Archive

Category Archives for "Networking"

Deprecating SPDY

Deprecating SPDY

Democratizing the Internet and making new features available to all Cloudflare customers is a core part of what we do. We're proud to be early adopters and have a long record of adopting new standards early, such as HTTP/2, as well as features that are experimental or not yet final, like TLS 1.3 and SPDY.

Participating in the Internet democracy occasionally means that ideas and technologies that were once popular or ubiquitous on the net lose their utility as newer technologies emerge. SPDY is one such technology. Several years ago, Google drafted a proprietary and experimental new protocol called SPDY. SPDY offered many performance improvements over the aging HTTP/1.1 standard and these improvements resulted in significantly faster page load times for real-world websites. Stemming from its success, SPDY became the starting point for HTTP/2 and, when the new HTTP standard was finalized, the SPDY experiment came to an end where it gradually fell into disuse.

As a result, we're announcing our intention to deprecate the use of SPDY for connections made to Cloudflare's edge by February 21st, 2018.

Remembering 2012

Five and a half years ago, when the majority of the web was unencrypted and web developers Continue reading

VMware NSX for vSphere 6.4 Eases Operations, Improves Application Security with Context

Summary: Generally available today, VMware NSX for vSphere 6.4 raises the bar for application security and planning, and introduces context-aware micro-segmentation

For those working in security, thinking and talking about the cyber threats in the world is a constant, a necessary evil. So, for a moment, let’s summon a better time to our memory. Remember when breaches didn’t keep us up at night? The threat of a breach didn’t hang over our heads with an associated cost of millions of dollars and the privacy of our users. In fact, it did, but they weren’t frequent or public enough to cause the awakening that they do today. We put up a wall at the perimeter to keep the bad guys out, and prayed.

OK, back to modern times. Today, we know the story is much different, for better and for worse. Breaches are more prevalent, but our defenses are more sophisticated and more importantly, they’re continuously evolving (just like the breaches). One major piece of this newer defense picture is micro-segmentation. With micro-segmentation, security policies traditionally only enforced at the perimeter are now brought down to the application. Micro-segmentation has gained massive traction and entered the mainstream, with most cloud Continue reading

Connecting Nepal’s Earthquake Affected Communities with a Sustainable Model

Beyond the Net Journal

Nepal’s rural population remains largely disconnected from the Internet. The problem is further aggravated by the devastating 7.8 Richter scale earthquake and the subsequent aftershocks that have been shaking Nepal since April 2015 and that left nearly 9,000 people dead.

The Internet Society Nepal Chapter, in partnership with the NPO “Forum for Digital Equality“, led a successful project to reduce the digital divide by facilitating the establishment of three Community Learning Hubs. The project, supported by The Internet Society Beyond the Net Funding Programme, set up the centers in three Nepali districts that were badly affected by the earthquake: Dhading, Sindhupalchowk and Dolakha.

Each Hub is being visited 100/day by community members. More than 1500 people are now accessing the Internet for free. To ensure a sustainable model for the project, services like printing and scanning are charged. The raised revenue is used to pay for operator salaries, repair and maintenance services.

Goma Shrestha, community ITC operator, proudly explains, “We started “eSewa”, an online payment gateway. Villagers used to go to the market to recharge their mobile and cable service, but now we have facilities in our own community”.

The Continue reading

However improbable: The story of a processor bug

Processor problems have been in the news lately, due to the Meltdown and Spectre vulnerabilities. But generally, engineers writing software assume that computer hardware operates in a reliable, well-understood fashion, and that any problems lie on the software side of the software-hardware divide. Modern processor chips routinely execute many billions of instructions in a second, so any erratic behaviour must be very hard to trigger, or it would quickly become obvious.

But sometimes that assumption of reliable processor hardware doesn’t hold. Last year at Cloudflare, we were affected by a bug in one of Intel’s processor models. Here’s the story of how we found we had a mysterious problem, and how we tracked down the cause.

