Making WAF ML models go brrr: saving decades of processing time
We made our WAF Machine Learning models 5.5x faster, reducing execution time by approximately 82%, from 1519 to 275 microseconds! Read on to find out how we achieved this remarkable improvement.
WAF Attack Score is Cloudflare's machine learning (ML)-powered layer built on top of our Web Application Firewall (WAF). Its goal is to complement the WAF and detect attack bypasses that we haven't encountered before. This has proven invaluable in catching zero-day vulnerabilities, like the one detected in Ivanti Connect Secure, before they are publicly disclosed and enhancing our customers' protection against emerging and unknown threats.
Since its launch in 2022, WAF attack score adoption has grown exponentially, now protecting millions of Internet properties and running real-time inference on tens of millions of requests per second. The feature's popularity has driven us to seek performance improvements, enabling even broader customer use and enhancing Internet security.
In this post, we will discuss the performance optimizations we've implemented for our WAF ML product. We'll guide you through specific code examples and benchmark numbers, demonstrating how these enhancements have significantly improved our system's efficiency. Additionally, we'll share the impressive latency reduction numbers observed after the rollout.
Before diving Continue reading
Making WAF ML models go brrr: saving decades of processing time
We made our WAF Machine Learning models 5.5x faster, reducing execution time by approximately 82%, from 1519 to 275 microseconds! Read on to find out how we achieved this remarkable improvement.
WAF Attack Score is Cloudflare's machine learning (ML)-powered layer built on top of our Web Application Firewall (WAF). Its goal is to complement the WAF and detect attack bypasses that we haven't encountered before. This has proven invaluable in catching zero-day vulnerabilities, like the one detected in Ivanti Connect Secure, before they are publicly disclosed and enhancing our customers' protection against emerging and unknown threats.
Since its launch in 2022, WAF attack score adoption has grown exponentially, now protecting millions of Internet properties and running real-time inference on tens of millions of requests per second. The feature's popularity has driven us to seek performance improvements, enabling even broader customer use and enhancing Internet security.
In this post, we will discuss the performance optimizations we've implemented for our WAF ML product. We'll guide you through specific code examples and benchmark numbers, demonstrating how these enhancements have significantly improved our system's efficiency. Additionally, we'll share the impressive latency reduction numbers observed after the rollout.
Before diving Continue reading
BGP, EVPN, VXLAN, or SRv6?
Daniel Dib asked an interesting question on LinkedIn when considering an RT5-only EVPN design:
I’m curious what EVPN provides if all you need is L3. For example, you could run pure L3 BGP fabric if you don’t need VRFs or a limited amount of them. If many VRFs are needed, there is MPLS/VPN, SR-MPLS, and SRv6.
I received a similar question numerous times in my previous life as a consultant. It’s usually caused by vendor marketing polluting PowerPoint slide decks with acronyms without explaining the fundamentals1. Let’s fix that.
D2DO247: Chocolate or Carrots? How Humor Can Foster Good DevOps Relationships
Guests Ashish and Shilpi from the Cloud Security Podcast converse with Ned and Kyler on how humor and relatability can foster an engaging and collaborative environment in DevOps. The conversation also covers the importance of foundational knowledge in technology, the impact of AI on careers, and the value of just being human and learning from... Read more »Native Kubernetes cluster mesh with Calico
workloads from remote clusters
As Kubernetes continues to gain traction in the cloud-native ecosystem, the need for robust, scalable, and highly available cluster deployments has become more noticeable.
While a Kubernetes cluster can easily expand via additional nodes, the downside of such an approach is that you might have to spend a lot of time troubleshooting the underlying networking or managing and updating resources between clusters. On top of that, a multi-regional scenario or hyper-cloud environment might be off the limits depending on the limitations that a cloud provider or your Kubernetes distro might impose on your environment.
Calico Enterprise cluster mesh is a suite of features native to Kubernetes with a multi-layer design that connects two or more Kubernetes clusters and seamlessly shares resources between them. This post will explore cluster mesh, its benefits, and how it can enhance your Kubernetes environment.
Projects that provide cluster mesh
Multiple projects offer cluster mesh, and while they are all similar in basic principles, each has a different take on implementing this solution in an environment.
The following table is a brief overview of notable projects that offer cluster mesh:
| Calico Open Source | Calico Enterprise | Cilium | Calico Enterprise | Submariner | |
| Encapsulation | IPIP | Direct Continue reading |
How to Implement 802.1X from Scratch?
If you're a Network Engineer looking to learn what 802.1X is and how you can implement it in your network, you've come to the right place. 802.1X might seem confusing at first glance due to its various components, and the fact that it can be implemented in numerous ways. But don't worry, I'm here to break down each component and simplify the whole process for you. By the end of this post, you'll have a clear understanding of 802.1X and how to set it up, whether for wired or wireless networks.
