Archive

Category Archives for "Networking"

Azure Host-Based Networking: VFP and AccelNet Introduction

Software-Defined Networking (SDN) is an architecture where the network’s control plane is decoupled from the data plane to centralized controllers. These intelligent, programmable controllers manage network components as a single system, having a global view of the whole network. Microsoft’s Azure uses a host-based SDN solution, where network virtualization and most of its services (Firewalls, Load balancers, Gateways) run as software on the host. The physical switching infrastructure, in turn, offers a resilient, high-speed underlay transport network between hosts.

Figure 1-1 shows an overview of Azure’s SDN architecture. Virtual Filtering Platform (VFP) is Microsoft’s cloud-scale software switch operating as a virtual forwarding extension within a Hyper-V basic vSwitch. The forwarding logic of the VFP uses a layered policy model based on policy rules on Match-Action Table (MAT). VFP works on a data plane, while complex control plane operations are handed over to centralized control systems. VFP layers, such as VNET, NAT, ACL, and Metering, have dedicated controllers that programs policy rules to MAT using southbound APIs.

Software switches switching processes are CPU intensive. To reduce the burden of CPU cycles, VFP offloads data forwarding logic to hardware NIC after processing the first packet of the flow and creating the flow Continue reading

BrandPost: Got Network Downtime? Here’s How to Proactively Reduce It

The hybrid workforce will continue for the foreseeable future, according to the Foundry 2022 Future of Work study. And the trend is affecting hiring and retention, with 62% of IT leaders saying their organizations are guaranteeing flexible work options to stay competitive in the marketplace.Just as important: The technology and systems these employees use must be reliable and secure. Poor connectivity or network downtime not only frustrates users but also eats into productivity.And yet both hybrid and on-site workers are experiencing a high volume of network interruptions, according to a Juniper Networks survey. For example:To read this article in full, please click here

Weekend Reads 010623


Undersea cables between the U. S. and Cuba have long been intertwined with politics.


People like to tout NIST’s SP 800-207 [Zero Trust Architecture] as the hot new thing, but the fact is, zero trust network models have been around for over a decade.


As Russian ground troops prepared to enter Ukraine in February 2021, Ukrainian governmental departments, online media organizations, financial firms, and hosting providers were slammed with a surge of distributed denial-of-service (DDoS) attacks.


Prosecutors said the five IT officials of the public administration department had failed to check the security of the system and update it with the most recent antivirus software.


What exactly is the edge? What makes something an edge appliance? These are trickier questions than you might think, and depending on who you ask — and honestly, what they’re trying to sell you — the answers can vary wildly.


You’ve likely been hearing about the World Wide Web Consortium’s (W3C) Web Authentication (WebAuthn) and considering whether you’re ready to implement it in your environment.


In this episode of PING, Luuk Hendricks and Willem Toorop from NLNet Labs discuss applying Express Data Path (XDP) to the DNS protocol.


A recent Continue reading

BrandPost: IT Leaders Have a Green Opportunity to Support Sustainability

There are multiple benefits to gain from investing resources into sustainability and environmental, social, and governance (ESG) efforts — including operational efficiencies, swift compliance with regulations, employee and customer satisfaction, as well as the criticality of addressing climate change.IT leaders have a significant role to play here. Estimates project that by 2040, IT operations will produce 14% of the world’s carbon-dioxide emissions — up from 4% today.There is an opportunity to reduce these emissions, support sustainable business growth, and achieve other advantages by addressing IT systems and processes. And it should start with the network architecture.To read this article in full, please click here

Problem Replication or Why Do We Need to Break It Again?

There was a tweet the other day that posited that we don’t “need” to replicate problems to solve them. Ultimately the reason for the tweet was that a helpdesk refused to troubleshoot the problem until they could replicate the issue and the tweeter thought that wasn’t right. It made me start thinking about why troubleshooters are so bent on trying to make something happen again before we actually start trying to fix an issue.

The Definition of Insanity

Everyone by now has heard that the definition of insanity is doing the same thing over and over again and expecting a different result. While funny and a bit oversimplified the reality of troubleshooting is that you are trying to make it do something different with the same inputs. Because if you can make it do the same thing over and over again you’re closer to the root cause of the issue.

