Disaster Recovery Test Faking: Another Use Case for Stretched VLANs

The March 2019 Packet Pushers Virtual Design Clinic had to deal with an interesting question:

Our server team is nervous about full-scale DR testing. So they have asked us to stretch L2 between sites. Is this a good idea?

The design clinic participants were a bit more diplomatic (watch the video) than my TL&DR answer which would be: **** NO!

Let’s step back and try to understand what’s really going on:

SD-WAN Named Most Disruptive Network Tech of 2019

AT&T’s Fuetsch Touts Trellis Deployed in Tier-1 Network

BrandPost: 8 Key Considerations When Selecting a Managed SD-WAN Service Provider

Software-defined wide-area network (SD-WAN) technology can bring myriad benefits to companies of nearly any size or stripe, but as discussed in a previous post, it can be complex to deploy. For many IT teams, the solution means opting for a managed SD-WAN service. But this may lead to another issue: how to assess providers.After conversations with CenturyLink executive Michael Lawson, General Manager of SD-WAN Solution Architecture for CenturyLink– I’ve come up with eight considerations when assessing SD-WAN managed service providers.To read this article in full, please click here

Oracle Co-CEO Mark Hurd Takes Medical Leave of Absence

BrandPost: SD-WAN: Does Your IT Team Have What It Takes?

An earlier three-part series of blog posts examined a series of questions to ask to determine whether your company may be a good candidate to implement Software-Defined Wide-area Network (SD-WAN) technology. What the series did not cover was whether you’ve got the personnel in-house that it takes to architect and implement an SD-WAN and manage it for the long-term. That requires assessing a different series of questions. While SD-WAN has been talked about for years, it is still a relatively young technology that has not yet seen widespread implementation, notes Michael Lawson, General Manager of SD-WAN Solution Architecture for CenturyLink. “There’s still a lot of learning going on,” he says.To read this article in full, please click here

Cisco adds speed, smarts to MDS storage networking family

Looking to support ever-increasing workloads, Cisco has pumped up the speed and intelligence of its storage area networking family.The company addressed the need for increased speed by saying it would add support for 64Gbps ready SAN fabric across its 9700 line of MDS storage directors.The MDS family includes the 18-slot 9718, the 10-slot 9710 and the six-slot 9706. More about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space The main idea here is that customers can upgrade to the new fabric module and upgrade their software to add speed and capacity for high-speed fabrics without having to rip-and-replace any of the directors, according to Adarsh Viswanathan, Cisco product manager, data center switching. A 64Gbps line card for all three chassis will be available in the future, Cisco said.To read this article in full, please click here

Cisco adds speed, smarts to MDS storage networking family

Looking to support ever-increasing workloads, Cisco has pumped up the speed and intelligence of its storage area networking family.The company addressed the need for increased speed by saying it would add support for 64Gbps ready SAN fabric across its 9700 line of MDS storage directors.The MDS family includes the 18-slot 9718, the 10-slot 9710 and the six-slot 9706. More about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space The main idea here is that customers can upgrade to the new fabric module and upgrade their software to add speed and capacity for high-speed fabrics without having to rip-and-replace any of the directors, according to Adarsh Viswanathan, Cisco product manager, data center switching. A 64Gbps line card for all three chassis will be available in the future, Cisco said.To read this article in full, please click here

Google Cloud Dataproc Gains Kubernetes Overlord

BrandPost: 5 Ways SD-WAN Promote Business Agility

The Greek philosopher Heraclitus is credited with coining the adage “change is the only constant in life” –  a saying that certainly applies to enterprises in 2019. With change as a given, it’s crucial for businesses to be agile and flexible in order to keep up.Employing software-defined wide-area network (SD-WAN) technology is one way to promote business agility. SD-WANs abstract the network control layer from the underlying forwarding plane and physical transport. Users can employ most any wide-area network service – leased lines, MPLS, broadband wireless, Internet – and still apply policy-based control and other SD-WAN features.To read this article in full, please click here

To secure industrial IoT, use segmentation instead of firewalls

The internet of things (IoT) has been top of mind for network and security professionals for the better part of the past five years. This has been particularly true for the area of industrial IoT (IIoT). Connected industrial devices are nothing new, but most IT people aren’t familiar with them because they have been managed by operational technology (OT) teams. More and more, though, business leaders want to bring OT and IT together to drive better insights from the combined data set.While there are many advantages to merging IT and OT and having IIoT fall under IT ownership, it has a profound impact on the cybersecurity team because it introduces several new security threats. Each connected endpoint, if breached, creates a backdoor into the other systems.To read this article in full, please click here

To secure industrial IoT, use segmentation instead of firewalls

The internet of things (IoT) has been top of mind for network and security professionals for the better part of the past five years. This has been particularly true for the area of industrial IoT (IIoT). Connected industrial devices are nothing new, but most IT people aren’t familiar with them because they have been managed by operational technology (OT) teams. More and more, though, business leaders want to bring OT and IT together to drive better insights from the combined data set.While there are many advantages to merging IT and OT and having IIoT fall under IT ownership, it has a profound impact on the cybersecurity team because it introduces several new security threats. Each connected endpoint, if breached, creates a backdoor into the other systems.To read this article in full, please click here

How open standards help with defense in depth

If you ask an ordinary person about information security, they’ll probably talk to you about endpoints. Most people are aware of virus scanners for notebooks or PCs, and may have encountered some kind of mobile device management on a work-provided phone. These endpoint solutions naturally come to mind if someone mentions cyber security. However, this is backward from the way that infosec professionals think about the issue.

