Archive

Category Archives for "Networking"

How Linux can help with your spelling

Linux provides all sorts of tools for data analysis and automation, but it also helps with an issue that we all struggle with from time to time – spelling! Whether you're grappling with the spelling of a single word while you’re writing your weekly report or you want a set of computerized "eyes" to find your typos before you submit a business proposal, maybe it’s time to check out how it can help.look One tool is look. If you know how a word begins, you can ask the look command for provide a list of words that start with those letters. Unless an alternate word source is provided, look uses /usr/share/dict/words to identify the words for you. This file with its hundreds of thousands of words will suffice for most of the English words that we routinely use, but it might not have some of the more obscure words that some of us in the computing field tend to use — such as zettabyte.To read this article in full, please click here

NSX-T Infrastructure Deployment Using Ansible

VMware NSX-T Data Center 2.4 was a major release adding new functionality for virtualized network and security for public, private and hybrid clouds. The release includes a rich set of features including IPv6 support, context-aware firewall, network introspection features, a new intent-based networking user interface and many more.

Along with these features, another important infrastructure change is the ability to deploy highly-available clustered management and control plane.

NSX-T 2.4 Unified Appliance Cluster

What is the Highly-Available Cluster?

The highly-avilable cluster consists of three NSX nodes where each node contains the management plane and control plane services. The three nodes form a cluster to give a highly-available management plane and control plane. It provides application programming interface (API) and graphical user interface (GUI) for clients. It can be accessed from any of the manager or a single VIP associated with the cluster. The VIP can be provided by NSX or can be created using an external Load Balancer. It makes operations easier with less systems to monitor, maintain and upgrade.

Besides a NSX cluster, you will have to create Transport Zones, Host and Edge Transport Nodes to consume NSX-T Data Center.

  • A Transport Zone defines the scope of hosts and virtual machines (VMs) for participation Continue reading

A10 Networks ACOS Critical Insecure Cookie Vulnerability 2 of 2

The following summarizes an HTTP persistence cookie vulnerability that I identified in A10 ACOS ADC software. This was disclosed to A10 Networks in June 2016 and has now been resolved.

A10 Networks Cookie Vulnerability

As noted in a previous post, ACOS uses insecure HTTP/HTTPS persistence cookies which can allow a malicious user to craft a cookie determining the server and port to which a persistent session should be sent. In addition, for vports using the default “port-based” HTTP cookie persistence, it was discovered that when using the default persistence cookie type, ACOS does not perform a check to ensure that the server/port defined in the cookie is within the configured service-group for that VIP.

The only sanity check appears to be to ensure that the server IP read from the cookie has been configured on the A10 within the same partition. If that constraint is met, packets will be forwarded by ACOS to the real server based solely on the value contained in the cookie. This is extremely serious as it allows a malicious user to connect, for example, through a public VIP and access back end servers used by other VIPs, including those only accessible via internal IPs.

SUMMARY OF VULNERABILITY

When using Continue reading

Cisco to buy IoT security, management firm Sentryo

Looking to expand its IoT security and management offerings Cisco plans to acquire Sentryo, a company based in France that offers anomaly detection and real-time threat detection for Industrial Internet of Things (IIoT) networks.Founded in 2014 Sentryo products include ICS CyberVision – an asset inventory, network monitoring and threat intelligence platform – and CyberVision network edge sensors, which analyze network flows. More on IoT:To read this article in full, please click here

Cisco to buy IoT security, management firm Sentryo

Looking to expand its IoT security and management offerings Cisco plans to acquire Sentryo, a company based in France that offers anomaly detection and real-time threat detection for Industrial Internet of Things (IIoT) networks.Founded in 2014 Sentryo products include ICS CyberVision – an asset inventory, network monitoring and threat intelligence platform – and CyberVision network edge sensors, which analyze network flows. More on IoT:To read this article in full, please click here

For enterprise storage, persistent memory is here to stay

It's hard to remember a time when semiconductor vendors haven't promised a fast, cost-effective and reliable persistent memory technology to anxious data center operators. Now, after many years of waiting and disappointment, technology may have finally caught up with the hype to make persistent memory a practical proposition.High-capacity persistent memory, also known as storage class memory (SCM), is fast and directly addressable like dynamic random-access memory (DRAM), yet is able to retain stored data even after its power has been switched off—intentionally or unintentionally. The technology can be used in data centers to replace cheaper, yet far slower traditional persistent storage components, such as hard disk drives (HDD) and solid-state drives (SSD).To read this article in full, please click here

For enterprise storage, persistent memory is here to stay

It's hard to remember a time when semiconductor vendors haven't promised a fast, cost-effective and reliable persistent memory technology to anxious data center operators. Now, after many years of waiting and disappointment, technology may have finally caught up with the hype to make persistent memory a practical proposition.High-capacity persistent memory, also known as storage class memory (SCM), is fast and directly addressable like dynamic random-access memory (DRAM), yet is able to retain stored data even after its power has been switched off—intentionally or unintentionally. The technology can be used in data centers to replace cheaper, yet far slower traditional persistent storage components, such as hard disk drives (HDD) and solid-state drives (SSD).To read this article in full, please click here

