Archive

Category Archives for "Networking"

Fortinet unveils custom ASIC to boost firewall performance, efficiency

Fortinet is introducing a new ASIC that promises to meld the security and network functions of its core family of FortiGate firewalls more efficiently and powerfully.The custom chip is 7-nanometer package, called fifth-generation security processing system or FortiSP5, that promises a number of performance improvements for the FortiGate system. It enables 17x faster firewall performance and 32x faster encryption processes while using 88% less power compared to standard CPUs, according to John Maddison, executive vice president of products and CMO at Fortinet. With FortiSP5, Fortinet's firewalls will be able to handle higher levels of traffic inspection to block threats and boost protection, according to the vendor.To read this article in full, please click here

Fortinet unveils custom ASIC to boost firewall performance, efficiency

Fortinet is introducing a new ASIC that promises to meld the security and network functions of its core family of FortiGate firewalls more efficiently and powerfully.The custom chip is 7-nanometer package, called fifth-generation security processing system or FortiSP5, that promises a number of performance improvements for the FortiGate system. It enables 17x faster firewall performance and 32x faster encryption processes while using 88% less power compared to standard CPUs, according to John Maddison, executive vice president of products and CMO at Fortinet. With FortiSP5, Fortinet's firewalls will be able to handle higher levels of traffic inspection to block threats and boost protection, according to the vendor.To read this article in full, please click here

Manipulating text with awk, gawk and sed

The awk, gawk and sed commands on Linux are extremely versatile tools for manipulating text, rearranging columns, generating reports and modifying file content.Using awk and gawk To select portions of command output using gawk, you can try commands like those below. The first displays the first field in the output of the date command. The second displays the last field. Since NF represents the number of fields in the command output, $NF represents the value of the last field.$ date | awk '{print $1}' Sat $ date | awk '{print $NF}' 2023 Note that on Linux systems today, awk is usually a symbolic link to gawk, so you can type either command and get the same result. Here's what you'll probably see when you do a long listing of the awk executable:To read this article in full, please click here

Manipulating text with awk, gawk and sed

The awk, gawk and sed commands on Linux are extremely versatile tools for manipulating text, rearranging columns, generating reports and modifying file content.Using awk and gawk To select portions of command output using gawk, you can try commands like those below. The first displays the first field in the output of the date command. The second displays the last field. Since NF represents the number of fields in the command output, $NF represents the value of the last field.$ date | awk '{print $1}' Sat $ date | awk '{print $NF}' 2023 Note that on Linux systems today, awk is usually a symbolic link to gawk, so you can type either command and get the same result. Here's what you'll probably see when you do a long listing of the awk executable:To read this article in full, please click here

Tech Bytes: Enabling Smart Cloud Migration With VMware And Expedient (Sponsored)

Today on the Tech Bytes podcast we’re talking about cloud migration and operating in a multi-cloud environment. We’re sponsored by VMware and we’re speaking with Expedient, a VMware partner. Expedient is also a cloud service provider and runs 14 data centers across the US. Our guest is Bryan Smith, CEO at Expedient.

The post Tech Bytes: Enabling Smart Cloud Migration With VMware And Expedient (Sponsored) appeared first on Packet Pushers.

BrandPost: Can Network as a Service (NaaS) Have Multiple Definitions?

By: Cathy Won, Consultant with eTeam, HPE Aruba Contributor.NaaS is the acronym for Network as a Service. NaaS can have different definitions, depending on whom you ask. At the highest level, NaaS is defined as network infrastructure hardware, software, services, management, and licensing components consumed in a subscription-based or flexible consumption model. NaaS is different from other traditional as a service models that take advantage of cloud and virtualization capabilities because a significant amount of on-premises cabling and distributed networking equipment are required for network connectivity operations. Additionally, organizations may still require WAN interconnections to the cloud which may or may not be included in a NaaS offering. So, is NaaS different than other cloud as a service offerings, like compute and storage?  Are there different NaaS solutions and does the definition vary by implementation? Does NaaS mean completely outsourcing your network infrastructure to a managed service partner?To read this article in full, please click here

Fast and dynamic encoding of Protocol Buffers in Go

Protocol Buffers are a popular choice for serializing structured data due to their compact size, fast processing speed, language independence, and compatibility. There exist other alternatives, including Cap’n Proto, CBOR, and Avro.

