Clear Skys for IBM and Red Hat

There was a lot of buzz this week when IBM announced they were acquiring Red Hat. A lot has been discussed about this in the past five days, including some coverage that I recorded with the Gestalt IT team on Monday. What I wanted to discuss quickly here is the aspirations that IBM now has for the cloud. Or, more appropriately, what they aren’t going to be doing.

Build You Own Cloud

It’s funny how many cloud providers started springing from the earth as soon as AWS started turning a profit. Microsoft and Google seem to be doing a good job of challenging for the crown. But the next tier down is littered with people trying to make a go of it. VMware with vCloud Air before they sold it. Oracle. Digital Ocean. IBM. And that doesn’t count the number of companies offering a specific function, like storage, and are calling themselves a cloud service provider.

IBM was well positioned to be a contender in the cloud service provider (CSP) market. Except they started the race with a huge disadvantage. IBM was a company that was focused on selling solutions to their customers. Just like Oracle, IBM’s primary customer was Continue reading

Rough Guide to IETF 103: DNSSEC, DNS Security and DNS Privacy

As happened earlier this year at IETF 102 in Montreal, DNS privacy will receive a large focus in the DNSOP, DPRIVE and DNSSD working groups. Given the critical role DNS plays as part of the “public core” of the Internet in linking names and identifiers to IP addresses, the DNS must have stronger security and privacy controls.  As part of our Rough Guide to IETF 103, here’s a quick view on what’s happening in the world of DNS.

Note – all times below are Indochina Time (ICT), which is UTC+7.

DNS Operations (DNSOP)

The DNS sessions at IETF 103 start on Monday afternoon from 13:50-15:50 with the DNS Operations (DNSOP) Working Group.  As per usual, DNSOP has a packed agenda. The major security/privacy-related drafts include:

• DNS query minimisation – draft-ietf-dnsop-rfc7816bis – Back in 2016, RFC 7816 defined an experimental way to increase DNS privacy and limiting the exposure of DNS query information by simply not sending the entire query all the way up the DNS resolver chain.  This new work is to move that RFC 7816 document from being an experiment to being an actual Internet standard.
• Running a DNS root server locally – draft-ietf-dnsop-7706bis – Continue reading

What is WPA3? Wi-Fi security protocol strengthens connections

The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.To read this article in full, please click here

What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade

The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.To read this article in full, please click here

What is WPA3? Wi-Fi security protocol strengthens connections

The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.To read this article in full, please click here

What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade

The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.To read this article in full, please click here

Is a Cloud-native Strategy Right for You?

Worth Reading: Notes on Distributed Systems

I long while ago I stumbled upon an excellent resource describing why distributed systems are hard (what I happened to be claiming years ago when OpenFlow was at the peak of the hype cycle ;)… lost it and found it again a few weeks ago.

If you want to understand why networking is hard (apart from the obvious MacGyver reasons) read it several times; here are just a few points:

Passed AWS Solutions Architect Associate

Hi,

Yesterday I took the AWS Solutions Architect Associate and passed it which means I’m now certified. I started studying for this exam around the August time frame. I had wanted to get some exposure to public cloud to broaden my skill set and AWS was the natural one to go after first considering their dominant position on the market. My goal is to do the networking specialty in order to know all of the networking products inside of AWS. I also have a project I’m working on now in AWS which helps with both motivation, knowledge and hands-on experience.

So, what was the exam like?

I don’t know if it was pure shock at first but I felt very uneasy in the beginning of the exam. The questions I got felt very different to the material and questions I had based my studies on. After a while I felt a bit better but it was still a tough exam for me. I had to really think through all of my answers and only a couple of questions, mostly the ones on networking, I felt confident answering immediately. The exam did feel balanced though covering a broad range of topics Continue reading

The Internet Society’s Hot Topics at IETF 103

The 103rd meeting of the IETF starts tomorrow in Bangkok which is the first time that an IETF meeting has been held in the city.

The Internet Society’s Internet Technology Team is as always highlighting the latest IPv6, DNSSEC, Securing BGP, TLS, and IoT related developments, and we’ll also be covering DNS Privacy and NTP Security from now on. This is discussed in detail in our Rough Guide to IETF 103, but we’ll also be bringing you daily previews of what’s happening each day as the week progresses.

Below are the sessions that we’ll be covering in the coming week. Note this post was written in advance so please check the official IETF 103 agenda for any updates, room changes, or final details.