Sherlock_holmes_pipe_hat-1
CC-BY-SA-3.0 image by Alterego

Prologue

Back in February 2017, Cloudflare disclosed a security problem which became known as Cloudbleed. The bug behind that incident lay in some code that ran on our servers to parse HTML. In certain cases involving invalid HTML, the parser would read data from a region of memory beyond the end of the buffer being parsed. The adjacent memory might contain other customers’ data, which would then be returned in the HTTP response, and the result was Cloudbleed.

But Continue reading

Webinars in 2017

2017 was one of the busiest years since I started the ipSpace.net project.

It started with an Ansible for Networking Engineers session covering advanced Ansible topics and network device configurations. Further sessions of that same webinar throughout 2017 added roles, includes, extending Ansible with dynamic inventory, custom modules and filters, and using NAPALM with Ansible.

Read more ...

Ready for CiscoLive Barcelona? Woot! Woot! See ya there!

In less than 2 weeks CiscoLive Europe 2018 will be in full swing!  And, as usual, I am so incredibly excited!  ?  This happens to me before every CiscoLive…. round about two weeks prior to the start of the event.  I just turn into a super excited little kid.  Like a little kid looking forward to going back to their favorite summer camp.  ?   I’m even already mostly packed.  Teehee.

CiscoLive Barcelona – Plans and Priorities

What is my absolute #1 suggestion to anyone going to a CiscoLive event?  My #1 suggestion regardless if it is your first CiscoLive ever, or like me, your 17th.  My #1 suggestion is – “Begin with the End in Mind“.

  1. Know what your priorities are and then schedule your week accordingly.
  2. Review your priorities for the week during the week multiple times a day
    1. before the day begins
    2. at lunch
    3. at the end of the day

Begin with the End in Mind. Why?  Because, at CiscoLive, there are so many more things to do than you will have time to fit in.   I personally believe it helps to have a priorities list Continue reading

Ready for CiscoLive Barcelona? Woot! Woot! See ya there!

In less than 2 weeks CiscoLive Europe 2018 will be in full swing!  And, as usual, I am so incredibly excited!  ?  This happens to me before every CiscoLive…. round about two weeks prior to the start of the event.  I just turn into a super excited little kid.  Like a little kid looking forward to going back to their favorite summer camp.  ?   I’m even already mostly packed.  Teehee.

CiscoLive Barcelona – Plans and Priorities

What is my absolute #1 suggestion to anyone going to a CiscoLive event?  My #1 suggestion regardless if it is your first CiscoLive ever, or like me, your 17th.  My #1 suggestion is – “Begin with the End in Mind“.

  1. Know what your priorities are and then schedule your week accordingly.
  2. Review your priorities for the week during the week multiple times a day
    1. before the day begins
    2. at lunch
    3. at the end of the day

Begin with the End in Mind. Why?  Because, at CiscoLive, there are so many more things to do than you will have time to fit in.   I personally believe it helps to have a priorities list Continue reading

Remembering Pål Spilling

It is with a heavy heart that I report to Internauts everywhere that one of the early pioneers of the ARPANET and Internet has passed away. Pål Spilling was at the Norwegian Defense Research Establishment (NDRE) at a time when an ARPANET node was installed at Kjeller, Norway. The satellite link was shared between the ARPANET and the Norwegian Seismic Array (NORSAR) system that was used to monitor Soviet underground nuclear testing to assure the tests did not exceed the test ban treaty limits. Together with his colleague, Yngvar Lundh, Pål worked to test early Internet implementation and applications including packetized speech. He was ever an enthusiastic participant in the Internet’s evolution and a steadfast research partner at NDRE and the subsequent institutions who were lucky to have him in their midst. He spent time at University College London with Peter Kirstein’s group and also at SRI International testing packet radio and packet speech applications. More about Pål’s work can be found at his Wikipedia site.

I, for one, will miss Pål greatly but remember his workmanlike involvement over many decades. His name can be found on the Stanford Plaque commemorating the early researchers who participated in the earliest development Continue reading

1 1,402 1,403 1,404 1,405 1,406 3,350