Over the last several years, VMware has been heavily investing in technology and solutions to transform security. Our goal has been simple; leverage the virtual and mobile infrastructure to build security in – making it intrinsic, simple, aligned to applications and data, and infinitely more effective.
5 years ago, with NSX, we introduced the concept of micro-segmentation, enabling organizations to leverage network virtualization to compartmentalize their critical applications at a network level.
Last VMworld, we introduced VMware AppDefense, to protect the applications running on that virtual infrastructure. This enabled organizations to leverage server virtualization to ensure the only thing running is what the application intended – flipping the security model to “ensuring good” versus “chasing bad”
Meanwhile, our Workspace ONE team has been steadily building out their platform that leverages user infrastructure, to ensure only legitimate users can get access to critical applications from devices we can trust.
The momentum for NSX, AppDefense, and Workspace ONE has been growing exponentially. And our product teams have not been standing still. They’ve been hard at work on some incredible innovations and integrations.
In my security showcase session, Transforming Security in Continue reading
Networking is hard enough when deploying it into typical environments like campuses and datacenters, but what happens when you’re tasked with doing networking in areas that were never meant to support technology? In this episode of Network Collective, Scott Morris and Jeremy Austin join us to share their experience with networking in harsh environments.
We would like to thank Cumulus Networks for sponsoring this episode of Network Collective. Cumulus is bringing S.O.U.L. back to the network. Simple. Open. Untethered. Linux. For more information about how you can bring S.O.U.L. to your network, head on over to https://cumulusnetworks.com/networkcollectivehassoul. There you can find out how Cumulus Networks can help you build a datacenter as efficient and as flexible as the worlds largest data centers and try Cumulus technology absolutely free.
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Episode 32 – Networking In Harsh Environments appeared first on Network Collective.
In honor of International Cat Day, the Internet Society is sharing the journal of Internet Hall of Mane recipient, LOL Cat. LOL Cat first achieved fame with her humorous memes written in “kitty pawtois.” A graduate of Stanfur Universekitty, her work has earned her the Purritzer Prize and many other hon-roars.
Cattain’s Log, Day 1
Sunday night patrol. The dusty creature on the wall has not moved for days. This is my vow: I will bide my time and someday I shall pounce.
Day 8
My human taunts me with the shiny red dot.
Day 13
Bathroom remodel. My human has replaced my old litter box with a loud scary one. The flashing lights blind me. I am not feline good about this.
Day 14
When I hop out of this new litter box, a scary rake comes to gather the litter, ruining my sense of order. I shall spread litter around the house to rectify this mess, but first I must hide behind the new contraption.
I see the word “smart.” This must be a clue. I feel that I am onto something. I have no time to lose, and must dash to the room with the Continue reading
There are multiple occasions for which you may need two IPv4 addresses. This video from Tony Fortunato explains how to configure them.
You probably know my opinion on nerd knobs and the resulting complexity, but sometimes you desperately need something to get the job done.
In traditional vendor-driven networking world, you might be able to persuade your vendor to implement the knob (you think) you need in 3 years by making it a mandatory requirement for a $10M purchase order. In open-source world you implement the knob, write the unit tests, and submit a pull request.
Read more ...ISPs that use MikroTik are always looking for new ways to deliver services to customers and expand their offerings. Delivering Layer 2 at scale for customers is a design challenge that comes up frequently.
While it’s easy enough to build a VLAN nested inside of another VLAN (see below), this requires you to build all of the VLANs a customer wants to use into the PE router or handoff switch.
However, if you have a client that needs a layer 2 service delivered to two or more points and wants to be able to treat it just like an 802.1q trunk and add VLANs in an ad-hoc way, then using the S-Tag feature in RouterOS along with VPLS transport is a great option.
What’s the S-tag do???
Clients will often ask me “what’s the S-Tag check box for?”
So a little background on this, there is a protocol for using outer and inner VLAN tags specified in IEEE 802.1ad that uses Service Tag (or S-Tag) to denote the outer VLAN tag used to transport Customer Tags (or C-Tags).
What makes the S-Tag/C-Tag a little bit different is that it actually changes the ethertype of the Frame.
Continue reading |
---|
ISPs that use MikroTik are always looking for new ways to deliver services to customers and expand their offerings. Delivering Layer 2 at scale for customers is a design challenge that comes up frequently.
While it’s easy enough to build a VLAN nested inside of another VLAN (see below), this requires you to build all of the VLANs a customer wants to use into the PE router or handoff switch.
However, if you have a client that needs a layer 2 service delivered to two or more points and wants to be able to treat it just like an 802.1q trunk and add VLANs in an ad-hoc way, then using the S-Tag feature in RouterOS along with VPLS transport is a great option.
What’s the S-tag do???
Clients will often ask me “what’s the S-Tag check box for?”
So a little background on this, there is a protocol for using outer and inner VLAN tags specified in IEEE 802.1ad that uses Service Tag (or S-Tag) to denote the outer VLAN tag used to transport Customer Tags (or C-Tags).
What makes the S-Tag/C-Tag a little bit different is that it actually changes the ethertype of the Frame.
Continue reading |
---|
"It’s somebody’s day job to make sure they exploit you and remain a presence on your network,” said Josh Ray, global cyber defense lead for Accenture Security.