The enterprise virtualization market
I’m often asked by some of my colleagues at Juniper as well as potential customers about whether OpenContrail is applicable to the enterprise virtualization market. This market is today dominated by VMWare while OpenContrail has chosen to focus its energy at OpenStack. The question often comes in the form as to whether I see enterprise adopting OpenStack for virtualization. The answer is, of course, “no”.
To quote an analyst report, “The shift to SaaS is the leading agent of change” in enterprise I.T. This is the main driver of transformation, not OpenStack. While the traditional approach used to be for enterprises to buy software packages and install them on premise, this is now becoming a quaint approach to doing business. I.T. management and operations, like just about everything else, is more efficient at scale. It is simple to understand that it is cheaper to administer 1000 instances of a CRM application “as-a-service” than for 1000 enterprises to do so themselves.
It is also intuitive to understand that the organization that developed a particular software application is then one that can most effectively administer, manage it and maintain it. From an economical perspective, safe some exceptions, if an Continue reading
CCIE Video – from Alexandre Vasseur
Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
I do not know anything about Alexandre Vasseur except for the fact that he has passed his CCIE Lab exam and has made this amazing video to celebrate that fact. We all need small things to keep us motivated along the journey and this video is one of those. Watch the video and feel empowered […]
Post taken from CCIE Blog
Original post CCIE Video – from Alexandre Vasseur
Cisco Live 2014 – One for the books!
Cisco Live 2014, San Francisco, CA is a wrap. In case you did not know, this was the 25th Anniversary of Networkers / Cisco Live! I have taken some time and documented the CAE Hats over the past 25 years and you can see them here – http://www.fryguy.net/2014/03/25/cisco-live-hats-over-the-years/. That post will be updated as the […]SDN: Where Everything is a Honeypot
 |
| Beware the honeypot army! |
GuardiCore's Active Honeypot SDN offering really captured my imagination in ways that other SDN demonstrations have failed to do.
The objective is to detect/ensnare an intruder who has already compromised an asset in your datacenter and is now attempting to move on from there. Honeypots are one way of doing this, but the likelihood of an attacker finding the honeypot, rather than a real server with real vulnerabilities is pretty low in a large data center. How can we improve the odds?
The solution assumes that during normal operations, clients know where servers are and don't waste time attempting to connect to services which don't exist. An attacker, on the other hand, will be looking to find vulnerable services, and will probably attempt lots of connections to services that don't exist.
Because the attacker doesn't know where Continue reading
HP Unified Wireless: Guest central authentication with data local breakout
In this post a quick configuration overview of a new feature of the Unified controllers: Central (guest) portal authentication with local (AP) data breakout after passing authentication. This is very convenient for customers with remote sites, where the remote site … Continue reading
Pervasive Monitoring
In May, the IETF published RFC7258, Pervasive Monitoring Is an Attack. No matter where you stand in regards to the IETF process (observer, confused, or, like the pig making breakfast for the farmer — completely committed), this is an odd RFC. In fact, it was probably the single most discussed RFC draft in recent history, […]
Author information
CCIE Version 5 here I come
Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
Well I am sad to say that I did not get my digits at my last attempt at the CCIE Lab exam. Everything was in place I had prepared well, I went to the NH Airport Hotel a day early so had an extra nights sleep. But on the day the TS got me again […]
Post taken from CCIE Blog
Original post CCIE Version 5 here I come
The Evolution of Network Programmability
This post is the “text” version of a talk I gave at Cisco Live US 2014 titled “SDN: People, Process, and Evolution“. While there is certainly some technical details involved here, this topic is really more of a philosophical one, and it is very near and dear to my heart as I talk with more folks about how networking is going to evolve in the years to come.
The Problem with Networking
Most of my readers would consider themselves network engineers – folks that live and breathe networking and everything that’s required to build them. Folks like you and I don’t really need to hear what’s wrong with networking, as we live it every day. However, for the sake of others that may be reading, let me provide a little context here.
Nearly everyone in the industry is hearing about how “networking is slow” with respect to provisioning time. We hear about how virtual machines can be instantiated in a few seconds (hell, application containers can be spun up in less than a second!) yet the really important network stuff like firewall or load balancer policies take forever. They’re not wrong – networking has never really been tightly Continue reading
Pylint Errors – Final Newline Missing
I recently ran into a slew of errors when using Pylint - a sort of “quality checker” for your Python code. If you haven’t used it yourself, I highly recommend you check it out – it WILL make you a better Python coder.(Thanks to Matt Stone for introducing me!)
This particular error is common if you forget to append a newline character to the end of your python script, but I was getting one for every single line of code in my program.
khalis:library Mierdin$ pylint ucs_getwwpns.py No config file found, using default configuration C: 1, 0: Final newline missing (missing-final-newline) C: 2, 0: Final newline missing (missing-final-newline) C: 3, 0: Final newline missing (missing-final-newline) C: 4, 0: Final newline missing (missing-final-newline) C: 5, 0: Final newline missing (missing-final-newline) C: 6, 0: Final newline missing (missing-final-newline) C: 7, 0: Final newline missing (missing-final-newline)
You get the idea.
My code clearly has a newline character of some kind at the end, but perhaps it’s just not the right one. We need to see what newline character our editor is actually appending to the end of our lines.
For this, we’ll use the (*nix) “od” command, which dumps files Continue reading
Will End-to-End Service Management Standards and Tools Always Trail New SDN Technologies?
Will End-to-End Service Management Standards and Tools Always Trail New SDN Technologies?
by Brian Boyko, Technology Contributor - March 27, 2014
There’s an interesting Light Reading article by Carol Wilson talking about Ari Banerjee's research into end-to-end service management for SDN & NFV, and how Banerjee has shown that the European Telecommunications Standards Institute (ETSI) has failed to take into account hybrid virtualized and non-virtualized environments when drawing up their standards on virtualized service and network functions.
