Worth Reading: Fail-Slow at Scale
Did you ever wonder why everything in IT becomes slower over time? Our changed expectations and accumulated cruft definitely play a major role.. but it could also be hardware. For more details (and fun reading), explore Fail-Slow at Scale: Evidence of Hardware Performance Faults in Large Production Systems.
Worth Reading: Fail-Slow at Scale
Did you ever wonder why everything in IT becomes slower over time? Our changed expectations and accumulated cruft definitely play a major role.. but it could also be hardware. For more details (and fun reading), explore Fail-Slow at Scale: Evidence of Hardware Performance Faults in Large Production Systems.
Ubiquiti Wireless Access Point Adoption Failed
https://codingpackets.com/blog/ubiquiti-wireless-access-point-adoption-failed
Heavy Networking 659: Securing Cloud Metro With Zero Trust (Sponsored)
On today's Heavy Networking podcast, sponsored by Juniper Networks, we discuss how metro networks are evolving to Cloud Metro, how to apply cloud principles and automation to these locations, and how the attack surface changes when you transition to Cloud Metro. We also talk about how Juniper supports active assurance and zero trust security in these environments.
The post Heavy Networking 659: Securing Cloud Metro With Zero Trust (Sponsored) appeared first on Packet Pushers.
Heavy Networking 659: Securing Cloud Metro With Zero Trust (Sponsored)
On today's Heavy Networking podcast, sponsored by Juniper Networks, we discuss how metro networks are evolving to Cloud Metro, how to apply cloud principles and automation to these locations, and how the attack surface changes when you transition to Cloud Metro. We also talk about how Juniper supports active assurance and zero trust security in these environments.Stop attacks before they are known: making the Cloudflare WAF smarter
Cloudflare’s WAF helps site owners keep their application safe from attackers. It does this by analyzing traffic with the Cloudflare Managed Rules: handwritten highly specialized rules that detect and stop malicious payloads. But they have a problem: if a rule is not written for a specific attack, it will not detect it.
Today, we are solving this problem by making our WAF smarter and announcing our WAF attack scoring system in general availability.
Customers on our Enterprise Core and Advanced Security bundles will have gradual access to this new feature. All remaining Enterprise customers will gain access over the coming months.
Our WAF attack scoring system, fully complementary to our Cloudflare Managed Rules, classifies all requests using a model trained on observed true positives across the Cloudflare network, allowing you to detect (and block) evasion, bypass and new attack techniques before they are publicly known.
The problem with signature based WAFs
Attackers trying to infiltrate web applications often use known or recently disclosed payloads. The Cloudflare WAF has been built to handle these attacks very well. The Cloudflare Managed Ruleset and the Cloudflare OWASP Managed Ruleset are in fact continuously updated and aimed at protecting web applications against known Continue reading
New! Security Analytics provides a comprehensive view across all your traffic
An application proxying traffic through Cloudflare benefits from a wide range of easy to use security features including WAF, Bot Management and DDoS mitigation. To understand if traffic has been blocked by Cloudflare we have built a powerful Security Events dashboard that allows you to examine any mitigation events. Application owners often wonder though what happened to the rest of their traffic. Did they block all traffic that was detected as malicious?
Today, along with our announcement of the WAF Attack Score, we are also launching our new Security Analytics.
Security Analytics gives you a security lens across all of your HTTP traffic, not only mitigated requests, allowing you to focus on what matters most: traffic deemed malicious but potentially not mitigated.
Detect then mitigate
Imagine you just onboarded your application to Cloudflare and without any additional effort, each HTTP request is analyzed by the Cloudflare network. Analytics are therefore enriched with attack analysis, bot analysis and any other security signal provided by Cloudflare.
Right away, without any risk of causing false positives, you can view the entirety of your traffic to explore what is happening, when and where.
This allows you to dive straight into analyzing the results Continue reading
Special Report: Privacy in the Data-Driven Enterprise
An entire week of coverage devoted to the question: How do we give privacy back to the people when customer data is now the coin of the realm and the fuel that powers business?Review: S5648X-2Q4Z Switch – Part 2: MPLS
After receiving an e-mail from a newer [China based OEM], I had a chat with their founder and learned that the combination of switch silicon and software may be a good match for IPng Networks.
I got pretty enthusiastic when this new vendor claimed VxLAN, GENEVE, MPLS and GRE at 56 ports and line rate, on a really affordable budget ($4’200,- for the 56 port; and $1’650,- for the 26 port switch). This reseller is using a less known silicon vendor called [Centec], who have a lineup of ethernet silicon. In this device, the CTC8096 (GoldenGate) is used for cost effective high density 10GbE/40GbE applications paired with 4x100GbE uplink capability. This is Centec’s fourth generation, so CTC8096 inherits the feature set from L2/L3 switching to advanced data center and metro Ethernet features with innovative enhancement. The switch chip provides up to 96x10GbE ports, or 24x40GbE, or 80x10GbE + 4x100GbE ports, inheriting from its predecessors a variety of features, including L2, L3, MPLS, VXLAN, MPLS SR, and OAM/APS. Highlights features include Telemetry, Programmability, Security and traffic management, and Network time synchronization.
After discussing basic L2, L3 and Overlay functionality in my [previous post], I left Continue reading
Tier 1 Carriers Performance Report: November, 2022
The post Tier 1 Carriers Performance Report: November, 2022 appeared first on Noction.
Video: IPv6 Traffic Filtering Details
Did you like the traffic filtering in the age of IPv6 video by Christopher Werny? Time for part two: IPv6 traffic filtering details.
You need Free ipSpace.net Subscription to watch the video.
Video: IPv6 Traffic Filtering Details
Did you like the traffic filtering in the age of IPv6 video by Christopher Werny? Time for part two: IPv6 traffic filtering details.
You need Free ipSpace.net Subscription to watch the video.
Ubiquiti Wireless Multiple VLANs with Juniper Switch
https://codingpackets.com/blog/ubiquiti-wireless-multiple-vlans-with-juniper-switch
Asking Meaningful Questions: What Problem Are We Trying To Solve?
At some point in your career, you’ll likely participate in a project that is a technical and implementation success but is still a failure. That’s because the wrong solution was implemented. For example, after weeks or months of hard work you might successfully deploy a client-based VPN solution, but because of application latency requirements a […]
The post Asking Meaningful Questions: What Problem Are We Trying To Solve? appeared first on Packet Pushers.
Demo Bytes: vSphere UPT On The NVIDIA BlueField DPU
NVIDIA’s BlueField Data Processing Unit (DPU) can offload, accelerate, and isolate software applications such as networking, storage, and security from a server’s CPU. In this Demo Byte, we walk through using VMware’s vSphere UPT feature on a BlueField DPU to bring vMotion capabilities to the DPU. Our guest is Wes Kennedy, Senior Technical Marketing Engineer […]
The post Demo Bytes: vSphere UPT On The NVIDIA BlueField DPU appeared first on Packet Pushers.