One analyst said Ericsson is responding to a concern by carriers about following the old fashioned "build it and they will come" approach to network deployment.
But when designing underlying cyber protections, too many architects are taking zero trust to be the primary objective. This is a misinterpretation. In the first instance, we should look to protect our resources from attack. What zero trust reminds us is that we are fallible, and that we should put in place backup plans in the form of monitoring and incident response for the (hopefully rare) cases where our protection Continue reading
Advanced Solutions, a DXC Technology company, was formed in 2004 and employs about 500 staff to support the government of the Canadian province of British Columbia and other public sector customers with IT and business process solutions. For government agencies and services to continue operating efficiently and effectively, it is essential that the IT resources that they require are provided quickly and accurately.
All IT organizations are acutely familiar with the wide range of pain points and obstacles that can stand in the way of delivering resources to empower their businesses to move with speed and agility. One of the most common hindrances to IT, and therefore business agility is painfully slow provisioning processes, which can take weeks just to provision an application. The most common bottleneck within these processes is provisioning networking and security services. This is a key pain point for Advanced Solutions, but one that VMware is helping them solve with the VMware NSX Data Center network virtualization platform.
Dan Deane, Solutions Lead at Advanced Solutions says, “The key IT pain points that VMware solutions are helping us solve are around networking and provisioning.”
Advanced Solutions was Continue reading
Today's Heavy Networking aims to separate the hype from the substance on hot tech topics including SD-whatever, cloud native, container networking, service meshes, microsegmentation, and more. Our guests are Avi Freedman and Jon Mendoza.
The post Heavy Networking 427: Hype Vs. Reality On Hot Topics In Networking appeared first on Packet Pushers.
Check Point GAiA is the next generation Secure Operating System for all Check Point appliances, open servers and virtualized gateways. In this tutorial we will create a network infrastructure which supports usage of Gaia Qemu VM as a personal firewall on Ubuntu Linux. We will also go through the entire installation of Gaia on Qemu VM. This firewall appliance can be used up to 15 days period covered by a free trial Gaia license (no registration needed).
Hardware: Asus K55VM laptop:
- Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
- RAM - 2 x Kingston DDR3 8192MB,
- HDD - ST1000LM024 HN-M101MBB 1000GB
Hardware requirements:
- Gaia QEMU VM: RAM - 4096MB, HDD - 15GB
- Windows 7 QEMU VM: RAM 2048MB, HDD - 15 GB
Software:
Host - Kubuntu Linux 18.04.1 LTS with installed QEMU emulator version 3.0.0 and KVM module
Guest 1 - Checkpoint GAiA R80.10, OS build 462, OS kernel version 2.6.18-92cpx86_64
Guest 2 - Windows 7 Home Premium, x86 with installed Smart Console R80.10 Build 991140073
Credentials - username/password:
- Gaia web portal: admin/check123point
- Gaia expert mode: check123point
- Windows 7: no password Continue reading
The Linux Foundation gains a mapping platform; Intel plans a new chip factory in Oregon; and Google Cloud adds a serverless document database.
This is part 3 of a six part series based on a talk I gave in Trento, Italy. To start from the beginning go here.
After Cloudbleed, lots of things changed. We started to move away from memory-unsafe languages like C and C++ (there’s a lot more Go and Rust now). And every SIGABRT or crash on any machine results in an email to me and a message to the team responsible. And I don’t let the team leave those problems to fester.
So Cloudbleed was a terrible time. Let’s talk about a great time. The launch of our public DNS resolver 1.1.1.1. That launch is a story of an important Cloudflare quality: audacity. Google had launched 8.8.8.8 years ago and had taken the market for a public DNS resolver by storm. Their address is easy to remember, their service is very fast.
But we thought we could do better. We thought we could be faster, and we thought we could be more memorable. Matthew asked us to get the address 1.1.1.1 and launch a secure, privacy-preserving, public DNS resolver in a couple of months. Continue reading
The platform divides the two flows – the control layer and the data layer – and handles them in a way that makes sense for each.
