Firewall Ruleset Automation with CI Pipeline
One of my readers sent me a description of their automation system that manages firewall rulesets on Fortigate firewalls using NAPALM to manage device configurations.
In his own words:
We are now managing thousands of address objects, services and firewall policies using David Barroso’s FortiOS Napalm module. This works very well and with a few caveats (such as finding a way to enforce the ordering of firewall policies) we are able to manage all the configuration of our firewalls from a single Ansible playbook.
The did the right thing and implemented an abstracted data model using GitOps to manage it:
Read more ...No Time Like the Present for Network Automation
The time has come for IT to once again dive into the world of homegrown automation for running their networks.
Network teams have a love/hate relationship with
Time after time, though, something goes wrong with the cobbled together systems. Soon, rolling back and correcting mistakes or nursing along the automation as platforms and environments evolve takes more time and effort
Now, the confluence of several trends in IT has made it clear that it is automation time again. First and foremost, the focus on digital Continue reading
Blending into software infrastructure
Electronic networks existed long before electronic compute and storage. Early on, the network was simple wires and switch boards, and the endpoints were humans. Telegraphs transcoded taps into on/off voltage on the wire and back to audible clicks. Telephones transcoded voice into amplitude modulated voltage and back to voice.
Since then, the network has existed as a unique entity apart from the things it connected. Until now.
Less than two decades ago most applications were built in vertical silos. Each application got its own servers, storage, database and so on. The only thing applications shared was the network. The network was the closest thing to a shared resource pool — the original “cloud”. With increasing digital transformation, other services were also pooled, such as storage and database. However each application interfaced with these pooled resources and with other applications directly. Applications had little in common other than Continue reading
Bloomberg Chose Apstra’s Network Monitoring for Its London Broadcast Facility
Bloomberg’s network engineers are using Apstra’s software to gain visibility across the network fabric supporting the building's media production systems.
Upgrading Cloud Infrastructure Made Easier and Safer Using Cloudflare Workers and Workers KV
This is a guest post by Ben Chartrand, who is a Development Manager at Timely. You can check out some of Ben's other Workers projects on his GitHub and his blog.
At Timely we started a project to migrate our web applications from legacy Azure services to a modern PaaS offering. In theory it meant no code changes.
We decided to start with our webhooks. All our endpoints can be grouped into four categories:
- Integration with internal tools i.e. HelpScout, monitoring endpoint for PagerDuty
- Payment confirmations
- Calendar integrations i.e. Google Calendar
- SMS confirmations
Despite their limited number, these are vitally important. We did a lot of testing but it was clear we’d only really know if everything was working once we had production traffic. How could we migrate traffic?
Option 1
Change the CNAME to point to the new hosting infrastructure. This is high risk. DNS takes time to propagate so, if we needed to roll back, it would take time. We would also be shifting over everything at once.
Option 2
Use a traffic manager to shift a percentage of traffic using Cloudflare Load Balancing. We could start at, say, 5% traffic to the new infrastructure Continue reading
Cloud Security Acquisitions, OneLogin $100M Funding Round Preview What’s In Store
The opening days of 2019 also saw Sophos purchase cloud security startup Avid Secure and Akamai Technologies reach a deal to acquire Janrain.
Martello Technologies Uses SD-WAN to Optimize IoT Systems
The work is part of its participation in the Blackberry and L-Spark Accelerator Program, a program building network performance management technologies for IoT.
AMD President Says Its Next Epyc Server Processor Is the ‘Best the World Has Ever Seen’
Advanced Micro Devices, under the direction of its President and CEO Lisa Su, garnered some big headlines in 2018 for both its technology advances as well as its growing stock price.
TriggerMesh Clears Serverless Bridge Between AWS Lambda, Knative
“We just opened up every Lambda function to run on Knative,” said Mark Hinkle, co-founder of TriggerMesh. “That’s a huge ecosystem.”
Ericsson Takes $687M Charge to Overhaul BSS Unit
Ericsson said last year that its "full-stack, pre-integrated" approach to BSS was not working and adopted a new strategy. More measures are now required to meet 2020 profitability targets.
Equinix CEO: Interconnection Biz Booming, Edge Remains ‘Real, Strategic Question’
Equinix’s software-defined interconnection platform now has 13,000 virtual connections, according to CEO Charles Meyers.
Geo IP Databases are Highly Inaccurate
Lots of network monitoring platforms use GeoIP databases to track/monitor sources. These databases are, perhaps, 75% accurate (for some definition of accurate). This is your regular reminder to have a sense of caution about location based on public IP address. John S. and his mother Ann live in the house, which is in Pretoria, the […]
The post Geo IP Databases are Highly Inaccurate appeared first on EtherealMind.
IPv6 Buzz 017: The IPv6 Year In Review
What's in store for IPv6 in 2019? What happened--and didn't happen--in 2018? Ed, Scott, and Tom analyze the pace of IPv6 growth around the world over the past year, and offer forecasts for the coming year.
The post IPv6 Buzz 017: The IPv6 Year In Review appeared first on Packet Pushers.