Someone who works in infosec will tell you that the endpoint should be the absolute last line of defense. If a virus scanner finds malware on your work notebook, the malware should have had to defeat a long list of other security precautions in order to get that far. This layered approach to security is known as defense in depth.

The term “defense in depth” originally was applied to military strategy. It described the practice of trying to slow an enemy down, disperse their attack, and cause casualties; rather than trying to stop their attack at a single, heavily fortified point. The enemy might breach the first layer of defenses, but would find additional layers beyond. While they struggled to advance, they could be surrounded and then counter-attacked.

Infosec in Depth

The information Continue reading

AT&T Trumpets SDN Milestone, Reiterates Virtualization Goal

Citrix Fortifies SD-WAN With Palo Alto Firewalls

Can AMD convert its growing GPU presence into a data center play?

AMD's $5.4 billion purchase of ATI Technologies in 2006 seemed like an odd match. Not only were the companies in separate markets, but they were on separate coasts, with ATI in the Toronto, Canada, region and AMD in Sunnyvale, California.They made it work, and arguably it saved AMD from extinction because it was the graphics business that kept the company afloat while the Athlon/Opteron business was going nowhere. There were many quarters where graphics brought in more revenue than CPUs and likely saved the company from bankruptcy.But those days are over, and AMD is once again a highly competitive CPU company, and quarterly sales are getting very close to the $2 billion mark. While the CPU business is on fire, the GPU business continues to do well.To read this article in full, please click here

Can AMD convert its growing GPU presence into a data center play?

AMD's $5.4 billion purchase of ATI Technologies in 2006 seemed like an odd match. Not only were the companies in separate markets, but they were on separate coasts, with ATI in the Toronto, Canada, region and AMD in Sunnyvale, California.They made it work, and arguably it saved AMD from extinction because it was the graphics business that kept the company afloat while the Athlon/Opteron business was going nowhere. There were many quarters where graphics brought in more revenue than CPUs and likely saved the company from bankruptcy.But those days are over, and AMD is once again a highly competitive CPU company, and quarterly sales are getting very close to the $2 billion mark. While the CPU business is on fire, the GPU business continues to do well.To read this article in full, please click here

How Castle is Building Codeless Customer Account Protection

This is a guest post by Johanna Larsson, of Castle, who designed and built the Castle Cloudflare app and the supporting infrastructure.

Strong security should be easy.

Asking your consumers again and again to take responsibility for their security through robust passwords and other security measures doesn’t work. The responsibility of security needs to shift from end users to the companies who serve them.

Castle is leading the way for companies to better protect their online accounts with millions of consumers being protected every day. Uniquely, Castle extends threat prevention and protection for both pre and post login ensuring you can keep friction low but security high. With realtime responses and automated workflows for account recovery, overwhelmed security teams are given a hand. However, when you’re that busy, sometimes deploying new solutions takes more time than you have. Reducing time to deployment was a priority so Castle turned to Cloudflare Workers.

User security and friction

When security is no longer optional and threats are not black or white, security teams are left with trying to determine how to allow end-user access and transaction completions when there are hints of risk, or when not all of the information is available. Continue reading

Voices from the Pacific at APrIGF

The Asia Pacific Regional Internet Governance Forum (APrIGF) was held on 16-19 July 2019 at the recently constructed Far Eastern Federal University on Russky Island in Vladivostok, Russia. The theme of this year’s event was “Enabling a Safe, Secure and Universal Internet for All in Asia Pacific,” with 22 sessions covering six sub-themes: safer Internet, cybersecurity and regulation; access and universality; emerging technologies and society; human rights online; the evolving role of Internet governance (IG) and multistakeholder participation; and digital economy.

The Board of the Pacific Islands Chapter of the Internet Society (PICISOC) was represented by Anju Mangal from Fiji, James Ahwai from Samoa, and myself from the Cook Islands. James Ahwai, a newcomer to the IG scene, participated as a panellist in the opening plenary on The State of Play and Outlook for IG in the Asia Pacific and contributed a Pacific perspective. Anju Mangal, a former member of the IGF Multistakeholder Advisory Group, moderated the closing plenary on APrIGF Multistakeholder Participation in the Global IGF.

I led a workshop, which was a follow-up to a session on “e-Government for Empowering Pacific Citizens,” introduced at the APrIGF in Vanuatu last year. This year, PICISOC Board member, Cherie Lagakali, Continue reading

Infrastructure As Code 101

As the networking world continues to embrace automation and orchestration, some of the terms used to explain this new way of doing things remain a little fuzzy. In today’s episode we’re going to look specifically at Infrastructure as Code and by the end we hope to define what it is as well as what it is not, provide some relevant examples of it in action, and clear up as much confusion as possible about what it means to network engineers.  

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post Infrastructure As Code 101 appeared first on Network Collective.