VMware Aria: If You Can’t Beat Public Cloud, Maybe You Can Manage It
VMware announced an ambitious project, VMware Aria, at VMware Explore 2022. Aria offers multi-cloud management for enterprises that use services in more than one public cloud. The speed and sprawl of cloud adoption has become a problem for enterprises. Companies are having a hard time containing costs, monitoring performance, and enforcing security and compliance policies. […]
The post VMware Aria: If You Can’t Beat Public Cloud, Maybe You Can Manage It appeared first on Packet Pushers.
DoH, DoT and plain old DNS
We’d like to understand the extent to which encrypted DNS technologies have been taken up in the public Internet. To this end, we've been able to analyse the query data from a large open recursive resolver system to provide some insights as to how much use is being made of DNS over HTTPS and DNS over TLS.DDoS Sonification
Sonification presents data as sounds instead of visual charts. One of the best known examples of sonification is the representation of radiation level as a click rate in a Geiger counter. This article describes ddos-sonify, an experiment to see if sound can be usefully employed to represent information about Distributed Denial of Service (DDoS) attacks. The DDoS attacks and BGP Flowspec responses testbed was used to create the video demonstration at the top of this page in which a series of simulated DDoS attacks are detected and mitigated. Play the video to hear the results.
The software uses the Tone.js library to control Web Audio sound generation functionality in a web browser.
var voices = {};
var loop;
var loopInterval = '4n';
$('#sonify').click(function() {
if($(this).prop("checked")) {
voices.synth = new Tone.PolySynth(Tone.Synth).toDestination();
voices.metal = new Tone.PolySynth(Tone.MetalSynth).toDestination();
voices.pluck = new Tone.PolySynth(Tone.PluckSynth).toDestination();
voices.membrane = new Tone.PolySynth(Tone.MembraneSynth).toDestination();
voices.am = new Tone.PolySynth(Tone.AMSynth).toDestination();
voices.fm = new Tone.PolySynth(Tone.FMSynth).toDestination();
voices.duo = new Tone.PolySynth(Tone.DuoSynth).toDestination();
Tone.Transport.bpm.value=80;
loop = new Tone.Loop((now) => {
sonify(now);
},loopInterval).start(0);
Continue reading
Day Two Cloud 161: Tech Marketing Sucks; Let’s Make It Better
Tech marketing is often terrible. The problem is that marketers tend to develop material aimed at "C-level" or executive audiences, which doesn't resonate with developers and engineers who influence buying decisions and actually use products. Today's Day Two Cloud podcast examines how to improve tech marketing, and why communication is a good skill for technologists themselves.Why Middle Mile Networks Matter to Enterprise IT
In the wake of the broadband access-focused Biden spending bill, the NTIA has earmarked $1 billion for carriers to enhance and upgrade the crucial infrastructure that connects the last mile to long-haul networks.Cloudflare’s abuse policies & approach
Cloudflare launched nearly twelve years ago. We’ve grown to operate a network that spans more than 275 cities in over 100 countries. We have millions of customers: from small businesses and individual developers to approximately 30 percent of the Fortune 500. Today, more than 20 percent of the web relies directly on Cloudflare’s services.
Over the time since we launched, our set of services has become much more complicated. With that complexity we have developed policies around how we handle abuse of different Cloudflare features. Just as a broad platform like Google has different abuse policies for search, Gmail, YouTube, and Blogger, Cloudflare has developed different abuse policies as we have introduced new products.
We published our updated approach to abuse last year at:
https://www.cloudflare.com/trust-hub/abuse-approach/
However, as questions have arisen, we thought it made sense to describe those policies in more detail here.
The policies we built reflect ideas and recommendations from human rights experts, activists, academics, and regulators. Our guiding principles require abuse policies to be specific to the service being used. This is to ensure that any actions we take both reflect the ability to address the harm and minimize unintended consequences. We believe that Continue reading
TLS Handshake Acceleration with Tanzu Service Mesh
Performance and Security Optimizations on Intel Xeon Scalable Processors – Part 2
Contributors
Manish Chugtu — VMware
Ramesh Masavarapu, Saidulu Aldas, Sakari Poussa, Tarun Viswanathan — Intel
Introduction
Intel and VMware have been working together to optimize and accelerate the microservices middleware and infrastructure with software and hardware to ensure developers have the best-in-class performance and low latency experience when building distributed workloads with a focus on improving the performance, crypto accelerations, and making it more secure.
In Part 1 of this blog series, we looked at how Tanzu Service Mesh uses eBPF (in a non-disruptive manner) to achieve network acceleration by bypassing the TCP/IP networking stack in the Linux kernel and we loved the interest shown and feedback we got for that. In this Part 2, we will deep dive and showcase how Intel and VMware have been working together to accelerate Tanzu Service Mesh (/Istio) crypto use-cases (mutual TLS use-case) and improve the performance of asymmetric crypto operations by using Intel AVX-512 Crypto instruction set that is available on 3rd Generation Intel Xeon Scalable processors.
Security is one of the key areas that service mesh addresses. In Tanzu Service Mesh, there are multiple security features that are Continue reading