Tech Bytes: How ITQ And VMware Support Multi-Cloud And Hybrid Work (Sponsored)
Today on the Tech Bytes podcast we discuss multi-cloud deployments and supporting hybrid workers with VMware’s Workspace ONE. We’re sponsored by VMware, and we talk with VMware partner ITQ. Our guest is Johan Van Amersfoort, Technologist Digital Workspace and AI from ITQ.
The post Tech Bytes: How ITQ And VMware Support Multi-Cloud And Hybrid Work (Sponsored) appeared first on Packet Pushers.
Tech Bytes: How ITQ And VMware Support Multi-Cloud And Hybrid Work (Sponsored)
Today on the Tech Bytes podcast we discuss multi-cloud deployments and supporting hybrid workers with VMware’s Workspace ONE. We’re sponsored by VMware, and we talk with VMware partner ITQ. Our guest is Johan Van Amersfoort, Technologist Digital Workspace and AI from ITQ.Employees: The next security frontier?
Cybercriminals are increasingly targeting unsuspecting employees. It’s time for companies to do something about it.Interesting: BGP Zombie Outbreak on Juniper Routers
BGP zombies are routes in the BGP table that refuse to disappear even though they should have been long gone. Recent measurements estimate between 0.5% and 1.5% of all routes in the global BGP table are zombies, which sounds crazy – after all, BGP is supposed to be pretty reliable.
Daryll Swer identified one potential source – Juniper routers do not revoke suppressed aggregated prefixes – and documented it in Navigating a BGP zombie outbreak on Juniper routers.
Interesting: BGP Zombie Outbreak on Juniper Routers
BGP zombies are routes in the BGP table that refuse to disappear even though they should have been long gone. Recent measurements estimate between 0.5% and 1.5% of all routes in the global BGP table are zombies, which sounds crazy – after all, BGP is supposed to be pretty reliable.
Daryll Swer identified one potential source – Juniper routers do not revoke suppressed aggregated prefixes – and documented it in Navigating a BGP zombie outbreak on Juniper routers.
CloudFlare: From IP packets to HTTP
Want to know some details behind the CloudFlare SD-WAN implementation? You might find them in From IP packets to HTTP: the many faces of our Oxy framework.
I don’t know enough about Linux networking to figure out whether one could use those details to build something similar, but CloudFlare blog posts keep begin much better than Google’s Look How Awesome We Are recruitment drives.
CloudFlare: From IP packets to HTTP
Want to know some details behind the CloudFlare SD-WAN implementation? You might find them in From IP packets to HTTP: the many faces of our Oxy framework.
I don’t know enough about Linux networking to figure out whether one could use those details to build something similar, but CloudFlare blog posts keep begin much better than Google’s Look How Awesome We Are recruitment drives.
Heavy Networking 676: Implementing ZTNA And SASE With Fortinet (Sponsored)
Fortinet is a security vendor most of you have heard of. But if all you think of when you hear the name “Fortinet” is firewalls, well yeah, but you should think more broadly. On today's sponsored Heavy Networking we're going after the work-from-anywhere challenge with Fortinet’s Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) tech, all of which is baked into FortiOS. If you’re running a FortiGate, you’ve got these capabilities already.
The post Heavy Networking 676: Implementing ZTNA And SASE With Fortinet (Sponsored) appeared first on Packet Pushers.
Heavy Networking 676: Implementing ZTNA And SASE With Fortinet (Sponsored)
Fortinet is a security vendor most of you have heard of. But if all you think of when you hear the name “Fortinet” is firewalls, well yeah, but you should think more broadly. On today's sponsored Heavy Networking we're going after the work-from-anywhere challenge with Fortinet’s Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) tech, all of which is baked into FortiOS. If you’re running a FortiGate, you’ve got these capabilities already.Hedge 176: OpenAI, ChatGPT, and the Cost of a Data Center
It’s time for the April Hedge roundtable! This month Eyvonne, Russ, and Tom are talking about OpenAI, the hype around AI, the “pause letter” and the lack of a real conversation, and the rising costs of building and operating a data center. As always, let us know if you have topics you’d like to hear us talk about, or guests you’d like to hear.
Thanks for listening!
Driver adventures for a 1999 webcam
Driver adventures for a 1999 webcam
We generally know that when we buy a piece of technology that it will not last forever, connectors wear out and/or go out of fashion. But I think the most frust
Advantages and Drawbacks of EVPN-based Multihoming
Lukas Krattiger wrapped up his EVPN-versus-MLAG presentation (part of EVPN Deep Dive webinar) with an overview of the advantages and drawbacks of EVPN-based multihoming solutions:
- N-way multihoming
- Flexible connectivity (no need for a peer link)
- Fabric-wide scope (MAC multipathing required on ingress node)
You need Free ipSpace.net Subscription to watch the video. To watch the whole webinar, buy Standard or Expert ipSpace.net Subscription.
Advantages and Drawbacks of EVPN-based Multihoming
Lukas Krattiger wrapped up his EVPN-versus-MLAG presentation (part of EVPN Deep Dive webinar) with an overview of the advantages and drawbacks of EVPN-based multihoming solutions:
- N-way multihoming
- Flexible connectivity (no need for a peer link)
- Fabric-wide scope (MAC multipathing required on ingress node)
You need Free ipSpace.net Subscription to watch the video. To watch the whole webinar, buy Standard or Expert ipSpace.net Subscription.
Why Five Nines of Service Availability Matters for SASE
The following sponsored blog post was written by Anupam Upadhyaya at Palo Alto Networks. We thank Palo Alto Networks for being a sponsor. Prisma Access, the cloud-delivered security service from Palo Alto Networks, delivers an industry-leading 99.999% uptime SLA A question that is often asked in the industry is “Do we really need 99.999% uptime […]
The post Why Five Nines of Service Availability Matters for SASE appeared first on Packet Pushers.
Using Calico Egress gateway and access controls to secure traffic
As more organizations embrace containerization and adopt Kubernetes, they reap the benefits of platform scalability, application portability, and optimized infrastructure utilization. However, with this shift comes a new set of security challenges related to enabling connectivity for applications in heterogeneous environments.
In this blog post, we’ll explore a real-life scenario of security exposure resulting from egress traffic leaving the Kubernetes cluster. We’ll examine how the Calico Egress Gateway can help mitigate these issues by providing robust access control. By using Calico Egress Gateway, enterprises can secure communication from their Kubernetes workloads to the internet, 3rd party applications and networks while maintaining a high level of security.
The Calico Egress Gateway enforces security policies to regulate traffic flowing out of the Kubernetes cluster, providing granular control over egress traffic. This ensures that only authorized traffic is allowed to leave the cluster, mitigating the risks associated with unauthorized outbound traffic.
Egress security challenges
For enterprises developing cloud-native applications with containers and Kubernetes, a frequent requirement is to connect to a database server hosted either on-prem or in the cloud, which is safeguarded by a network-based firewall. Since workloads with Kubernetes are dynamic without a fixed IP address, enabling such connectivity from workloads Continue reading