Archive

Category Archives for "Networking"

Tools 12. Using Prometheus with SNMP Exporter to Monitor Cisco IOS XR, Nokia SR OS and Arista EOS Network Devices

Dear friend,

Awareness of what is happening in your IT infrastructure (in our case, in network) is a key success or failure factor of any modern business, as huge majority of businesses are now running online. The awareness is built on top of visibility of network events and activities happening in the network, which in their turn reflects in data points, which can be collected. In this blogpost we’ll cover how these data points can be collected in multi vendor network running Cisco IOS XR, Nokia SR OS and Arista EOS switches using Prometheus, which is one of the most popular monitoring platforms these days.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Is Monitoring Needed for Network Automation?

The ultimate state of any system, including the IT/network is self-managed (self-healed, self-controlled, etc). It is simply impossible to build any self-controlled system without monitoring and collection of the data, as this data collection in the self-controlled system is the only (as we remove people Continue reading

Worth Reading: Routing Protocol Implementation Evaluation

In 2018 I tried to figure out whether the rush to deploy new routing protocols in leaf-and-spine fabrics is anything more than another blob of hype (RIFT, OpenFabric, BGP), considering OSPF got the job done for AWS. Those discussions probably sounded like a bunch of smart kids trying to measure outside temperature with a moist finger, so the only recommendation I could give in 2021 was “use the best tool for the job, keeping in mind you’re not Google or Microsoft

It’s always better to measure than to have opinions, and a group of academics did just that. They developed Sybil – a tool to measure routing protocol performance in leaf-and-spine fabrics – and Dip Singh used it to compare BGP to IS-IS and OpenFabric.

Worth Reading: Routing Protocol Implementation Evaluation

In 2018 I tried to figure out whether the rush to deploy new routing protocols in leaf-and-spine fabrics is anything more than another blob of hype (RIFT, OpenFabric, BGP), considering OSPF got the job done for AWS. Those discussions probably sounded like a bunch of smart kids trying to measure outside temperature with a moist finger, so the only recommendation I could give in 2021 was “use the best tool for the job, keeping in mind you’re not Google or Microsoft

It’s always better to measure than to have opinions, and a group of academics did just that. They developed Sybil – a tool to measure routing protocol performance in leaf-and-spine fabrics – and Dip Singh used it to compare BGP to IS-IS and OpenFabric.

Roomba Stuck at ‘Verify password’

You have:

  1. A Roomba vacuum. (I was working with an i-series when I wrote this. Maybe this applies to other models as well.)
  2. A firewall or router between your Roomba and your mobile device. (Maybe the two are on different wifi networks as would be the case if you have a network set aside for IoT devices.)
  3. An iRobot app that gets stuck at Verify password when setting up the Roomba.

Read the rest of this post.

Controlling Your View of the World

Straw Bales on Hill Landscape, Tuscany, Italy

As I’m writing this it looks like Twitter has made some changes to the way that third-party clients interact with service. My favorite client, Tweetbot, is locked out right now. The situation is still developing but it’s not looking pretty for anyone using anything other than the web interface. While I will definitely miss the way I use Tweetbot I think it’s the kick I needed to move away from Twitter more than before.

A Window on the World

The apps that we use to consume and create content are the way that we view things. Maybe you prefer a webpage over an app or the way that one client displays things over another but your entire view is based on those preferences. If the way you consume your media changes your outlook on it changes too.

I didn’t always use Tweetbot to view Twitter. I tried using the standard app for a long time. It wasn’t until the infamous “Dickbar” incident back in 2011 that I broke away for something that wasn’t so slavishly dependent on ads. The trending topic bar might not have been specifically for ads at the time but Continue reading

BrandPost: Reduce the Network Team’s Workload with AI Technologies

Network admins and engineers have enough work on their plates, especially considering increasing numbers of access points amid the hybrid workforce. They’re also grappling with ever-more sophisticated cybersecurity threats across a highly complex network that now includes data centers, clouds and edge computing.Yet, there’s little forgiveness from end users when there is network disruption leading to down time. High availability and low latency are crucial.Artificial intelligence (AI) technologies — such as machine learning (ML), natural language processing (NLP) and enhanced automation — can provide relief for overstretched IT teams, while ensuring highly performing networks.To read this article in full, please click here

