Archive

Category Archives for "Networking"

Remote User Authentication and RBAC with NSX-T

Remote user authentication and role based access control (RBAC) is an important requirement when deploying new systems in an organization, particularly in the networking world. For that matter, systems typically leverage RADIUS or Active Directory (AD) servers, to name a few.

NSX-T integrates with VMware Identity Manager (vIDM) to get the following benefits related to user authentication:

  • Support for extensive AAA Systems, including
    • AD-based LDAP, OpenLDAP
    • RADIUS
    • SmartCards / Common Access Cards
    • RSA Secure ID
  • Enterprise Single Sign-On
    • Common authentication platform across multiple VMware solutions
    • Seamless single sign-on experience


This blog post covers the main steps required to integrate NSX-T with vIDM and to configure roles that grant different privileges to different users. It does not cover deployment and hardening of VMware Identity Manager (vIDM). At the end of the post, there is a link to a demo showing how to do the configuration and several role-based access tests.

Assuming that both NSX-T Manager and vIDM appliances are deployed, powered on and configured with the basic management details (IP address, admin users, etc.), the integration requires the following steps:

  1. Creating a OAuth client ID for the NSX-T Manager in vIDM
  2. Getting the vIDM appliance thumbprint
  3. Registering NSX-T Manager with Continue reading

IDG Contributor Network: VeloCloud SD-WAN might be under the hood of many ISPs, but it’s not the same

If you’ve researched purchasing an SD-WAN solution from an ISP, there’s a good chance it’s not your ISP who is providing the actual SD-WAN service. [say what?!]Way back in 2016… the demand for SD-WAN emerged so furiously, ISP’s have had to make a quick decision: 1) roll-out a solution immediately; or 2) get tabbed as an old rickety out-of-date ISP. Consequently, rather than building their own solution (a lengthy process), most ISP’s have decided to take the easy route and white label someone else’s vetted product.Many of these ISP’s have chosen VeloCloud to be the SD-WAN solution under the hood.To read this article in full, please click here

IDG Contributor Network: VeloCloud SD-WAN might be under the hood of many ISPs, but it’s not the same

If you’ve researched purchasing an SD-WAN solution from an ISP, there’s a good chance it’s not your ISP who is providing the actual SD-WAN service. [say what?!]Way back in 2016… the demand for SD-WAN emerged so furiously, ISP’s have had to make a quick decision: 1) roll-out a solution immediately; or 2) get tabbed as an old rickety out-of-date ISP. Consequently, rather than building their own solution (a lengthy process), most ISP’s have decided to take the easy route and white label someone else’s vetted product.Many of these ISP’s have chosen VeloCloud to be the SD-WAN solution under the hood.To read this article in full, please click here

Deploy360 at IETF 100, Day 5: Zaìjiàn from the Lion City

There’s a couple of sessions of interest on the last day of IETF 100 before we wrap up for the week. Friday is only a half-day, but still manages to fit in sessions on human rights considerations and encryption. Human rights is not a topic that Deploy360 typically covers, but we have been increasingly asked to discuss the IRTF initiative on Human Rights Protocols Considerations. (There’s also a recent IETF Journal article on Human Rights Protocol Considerations.)

HRPC is researching the human rights threats on the Internet, whether standards and protocols can enable or threaten these, and is developing recommendations on developing Internet protocols around this. It recently published RFC 8080 outlining human rights threats on the Internet, and will be meeting at 09.30 SGT/UTC+8 to discuss three other drafts relating to Freedom of Association on the Internet, the Politics of Standards, and Unrequested Communications. There will also be a presentation on Chainiac: end-to-end software supply chain security and transparency, plus the next steps forward will be discussed.

NOTE: If you are unable to attend IETF 100 in person, there are multiple ways to participate remotely.

PERC is also meeting at the same time, and has three drafts up for discussion. Continue reading

HPE and Rackspace offer on-premises ‘cloud’ systems

HPE and Rackspace have partnered to offer pay-as-you-go services similar to the public cloud but located in private data centers. The OpenStack-based services can have the systems installed in users' own data centers, in a colocation facility, or in Rackspace’s data centers.The move is meant to counter the growing popularity of public cloud services where you pay as you go rather than make the up-front massive investment and then have to maintain and eventually dispose of the systems when they are old.Also on Network World: 6 steps for a future-ready cloud storage strategy And in case you haven’t noticed, this idea is gaining traction. Microsoft offers Azure Stack, which puts Azure in your private data center, Oracle has Cloud at Customer, and Google and Cisco plan to bring Google Cloud Platform to on-premises users in the near future.To read this article in full, please click here

HPE and Rackspace offer on-premises ‘cloud’ systems

HPE and Rackspace have partnered to offer pay-as-you-go services similar to the public cloud but located in private data centers. The OpenStack-based services can have the systems installed in users' own data centers, in a colocation facility, or in Rackspace’s data centers.The move is meant to counter the growing popularity of public cloud services where you pay as you go rather than make the up-front massive investment and then have to maintain and eventually dispose of the systems when they are old.Also on Network World: 6 steps for a future-ready cloud storage strategy And in case you haven’t noticed, this idea is gaining traction. Microsoft offers Azure Stack, which puts Azure in your private data center, Oracle has Cloud at Customer, and Google and Cisco plan to bring Google Cloud Platform to on-premises users in the near future.To read this article in full, please click here

