0

Book Review: Model-Driven DevOps

Earlier this month at Cisco Live in Las Vegas, I attended a presentation by Steven Carter and Jason King titled Model-Driven DevOps: The Enterprise Automation Framework You've Been Looking For! They discussed the importance of robustly modeling your network data — a quality very dear to me, as you might expect — and having a clear strategy for automating changes, and shared an example automation architecture for reference. It was a refreshing take on introducing network engineers to DevOps methodologies, and the first time I've seen anyone clearly map software development practices to network automation.

Interested to dive deeper into the material than a 45-minute session would allow, I was pleased to learn that their talk derived from a book of the same name that they co-authored. Coupled with the lingering geeky high from Cisco Live, it made for an excellent read on the flight back home.

The book's content is broken into seven easily digestible chapters, each dedicated to a particular step along a path toward network automation:

• Chapter 1: A Lightbulb Goes Off
• Chapter 2: A Better Way
• Chapter 3: Consumable Infrastructure
• Chapter 4: Infrastructure as Code
• Chapter 5: Continuous Integration/Continuous Deployment
• Chapter 6: Implementation
• Chapter 7: Human Continue reading

0

Fixed Wireless Access: An Enterprise Broadband Alternative

Depending on availability, fixed wireless access could deliver the bandwidth IT managers need to connect far-flung workers and remote sites.

0

Hasura Launches New Data Network for APIs Only

Data networks are generally used for file sharing, application operations or internet access, but what about a network strictly for distributing application programming interfaces? After all, an API is pretty esoteric, given that it is not standard data but a set of rules that define how two pieces of software can interact with each other. Well, that out-of-the-ordinary system now exists, and it’s designed to do a ton of heavy lifting behind the scenes that developers will appreciate. Bangalore- and San Francisco-based Hasura DDN, a new edge network using Graph Query Language and designed for transporting real-time, streaming and analytical data. It enables developers to run low-latency/high-performance data APIs at a global scale, with no additional effort and no additional fees, according to the company. Hasura CEO and co-founder

0

Cisco firewall upgrade boosts visibility into encrypted traffic

The software that runs Cisco’s new Firewall 4200 Series now includes the ability to see into encrypted traffic without decrypting it, which the vendor says will allow enterprise customers to better protect hybrid and multicloud applications.The enhanced Cisco Encrypted Visibility Engine (EVE) is part of the 7.4 version of the Secure Firewall operating system. Version 7.4 also includes zero-trust capabilities and improved application access control. The 4200 Series’ operating system also helps improve overall firewall performance – it’s twice as fast as previous high-end Cisco firewalls, the company says.EVE, which has been available since version 7.2 of the software, takes things further than traditional firewalls because it now lets customers detect the client application within an encrypted tunnel, according to Rick Miles, vice president of product management, cloud and network security in Cisco’s security business group.To read this article in full, please click here

0

Cisco firewall upgrade boosts visibility into encrypted traffic

The software that runs Cisco’s new Firewall 4200 Series now includes the ability to see into encrypted traffic without decrypting it, which the vendor says will allow enterprise customers to better protect hybrid and multicloud applications.The enhanced Cisco Encrypted Visibility Engine (EVE) is part of the 7.4 version of the Secure Firewall operating system. Version 7.4 also includes zero-trust capabilities and improved application access control. The 4200 Series’ operating system also helps improve overall firewall performance – it’s twice as fast as previous high-end Cisco firewalls, the company says.EVE, which has been available since version 7.2 of the software, takes things further than traditional firewalls because it now lets customers detect the client application within an encrypted tunnel, according to Rick Miles, vice president of product management, cloud and network security in Cisco’s security business group.To read this article in full, please click here

0

IPv6 Buzz 129: IPv6 Architecture And Subnetting With Daryll Swer

Today's IPv6 Buzz podcast gets into IPv6 architecture and subnetting including how geography fits into IPv6 subnetting, minimum allocation sizes from the RIR to end-users, whether current RIR policies will provide sufficient address space for a future-proof IPv6 architecture, and more. Our guest is Daryll Swer.

The post IPv6 Buzz 129: IPv6 Architecture And Subnetting With Daryll Swer appeared first on Packet Pushers.

0

IPv6 Buzz 129: IPv6 Architecture And Subnetting With Daryll Swer

Today's IPv6 Buzz podcast gets into IPv6 architecture and subnetting including how geography fits into IPv6 subnetting, minimum allocation sizes from the RIR to end-users, whether current RIR policies will provide sufficient address space for a future-proof IPv6 architecture, and more. Our guest is Daryll Swer.

0

How to unencrypt using Vim

Hi, this is Sandra Henry-Stocker, author of the "Unix as a Second Language" blog on NetworkWorld. In this video, I'm going to show you how to take a file that was password-protected with vim and turn it back into a regular text file.

0

Writing Your Own Performance Evaluation: Tips To Make It Not Suck

Managers often ask employees to write a first draft of their performance review. If you’re expected to draft a performance summary, here are a few ideas to mitigate the stress of self evaluation and to help your manager help you.

The post Writing Your Own Performance Evaluation: Tips To Make It Not Suck appeared first on Packet Pushers.

