Failure Is Inevitable – Deal with It!
Last week a large European financial institution had a bad hair day. My friend Christoph Jaggi asked for my opinion, and I decided not to focus on the specific problem (that’s what post-mortems are for) but to point out something that’s often forgotten: don’t believe your system won’t fail, be prepared to deal with the failure.
Time to Overhaul Your Campus Network
Over the last few years cloud service providers have steadily adopted white-box Ethernet switches and modern, flexible Network Operating Systems into their ecosystems. Mega data center operators, such as Google, Amazon, and Microsoft, have replaced their proprietary gear with white boxes in their production environments. The major benefit of this paradigm shift is significantly reduced CapEx and OpEx, a more reliable environment, and customized traffic flows for efficiency. According to IDC, the worldwide ODM direct Ethernet switch (white box) market was $677 million in 2016 and is expected to exceed $900 million in 2017. That’s a growth rate of 33%, and the trend is accelerating.
The shift in white-box adoption started as early as 2012, but has been limited to data centers for many reasons. Even though Enterprise IT executives are motivated to adopt white-boxes, the migration has been slow and challenging. Essentially, the Enterprise network is distinctly different from data center network in many ways.
- The data center network is usually homogeneous, while the Enterprise network is heterogeneous. Typically, Enterprises require a variety of speeds ranging from 100Mbps to 100Gbps, and run over different cables, including various types of copper and fiber. The increasingly deployed Power over Ethernet (PoE) Continue reading
Edward Snowden Wakes Up the Audience at OpenStack Summit 2017
It's better to own your cloud than to outsource it, Snowden says.
Open vSwitch Day at OpenStack Summit 2017
This is a “liveblog” (not quite live, but you get the idea) of the Open vSwitch Open Source Day happening at the OpenStack Summit in Boston. Summaries of each of the presentations are included below.
Kubernetes and OVN on Windows
The first session was led by Cloudbase Solutions, a company out of Italy that has been heavily involved in porting OVS to Windows with Hyper-V. The first part of the session focused on bringing attendees up to speed on the current state of OVS and OVN on Hyper-V. Feature parity and user interface parity between OVS/OVN on Hyper-V is really close to OVS/OVN on Linux, which should make it easier for Linux sysadmins to use OVS/OVN on Hyper-V as well.
The second part of the session showed using OVN under Kubernetes to provide networking between Windows containers on Windows hosts and Linux containers on Linux hosts, including networking across multiple cloud providers.
Lightning Talks
The lightning talks were all under 5 minutes, so a brief summary of these are provided below:
- Joe Stringer showed how to set up OVS with an OpenFlow controller (Faucet) to do networking between multiple hosts in 5 minutes or less.
- A gentleman (I didn’t catch Continue reading
Open vSwitch Day at OpenStack Summit 2017
This is a “liveblog” (not quite live, but you get the idea) of the Open vSwitch Open Source Day happening at the OpenStack Summit in Boston. Summaries of each of the presentations are included below.
Kubernetes and OVN on Windows
The first session was led by Cloudbase Solutions, a company out of Italy that has been heavily involved in porting OVS to Windows with Hyper-V. The first part of the session focused on bringing attendees up to speed on the current state of OVS and OVN on Hyper-V. Feature parity and user interface parity between OVS/OVN on Hyper-V is really close to OVS/OVN on Linux, which should make it easier for Linux sysadmins to use OVS/OVN on Hyper-V as well.
The second part of the session showed using OVN under Kubernetes to provide networking between Windows containers on Windows hosts and Linux containers on Linux hosts, including networking across multiple cloud providers.
Lightning Talks
The lightning talks were all under 5 minutes, so a brief summary of these are provided below:
- Joe Stringer showed how to set up OVS with an OpenFlow controller (Faucet) to do networking between multiple hosts in 5 minutes or less.
- A gentleman (I didn’t catch Continue reading
Security-as-a-Service on the Rise Among Mid-Tier Companies
Network security spending is projected to reach $3.5 billion in 2021.
Threat detection automation won’t solve all your problems
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.
The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”
To read this article in full or to leave a comment, please click here
Threat detection automation won’t solve all your problems
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.
The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”
To read this article in full or to leave a comment, please click here
Threat detection automation won’t solve all your problems
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.
The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”
Dell EMC Ethernet Switching Update
I’m at the Dell EMC World 2017 conference in Las Vegas this week, and I’ve been enjoying catching up on what the network group has been up to. In my previous experience, the legacy Dell Networking products have unfortunately been seen as those things that get thrown in when you buy a rack of servers
. In other words, they lacked credibility or worse, the rack would come with another vendor’s switches in them, reinforcing the idea that Dell’s own products weren’t up to the job.
It’s my belief though, that two things in recent years have dramatically changed that perspective. The first is Dell EMC’s OS10, a modular network operating system which by all accounts is actually pretty capable. Previous OS incarnations were of varying quality, as has been the case with many vendor-branded switches, and with the release of OS10, Dell Networks (as it was at the time) put a stake in the ground and showed that they wanted things to be different.
The second element is disaggregation. Dell identified the opportunity to use what was becoming ubiquitous merchant silicon like the Broadcom Trident II chipset to be able to play at the exact same level as everybody Continue reading