Archive

Category Archives for "Networking"

Protecting election groups during the 2022 US midterm elections

Protecting election groups during the 2022 US midterm elections
Protecting election groups during the 2022 US midterm elections

On Tuesday, November 8, 2022, constituents cast their ballots for the 2022 US midterm elections, which included races for all 435 seats in the House of Representatives, 35 of the 100 seats in the Senate, and many gubernatorial races in states including Florida, Michigan, and Pennsylvania. Preparing for elections is a giant task, and states and localities have their work cut out for them with corralling poll workers, setting up polling places, and managing the physical security of ballots and voting machines.

We at Cloudflare are proud to be able to play a role in helping safeguard the integrity of the electoral process. Through our Impact programs, we provide cyber security products to help protect access to authoritative voting information and the security of sensitive voter data.

We have reported on our work in the election space with the Athenian Project, dedicated to protecting state and local governments that run elections; Cloudflare for Campaigns, a project with a suite of Cloudflare products to secure political campaigns’ and state parties’ websites and internal teams; and Project Galileo, in which we have helped voting rights organizations and election results sites stay online during traffic spikes.

Since our reporting in Continue reading

Day Two Cloud 171: The Challenges Of Scaling Microservices Testing

On today's Day Two Cloud we talk about testing. While developers do the testing, operators may be responsible for setting up testing environments, which can be a lot of work. That work increases with microservices because of all the complexities and dependencies that come with connecting and orchestrating microservices-based applications. Today we talk about how to address testing challenges with Arjun Iyer, and explore a solution he's developed for simplifying end-to-end microservices testing in a Kubernetes environment. This is not a sponsored show, but we do talk about Signadot, a startup Arjun founded in the testing space.

The post Day Two Cloud 171: The Challenges Of Scaling Microservices Testing appeared first on Packet Pushers.

Day Two Cloud 171: The Challenges Of Scaling Microservices Testing

On today's Day Two Cloud we talk about testing. While developers do the testing, operators may be responsible for setting up testing environments, which can be a lot of work. That work increases with microservices because of all the complexities and dependencies that come with connecting and orchestrating microservices-based applications. Today we talk about how to address testing challenges with Arjun Iyer, and explore a solution he's developed for simplifying end-to-end microservices testing in a Kubernetes environment. This is not a sponsored show, but we do talk about Signadot, a startup Arjun founded in the testing space.

Hedge 154: Path Aware Networking Research Group

Applications generally assume the network provides near-real-time packet transmission without regard for what the application is trying to do, what kind of traffic is being transmitted, etc. Back in the real world, its often important for the network to coordinate with applications to more efficiently carry traffic offered. The Path Aware Research Group (PANRG) in the Internet Research Task Force (IRTF) is looking at the problems involved in understanding and signaling the path characteristics to applications.

In this episode of the Hedge, Brian Trammel joins Tom Ammon and Russ White to discuss the current work on path aware networking.

download

Intel announces CPUs and GPUs for high-performance computing

Intel has announced new processors with high-bandwidth memory (HBM) geared toward high-performance computing (HPC), supercomputing, and artificial intelligence (AI).The products are known as the Xeon CPU Max series and GPU Max series. The chips are based on existing technology; the CPU is 4th Generation Xeon Scalable, aka Sapphire Rapids, and the GPU is Ponte Vecchio, the data center version of Intel's Xe GPU technology.To read this article in full, please click here

Intel announces CPUs and GPUs for high-performance computing

Intel has announced new processors with high-bandwidth memory (HBM) geared toward high-performance computing (HPC), supercomputing, and artificial intelligence (AI).The products are known as the Xeon CPU Max series and GPU Max series. The chips are based on existing technology; the CPU is 4th Generation Xeon Scalable, aka Sapphire Rapids, and the GPU is Ponte Vecchio, the data center version of Intel's Xe GPU technology.To read this article in full, please click here

AWS Direct Connect Site-Link — A very excellent service

< MEDIUM: https://raaki-88.medium.com/aws-direct-connect-site-link-a-very-excellent-service-10c13a389c8d >

Site-link is really a nice extension to the DX Gateway’s offering. Let me simplify it.

Reference: https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-direct-connect-sitelink/ — I Can’t Recommend this more, this is a very very nice read.

Few Important Points

  1. AWS Direct Connect Site Link is a private connection between your on-premises network and your AWS Direct Connect location.
  2. Site Link provides high bandwidth and low latency connection between your on-premises network and AWS.
  3. Site Link uses industry standard 802.1q VLANs to provide a secure connection between your on-premises network and AWS.
  4. Site Link is available in 1 Gbps and 10 Gbps speeds.
  5. You can use Site Link to connect to multiple AWS Direct Connect locations.
  6. The site Link is available in all AWS Regions.

Problem — I want to connect my two Data-Centres to Direct Connect Gateway through AWS Backbone.

Let’s see a reference Architecture

Image Credits — AWS https://d2908q01vomqb2.cloudfront.net/5b384ce32d8cdef02bc3a139d4cac0a22bb029e8/2021/12/01/Slide1-14.jpg

Replicating the above scenario

Few important aspects

  • Connect DC1-DC2 via AWS Global Backbone Network
  • If both DCs use the same BGP ASN 65001 in this case, use allowas-in to allow looping in AS-PATH
  • When you enable site-link BGP session won’t flap but it Continue reading

VMware adds more security for diverse cloud workloads

VMware has added more security features to its forthcoming on-demand multi-cloud networking and security service called Northstar that it previewed during its August VMware Explore 2022 conference.VMware said then that Northstar will provide a central console for turning up networking and security services across private clouds and VMware Cloud deployments that run on public clouds. It will include VMware services such as Network Detection and Response, NSX Intelligence, advanced load balancing and Web Application Firewall. Within Northstar, Network Detection and Response support will provide scalable threat detection and response for workloads deployed in private and/or public clouds.To read this article in full, please click here