BrandPost: Don’t Wait for a Refresh to Achieve a Modern Network

Many organizations modernize or upgrade their network only when it’s time for a refresh. However, transformation doesn’t have to be a wholesale, do-it-all-at-once project to start improving customer and employee experiences today.For example, a large food retailer was happy with its existing Wi-Fi network vendor. “It was a good product, it served us well for over a decade,” said the organization’s network architect.Although the company typically has a five-year refresh cycle, its IT leaders became open to making a change after seeing a demo of Juniper Mist™ AI, a wired and wireless network platform. It uses artificial intelligence (AI) and machine learning to optimize user experiences and simplify network operations.To read this article in full, please click here

Top 10 outages of 2022

The most significant network and service outages of 2022 had far-reaching consequences. Flights were grounded, virtual meetings cut off, and communications hindered.The culprits that took down major infrastructure and services providers were varied, too, according to analysis from ThousandEyes, a Cisco-owned network intelligence company that tracks internet and cloud traffic. Maintenance-related errors were cited more than once: Canadian carrier Rogers Communications experienced a massive nationwide outage that was traced to a maintenance update, and a maintenance script error caused problems for software maker Atlassian.BGP misconfiguration also showed up in the top outage reports. Border gateway protocol tells Internet traffic what route to take, but if the routing information is incorrect, then traffic can be diverted to an improper route, which happened to Twitter. (Read more about US and worldwide outages in our weekly internet health check.)To read this article in full, please click here

Top 10 outages of 2022

The most significant network and service outages of 2022 had far-reaching consequences. Flights were grounded, virtual meetings cut off, and communications hindered.The culprits that took down major infrastructure and services providers were varied, too, according to analysis from ThousandEyes, a Cisco-owned network intelligence company that tracks internet and cloud traffic. Maintenance-related errors were cited more than once: Canadian carrier Rogers Communications experienced a massive nationwide outage that was traced to a maintenance update, and a maintenance script error caused problems for software maker Atlassian.BGP misconfiguration also showed up in the top outage reports. Border gateway protocol tells Internet traffic what route to take, but if the routing information is incorrect, then traffic can be diverted to an improper route, which happened to Twitter. (Read more about US and worldwide outages in our weekly internet health check.)To read this article in full, please click here

Weekend Reads 011323


Want to be Bigger? Faster? Stronger? Such questions are a staple in exercise and health media, but those same questions are raised in the tech industry as well.


TAU-SAT3, launched Tuesday on a SpaceX rocket from Cape Canaveral in Florida, will pave the way towards quantum communication via a nanosatellite, Tel Aviv University reported on Wednesday.


If you deal with Web Performance, you’ve probably heard about HTTP resource prioritization. This is especially true since last year, as Chromium added so-called “Priority Hints” with the new fetchpriority attribute, which allow you to tweak said prioritizations.


Last Fall, SpaceX broadened the definition of Gen2 to include three configurations, designated F9-1, F9-2, and Starship.


eBPF brought with it a vast amount of software, including software-defined networking (SDNs), observability projects, and security-based software.


Historically, the only option to connect processor cores and memory have been proprietary interconnects such as InfiniBand, PCI Express and other protocols that connect compute clusters with offloads but for the most part that won’t work with AI and its workload requirements.


Over the next few months, we found as many car-related vulnerabilities as we could. The following writeup details our work exploring the security of telematic systems, automotive Continue reading

Cloud CNI privately connects your clouds to Cloudflare

Cloud CNI privately connects your clouds to Cloudflare

This post is also available in 简体中文, 日本語 and Español.

Cloud CNI privately connects your clouds to Cloudflare

For CIOs, networking is a hard process that is often made harder. Corporate networks have so many things that need to be connected and each one of them needs to be connected differently: user devices need managed connectivity through a Secure Web Gateway, offices need to be connected using the public Internet or dedicated connectivity, data centers need to be managed with their own private or public connectivity, and then you have to manage cloud connectivity on top of it all! It can be exasperating to manage connectivity for all these different scenarios and all their privacy and compliance requirements when all you want to do is enable your users to access their resources privately, securely, and in a non-intrusive manner.

Cloudflare helps simplify your connectivity story with Cloudflare One. Today, we’re excited to announce that we support direct cloud interconnection with our Cloudflare Network Interconnect, allowing Cloudflare to be your one-stop shop for all your interconnection needs.

