my internship.

Interview Experience

The process began for me back when I was taking a software engineering module at NUS where one of my classmates had shared a job post for an internship at Cloudflare. I had known about Cloudflare’s DNS service prior and was really excited to learn more about the internship opportunity because I really resonated with the company's mission to help build a better Internet.

I knew right away that this would be a great opportunity and submitted Continue reading

8 questions to ask vendors about Zero Trust Network Access (ZTNA)

The increased deployment of core business applications in the cloud and the shift to remote work brought on by the pandemic have obliterated any notion of the traditional “corporate moat” style of security.Today’s hybrid workplace, where employees are on the road, working from home and maybe visiting the office once or twice a week, has forced network and security teams to adopt a more flexible approach to managing the network, identities, and authentication.Zero Trust Network Access (ZTNA) has emerged as the preferred approach to address today’s security challenges. The concept is relatively simple: Instead of building a layered perimeter defense of firewalls, IDS/IPSes and anti-virus software, Zero Trust assumes that every user or device is untrusted until it becomes sufficiently verified.To read this article in full, please click here

8 questions to ask vendors about Zero Trust Network Access (ZTNA)

The increased deployment of core business applications in the cloud and the shift to remote work brought on by the pandemic have obliterated any notion of the traditional “corporate moat” style of security.Today’s hybrid workplace, where employees are on the road, working from home and maybe visiting the office once or twice a week, has forced network and security teams to adopt a more flexible approach to managing the network, identities, and authentication.Zero Trust Network Access (ZTNA) has emerged as the preferred approach to address today’s security challenges. The concept is relatively simple: Instead of building a layered perimeter defense of firewalls, IDS/IPSes and anti-virus software, Zero Trust assumes that every user or device is untrusted until it becomes sufficiently verified.To read this article in full, please click here

SDN Controller Taxonomy

Even though Gartner declared SDN obsolete before plateau in their 2021 Networking Hype Cycle, most vendor marketers never got the memo. Anything that interacts with network devices in any way1 is called an SDN controller. Let’s try to throw some minimal amount of taxonomy into that mess based on how these controllers interact with network elements (physical or virtual).

Google Cloud launches services to bolster open-source security, simplify zero-trust rollouts

Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies."Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."To read this article in full, please click here

Google Cloud boosts open-source security, simplifies zero-trust rollouts

Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies."Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."To read this article in full, please click here

Google Cloud boosts open-source security, simplifies zero-trust rollouts

Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies."Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."To read this article in full, please click here

Google Cloud launches services to bolster open-source security, simplify zero-trust rollouts

Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies."Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."To read this article in full, please click here

BGP Graceful Restart on the Cisco FTD: Part 1 – Configuring

Enabling BGP Graceful Restart on the Cisco Firepower Threat Defense (FTD) just got so easy! I’m stoked! So the other day I needed to put together an environment with the FTD eBGP peering with graceful restart enabled and test it.... Read More ›

The post BGP Graceful Restart on the Cisco FTD: Part 1 – Configuring appeared first on Networking with FISH.

Integrating Network Analytics Logs with your SIEM dashboard

Integrating Network Analytics Logs with your SIEM dashboard
Integrating Network Analytics Logs with your SIEM dashboard

We’re excited to announce the availability of Network Analytics Logs. Magic Transit, Magic Firewall, Magic WAN, and Spectrum customers on the Enterprise plan can feed packet samples directly into storage services, network monitoring tools such as Kentik, or their Security Information Event Management (SIEM) systems such as Splunk to gain near real-time visibility into network traffic and DDoS attacks.

What’s included in the logs

By creating a Network Analytics Logs job, Cloudflare will continuously push logs of packet samples directly to the HTTP endpoint of your choice, including Websockets. The logs arrive in JSON format which makes them easy to parse, transform, and aggregate. The logs include packet samples of traffic dropped and passed by the following systems:

  1. Network-layer DDoS Protection Ruleset
  2. Advanced TCP Protection
  3. Magic Firewall

Note that not all mitigation systems are applicable to all Cloudflare services. Below is a table describing which mitigation service is applicable to which Cloudflare service:


Mitigation System
Cloudflare Service
Magic Transit Magic WAN Spectrum
Network-layer DDoS Protection Ruleset
Advanced TCP Protection
Magic Firewall Continue reading
1 2 3 2,960