Here is what we will cover in this blog post.
- What is our end goal?
- Network Access Control (NAC)
- What exactly is 802.1X?
- What do I need to start using 802.1X?
- Which protocol to use? (EAP-TLS, PEAP, TEAP)
- Cisco ISE Introduction
- Supplicant (end-device) configuration
- MAB
What is Our End Goal?
Let's talk about our end goal - Imagine our current setup where the WiFi network is secured with just a Pre-Shared Key (PSK) and wired networks are open, allowing anyone to plug in a laptop and gain access. This isn't ideal for security.
Our main aim is to shift towards a more secure authentication Continue reading
PP023: Wi-Fi Security Part 1 – Unpacking Vulnerabilities and Exploits
From an SSID confusion exploit to a RADIUS attack to a critical vulnerability in a Windows Wi-Fi driver, the past several months have seen multiple attacks and exploits targeting the wireless realm. On today’s Packet Protector podcast we talk with Wi-Fi security expert Stephen Orr to get his take on the severity of these issues,... Read more »HS078: Is It Time To Dump Microsoft?
Should enterprises ditch Microsoft because of security concerns? Microsoft’s numerous vulnerabilities and questionable responses make it a significant risk for continued use. At the same time, Microsoft’s strong integration and utility in enterprise environments make it attractive for continued use. Johna Till Johnson and John Burke debate. They also weigh considerations including the challenges of... Read more »
Meta Llama 3.1 now available on Workers AI
At Cloudflare, we’re big supporters of the open-source community – and that extends to our approach for Workers AI models as well. Our strategy for our Cloudflare AI products is to provide a top-notch developer experience and toolkit that can help people build applications with open-source models.
We’re excited to be one of Meta’s launch partners to make their newest Llama 3.1 8B model available to all Workers AI users on Day 1. You can run their latest model by simply swapping out your model ID to @cf/meta/llama-3.1-8b-instruct or test out the model on our Workers AI Playground. Llama 3.1 8B is free to use on Workers AI until the model graduates out of beta.
Meta’s Llama collection of models have consistently shown high-quality performance in areas like general knowledge, steerability, math, tool use, and multilingual translation. Workers AI is excited to continue to distribute and serve the Llama collection of models on our serverless inference platform, powered by our globally distributed GPUs.
The Llama 3.1 model is particularly exciting, as it is released in a higher precision (bfloat16), incorporates function calling, and adds support across 8 languages. Having multilingual support built-in means that you can Continue reading
Meta Llama 3.1 now available on Workers AI
At Cloudflare, we’re big supporters of the open-source community – and that extends to our approach for Workers AI models as well. Our strategy for our Cloudflare AI products is to provide a top-notch developer experience and toolkit that can help people build applications with open-source models.
We’re excited to be one of Meta’s launch partners to make their newest Llama 3.1 8B model available to all Workers AI users on Day 1. You can run their latest model by simply swapping out your model ID to @cf/meta/llama-3.1-8b-instruct or test out the model on our Workers AI Playground. Llama 3.1 8B is free to use on Workers AI until the model graduates out of beta.
Meta’s Llama collection of models have consistently shown high-quality performance in areas like general knowledge, steerability, math, tool use, and multilingual translation. Workers AI is excited to continue to distribute and serve the Llama collection of models on our serverless inference platform, powered by our globally distributed GPUs.
The Llama 3.1 model is particularly exciting, as it is released in a higher precision (bfloat16), incorporates function calling, and adds support across 8 languages. Having multilingual support built-in means that you can Continue reading
Privacy and DNS Client Subnet
>To ensure service consistency in a Content Distribution Network (CDN) replicated instances of the content are named with the same DNS name, and the DNS conventionally offers the same resolution outcome to each user when they query for the IP address of the content server. How can the CDN "steer" each user to the closest instance of the desired content to optimise the subsequent content transaction? At the same time the user is revealing their location within the network to inform this steering decision. To what extent is such a steering function compromising the privacy expectations of users with respect to the location and their online actions?MUST READ: Making Segment Routing User-Friendly
Dmytro Shypovalov wrote a fantastic article explaining the basics of MPLS-based Segment Routing. It’s pretty much equivalent to everything I ever wrote about SR-MPLS but in a much nicer package. Definitely a must-read.