Customers using IBM Cloud, Google Cloud, Azure, Oracle Cloud Infrastructure, and Amazon Web Services can now open direct connections from their private cloud instances into Cloudflare. In this blog, we’re going Continue reading

CIO Week 2023 recap

CIO Week 2023 recap

This post is also available in 日本語, 简体中文, and Español.

CIO Week 2023 recap

In our Welcome to CIO Week 2023 post, we talked about wanting to start the year by celebrating the work Chief Information Officers do to keep their organizations safe and productive.

Over the past week, you learned about announcements addressing all facets of your technology stack – including new services, betas, strategic partnerships, third party integrations, and more. This recap blog summarizes each announcement and labels what capability is generally available (GA), in beta, or on our roadmap.

We delivered on critical capabilities requested by our customers – such as even more comprehensive phishing protection and deeper integrations with the Microsoft ecosystem. Looking ahead, we also described our roadmap for emerging technology categories like Digital Experience Monitoring and our vision to make it exceedingly simple to route traffic from any source to any destination through Cloudflare’s network.

Everything we launched is designed to help CIOs accelerate their pursuit of digital transformation. In this blog, we organized our announcement summaries based on the three feelings we want CIOs to have when they consider partnering with Cloudflare:

  1. CIOs now have a simpler roadmap to Zero Trust and SASE: We announced Continue reading

CIO Week 2023の要約

CIO Week 2023の要約
CIO Week 2023の要約

CIO Week 2023へようこその記事で、最高情報責任者が組織の安全性と生産性を維持するために行っている仕事を称えることで、1年をスタートさせたいという話をしました。

この一週間で、新サービス、ベータ版、戦略的パートナーシップ、サードパーティとの統合など、テクノロジースタックのあらゆる側面に関わる発表をご覧いただきました。この要約のブログでは、各発表を要約し、一般公開(GA)、ベータ版にある機能、またはロードマップ上に記載されている機能をラベル付けしています。

私たちは、さらに包括的なフィッシング対策機能Microsoftのエコシステムとのより深い統合機能など、お客様からご要望いただいた重要な機能を提供しました。今後については、Digital Experience Monitoringのような新しい技術カテゴリーのロードマップや、Cloudflareのネットワークを通じて任意のソースから任意の宛先へのトラフィックのルーティングを極めて簡単なものにするという私たちのビジョンについても説明しました。

私たちが立ち上げたものはすべて、CIOの方々へDXへの取り組みを加速していただくために設計されたものです。本ブログでは、CIOの方々がCloudflareとの提携を検討する際に抱いてほしい3つの感情を軸に、発表内容を整理しました。

  1. CIOの皆様によるZero TrustとSASEへのロードマップを策定がより簡単に:組織にZero Trustセキュリティベストプラクティスを採用し、Secure Access Service Edge(SASE)といった意欲的なアーキテクチャに移行しやすくする新機能と緊密な統合を発表しました。
  2. CIOの皆様が適切なテクノロジーとチャネルパートナーを見つけることを可能に:組織が適切な専門知識にアクセスして、すでに使用しているテクノロジーを使ってITとセキュリティを自分のペースで近代化するための統合とプログラミングを発表しました。
  3. CIOの皆様によるマルチクラウド戦略の合理化を簡単に:多様性を極めるクラウド環境間におけるトラフィックの接続、保護、高速化の新たな方法を発表しました。

Cloudflareが開催する多くの2023年イノベーションウィークの第1弾CIO Weekをご覧いただき、ありがとうございます。私たちのイノベーションのペースについていくのは時には難しいかもしれませんが、このブログを読み、私たちの要約のウェビナーに登録していただければ幸いです!

ITとセキュリティを近代化し、組織におけるごCIOの業務をより快適にする方法についてご相談されたい方は、こちらのフォームにご記入ください。

Zero TrustとSASEへの旅をシンプルに

アクセスの保護
これらのブログ記事では、Zero Trustの達成に必要な、よりきめ細かな制御と包括的な可視化により、すべてのユーザーがあらゆるアプリケーションに迅速、簡単、かつ安全に接続することに焦点を当てています。

