Forward

Short Take – Cache Covert Channel

Russ White

The post Short Take – Cache Covert Channel appeared first on Network Collective.

BiB 069: Plixer’s FlowPro Shines A Light On Network Darkness

Plixer has announced the FlowPro network probe to shine some light on sections of the network with limited flow export capability. Available both as hardware and virtual appliances, FlowPro observes network packets via SPAN or ERSPAN and can, based on its observations, create and export flow records to Scrutinizer. But that’s not all that FlowPro can do. There’s a bunch of analytical capability baked into the tool with both APM and security use cases.

The post BiB 069: Plixer’s FlowPro Shines A Light On Network Darkness appeared first on Packet Pushers.

DNS Flag Day

The 1st of February was DNS Flag Day, which is an initiative of several DNS vendors and operators to address the problems of DNS name server implementations that are not in compliance with long-established DNS standards. This is causing the DNS to not only be unnecessarily slow and inefficient, but prevent operators from deploying new functionality including mechanisms to protect against DDoS attacks.

DNSSEC and other extended features of the DNS require EDNS0 (Extension Mechanisms for DNS – RFC 6891), and properly implemented name servers should either reply with an EDNS0 compliant response, or provide a regular DNS response if they don’t understand.

However, a lot of name server software is not implemented properly which has meant resolvers have had to incorporate workarounds when name servers don’t respond correctly. These cause unnecessary retries, delays, and prevent the newer features of the DNS being used.

As a result, the vendors of the most commonly used DNS software (BIND, Ubound, PowerDNS and Knot) will no longer be supporting these workarounds in new versions of their software, whilst a number of public DNS resolver operators (CleanBrowsing, Cloudflare, Google and Quad9) will no longer resolve hostnames served by broken name server implementations.

This may mean Continue reading

Software-defined connectivity planned for colocation data centers

Gartner predicts that by 2025, 80 percent of enterprises will migrate entirely away from their on-premises data centers. Instead they’ll follow the current trend of moving workloads to colocation, hosting and the cloud, leading them to shut down their traditional data centers.I’m sure that colocation centers look forward to the growth in business, but the growth also means the colocation data centers need to become more agile, scalable, and flexible. This is absolutely critical to their business model viability, but the challenge to get there is greater than ever.[ Also read: How to plan a software-defined data-center network and Efficient container use requires data-center software networking ] Colocation providers have long benefitted from offering cross-connect and IT services, as well as Layer 2 WAN connectivity. However, these traditional offerings really aren't meeting the emerging demands from enterprise tenants who want more integrated, more secure and more automated networking solutions. As workloads move across different environments, such as SaaS and public clouds, there are management and operational challenges for colocation providers who are now being asked to support a more diverse portfolio of connectivity solutions.To read this article in full, please click here

Software-defined connectivity planned for colocation data centers

Gartner predicts that by 2025, 80 percent of enterprises will migrate entirely away from their on-premises data centers. Instead they’ll follow the current trend of moving workloads to colocation, hosting and the cloud, leading them to shut down their traditional data centers.I’m sure that colocation centers look forward to the growth in business, but the growth also means the colocation data centers need to become more agile, scalable, and flexible. This is absolutely critical to their business model viability, but the challenge to get there is greater than ever.[ Also read: How to plan a software-defined data-center network and Efficient container use requires data-center software networking ] Colocation providers have long benefitted from offering cross-connect and IT services, as well as Layer 2 WAN connectivity. However, these traditional offerings really aren't meeting the emerging demands from enterprise tenants who want more integrated, more secure and more automated networking solutions. As workloads move across different environments, such as SaaS and public clouds, there are management and operational challenges for colocation providers who are now being asked to support a more diverse portfolio of connectivity solutions.To read this article in full, please click here

Software-defined connectivity planned for colocation data centers

Gartner predicts that by 2025, 80 percent of enterprises will migrate entirely away from their on-premises data centers. Instead they’ll follow the current trend of moving workloads to colocation, hosting and the cloud, leading them to shut down their traditional data centers.I’m sure that colocation centers look forward to the growth in business, but the growth also means the colocation data centers need to become more agile, scalable, and flexible. This is absolutely critical to their business model viability, but the challenge to get there is greater than ever.[ Also read: How to plan a software-defined data-center network and Efficient container use requires data-center software networking ] Colocation providers have long benefitted from offering cross-connect and IT services, as well as Layer 2 WAN connectivity. However, these traditional offerings really aren't meeting the emerging demands from enterprise tenants who want more integrated, more secure and more automated networking solutions. As workloads move across different environments, such as SaaS and public clouds, there are management and operational challenges for colocation providers who are now being asked to support a more diverse portfolio of connectivity solutions.To read this article in full, please click here

Response: Firefox 66 to block automatically playing audible video and audio – Mozilla Hacks – the Web developer blog

Necessary

The post Response: Firefox 66 to block automatically playing audible video and audio – Mozilla Hacks – the Web developer blog appeared first on EtherealMind.

