NSF Puts $10 Million Into Composable Supercomputer
If they are doing their jobs right, the high performance computing centers around the world in academic and government institutions are supposed to be on the cutting edge of any new technology that boosts the performance of simulation, modeling, analytics, and artificial intelligence. …
NSF Puts $10 Million Into Composable Supercomputer was written by Timothy Prickett Morgan at The Next Platform.
Private 5G Needs Complexity To Thrive
I know we talk about the subject of private 5G a lot in the industry but there are more players coming out every day looking to add their voice to the growing supporters of these solutions. And despite the fact that we tend to see 5G and Wi-Fi technologies as ships in the night this discussion isn’t going to go away any time soon. In part it’s because decision makers aren’t quite savvy enough to distinguish between the bands, thinking all wireless communications are pretty much the same.
I think we’re not going to see much overlap between these two technologies. But the reasons why aren’t quite what you might think.
Walking Workforces
Working from anywhere other than the traditional office is here to stay. Every major Silicon Valley company has looked at the cost benefit analysis and decided to let workers do their thing from where they live. How can I tell it’s permanent? Because they’re reducing salaries for those that choose to stay away from the Bay Area. That carrot is pretty enticing and for the companies to say that it’s not on the table for remote work going forward means they have no incentive to make people Continue reading
All Things Networking at VMworld 2021
Must-See Sessions for Networking
This year’s networking sessions – based on the audience feedback from VMworld 2020 – not only feature more customers stories and interviews, but have a balance of innovation, industry trends, roadmap, and technical get-your-hands-dirty sessions. The VMworld 2021 Session Types and Levels summary gives you an idea of what’s available for you and your colleagues.
If you’re not sure about the different learning tracks or what they will include, check out the VMworld learning index here. The robust Content Catalog will allow you to filter sessions based on topic, tracks, products, type and level; the scheduler lets you to build an itinerary.
Lastly, we have made a list of can’t miss sessions based on your role.
For Networking Leaders:
- Solution Keynote: Self-Service will Modernize Networks
- Self-Service will Modernize Networks – See it in Action with HSBC
- Operationalizing Zero Trust at Scale – Lessons Learned
For Networking Practitioners:
Technology Short Take 145
Welcome to Technology Short Take #145! What will you find in this Tech Short Take? Well, let’s see…stuff on Envoy, network automation, network designs, M1 chips (and potential open source variants!), a bevy of security articles (including a couple on very severe vulnerabilities), Kubernetes, AWS IAM, and so much more! I hope that you find something useful here. Enjoy!
Networking
- Adam Kotwasinski walks readers through deploying Envoy and Kafka to collect broker-level metrics.
- Ivan Pepelnjak shares some links and thoughts on configuring the NSX-T firewall with a CI/CD pipeline built on GitHub Actions and Terraform Cloud.
- Author “JulioPDX” (I couldn’t find the author’s real name on any of their online profiles) has an article on integrating Nornir with FastAPI.
- Vincent Bernat provides some feedback on Cisco pyATS and Genie Parser.
- Russ White shares some thoughts on the collapsed spine network design.
- Justin Pietsch talks about simplifying networks and the resulting engineering trade-offs.
Servers/Hardware
- Howard Oakley of The Eclectic Light Company discusses some details on Apple’s M1 chip and what it does differently than other chips. Also included in this post are links to other articles with even more details—very helpful.
- Are open source M1-style chips a possibility? This article Continue reading
Heavy Networking 599: DriveNets Taps Disaggregation To Build Networks Like Cloud (Sponsored)
On today's sponsored Heavy Networking we talk with DriveNets about why it’s time to take the disaggregated model--where you buy whitebox hardware and put a network operating system of your choice on it--seriously. Along the way, we’re going to hit DriveNets network architectures and operating models, and get you thinking about why disaggregated networking might make sense for you.
The post Heavy Networking 599: DriveNets Taps Disaggregation To Build Networks Like Cloud (Sponsored) appeared first on Packet Pushers.
AWS Networking – Part VIII: AWS Network ACL (NACL)
In this section, I am going to introduce the default Network ACL for subnets in VPC NVKT-VPC-01.
Figure 1-28 shows the complete structure of our VPC NVKT-VPC-01. We have a Public subnet 10.10.0.0/24 in AZ eu-west-2c a Private subnet 10.10.1.0/24 in AZ eu-west-2a. Both subnets are protected by the default VPC’s NACL named NWKT-NACL. NACL allows all traffic to and from the subnet by default.
