The work of editing transcripts of my two switches presentation is (very slowly) moving forward. In the fourth part of the Optimize Your Data Center Infrastructure series I’m talking about reducing the number of uplinks.
We’re down to just a month before it’s time for Cisco Live in Las Vegas 2017. I’m really looking forward to meeting with a lot of people and attending some great sessions. This will also be my first event as a Cisco Netvet I have a few focus areas for this year’s event.
Cisco IWAN
I have a few IWAN projects I’m working on and I’m going to deep dive into IWAN during CLUS. My plans here are to attend the techtorial on Sunday and meet with some of the prominent people behind IWAN. Those contacts are invaluable to have when you are working on complex scenarios. I also want to see what’s on the roadmap and if I can find out anything about how the acquisition of Viptela will affect IWAN, if at all. I also want to see if APIC-EM has matured to be more useful in brownfield scenarios. Another interesting thing I will try to learn more about is how to best do monitoring in an IWAN network.
Cisco ACI
We have a lot of customers moving to ACI right now. Many of them have “legacy” data centers based on the Catalyst 6500. Moving to a vendor Continue reading
Why should the public cloud get all the buzz?
The post Worth Reading: Who pays security costs? appeared first on rule 11 reader.
Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Conectionless LDAP servers back in November 2016 but totally ignored them because our systems were automatically dropping the attack traffic without any impact.
We decided to take a second look through our logs and share some statistics about reflection attacks we see regularly. In this blog post, I'll describe popular reflection attacks, explain how to defend against them and why Cloudflare and our customers are immune to most of them.
Let's start with a brief reminder on how reflection attacks (often called "amplification attacks") work.
To bake a reflection attack, the villain needs four ingredients:
The general idea:
With Memorial Day weekend coming up, for me, it’s all about hot dogs, hamburgers, and fast car racing. I am huge Formula 1 fanatic, but Memorial Day is a bonanza of racing from the F1 Monaco Grand Prix, to NASCAR’s Coke 600, and of course the Indianapolis 500 all on the same day! The raw speed and performance of these races remind me of a 2016 VMworld presentation (NET8030) on NSX performance.
The argument still comes up now and again that “hardware is faster than software.” Network guys like me just assume that’s true. So, it came as a surprise to me when I watched the session which turned that assumption on its head. In this session, the presenter demonstrated that software is faster than hardware, way faster. Of course, I was dubious at first but quickly learned that physical networking and virtual networking is like the difference between the pace car and the race car. I always assumed the physical switch was the race car, but in the throughput presentation, Samuel showed two VM’s running on the same host with NSX routing, switching, and firewalling between them could get up to 106G! This information surprised me. Sort of like the same experience I had Continue reading