Coming soon: On-premises 5G gear for enterprises

With all major mobile carriers expected to offer 5G this year, enterprises that want to take advantage of this next-gen mobile data service need to start thinking about how to support it on site.Anticipation is keen for 5G, given that it promises to deliver faster speeds and lower latency than the current premium wireless technology, 4G LTE. Ideally, 5G networks could deliver fast internet to areas of the country where wired broadband is unavailable, and more reliable connections to a variety of devices including not only computers and smartphones but also appliances, automobiles and security systems. But to use these services as a WAN option, businesses need hardware that can connect it to their existing wired and wireless LANs.To read this article in full, please click here

Coming soon: On-premises 5G gear for enterprises

With all major mobile carriers expected to offer 5G this year, enterprises that want to take advantage of this next-gen mobile data service need to start thinking about how to support it on site.Anticipation is keen for 5G, given that it promises to deliver faster speeds and lower latency than the current premium wireless technology, 4G LTE. Ideally, 5G networks could deliver fast internet to areas of the country where wired broadband is unavailable, and more reliable connections to a variety of devices including not only computers and smartphones but also appliances, automobiles and security systems. But to use these services as a WAN option, businesses need hardware that can connect it to their existing wired and wireless LANs.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

InvenSense Deploys Aryaka SD-WAN to Meet Growing Business Needs

SD-WAN allowed the sensor manufacturer to streamline and automate operations, and ultimately make it in a rapidly changing industry.

Dell EMC speeds up backups and restores in its storage appliances

Dell EMC has introduced new software for its Data Domain and Integrated Data Protection Appliance (IPDA) products that it claims will improve backup and restore performance from anywhere from 2.5 times to four times the previous version.Data Domain is Dell EMC’s purpose-built data deduplicating backup appliance, originally purchased by EMC long before the merger of the two companies. The IPDA is a converged solution that offers complete backup, replication, recovery, deduplication, with cloud extensibility.Performance is the key feature Dell is touting with Data Domain OS 6.2 and IDPA 2.3 software. Dell says Data Domain on-premises restores are up to 2.5 times faster than prior versions, while data restoration from the Amazon Web Services (AWS) public cloud to an on-premises Data Domain appliance can be up to four times faster.To read this article in full, please click here

Dell EMC speeds up backups and restores in its storage appliances

Dell EMC has introduced new software for its Data Domain and Integrated Data Protection Appliance (IPDA) products that it claims will improve backup and restore performance from anywhere from 2.5 times to four times the previous version.Data Domain is Dell EMC’s purpose-built data deduplicating backup appliance, originally purchased by EMC long before the merger of the two companies. The IPDA is a converged solution that offers complete backup, replication, recovery, deduplication, with cloud extensibility.Performance is the key feature Dell is touting with Data Domain OS 6.2 and IDPA 2.3 software. Dell says Data Domain on-premises restores are up to 2.5 times faster than prior versions, while data restoration from the Amazon Web Services (AWS) public cloud to an on-premises Data Domain appliance can be up to four times faster.To read this article in full, please click here

Dell EMC speeds up backups and restores in its storage appliances

Dell EMC has introduced new software for its Data Domain and Integrated Data Protection Appliance (IPDA) products that it claims will improve backup and restore performance from anywhere from 2.5 times to four times the previous version.Data Domain is Dell EMC’s purpose-built data deduplicating backup appliance, originally purchased by EMC long before the merger of the two companies. The IPDA is a converged solution that offers complete backup, replication, recovery, deduplication, with cloud extensibility.Performance is the key feature Dell is touting with Data Domain OS 6.2 and IDPA 2.3 software. Dell says Data Domain on-premises restores are up to 2.5 times faster than prior versions, while data restoration from the Amazon Web Services (AWS) public cloud to an on-premises Data Domain appliance can be up to four times faster.To read this article in full, please click here

How to make CI/CD with containers viable in production

Continuing Integration and Continuing Development (CI/CD), and containers are both at the heart of modern software development. CI/CD developers regularly break up applications into microservices, each running in their own container. Individual microservices can be updated independently of one another, and CI/CD developers aim to make those updates frequently.

This approach to application development has serious implications for networking.

There are a lot of things to consider when talking about the networking implications of CI/CD, containers, microservices and other modern approaches to application development. For starters, containers offer more density than virtual machines (VMs); you can stuff more containers into a given server than is possible with VMs.

Meanwhile, containers have networking requirements just like VMs do, meaning more workloads per server. This means more networking resources are required per server. More MAC addresses, IPs, DNS entries, load balancers, monitoring, intrusion detection, and so forth. Network plumbing hasn’t changed, so more workloads means more plumbing to instantiate and keep track of.

Containers can live inside a VM or on a physical server. This means that they may have different types of networking requirements than traditional VMs, (only talking to other containers within the same VM, for example) than other workloads. Continue reading

Cumulus content roundup: January

The new year is now in full swing and we’re excited about all the great content we’ve shared with you so far! In case you missed some of it, here’s our Cumulus content roundup- January edition. As always, we’ve kept busy last month with lots of great resources and news for you to read. One of the biggest things we announced was our new partnership with Nutanix but wait, there’s so much more! We’ve rounded up the rest of the right here, so settle in and stay a while!

From Cumulus Networks:

Cumulus + Nutanix = Building and Simplifying Open, Modern Data Centers at Scale: We are excited to announce that Cumulus and Nutanix are partnering to build and operate modern data centers with open networking software.

Cumulus Networks Strengthens Board of Directors Amid Record Growth and Market Adoption of its Open, Modern Networking Software: Former Deutsche Bank Group COO, Kim Hammonds, joins board as company leads the transition to open networking and data center modernization

Moving a Prototype Network to Production: With prototyping production networks, the network becomes elevated to a standard far superior to the traditional approaches.

Operations guide: We thought it would be great Continue reading