ブログ まとめ
ベータ版: デジタルエクスペリエンスモニタリングのご紹介 Cloudflare Digital Experience Monitoringは、CIOが重要なアプリケーションやインターネットサービスが企業ネットワーク全体でどのように機能しているかを理解するためのオールインワンダッシュボードですベータ版アクセスに登録する。
ベータ版: WARP-to-WARPでCloudflare上のグローバルなプライベート仮想Zero Trustネットワーク構築を実現 WARP(Cloudflareのデバイスクライアント)を実行している組織内のデバイスは、ワンクリックでWARPを実行している他のデバイスにプライベートネットワーク経由で到達することができます。ベータ版アクセスに登録する。
一般公開: Cloudflare Accessの「ブロックされた」メッセージをトラブルシューティングする新たな方法 CloudflareのZero TrustプラットフォームでユーザIDのトラブルシューティングと同じレベルの容易さで、接続の経緯に基づいて、「許可」、または「ブロック」の決定を調査します。
ベータ版: 社内およびSaaSアプリケーション向けのワンクリックデータセキュリティ 分離されたブラウザでアプリケーションセッションを実行してユーザーが機密データを操作する方法を制御することで、機密データを保護しましょう – たったのワンクリックです。ベータ版アクセスに登録する。
一般公開: Cloudflare Access & Gatewayに対するSCIMの対応を発表 CloudflareのZTNA(Access)およびSWG(Gateway)サービスは、System for Cross-domain Identity Management(SCIM)プロトコルをサポートするようになったことで、管理者はシステム間でIDレコードを管理しやすくなりました。
一般公開: Cloudflare Zero Trust:1983年以来最もエキサイティングなPingのリリース Cloudflare Zero Trustの管理者は、ICMPプロトコルを使用する使い慣れたデバッグツール(Ping、Traceroute、MTRなど)を使用して、プライベートネットワークの宛先への接続をテストすることができます。

脅威防御

これらのブログ記事では、組織がフィッシング、ランサムウェア、その他のインターネットの脅威からユーザーを保護するために、トラフィックをフィルタリング、検査、分離することに焦点を当てています。

ブログ まとめ
一般公開: メールリンク分離:最新のフィッシング攻撃に対するセーフティネット 「メールリンク分離」は、ユーザーがクリックしてしまう可能性のある受信箱に届いた不審なリンクに対するセーフティネットです。この保護が追加されることで、Cloudflare Area 1は、フィッシング攻撃から守る最も包括的な電子メールセキュリティソリューションとなります。
一般公開: Cloudflare Gatewayに自社による証明書を導入 管理者は、独自のカスタム証明書を使用して、HTTP、DNS、CASB、DLP、RBI、その他のフィルタリングポリシーを適用することができます。
一般公開: カスタムDLPプロファイルを発表 Cloudflareのデータ喪失防止(DLP)サービスは、カスタム検出を作成する機能を提供したことで、組織はトラフィックを検査して最も機密性の高いデータを検出できるようになりました。
一般公開: マネージドサービスプロバイダー向けCloudflare Zero Trust 米国連邦政府をはじめとする大規模なマネージドサービスプロバイダ(MSP)が、CloudflareのテナントAPIを利用して、管理する組織全体にDNSフィルタリングなどのセキュリティポリシーを適用している事例をご紹介します。

セキュアなSaaS環境

これらのブログ記事では、SaaSアプリケーション環境において一貫したセキュリティと可視性を維持し、特に機密データの漏洩を防止することに焦点を当てています。

ブログ まとめ
ロードマップ: Cloudflare CASB とDLPが連携してデータを保護する仕組み Cloudflare Zero Trustは、CASBサービスとDLPサービス間で、管理者がSaaSアプリケーションに保存されているファイルを覗き見して、その中の機密データを特定できる機能を導入する予定です。
ロードマップ: Cloudflare Area 1 とDLPが連携してメール内のデータを保護する仕組み Cloudflareでは、Area 1 Email Securityとデータ喪失防止(DLP)の機能を組み合わせ、企業のEメールに完全なデータ保護を提供します。
一般公開: Cloudflare CASB:SalesforceとBoxのセキュリティ上の問題をスキャン Cloudflare CASBは、SalesforceおよびBoxと統合し、ITおよびセキュリティチームがこれらのSaaS環境に潜むセキュリティリスクのスキャンを可能にします。

接続の高速化と保護
Iこのセクションのブログ記事では、製品の機能に加えて、組織がCloudflareを利用して実現している速度やその他の戦略的なメリットについて紹介しています。

1 303 304 305 306 307 3,465