Usually, data structures are described in a proto definition file (.proto). The protoc compiler and a language-specific plugin convert it into code:

$ head flow-4.proto
syntax = "proto3";
package decoder;
option go_package = "akvorado/inlet/flow/decoder";

message FlowMessagev4 {

  uint64 TimeReceived = 2;
  uint32 SequenceNum = 3;
  uint64 SamplingRate = 4;
  uint32 FlowDirection = 5;
$ protoc -I=. --plugin=protoc-gen-go --go_out=module=akvorado:. flow-4.proto
$ head inlet/flow/decoder/flow-4.pb.go
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
//      protoc-gen-go v1.28.0
//      protoc        v3.21.12
// source: inlet/flow/data/schemas/flow-4.proto

package decoder

import (
        protoreflect "google.golang.org/protobuf/reflect/protoreflect"

Akvorado collects network flows using IPFIX or sFlow, decodes them with GoFlow2, encodes them to Protocol Buffers, and sends them to Kafka to be stored in a ClickHouse database. Collecting a new field, such as source and destination MAC addresses, requires modifications in multiple places, including the proto definition file and the ClickHouse migration code. Moreover, Continue reading

Oracle to invest $1.5 billion in Saudi Arabia to expand cloud capacity

Oracle on Monday said it is planning to invest $1.5 billion in Saudi Arabia to bolster its cloud computing capacity in the Middle East.The planned investment, which is part of Oracle’s memorandum of understanding with Saudi Arabia Ministry of Communications and Information Technology, will see the public cloud services provider expand its existing cloud region in Jeddah, and open a new one in Riyadh.  In addition to the Riyadh region, Oracle will work with the ministry to set up a commercial and operational model for another cloud region in Saudi Arabia that complies with Saudi government requirements and local data residency regulations.To read this article in full, please click here

Oracle to invest $1.5 billion in Saudi Arabia to expand cloud capacity

Oracle on Monday said it is planning to invest $1.5 billion in Saudi Arabia to bolster its cloud computing capacity in the Middle East.The planned investment, which is part of Oracle’s memorandum of understanding with Saudi Arabia Ministry of Communications and Information Technology, will see the public cloud services provider expand its existing cloud region in Jeddah, and open a new one in Riyadh.  In addition to the Riyadh region, Oracle will work with the ministry to set up a commercial and operational model for another cloud region in Saudi Arabia that complies with Saudi government requirements and local data residency regulations.To read this article in full, please click here

Oracle to invest $1.5 billion in Saudi Arabia to expand cloud capacity

Oracle on Monday said it is planning to invest $1.5 billion in Saudi Arabia to bolster its cloud computing capacity in the Middle East.The planned investment, which is part of Oracle’s memorandum of understanding with Saudi Arabia Ministry of Communications and Information Technology, will see the public cloud services provider expand its existing cloud region in Jeddah, and open a new one in Riyadh.  In addition to the Riyadh region, Oracle will work with the ministry to set up a commercial and operational model for another cloud region in Saudi Arabia that complies with Saudi government requirements and local data residency regulations.To read this article in full, please click here

Oracle to invest $1.5 billion in Saudi Arabia to expand cloud capacity

Oracle on Monday said it is planning to invest $1.5 billion in Saudi Arabia to bolster its cloud computing capacity in the Middle East.The planned investment, which is part of Oracle’s memorandum of understanding with Saudi Arabia Ministry of Communications and Information Technology, will see the public cloud services provider expand its existing cloud region in Jeddah, and open a new one in Riyadh.  In addition to the Riyadh region, Oracle will work with the ministry to set up a commercial and operational model for another cloud region in Saudi Arabia that complies with Saudi government requirements and local data residency regulations.To read this article in full, please click here

Mix Containers and VMs with netlab Release 1.5.0

Maybe it’s just me, but I always need a few extra devices in my virtual labs to have endpoints I could ping to/from or to have external routing information sources. We used VRF- and VLAN tricks in the days when we had to use physical devices to carve out a dozen hosts out of a single Cisco 2501, and life became much easier when you could spin up a few additional virtual machines in a virtual lab instead.

Unfortunately, those virtual machines eat precious resources. For example, netlab allocates 1GB to every Linux virtual machine when you only need bash and ping. Wouldn’t it be great if you could start that ping in a busybox container instead?

