Archive

Category Archives for "Networking"

NetApp unifies its storage offerings under a new BlueXP roof

NetApp announced Tuesday that its on-premises and cloud storage offerings are now unified under the umbrella of a single platform, called BlueXP, which serves as a control plane for each of its products and simplifies the management of enterprise storage for organizations.BlueXP—which is a free upgrade for its customers—is a reaction to the reality that more and more companies’ storage environments are hybrids these days, combining cloud and on-premises storage, according to NetApp. Businesses of almost any size that have been in operation for more than a decade or so are, more often than not, involved in digital transformation efforts that move at various paces, said company senior vice president and general manager for cloud storage Ronen Schwartz.To read this article in full, please click here

Cisco adds a firewall, upgrades security

Security is the name of the game at Cisco’s Partner Summit gathering this week with the rollout of a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security wares. On the firewall front, Cisco announced the Secure Firewall 3105 it says is built specifically for hybrid workers and small branch offices. Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end for the Secure Firewall 3100 family, including the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput.To read this article in full, please click here

Cisco adds a firewall, upgrades security

Security is the name of the game at Cisco’s Partner Summit gathering this week with the rollout of a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security wares. On the firewall front, Cisco announced the Secure Firewall 3105 it says is built specifically for hybrid workers and small branch offices. Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end for the Secure Firewall 3100 family, including the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput.To read this article in full, please click here

Getting started with EKS and Calico

Cloud-native applications offer a lot of flexibility and scalability, but to leverage these advantages, we must create and deploy a suitable environment that will enable cloud-native applications to work their magic.

Managed services, self-managed services, and bare metal are three primary categories of Kubernetes deployment in a cloud environment. Our focus in this article will be on Amazon Web Service’s (AWS) managed Kubernetes service, Elastic Kubernetes Service (EKS), and capabilities that Calico Open Source adds to the EKS platform.

Managed services

A managed cluster is a quick and easy way to deploy an enterprise-grade Kubernetes cluster. In a managed cluster, mundane operations such as provisioning new nodes, upgrading the OS/Kubernetes, and scaling resources are transferred to the cloud provider, which allows you to expand your application with ease.

EKS is a managed service by AWS that offers a fault-tolerant Kubernetes control plane endpoint and automates worker node maintenance and deployment process.

Comparing popular CNI options in EKS

Most popular managed services, such as EKS, come with an official CNI that offers networking and other features for your cluster. While these CNIs are highly integrated with the underlying system, they can introduce some limitations. To remedy these limitations and unlock the Continue reading

who me?

This blog is to share knowledge and experiences I come across within the trials and tribulations of networking and automation. As we all know the Internet is built on plagiarism. I do try and mention any sources I use, but if I do miss you out please don’t get offended, feel less important or come after me. Plagiarism is just confirmation of your superior knowledge. Some of the information maybe wrong, I am certain the grammar is wrong, but it is written with the best interests at heart.

OCP spec for silicon security could help reduce vendor lock-in

A new specification from the Open Compute Project could mean more choices for IT pros when it comes time to replace server cards.The spec defines a block of code that, when used in processors, establishes root of trust (RoT) boot security. Because the spec is open, any chip maker can use it, and it will provide interoperability with chips made by other chip makers that also use it. This can help eliminate being locked into a single vendor because of proprietary RoT code.By standardizing on OCP hardware, for example, it’s possible to replace a bad smartNIC from one vendor with one from another vendor, says Bill Chen, general manager of server product management at Supermicro, an OCP member.To read this article in full, please click here

OCP spec for silicon security could help reduce vendor lock-in

A new specification from the Open Compute Project could mean more choices for IT pros when it comes time to replace server cards.The spec defines a block of code that, when used in processors, establishes root of trust (RoT) boot security. Because the spec is open, any chip maker can use it, and it will provide interoperability with chips made by other chip makers that also use it. This can help eliminate being locked into a single vendor because of proprietary RoT code.By standardizing on OCP hardware, for example, it’s possible to replace a bad smartNIC from one vendor with one from another vendor, says Bill Chen, general manager of server product management at Supermicro, an OCP member.To read this article in full, please click here

Tech Bytes: Aruba Enhances Security Capabilities In EdgeConnect SD-WAN (Sponsored)

Today on the Tech Bytes podcast we’re talking SD-WAN. We dive into new features and capabilities in Aruba EdgeConnect SD-WAN, including new security and segmentation features, licensing options, and more. Our sponsor is Aruba, a Hewlett Packard Enterprise company.

The post Tech Bytes: Aruba Enhances Security Capabilities In EdgeConnect SD-WAN (Sponsored) appeared first on Packet Pushers.

Ubuntu 20.04 Docker image – Python For Network Engineers

This is an updated Docker image of Python For Network Engineers (PFNE) based on Ubuntu 20.04 (minimal server distro). It contains all necessary tools for network / devops engineers to test automation and learn Python: OpensslNet-toolsIPutilsIProuteIPerfTCPDumpNMAPPython 2Python 3ParamikoNetmikoAnsiblePyntcNAPALMNetcatSocat If you notice a missing package which could be a value added for the scope of the … Continue reading Ubuntu 20.04 Docker image – Python For Network Engineers

BGP Configuration on FortiOS

I’ve never done a post on Forti-anything, but I’m really appreciating the products Fortinet is putting out lately. They’re transitioning from “run your SMB off of our stuff” to “actually, we’re pretty good for larger companies”, so their GUI lacks features to keep the SMB from blowing stuff up, The advanced features are there in the CLI, and I wanted to use it to show that difference between the GUI and the real config.

Let’s review some of the basic configuration elements of BGP first. You need an autonomous system (AS) number and a router ID for your side. You also need the AS number of the remote system. You need the IP address on their side (usually the interface facing you). That looks something like this. We’re going to be ‘Fortigate 1’ for this exercise.

With just this information, we can turn up a BGP neighbor that does absolutely nothing. To actually send some routes, you need to tell BGP what to send. We’ll keep this simple and add just connected networks. Adding to the diagram, we get this.

Now we have something of value (though choosing BGP over OSPF or RIP for this little scenario is pretty horrible). Continue reading