Root cause is the key to problem solving. If you don’t fix what’s actually wrong you are only dealing with symptoms and not issues. However, you can’t know what’s actually wrong until you can make it happen more than once. That’s because you have to narrow the actual issue down Continue reading

Former VMware exec Gillis resurfaces to run Cisco security business (again)

Industry veteran Tom Gillis, who left VMware in December, has returned to Cisco in a new but familiar role: senior vice president and general manager of Cisco’s Security Business Group. From 2007 to 2011, Gillis was vice president and general manager of Cisco’s then-called Security Technology Group, which focused on developing network, content and identity management products.After that, Gillis founded cloud computing firm Bracket Computing, which was acquired by VMware in May 2018.Gillis ran VMware's $2 billion networking and security business from that point until this past December, and he was responsible for a number of its core products, including VMware's NSX networking and network/edge software products. To read this article in full, please click here

Former VMware exec Gillis resurfaces to run Cisco security business (again)

Industry veteran Tom Gillis, who left VMware in December, has returned to Cisco in a new but familiar role: senior vice president and general manager of Cisco’s Security Business Group. From 2007 to 2011, Gillis was vice president and general manager of Cisco’s then-called Security Technology Group, which focused on developing network, content and identity management products.After that, Gillis founded cloud computing firm Bracket Computing, which was acquired by VMware in May 2018.Gillis ran VMware's $2 billion networking and security business from that point until this past December, and he was responsible for a number of its core products, including VMware's NSX networking and network/edge software products. To read this article in full, please click here

The Right Stuff for Really Remote Edge Computing

Suppose you operate popup clinics in rural villages and remote locations where there is no internet. You need to capture and share data across the clinic to provide vital healthcare, but if the apps you use require an internet connection to work, they can’t operate in these areas. Or perhaps you’re an oil and gas operator that needs to analyze critical warning data from a pressure sensor on a platform in the North Sea. If the data needs to be processed in cloud data centers, it has to travel incredible distances — at great expense — over unreliable networks. This incurs high degrees of latency, or network slowness, so by the time a result is sent back to the platform, it could be too late to take any action. These kinds of use cases represent a growing class of apps that require 100% uptime and real-time speed, guaranteed — regardless of where they are operating in the world. A fundamental challenge in meeting these requirements remains the network — there are still huge swaths of the globe with little or no internet — meaning apps that depend on connectivity cannot operate in those areas. Emerging advances in network technology are Continue reading

Cloud providers should unify virtual networking and SD-WAN

I’ve predicted that virtual networks will be hot in 2023, but that begs the question of what exactly a “virtual network” is. One definition says, “not physically existing as such but made by software to appear to do so”, and that surely makes you wonder how businesses would be willing to commit to such a thing. Truth is, they already have, but I think it’s time to look closely at the concept of virtual networks, and to categorize what exactly is going on there. Why look at something that isn’t real and only appears to be?  We’ll see.I could offer a lot of discussions on the early days of virtual network evolution here, but they’re probably as useless as a debate on where your lap goes when you stand up, an example of worthless effort I recall from a childhood book. Instead, let’s look at virtual networks from two directions—the user and the application—and see how those two directions are shaping virtual network technology, increasing its importance, and converging on a new network model overall.To read this article in full, please click here

IT supply issues have organizations shifting from just-in-time to just-in-case buying

The past three years have been an unprecedented period of disruption in the semiconductor industry. The Covid pandemic and ensuing lockdowns shut down manufacturing, there were interruptions in shipping, and then the war in Ukraine adversely impacted supplies of critical raw materials.The first half of 2022 saw 46% more supply chain disruptions than the first half of 2021, according to a research report released this fall by Resilinc, a supply chain resiliency company.To read this article in full, please click here

IT supply issues have organizations shifting from just-in-time to just-in-case buying