Microsoft, Daimler to use fuel cells to power data centers

In separate announcements, Microsoft Corp. and Daimler indicated that hydrogen fuel cells could provide significantly better energy solutions for data centers than existing electrical grid and backup power technology.Daimler, best known for its Mercedes-Benz automobile brand, presented this week its latest-generation fuel cell technology, which is 30 percent smaller, has 40 percent more power and is small enough to fit into the engine compartment of Mercedes-Benz passenger vehicles. The company plans to expand the use of that technology in a hydrogen-powered data center power plant, collaborating with HPE, Power Innovations (PI) and the National Renewable Energy Laboratory (NREL).To read this article in full, please click here

Microsoft, Daimler to use fuel cells to power data centers

In separate announcements, Microsoft Corp. and Daimler indicated that hydrogen fuel cells could provide significantly better energy solutions for data centers than existing electrical grid and backup power technology.Daimler, best known for its Mercedes-Benz automobile brand, presented this week its latest-generation fuel cell technology, which is 30 percent smaller, has 40 percent more power and is small enough to fit into the engine compartment of Mercedes-Benz passenger vehicles. The company plans to expand the use of that technology in a hydrogen-powered data center power plant, collaborating with HPE, Power Innovations (PI) and the National Renewable Energy Laboratory (NREL).To read this article in full, please click here

Pluribus Networks… 2 Years Later

I first met Pluribus Networks 2.5 years ago during their Networking Field Day 9 presentation, which turned controversial enough that I was advised not to wear the same sweater during NFD16 to avoid jinxing another presentation (I also admit to be a bit biased in those days based on marketing deja-moo from a Pluribus sales guy I’d been exposed to during a customer engagement).

Pluribus NFD16 presentations were better; here’s what I got from them:

Read more ...

One Week to IPv6, Routing Security, and More at ION Belgrade

One week from today, we’ll be at ION Belgrade! Our last event of the year take place on Thursday, 23 November 2017, alongside the 3rd Republic of Serbia Network Operators’ Group (RSNOG).

As always, ION Conferences bring network engineers and leading industry experts together to discuss emerging technologies and hot technology topics. Early adopters provide valuable insight into their own deployment experiences and bring participants up to speed on new standards emerging from the IETF.

Agenda

The half-day agenda and all our great speakers for ION Belgrade will make this a great event. Here’s a quick look at the day:

  • Opening Remarks
  • Welcome from the ISOC Serbia Chapter
  • MANRS, Routing Security, and Collaboration
  • NAT64check
  • What’s Happening at the IETF? Internet Standards and How to Get Involved
  • Panel Discussion: IPv6 Success Stories
  • Closing Remarks

Registration

ION Belgrade registration is open! Learn more about our co-host on the RSNOG main page.

Webcast

RSNOG will be live streaming the ION in the morning and RSNOG in the afternoon. The stream will be embedded on the conference main page, right above the agenda, here (Serbian) and here (English).

IPv6 Tutorial

Jordi Palet Martinez will conduct an IPv6 training session the day before the ION. Continue reading

Basics of VRF(Virtual Routing forwarding)

Today I am going to talk about one of the most important concept on which MPLS works. I understand many of you already knew about the MPLS but some of you guys are still want me to explain the concept of MPLS and the MPLS starts from the concept of VRF. 
Before we will start with the concept of the VRF, Please subscribe our Youtube Channel, as we are going to upload many networking videos there soon.
Subscribe us on Youtube: http://y2u.be/0c4lMYVp9go
What is VRF- Virtual Routing forwarding ?
As you already knew that VRF stands for Virtual Routing Forwarding and is a separate routing table within a router. VRFs are to a router what VLANs are to a switch. Using VRFs, it is possible to virtualize a single router into several instances, each of them being (relatively) independent of each other, allowing for overlapping subnets, separate instances of routing protocols, separate set of interfaces assigned to each VRF. 
In other words you can say that VRF stands for virtual routing and forwarding. When you create a vrf, you tell it what routes to import/export. Then you assign that vrf to an interface. Once the vrf is attached to Continue reading

How to gauge your network’s openness

So, you’ve done your research, learned about the many benefits of open networking, and decided you’re interested in building an open network. Congratulations, and welcome to the future of networking! You’ve made a great first step, but maybe you’re concerned about where to begin when it comes to vendors. A lot of network providers will claim that they have open solutions…but how can you be sure you’re choosing the best one? Or how can you determine if your vendor is truly an open solution? Fortunately, there are ways to gauge if your solution is as open as you need it to be. If you don’t want to get duped by phony open vendors, make sure to keep these three things in mind:

The definition of “open networking” is not set in stone

While there are common criteria and ideologies that tend to be associated with open networks, the definition of open networking is still very fluid and can mean different things to different vendors. So, when you’re trying to decide which vendor to go with, don’t let them off easy with simple answers. Ask specific questions about what exactly “open” means to them. Simplicity, flexibility, and modularity are Continue reading

1 1,544 1,545 1,546 1,547 1,548 3,435