Helping To Build Cloudflare, Part 6: What does Cloudflare’s CTO do?
This is the final part of a six part series based on a talk I gave in Trento, Italy. To start from the beginning go here.
If you are still awake there’s really one final question that you might want to know the answer to: What does the CTO do? The reality is that it means different things in different companies. But I can tell you a little about what I do.
The longest temporary job
I didn’t join Cloudflare as CTO. My original job title was Programmer and for the first couple of years I did just that. I wrote a piece of technology called Railgun (a differential compression program used to speed up the connection between Cloudflare and origin web servers) and then I went on to write our WAF. After that I worked on our Go-based DNS server and other parts of the stack.
At some point Lee Holloway decided he didn’t want to manage Cloudflare’s growing staff and Michelle Zatlyn (one of Cloudflare’s founders) asked me if I would ‘temporarily’ manage engineering. This is now the longest temporary job I’ve ever had!
Initially a lot of what I did was manage the team and help interview Continue reading
Securing your SWIFT environment with VMware
The SWIFT Controls Framework was created to help customers figure out which controls are needed to better secure their SWIFT environment. The SWIFT security controls framework is broken down into objectives, principles, and controls. The three objectives are “Secure your environment, Know and Limit Access, and Detect and Respond”.
Customers interested in exploring VMware product alignment with the SWIFT framework should evaluate the end-to-end solution. This includes VMware products, as well as other technology that support a customer’s SWIFT platform. The following is a high-level alignment of some of the SWIFT framework controls and VMware products.
VMware Product Alignment with SWIFT Objectives
Restrict internet access & Protect Critical Systems from General IT Environment
As part of a SWIFT deployment, a secured and zoned off environment must be created. This zone contains the SWIFT infrastructure that is used for all SWIFT transaction. Two SWIFT Principles that we will discuss are
- Protect Critical Systems from General IT Environment
- Detect Anomalous Activity to Systems or Transaction Records
These controls are required to be enforced on the SWIFT infrastructure. SWIFT requires that all traffic from the general IT infrastructure to the SWIFT zone be as restricted as possible. They also Continue reading
Cisco to MikroTik – Switching and VLANs
About the Cisco to MikroTik series
One of the most difficult configuration challenges for MikroTik equipment seems to be switching and VLANs in the CRS series. Admittedly, the revamp of VLAN configuration for MikroTik CRS switches in early 2018 made things a lot easier. But, sometimes there is still confusion on how to configure VLANs and IP addresses in VLANs with MikroTik RouterOS operating on a switch.
This will only cover VLAN configuration for CRS 3xx series switches in RouterOS as SwitchOS is not nearly as common in operational deployments.
CRS 1xx/2xx series use an older style of configuration and seem to be on the way out so I’m not 100% sure whether or not i’ll write a similar guide on that series.
If you’ve been in networking for a while, you probably started with learning the Cisco CLI. Therefore, it is helpful to compare the commands if you want to implement a network with a MikroTik and Cisco switches.
This is the fourth post in a series that creates a Rosetta stone between IOS and RouterOS. Here are some of the others:
Click here for the first article in this series – “Cisco to MikroTik BGP command translation”
Click Continue reading
Cisco to MikroTik – Switching and VLANs
About the Cisco to MikroTik series
One of the most difficult configuration challenges for MikroTik equipment seems to be switching and VLANs in the CRS series. Admittedly, the revamp of VLAN configuration for MikroTik CRS switches in early 2018 made things a lot easier. But, sometimes there is still confusion on how to configure VLANs and IP addresses in VLANs with MikroTik RouterOS operating on a switch.
This will only cover VLAN configuration for CRS 3xx series switches in RouterOS as SwitchOS is not nearly as common in operational deployments.
CRS 1xx/2xx series use an older style of configuration and seem to be on the way out so I’m not 100% sure whether or not i’ll write a similar guide on that series.
If you’ve been in networking for a while, you probably started with learning the Cisco CLI. Therefore, it is helpful to compare the commands if you want to implement a network with a MikroTik and Cisco switches.
This is the fourth post in a series that creates a Rosetta stone between IOS and RouterOS. Here are some of the others:
Click here for the first article in this series – “Cisco to MikroTik BGP command translation”
Click Continue reading
Juniper Static Routing
1 step to configure a static route. Configure static route under routing-options section Configuration Configure static route under routing-options section. cmd set routing-options static route 10.1.23.0/24 next-hop 10.1.12.2 Topology P1R1 cmd set routing-options static...continue reading
Nvidia Teams Up With Colocation Providers on AI
The chipmaker initially partnered with nine North American data center operators, but “the goal is to expand it globally,” Nvidia’s Tony Paikeday says.
AWS Remains Dominant Player in Growing Cloud Market, SRG Reports
Smaller rivals Microsoft, Google, Alibaba, and IBM if combined would be about equal to AWS' market share. And they are taking market share from smaller players.
Spectra Taps Versa Networks to Deliver Managed SD-WAN in India
Versa has now signed managed service provider agreements with more than 80 global providers.
Extreme Networks Moves Into Edge Device Security With Defender for IoT
It’s a smart move for the networking vendor. Gartner estimates that 20.4 billion connected things will be in use by organizations worldwide by 2020.
History of Networking: ILNP with Saleem Bhatti
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
Cisco Snaps Up Singularity Networks to Bolster Network Automation Unit
The company uses agents to find data in virtual machines (VMs), routers, firewalls, and switches in an organization's data center and clouds. It will become part of Cisco’s Crosswork Network Automation portfolio.
Blessay: SDWAN and Lockin
I consider these forms of possible lock-in for SD-WAN
The post Blessay: SDWAN and Lockin appeared first on EtherealMind.
Dell EMC Boosts Multi-Cloud Data Protection, Remote Office Management
The company expanded data protection with new and enhanced features to its Data Domain and Integrated Data Protection Appliance (IDPA) products.
Cloudflare Support for Azure Customers
Cloudflare seeks to help its end customers use whichever public and private clouds best suit their needs. Towards that goal, we have been working to make sure our solutions work well with various public cloud providers including Microsoft’s Azure platform.
If you are an Azure customer, or thinking about becoming one, here are three ways we have made Cloudflare’s performance and security services work well with Azure.
1) The development of an Azure application for Cloudflare Argo Tunnel.
We are proud to announce an application for Cloudflare Argo Tunnel within the Azure marketplace. As a quick reminder, Argo Tunnel establishes an encrypted connection between the origin and the Cloudflare edge. The small tunnel daemon establishes outbound connections to the two nearest Cloudflare PoPs, and the origin is only accessible via the tunnel between Cloudflare and origin.
Because these are outbound connections, there is likely no need to modify firewall rules, configure DNS records, etc. You can even go so far as to block all IPs on the origin and allow traffic only to flow through the tunnel. You can learn more here. The only prerequisite for using Argo Tunnel is to have Argo enabled on your Cloudflare zone. You can Continue reading