Tech Bytes: Prioritizing and Managing IoT/OT Vulnerabilities with Palo Alto Networks (Sponsored)
Today on the Tech Bytes podcast we discuss vulnerability management for IoT and OTT devices with sponsor Palo Alto Networks. These devices–think video cameras, sensors, medical equipment, industrial control systems, and so on–present unique challenges when it comes to finding, prioritizing, and managing software vulnerabilities. Palo Alto Networks’ machine learning-based solutions offer visibility, risk prioritization,... Read more »NB487: The BSODs Strike Back; SolarWinds Sorta Dodges SEC Bullets
Take a Network Break! This week we cover the CrowdStrike/Microsoft patch debacle, why SolarWinds isn’t entirely out of trouble following a judge’s dismissal of most–but not all–of an SEC lawsuit, and why an AT&T breach revelation highlights third-party risk. Juniper announces an AI infrastructure testing lab and enhancements to its capabilities to operate AI infrastructure,... Read more »Countdown to Paris 2024 Olympics: France leads in web interest
The 2024 Summer Olympics, or Paris 2024, is set from July 26 to August 11 in France. The opening ceremony, scheduled for Friday, July 26 at 17:30, will take place for the first time not in a stadium but in the open space of the Jardins du Trocadéro by the Seine River in Paris. We’ll monitor relevant Internet insights throughout the event, but here we analyze some pre-event trends, from the popularity of Olympic websites by country to the increase in Olympics-related spam and malicious emails.
This year’s Olympics will host 329 events across 32 sports, featuring the debut of breakdancing as an Olympic event and the return of skateboarding, sport climbing, and surfing from 2020. Similar to our 2024 elections coverage, we will maintain a Paris 2024 Olympics report on Cloudflare Radar, updating it as significant Internet trends related to the event emerge.
From our 1.1.1.1 resolver, DNS trends show heightened interest in the Olympics, especially from France. 24% of DNS requests for official Olympic-related websites came from the host country, followed by the United Kingdom and the United States, with 20% and 17% respectively.
Here’s the breakdown of countries responsible for at Continue reading
Countdown to Paris 2024 Olympics: France leads in web interest
The 2024 Summer Olympics, or Paris 2024, is set from July 26 to August 11 in France. The opening ceremony, scheduled for Friday, July 26 at 17:30, will take place for the first time not in a stadium but in the open space of the Jardins du Trocadéro by the Seine River in Paris. We’ll monitor relevant Internet insights throughout the event, but here we analyze some pre-event trends, from the popularity of Olympic websites by country to the increase in Olympics-related spam and malicious emails.
This year’s Olympics will host 329 events across 32 sports, featuring the debut of breakdancing as an Olympic event and the return of skateboarding, sport climbing, and surfing from 2020. Similar to our 2024 elections coverage, we will maintain a Paris 2024 Olympics report on Cloudflare Radar, updating it as significant Internet trends related to the event emerge.
From our 1.1.1.1 resolver, DNS trends show heightened interest in the Olympics, especially from France. 24% of DNS requests for official Olympic-related websites came from the host country, followed by the United Kingdom and the United States, with 20% and 17% respectively.
Here’s the breakdown of countries responsible for at Continue reading
Thinking about Network Automation after AutoCon1
If you were fortunate enough to attend NAF's AutoCon1 in Amsterdam, and you didn't bolt for the evening festivities early, you might have seen my presentation and are well aware of my love for all things Space! (BTW..guess what happened 55 years ago Saturday!) Imagine my delight at the synchronicity of finding Joseph Klibansky's The READ MORE
The post Thinking about Network Automation after AutoCon1 appeared first on The Gratuitous Arp.
La Corrida de Torero – torero in client/server mode
Con el protocolo de inauguración comenzó oficialmente el Carnaval Autlán 2024 We first took a look at torero in "standalone" or local mode. In this mode, torero helps you execute scripts from your repository as "services". This includes automatically building the required environment so all those steps to clone or update both your repository and READ MORE
The post La Corrida de Torero – torero in client/server mode appeared first on The Gratuitous Arp.
Opensource LLM Models – Meta llama / Meta Codellama ? Deploying In-house ? Context of Networking!
Disclaimer: All Writings And Opinions Are My Own And Are Interpreted Solely From My Understanding. Please Contact The Concerned Support Teams For A Professional Opinion, As Technology And Features Change Rapidly.
In a world where even your toaster might soon have a PhD in quantum physics, LLMs are taking over faster than a cat video going viral! LLMs are becoming increasingly powerful and are being integrated into various business and personal use cases. Networking is no different. Due to reasons like privacy, connectivity, and cost, deploying smaller form factor models or larger ones (if you can afford in-house compute) is becoming more feasible for faster inference and lower cost.
The availability and cost of model inference are improving rapidly. While OpenAI’s ChatGPT-4 is well-known, Meta and other firms are also developing LLMs that can be deployed in-house and fine-tuned for various scenarios.
Let’s explore how to deploy an open-source model in the context of coding. For beginners, ease of deployment is crucial; nothing is more off-putting than a complicated setup.
Reference : Ollama.com (https://github.com/ollama/ollama?tab=readme-ov-file) simplifies fetching a model and starting work immediately.
Visit ollama.com to understand what a codellama model looks like and what Continue reading