VMware adds more security for diverse cloud workloads

VMware has added more security features to its forthcoming on-demand multi-cloud networking and security service called Northstar that it previewed during its August VMware Explore 2022 conference.VMware said then that Northstar will provide a central console for turning up networking and security services across private clouds and VMware Cloud deployments that run on public clouds. It will include VMware services such as Network Detection and Response, NSX Intelligence, advanced load balancing and Web Application Firewall. Within Northstar, Network Detection and Response support will provide scalable threat detection and response for workloads deployed in private and/or public clouds.To read this article in full, please click here

Bash: A primer for more effective use of the Linux bash shell

Bash is not just one of the most popular shells on Linux systems, it actually predates Linux by a couple of years. An acronym for the “GNU Bourne-Again Shell”, bash not only provides a comfortable and flexible command line, it delivers a large suite of scripting tools—if/then commands, case statements, functions, etc.—that allow users to build complex and powerful scripts.This post contains a collection of articles about important aspects of bash that will help you make better use of this versatile shell.Commands vs bash builtins While Linux systems install with thousands of commands, bash also supplies a large number of “built-ins”—commands that are not sitting in the file system as separate files, but are part of bash itself. To get a list of the bash builtins, just type “help” when you’re on the bash command line. For more about built-ins, refer to “How to tell if you’re using a bash builtin”.To read this article in full, please click here

Bash: A primer for more effective use of the Linux bash shell

Bash is not just one of the most popular shells on Linux systems, it actually predates Linux by a couple of years. An acronym for the “GNU Bourne-Again Shell”, bash not only provides a comfortable and flexible command line, it delivers a large suite of scripting tools—if/then commands, case statements, functions, etc.—that allow users to build complex and powerful scripts.This post contains a collection of articles about important aspects of bash that will help you make better use of this versatile shell.Commands vs bash builtins While Linux systems install with thousands of commands, bash also supplies a large number of “built-ins”—commands that are not sitting in the file system as separate files, but are part of bash itself. To get a list of the bash builtins, just type “help” when you’re on the bash command line. For more about built-ins, refer to “How to tell if you’re using a bash builtin”.To read this article in full, please click here

3 container security best practices to strengthen your overall security posture

Container environments are highly dynamic and require continuous monitoring, observability, and security. Since container security is a continuous practice, it should be fully integrated into the entire development and deployment cycle. Implementing security as an integral part of this cycle allows you to mitigate risk and reduce the number of vulnerabilities across the dynamic and complex attack surface containers present.

Let’s take a look at three best practices for ensuring containers remain secure during build, deployment, and runtime.

Securing container deployments

Securing containers during the build and deployment stages is all about vulnerability management. It’s important to continuously scan for vulnerabilities and misconfigurations in software before deployment, and block deployments that fail to meet security requirements. Assess container and registry image vulnerabilities by scanning first- and third-party images for vulnerabilities and misconfigurations, and using a tool that scans multiple registries to identify vulnerabilities from databases such as NVD. You also need to continuously monitor images, workloads, and infrastructure against common configuration security standards (e.g. CIS Benchmarks). This enables you to meet internal and external compliance standards, and also quickly detect and remediate misconfigurations in your environment, thereby eliminating potential attack vectors.

Securing containers at runtime

Containerized workloads require a Continue reading

VMware says its SD-WAN client makes remote-access VPNs unnecessary

VMware is prepping client software for individual devices to connect to its SD-WAN services without the need for remote-access VPNs.Aimed at the work-from-home or hybrid worker, the company will launch VMware SD-WAN Client software that provides secure access to PCs and mobile devices, and provides management, visibility, and policy support as if they were in the office. When it becomes generally available in the spring, it will include versions for Windows, Mac, Linux, iOS, and Android and be bundled with the VMware SD-WAN package.“Post pandemic secure remote access is obviously important, and all of the challenges that led IT to deploy SD-WAN in the first place, like simplicity of management at scale, automation, visibility, and network error correction, are amplified as people work from home,” said Craig Connors, vice president and general manager of SASE Business at VMware. “The software client will bring all of that SD-WAN technology right to your desktop or mobile phone and leapfrog legacy remote access VPNs via a cloud-native, cloud-delivered package.”To read this article in full, please click here

BrandPost: Aruba Wi-Fi 6E: A Slam Dunk for The Golden State Warriors and Its Fans

By: Gayle Levin, Senior Product Marketing Manager at Aruba, a Hewlett Packard Enterprise company.The most successful NBA franchise in the past decade, the Golden State Warriors, is not only innovating on the basketball court by winning four NBA titles in the past seven seasons, they are also leading the game of technological innovation. The franchise became the first in North America to install the latest generation of Wi-Fi technology, Wi-Fi 6E, at a live entertainment venue, Chase Center, in San Francisco, Calif. To read this article in full, please click here

Intel is shipping the next generation of Xeon Scalable processors

After almost a year and a half of delays, Intel has begun to ship its 4th Generation Xeon Scalable processors, code-named Sapphire Rapids, to customers, and it has set January 10, 2023 as the formal launch date.The launch is a formality because, according to an Intel spokesperson, the new Xeons are already shipping to customers—OEMs—now, but it falls to those OEMs to announce their product release plans.CEO Pat Gelsinger said during the company’s earnings call last week that the company was ramping up production for launch and that he expected the new Xeons to see the fastest ramp to one million units ever.The challenge for Intel wasn’t in design, it was manufacturing. This will be the first generation of chips using Intel 7 fabrication, an advanced 10nm design that took years to get right.To read this article in full, please click here