By Digital Empowerment Foundation
In the last 25 years, half the world has been connected to the Internet and the almost infinite opportunities it has to offer. Most of these, among the 3.5 billion connected individuals of the world, are people who are largely economically empowered, literate, and reside in urban or accessible areas. However, there is also half the world that is yet to get online and access what the Internet has to offer them.
The biggest barrier to widespread connectivity is the high cost of infrastructure. With many telecom companies unwilling or unable to build infrastructure in far flung and rural areas, large swathes of the world have remained in media darkness. Evidently, most of those who are excluded from digital ecosystems are people who are largely at the bottom of the pyramid and reside in rural or inaccessible areas. They are people who have not been connected by the mainstream Internet Service Providers (ISP) – and who may have to wait a long time to be connected.
So who will take the responsibility of connecting them?
It has to be the community themselves.
Over the years, community network providers have proved to be great enablers for Continue reading
The data center server vendor made several smart partnerships around HCI and cloud last year, and now it’s moving into edge and IoT.
This is the text I prepared for a talk at Speck&Tech in Trento, Italy. I thought it might make a good blog post. Because it is 6,000 words I've split it into six separate posts.
Here's part 1:
I’ve worked at Cloudflare for more than seven years. Cloudflare itself is more than eight years old. So, I’ve been there since it was a very small company. About twenty people in fact. All of those people (except one, me) worked from an office in San Francisco. I was the lone member of the London office.
Today there are 900 people working at Cloudflare spread across offices in San Francisco, Austin, Champaign IL, New York, London, Munich, Singapore and Beijing. In London, my “one-person office” (which was my spare bedroom) is now almost 200 people and in a month, we’ll move into new space opposite Big Ben.
The numbers tell a story about enormous growth. But it’s growth that’s been very carefully managed. We could have grown much faster (in terms of people); we’ve certainly raised enough money to do so.
I ended up at Cloudflare because I gave a really good talk at a conference. Well, Continue reading
The post Automatic versus Manual NetFlow Deduplication appeared first on Noction.
Erik Dietrich (of the Expert Beginner fame) published another great blog post explaining when and why you should write a book. For the attention-challenged here’s my CliffNotes version:
In our last post we covered the basics of getting an RSVP LSP setup. This was a tedious process at least when compared to what we saw with LDP setting up LSPs. So I think it’s worthwhile to spend some time talking about RSVP and what it offers that merit it’s consideration as a label distribution protocol. First off – let’s talk about naming. When talking about MPLS – RSVP is typically just called RSVP – but without the MPLS context – it might be a little confusing. That’s because RSVP itself initially had nothing to do with MPLS. RSVP was initially a means to reserve resources for flows across a network. The protocol was then extended to support setting up MPLS LSPs. In this use case, it is often referred to as “RSVP-TE” or “MPLS RSVP-TE”. For the sake of my sanity – when I reference RSVP going forward I’ll be referring to RSVP that’s used to setup MPLS LSPs.
So now let’s talk about some differences between LDP and RSVP. The first thing that everyone points out is that LDP is tightly bound to the underlying IGP. While this is an accurate statement, it doesn’t mean that RSVP Continue reading
Event-Driven automation is an umbrella term much like "coffee" (also see here, it turns out I’ve used coffee anecdotes way too much). How many times do you go to a popular chain and just blurt out "coffee". At 5am, it might be the nonsensical mysterious noise automagically leaving one’s mouth but once we decide it’s bean time, we get to the specifics.
There are multiple tools that give you different capabilities. Some are easier to get started with than others and some are feature rich and return high yields of capability against invested time.
Friendly dictator advice; try not to get wrapped up in the message bus used or data encapsulation methodologies. Nerdy fun, but fairly pointless when it comes to convincing anyone or organisation to make a fundamental shift.
Event-Driven is about receiving a WebHook and annoying people on Slack
This is a terrible measure and one we needed to have dropped yesterday. In more programming languages than I can remember, I’ve written the infamous "Hello World" and played with such variables, struct instances and objects as the infamous "foo" and the much revered "bar". Using an automation platform to receive an HTTP post and updating a support Continue reading