Cloud adoption drives the evolution of application delivery controllers

Migrating to a cloud computing model will obviously have an impact on the infrastructure that’s deployed. This shift has already been seen in the areas of servers, storage, and networking, as those technologies have evolved to a “software-defined” model. And it appears that application delivery controllers (ADCs) are on the precipice of a similar shift.In fact, a new ZK Research study about cloud computing adoption and the impact on ADCs found that, when looking at the deployment model, hardware appliances are the most widely deployed — with 55% having fully deployed or are currently testing and only 15% currently researching hardware. (Note: I am an employee of ZK Research.)To read this article in full, please click here

Self-learning sensor chips won’t need networks

Tiny, intelligent microelectronics should be used to perform as much sensor processing as possible on-chip rather than wasting resources by sending often un-needed, duplicated raw data to the cloud or computers. So say scientists behind new, machine-learning networks that aim to embed everything needed for artificial intelligence (AI) onto a processor.“This opens the door for many new applications, starting from real-time evaluation of sensor data,” says Fraunhofer Institute for Microelectronic Circuits and Systems on its website. No delays sending unnecessary data onwards, along with speedy processing, means theoretically there is zero latency.To read this article in full, please click here

Self-learning sensor chips won’t need networks

Tiny, intelligent microelectronics should be used to perform as much sensor processing as possible on-chip rather than wasting resources by sending often un-needed, duplicated raw data to the cloud or computers. So say scientists behind new, machine-learning networks that aim to embed everything needed for artificial intelligence (AI) onto a processor.“This opens the door for many new applications, starting from real-time evaluation of sensor data,” says Fraunhofer Institute for Microelectronic Circuits and Systems on its website. No delays sending unnecessary data onwards, along with speedy processing, means theoretically there is zero latency.To read this article in full, please click here

Why I’m helping Cloudflare build its partnerships worldwide

Cloudflare has always had an audacious mission: to help build a better Internet. From its inception, the company realized that a mission this big couldn’t be taken on alone. Such an undertaking would require the help of an extraordinary group of partners. Early in the company’s history, Cloudflare built strong relationships with many hosting providers to protect and accelerate internet traffic. And through the years, Cloudflare has continued to build some amazing Enterprise partnerships and strategic alliances.

As we continue to grow and foster our partner ecosystem, we are excited to announce Cloudflare’s next iteration of its Partner Program—to engage and enable an equally audacious set of partners that want to help build a better Internet, together.

I recently joined Cloudflare to run Global Channel Sales & Partnerships after spending over nine years at Google Cloud in various indirect and direct leadership roles. At Google, I witnessed the powerful impact that a strong partner ecosystem could have on solving complex organizational and societal problems. By combining innovative technologies provided by the manufacturer, with deep domain expertise provided by the partner, we delivered valuable industry solutions to our customers. And through this process, we helped our partners build valuable businesses, accelerate Continue reading

Cloudflare Partners: A New Program with New Partners

Cloudflare Partners: A New Program with New Partners

Many overlook a critical portion of the language in Cloudflare’s mission: “to help build a better Internet.” From the beginning, we knew a mission this bold, an undertaking of this magnitude, couldn’t be done alone. We could only help. To ultimately build a better Internet, it would take a diverse and engaged ecosystem of technologies, customers, partners, and end-users. Fortunately, we’ve been able to work with amazing partners as we’ve grown, and we are eager to announce new, specific programs to grow our ecosystem with an increasingly diverse set of partners.

Today, we’re excited to announce the latest iteration of our partnership program for solutions partners. These categories encompass resellers and referral partners, OEM partners, and the new partner services program. Over the past few years, we’ve grown and learned from some amazing partnerships, and want to bring those best practices to our latest partners at scale—to help them grow their business with Cloudflare’s global network.

Cloudflare Partners: A New Program with New Partners
Cloudflare Partner Tiers

Partner Program for Solution Partners

Every partner program out there has tiers, and Cloudflare’s program is no exception. However, our tiering was built to help our partners ramp up, accelerate and move fast. As Matt Harrell highlighted, we Continue reading

Announcing the New Cloudflare Partner Platform

Announcing the New Cloudflare Partner Platform
Announcing the New Cloudflare Partner Platform

When I first started at Cloudflare over two years ago, one of the first things I was tasked with was to help evolve our partner platform to support the changes in our service and the expanding needs of our partners and customers. Cloudflare’s existing partner platform was released in 2010. It is a testament to those who built it, that it was, and still is, in use today—but it was also clear that the landscape had substantially changed.

Since the launch of the existing partner platform, we had built and expanded multi-user access, and launched many new products: Argo, Load Balancing, and Cloudflare Workers, to name a few. Retrofitting the existing offering was not practical. Cloudflare needed a new partner platform that could meet the needs of partners and their customers.

As the team started to develop a new solution, we needed to find a partner who could keep us on the right path. The number of hypotheticals were infinite and we needed a first customer to ground ourselves. Lo and behold, not long after I had begun putting pen to paper, we found the perfect partner for the new platform.

The IBM Partnership

IBM was looking for a partner Continue reading