Figure 1-37: Complete VPC Stack.
Continue reading
Cloud Native Driving Change in Enterprise and Analytics
Software development via cloud-native resources continues to gain traction among enterprises looking for scale, security, and accessibility of business intelligence.AWS Networking – Part VII: Create Subnet and RT Using AWS CloudFormation
In this post, we create a Subnet with the set of properties and attach it to VPC. We also specify a Route Table, which we associate with the Subnet using association.
1) AWS::EC2::VPC (NwktVPC)
2) AWS::EC2::Subnet (NwktSubnet)
3) AWS::EC2::RouteTable (NwktPUB2RouteTable)
4) AWS::EC2::SubnetRouteTableAssociation(NwktRouteTableAssociation)
We are using a Ref function for defining the dependencies between AWS resources when the actual AWS resource Identifier is unknown. For example, the Ref function in AWS::EC2::Subnet resource [2] refers to the resource AWS::EC2::VPC’s logical name NwktVPC (A). We have to use an intrinsic function because we don’t know which VPC Identifier AWS generates to VPC. After creating the subnet, we specify the subnet-specific Route Table [3]. First, we need to bind it to VPC using the Ref function value NwktVPC (B). Next, we “glue” the Route Table to Subnet using RouteTableAssociation, where we use two Ref functions. The first one refers to Route Table (C), and the second to Subnet (D).
Figure 1-34: Subnet Route Table.
Continue reading
Worth Reading: Breaking Down Silos
Here’s another masterpiece by Charity Majors: Why I hate the phrase “breaking down silos”. A teaser in case you can’t decide whether to click the link:
When someone says they are “breaking down silos”, whether in an interview, a panel, or casual conversation, it tells me jack shit about what they actually did.
Enjoy ;)
Check: that Republican audit of Maricopa
Author: Robert Graham (@erratarob)
Later today (Friday, September 24, 2021), Republican auditors release their final report on the found with elections in Maricopa county. Draft copies have circulated online. In this blogpost, I write up my comments on the cybersecurity portions of their draft.
https://arizonaagenda.substack.com/p/we-got-the-senate-audit-report
The three main problems are:
- They misapply cybersecurity principles that are meaningful for normal networks, but which don’t really apply to the air gapped networks we see here.
- They make some errors about technology, especially networking.
- They are overstretching themselves to find dirt, claiming the things they don't understand are evidence of something bad.
In the parts below, I pick apart individual pieces from that document to demonstrate these criticisms. I focus on section 7, the cybersecurity section, and ignore the other parts of the document, where others are more qualified than I to opine.
In short, when corrected, section 7 is nearly empty of any content.
7.5.2.1.1 Software and Patch Management, part 1
They claim Dominion is defective at one of the best-known cyber-security issues: applying patches.
It’s not true. The systems are “air gapped”, disconnected from the typical sort of threat that exploits unpatched systems. The primary Continue reading
IPv6 Buzz 085: Is Your Network Ready For IPv6?
In this episode of IPv6 Buzz, we discuss IPv6 network readiness assessments, what they should include, and some helpful ideas for where to start.
The post IPv6 Buzz 085: Is Your Network Ready For IPv6? appeared first on Packet Pushers.
Augmented MISP Integration with NSX Advanced Threat Analyzer
Contributors: Jason Zhang (NSBU TAU), Stefano Ortolani (NSBU TAU)
Introduction
Formerly known as the Malware Information Sharing Platform, MISP is a leading open-source threat intelligence platform (TIP) that organizations of all sizes can leverage to store, share, and enrich threat indicators of compromise (IoCs).
The MISP ecosystem primarily comprises two parts: MISP core (or engine) and MISP modules. MISP core is responsible for the main functionality of the platform, while MISP modules were introduced to extend the capability of MISP without changing MISP core components.
Thanks to the simple API interface provided by MISP, many third-party MISP modules have been developed to greatly extend MISP’s capabilities. There are mainly three types of MISP modules: expansion modules, import modules, and export modules. More details on MISP modules can be found on MISP’s GitHub MISP module repository, which includes three modules developed by Lastline (now part of VMware) that integrate MISP with VMware NSX Advanced Threat Analyzer (ATA), as we reported earlier.
Recently VMware’s Threat Analysis Unit (TAU) developed a new expansion module, which replaces the three Lastline modules. The improvements from the new module are twofold: a simplified enrichment process and an augmented enrichment capability.
In this blog post, Continue reading