In other words, the standards work in theory, but in practice, they're just too simple for real-world environments. Will end-to-end service management standards and tools always trail new SDN technologies?
Here's an odd thing about technology development: it tends to come in five distinct stages.
Stage 1: Can we do this thing?
Stage 2: How can we do this thing?
Stage 3: What's the best way to do this thing?
Stage 4: How do we make doing this thing easier?
Stage 5: How can we manage this thing?
And of course, sometimes answering, "How do we make doing this thing easier?" and “How can we manage this thing?” starts with asking the question "Can we do this Continue reading
Healthy Paranoia Show 24: Down and Dirty with PCI DSS
Thanks for tuning in for another crime busting episode of Healthy Paranoia. Today, we’ll be getting down and dirty with some actual practitioners to discuss what’s wrong with PCI DSS. Joining me in the secret Healthy Paranoia hideout will be Mr. Stits, an actual PCI QSA. We also have Mrs. Dystie, expert in exploding crypto […]
Author information
The post Healthy Paranoia Show 24: Down and Dirty with PCI DSS appeared first on Packet Pushers Podcast and was written by Mrs. Y.
Pylint Errors – Final Newline Missing
I recently ran into a slew of errors when using Pylint - a sort of “quality checker” for your Python code. If you haven’t used it yourself, I highly recommend you check it out - it WILL make you a better Python coder.(Thanks to Matt Stone for introducing me!) This particular error is common if you forget to append a newline character to the end of your python script, but I was getting one for every single line of code in my program.The Evolution of Network Programmability
This post is the “text” version of a talk I gave at Cisco Live US 2014 titled “SDN: People, Process, and Evolution”. While there is certainly some technical details involved here, this topic is really more of a philosophical one, and it is very near and dear to my heart as I talk with more folks about how networking is going to evolve in the years to come. The Problem with Networking Most of my readers would consider themselves network engineers - folks that live and breathe networking and everything that’s required to build them.Pylint Errors – Final Newline Missing
I recently ran into a slew of errors when using Pylint - a sort of “quality checker” for your Python code. If you haven’t used it yourself, I highly recommend you check it out - it WILL make you a better Python coder.(Thanks to Matt Stone for introducing me!) This particular error is common if you forget to append a newline character to the end of your python script, but I was getting one for every single line of code in my program.The Evolution of Network Programmability
This post is the “text” version of a talk I gave at Cisco Live US 2014 titled “SDN: People, Process, and Evolution”. While there is certainly some technical details involved here, this topic is really more of a philosophical one, and it is very near and dear to my heart as I talk with more folks about how networking is going to evolve in the years to come. The Problem with Networking Most of my readers would consider themselves network engineers - folks that live and breathe networking and everything that’s required to build them.Pylint Errors – Final Newline Missing
I recently ran into a slew of errors when using Pylint - a sort of “quality checker” for your Python code. If you haven’t used it yourself, I highly recommend you check it out - it WILL make you a better Python coder.(Thanks to Matt Stone for introducing me!) This particular error is common if you forget to append a newline character to the end of your python script, but I was getting one for every single line of code in my program.Lessons from APL, a “lost” language
Lessons from APL, a “lost” language
A few weeks back the forum that I go on often held a obfuscation challenge, and people joked around about submitting a entry that was coded in APL.
APL (A Programming Language) is a programming language that w
Internets of Interest for 24th May 2014
Collection of useful, relevant or just fun places on the Internets for 24th May 2014 and a bit commentary about what I’ve found interesting about them: Google: ‘EVERYTHING at Google runs in a container’ • The Register – Containers are going to add to the complexity of virtual networking. With Google saying that they […]
The post Internets of Interest for 24th May 2014 appeared first on EtherealMind.
Open vSwitch 201 & 301
[Special and huge thanks to Scott Lowe for answering an endless amount of questions I had while writing this post and testing with NSX/OVS over the last few days. Thanks to Deepesh as well who I bounced OVS questions off of when I needed to give Scott a break. ]
In Open vSwitch 101, I described the three main components that make up Open vSwitch (OVS) from an architectural standpoint, namely ovs-vswitchd, ovsdb-server, and the fast path kernel module. If you start to work with OVS, the first thing you realize is that it takes quite a bit more knowledge to really understand it. This post will focus on some design principles and options when running OVS on a hypervisor like KVM in conjunction with a network virtualization solution.
In Open vSwitch 101, I described the three main components that make up Open vSwitch (OVS) from an architectural standpoint, namely ovs-vswitchd, ovsdb-server, and the fast path kernel module. If you start to work with OVS, the first thing you realize is that it takes quite a bit more knowledge to really understand it. This post will focus on some design principles and options when running OVS on a hypervisor like KVM in conjunction with a network virtualization solution.
To make this a little more practical, we will use a scenario which consists of a KVM host with 3 physical NICs – 1 x 1G and 2 x 10G. The 1G interface will be used for management and the 2 x 10G interfaces will be used for actual transport of VM traffic.
This example will also assume the use of an overlay network virtualization solution Continue reading
This example will also assume the use of an overlay network virtualization solution Continue reading
News Roundup: Embrane, Cisco Prime NCS, F5 and VMware
Cisco Live happened in the US this week and it seems like a good time to briefly summarise a few of the anouncements that I saw. Embrane Pivots Embrane announced that they will be offering: …. lifecycle management for virtual network service delivered within Cisco ACI™. The company also announced plans for integrating the Embrane […]
The post News Roundup: Embrane, Cisco Prime NCS, F5 and VMware appeared first on EtherealMind.