Monday, 5 November 2018

• IPv6 Operations (v6ops) – Meeting 1 @ 09.00-11.00 UTC+7
• Routing Over Low power and Lossy networks (roll) – Boromphimarn 1/2 @ 09.00-11.00 UTC+7
• Crypto Forum (cfrg)- Chitlada 1 @ 11.20-12.20 UTC+7
• Domain Name System Operations (dnsop) – Chitlada 1 @ 13.50-15.50 UTC+7
• Transport Layer Security (tls) – Chitlada 2 @ 13.50-15.50 UTC+7
• IPv6 over Networks of Resource-constrained Node (6lo) – Meeting 2 @ 16.10-18.10 UTC+7

Tuesday, 6 November 2018

• Continue reading

Large-scale network simulations in Kubernetes, Part 1 – Building a CNI plugin

Building virtualised network topologies has been one of the best ways to learn new technologies and to test new designs before implementing them on a production network. There are plenty of tools that can help build arbitrary network topologies, some with an interactive GUI (e.g. GNS3 or EVE-NG/Unetlab) and some “headless”, with text-based configuration files (e.g. vrnetlab or topology-converter). All of these tools work by spinning up multiple instances of virtual devices and interconnecting them according to a user-defined topology.

Problem statement

Most of these tools were primarily designed to work on a single host. This may work well for a relatively small topology but may become a problem as the number of virtual devices grows. Let’s take Juniper vMX as an example. From the official hardware requirements page, the smallest vMX instance will require:

• 2 VMs - one for control and one for data plane
• 2 vCPUs - one for each of the VMs
• 8 GB of RAM - 2GB for VCP and 6GB for VFP

This does not include the resources consumed by the underlying hypervisor, which can easily eat up another vCPU + 2GB of RAM. It’s easy to imagine how quickly Continue reading

400G Conversation Dominates Arista Networks Q3 2018 Earnings Call

Arista also said that due to the tariffs on some Chinese components that have been implemented by the U.S. government, it is adding a universal 3.3 percent add-on charge for worldwide customers.

Nutanix’s Multi-Cloud Management Moves Into the Data Center

The software initially supported AWS and Azure, and the company extended this cost-comparison and governance tool to on-premises Nutanix environments.

Cisco ups the ante for 400G Ethernet with big-bandwidth data-center switches

Cisco is bringing high-speed Ethernet to the data center with four new switches it says will ultimately become the foundation of highdensity, intent-based networks.To read this article in full, please click here(Insider Story)

Cisco ups the ante for 400G Ethernet with big-bandwidth data-center switches

Cisco is bringing high-speed Ethernet to the data center with four new switches it says will ultimately become the foundation of highdensity, intent-based networks.To read this article in full, please click here(Insider Story)

Cisco Study Finds Enterprises Racing Toward ‘Preemptive’ IT

Cisco developed a four-step model for IT operations maturity showing where organizations are now and where they would like to be in two years.

7 Guiding Principles for Leading Data Center Networks

Whether you’re starting out on a fresh playing field or diving into a mud pool of decades-old complexity, designing and deploying a new or modernized data center is a rewarding endeavor; not just for the engineers and architects, but also for the businesses that reap the benefits of agility, scalability, and performance that come along with it.

And the first step on that road is to talk. The initial conversations with thought leaders, business strategists, and technical architects are the most pivotal in the discovery phase of any large project. It is at this phase that the box is forming, and questions must be asked outside of it to shape its dimensions. To transform the network, you must be prepared to ask challenging questions that drive conversations around open networking, automation, modularity, scalability, segmentation and re-usability. Before vendor selection, it is essential to compile a list of business and technical requirements founded upon a set of guiding principles.

Here are seven to keep in your pocket:
1. The network architecture should use standards-based protocols and services
2. The network should be serviceable without downtime
3. The network architecture should promote automation
4. The network should be consumable
5. Physical boundaries Continue reading

Expanding the Possibilities With 5G

To understand where next-gen communications will be tomorrow, look to the 5G trials of today.

What to expect from Wi-Fi 6 in 2019

Wi-Fi 6 – aka 802.11ax – will begin to make its way into new installations in 2019, bringing with it a host of technological upgrades aimed at simplifying wireless-network problems.The first and most notable feature of the standard is that it’s designed to operate in today’s increasingly congested radio environments. It supports multi-user, multiple-input, multiple-output (MU-MIMO) technology, meaning that a given access point can handle traffic from up to eight users at the same time and at the same speed. Previous-generation APs still divide their attention and bandwidth among simultaneous users.[ Also see Wi-Fi 6 is coming to a router near you. | Get regularly scheduled insights by signing up for Network World newsletters. ] Better still is orthogonal frequency division multiple access (OFDMA), a technology borrowed from the licensed, carrier-driven half of the wireless world. What this does is subdivide each of the available independent channels available on a given AP by a further factor of four, meaning even less slowdown for APs servicing up to a couple dozen clients at the same time.To read this article in full, please click here

HashiCorp $100M Series D Renders $1.9B Valuation

The company offers open source-based software platforms that allow enterprises to manage distributed application infrastructure. It competes against companies like Puppet and Chef.