Read more …

Mix Containers and VMs with netlab Release 1.5.0

Maybe it’s just me, but I always need a few extra devices in my virtual labs to have endpoints I could ping to/from or to have external routing information sources. We used VRF- and VLAN tricks in the days when we had to use physical devices to carve out a dozen hosts out of a single Cisco 2501, and life became much easier when you could spin up a few additional virtual machines in a virtual lab instead.

Unfortunately, those virtual machines eat precious resources. For example, netlab allocates 1GB to every Linux virtual machine when you only need bash and ping. Wouldn’t it be great if you could start that ping in a busybox container instead?

Read more …

Azure Networking Fundamentals: Virtual WAN Part 1 – S2S VPN and VNet Connections

 This chapter introduces Azure Virtual WAN (vWAN) service. It offers a single deployment, management, and monitoring pane for connectivity services such as Inter-VNet, Site-to-Site VPN, and Express Route. In this chapter, we are focusing on S2S VPN and VNet connections. The Site-to-Site VPN solutions in vWAN differ from the traditional model, where we create resources as an individual components. In this solution, we only deploy a vWAN resource and manage everything else through its management view. Figure 11-1 illustrates our example topology and deployment order. The first step is to implement a vWAN resource. Then we deploy a vHub. It is an Azure-managed VNet to which we assign a CIDR, just like we do with the traditional VNet. We can deploy a vHub as an empty VNet without associating any connection. A vHub deployment process launches a pair of redundant routers, which exchange reachability information with the VNet Gateway router and VGW instances using BGP. We intend to allow Inter-VNet data flows between vnet-swe1, vnet-swe2, and Branch-to-VNet traffic. For Site-to-Site VPN, we deploy VPN Gateway (VGW) into vHub. The VGW started in the vHub creates two instances, instance0, and instance1, in active/active mode. We don’t deploy a GatewaySubnet for VGW Continue reading

Weekend Reads 020323


Yann LeCun, Meta’s chief AI scientist, is not impressed by ChatGPT, the wildly popular artificial intelligence technology that is making headlines daily.


German antitrust enforcers known for leveling charges against high-profile tech companies have a new target for accusations of dominant market position abuse: PayPal.


Data anonymization is an important tool for organizations to protect the personal data of individuals, while averting the onerous requirements of the EU and U.K.


Phishing is a big deal, with a State of Phishing report from security firm SlashNext claiming that there were more than 255 million phishing attacks in 2022, a 61% increase from the year before.


The goal of the CGA is to highlight and reduce damages done to all utilities when working underground.


More than 91% of malware utilizes DNS communication at some point during its attack lifecycle, making DNS an invaluable choke point in the fight against cyber threats.


When it comes to operating systems and now CPU instruction sets, there is proprietary, there is licensable and modifiable with a standard base of functionality with room for some originality, and there is true open source.


Since 2017, China has held at least seven of these competitions—called Robot Hacking Continue reading

High throughput Kubernetes cluster networking with the Calico/VPP dataplane and accelerated memif

 

This blog post was written in collaboration with:

Aloys Augustin, Nathan Skrzypczak, Hedi Bouattour, Onong Tayeng, and Jerome Tollet at Cisco. Aloys and Nathan are part of a team of external contributors to Calico Open Source that has been working on an integration between Calico Open Source and the FD.io VPP dataplane technology for the last couple of years.

Mrittika Ganguli, principal engineer and architect at Intel’s Network and Edge (NEX). Ganguli leads a team with Qian Q Xu, Ping Yu, and Xiaobing Qian to enhance the performance of Calico and VPP through software and hardware acceleration.

 

This blog will cover what the Calico/VPP dataplane is and demonstrate the performance and flexibility advantages of using the VPP dataplane through a benchmarking setup. By the end of this blog post, you will have a clear understanding of how Calico/VPP dataplane, with the help of DPDK and accelerated memif interfaces, can provide high throughput and low-latency Kubernetes cluster networking for your environment. Additionally, you will learn how these technologies can be used to reduce CPU utilization by transferring packets directly in memory between different hosts, making it an efficient solution for building distributed network functions with lightning-fast speeds.

What’s Continue reading

1 269 270 271 272 273 3,442