The past three years have been an unprecedented period of disruption in the semiconductor industry. The Covid pandemic and ensuing lockdowns shut down manufacturing, there were interruptions in shipping, and then the war in Ukraine adversely impacted supplies of critical raw materials.The first half of 2022 saw 46% more supply chain disruptions than the first half of 2021, according to a research report released this fall by Resilinc, a supply chain resiliency company.To read this article in full, please click here

Kubernetes Unpacked 016: Taking On Kubernetes As A New Engineer

On today's Kubernetes Unpacked podcast we talk about taking on Kubernetes as a young engineer. As all IT pros know, learning Kubernetes isn’t the easiest thing, especially when you’re first entering the field. Guest Alero Awani, a college student, talks about her transition from Data Engineering to cloud and DevOps, and how and why she came to learn Kubernetes.

The post Kubernetes Unpacked 016: Taking On Kubernetes As A New Engineer appeared first on Packet Pushers.

BGP in 2022 – The Routing Table

This past year marks a significant point in the evolution of the Internet where the strong growth numbers that were a constant feature of the past thirty years are simply not present in the data. The Internet’s growth is slowing down significantly. Have we got to the point of market saturation and there is no more demand capacity to fuel further growth? Or are we reeling from the combinations of a global pandemic, turmoil in energy markets and the signs of increased climate instability so that we are no longer as interested to throw more resources into more network infrastructure investment? Let’s take a look at the BGP view of 2022 and see how these larger economic and social considerations are reflected in the behaviour of the Internet’s inter-domain routing system.

Case study: How Mulligan Funding built a SOC 2-compliant fintech SaaS platform with Calico Cloud

The rise of fintech has pushed traditional financial institutions to provide online-based services and launch fintech applications. But these services must be secure and meet certain regulatory requirements, such as the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Regulation (GDPR), or SOC 2.

When our customer, Mulligan Funding, needed to launch a new fintech SaaS platform, they had to ensure that all communication to and from the application would be secure and SOC 2 compliant, since the platform would handle sensitive personal and financial data. To achieve this, Mulligan Funding decided to standardize on Microsoft Azure Kubernetes Service (AKS) and chose Calico Cloud for its security and compliance needs.

Case study highlights

Mulligan Funding faced two major challenges when it came to achieving SOC 2 compliance:

  1. Ensure compliance and be notified of any control changes 24/7 in a way that’s scalable
  2. Gain visibility into clusters to immediately pinpoint issues that require troubleshooting

Read the case study to learn:

  • How Mulligan Funding bolstered its security posture at scale through unified security policy management.
  • Why deploying Calico Cloud not only helped Mulligan Funding achieve compliance, but also helped the company reduce service distributions and optimize troubleshooting.

Read Continue reading

Arista floats its answer to the strain AI puts on networks

If networks are to deliver the full power of AI they will need a combination of high-performance connectivity and no packet lossThe concern is that today’s traditional network interconnects cannot provide the required scale and bandwidth to keep up with AI requests, said Martin Hull, vice president of Cloud Titans and Platform Product Management with Arista Networks. Historically, the only option to connect processor cores and memory have been proprietary interconnects such as InfiniBand, PCI Express and other protocols that connect compute clusters with offloads but for the most part that won’t work with AI and its workload req uirements.Arista AI Spine To address these concerns, Arista is developing a technology it calls AI Spine, which calls for data-center switches with deep packet buffers and networking software that provides real-time monitoring to hep manage the buffers and efficiently control traffic.To read this article in full, please click here

Arista floats its answer to the strain AI puts on networks

If networks are to deliver the full power of AI they will need a combination of high-performance connectivity and no packet lossThe concern is that today’s traditional network interconnects cannot provide the required scale and bandwidth to keep up with AI requests, said Martin Hull, vice president of Cloud Titans and Platform Product Management with Arista Networks. Historically, the only option to connect processor cores and memory have been proprietary interconnects such as InfiniBand, PCI Express and other protocols that connect compute clusters with offloads but for the most part that won’t work with AI and its workload requirements.Arista AI Spine To address these concerns, Arista is developing a technology it calls AI Spine, which calls for switches with deep packet buffers and networking software that provides real-time monitoring to manage the buffers and efficiently control traffic.To read this article in full, please click here

1 328 329 330 331 332 3,484