0

AI requirements exceed infrastructure capabilities for many IT teams, study finds

As adoption of artificial intelligence (AI) technology accelerates, IT organizations are concerned that their existing infrastructure isn’t powerful enough to keep up.AI hardware – especially training hardware – is becoming more and more power hungry, according to Equinix, which just released its 2023 Global Tech Trends Survey.The power draw from traditional racks in a data center is between 5 kW and 10 kW per rack. But, increasingly, newer generations of GPU-based racks are pushing power draws north of 30 kW per rack, and in some cases as high as 72 kW per rack, according to Kaladhar Voruganti, senior technologist at Equinix. “So, definitely, it's very hard to host this type of infrastructure in private data centers,” he said.To read this article in full, please click here

0

AI requirements exceed infrastructure capabilities for many IT teams, study finds

As adoption of artificial intelligence (AI) technology accelerates, IT organizations are concerned that their existing infrastructure isn’t powerful enough to keep up.AI hardware – especially training hardware – is becoming more and more power hungry, according to Equinix, which just released its 2023 Global Tech Trends Survey.The power draw from traditional racks in a data center is between 5 kW and 10 kW per rack. But, increasingly, newer generations of GPU-based racks are pushing power draws north of 30 kW per rack, and in some cases as high as 72 kW per rack, according to Kaladhar Voruganti, senior technologist at Equinix. “So, definitely, it's very hard to host this type of infrastructure in private data centers,” he said.To read this article in full, please click here

0

Recovery options: Copy-on write vs redirect-on-write snapshots

Snapshots are a very popular way to create virtual copies of an entire system in order to facilitate very quick (or even instant) recovery.  A properly designed snapshot-based recovery system can recover very large volumes in just minutes and can often do so to a point in time just minutes ago. In contrast, a typical restore of such size would likely take many hours and would typically lose at least a day’s worth of data.There are two distinct approaches when it comes to creating snapshots: copy-on-write and redirect-on-write. Let’s talk about the advantages and disadvantages associated with each method, as they will greatly determine the impact on system performance, and therefore your ability to keep snapshots for a long time.To read this article in full, please click here

0

Unveiling the Future of Application Networking: Trends and Impacts

Where are the application networking features heading, and how might this affect the way we design and approach distributed applications in the future? The revelations might surprise you. Let’s explore the shifting sands of application networking, focusing on the movement of networking concerns with the rise of the Istio’s Continue reading

0

Day Two Cloud 200: Coaching For Accidental (And On-Purpose) Managers

Going from a tech role to manager is more than just a new gig---it's a full-blown career change. On today's Day Two Cloud we talk with management coach Steve Dwire about a manager's primary responsibilities, what new managers usually get wrong, management education vs. experience, and how to get better at the job. This episode goes places we didn't expect, so come along for the ride.

The post Day Two Cloud 200: Coaching For Accidental (And On-Purpose) Managers appeared first on Packet Pushers.

0

Day Two Cloud 200: Coaching For Accidental (And On-Purpose) Managers

Going from a tech role to manager is more than just a new gig---it's a full-blown career change. On today's Day Two Cloud we talk with management coach Steve Dwire about a manager's primary responsibilities, what new managers usually get wrong, management education vs. experience, and how to get better at the job. This episode goes places we didn't expect, so come along for the ride.

0

Leveraging Calico flow logs for enhanced observability

In my previous blog post, I discussed how transitioning from legacy monolithic applications to microservices based applications running on Kubernetes brings a range of benefits, but that it also increases the application’s attack surface. I zoomed in on creating security policies to harden the distributed microservice application, but another key challenge this transition brings is observing and monitoring the workload communication and known and unknown security gaps.

In a more traditional application architecture, traffic will flow between tiers of an application and will usually traverse a firewall, and at that point, can be observed and actioned. In Kubernetes, the network architecture is much flatter, and thus creates a challenge for the more traditional means of observing flows in the cluster.

However since Calico is able to secure workloads on this flat network, it also means it can observe these traffic flows, too. In fact, Calico can report far more data about these flows over what a traditional 5-tuple firewall would, allowing DevOps and Security teams to make more informed decisions to effectively secure their applications.

Calico’s 52 data types

Traditional firewalls will report on five data types, or tuples, of a flow. Namely:

1. The source IP address
2. The destination Continue reading

0

Finding files on Linux in all sorts of ways

The Linux find command can locate files based on almost any criteria that you might need. This post describes the many criteria you can use to find what you’re looking for – even when you can’t remember what you named a file or when you last changed it or added content.Basic find syntax The basic syntax for the find command looks like this:$ find [starting location] [criteria] [options] [action to take] The starting location can be a directory name (e.g., /var/log), the current directory (.), your home directory whether you’re sitting in it or not (~), or a directory relative to your current position (e.g., ./bin). You can be as specific as you want when entering the starting location.To read this article in full, please click here

0

Finding files on Linux in all sorts of ways

The Linux find command can locate files based on almost any criteria that you might need. This post describes the many criteria you can use to find what you’re looking for – even when you can’t remember what you named a file or when you last changed it or added content.Basic find syntax The basic syntax for the find command looks like this:$ find [starting location] [criteria] [options] [action to take] The starting location can be a directory name (e.g., /var/log), the current directory (.), your home directory whether you’re sitting in it or not (~), or a directory relative to your current position (e.g., ./bin). You can be as specific as you want when entering the starting location.To read this article in full, please click here

0

US weighs further restrictions on chip exports to China

US semiconductor manufacturers such as Nvidia and AMD will face new controls on exports of their chips to China, with the US Department of Commerce set to announce the restrictions as early as July, according to a report in the Wall Street Journal.In 2022, after the US placed new restrictions on exports to China of chips used in AI systems, Nvidia said it would offer a new export-compliant advanced A800 chip to the country, in addition to making changes to its H100 so that it would also comply with the changes to regulations.However, new restrictions could see sales of A800 chips to China banned unless Nvidia obtains a special US export license, according to the Wall Street report, citing people familiar with the situation.To read this article in full, please click here

0

Speaker Spotlight: eSentire’s Tia Hopkins on the Importance of Chief Cyber Resilience Officers, Emerging Tech, and Inclusion

Chief Cyber Resilience Officer and Field CTO details her 20-year background in the IT security industry and previews her upcoming keynote presentation on our 'Network Resilience Boot Camp' Thursday, June 29.