0

SASE or SSE? Don’t let hype distract from enterprise needs

Secure access service edge (SASE) has generated a buzz over the last couple of years, particularly in light of the pandemic and its associated surge in remote employees. But SASE hasn’t quite materialized in the way Gartner – which first coined the term in a 2019 white paper – initially expected. In particular, there’s been pushback around the idea that SASE should be delivered by a single vendor, as a single integrated cloud service at the network edge.The SASE model combines network security functions with WAN capabilities, delivering the security elements in the cloud and using SD-WAN at the edge or in the cloud. Key security functions include secure web gateway (SWG), zero trust network access (ZTNA), firewall as a service (FWaaS), and cloud access security broker (CASB).To read this article in full, please click here

0

SASE or SSE? Don’t let hype distract from enterprise needs

Secure access service edge (SASE) has generated a buzz over the last couple of years, particularly in light of the pandemic and its associated surge in remote employees. But SASE hasn’t quite materialized in the way Gartner – which first coined the term in a 2019 white paper – initially expected. In particular, there’s been pushback around the idea that SASE should be delivered by a single vendor, as a single integrated cloud service at the network edge.The SASE model combines network security functions with WAN capabilities, delivering the security elements in the cloud and using SD-WAN at the edge or in the cloud. Key security functions include secure web gateway (SWG), zero trust network access (ZTNA), firewall as a service (FWaaS), and cloud access security broker (CASB).To read this article in full, please click here

0

Cloudflare achieves key cloud computing certifications — and there’s more to come

This post is also available in French, German and Spanish.

Back in the early days of the Internet, you could physically see the hardware where your data was stored. You knew where your data was and what kind of locks and security protections you had in place. Fast-forward a few decades, and data is all “in the cloud”. Now, you have to trust that your cloud services provider is putting security precautions in place just as you would have if your data was still sitting on your hardware. The good news is, you don’t have to merely trust your provider anymore. There are a number of ways a cloud services provider can prove it has robust privacy and security protections in place.

Today, we are excited to announce that Cloudflare has taken three major steps forward in proving the security and privacy protections we provide to customers of our cloud services: we achieved a key cloud services certification, ISO/IEC 27018:2019; we completed our independent audit and received our Cloud Computing Compliance Criteria Catalog (“C5”) attestation; and we have joined the EU Cloud Code of Conduct General Assembly to help increase the impact of the trusted cloud ecosystem and encourage Continue reading

0

Largest netsim-tools Topology I’ve Seen So Far

I stumbled upon a blog post by Diptanshu Singh discussing whether IS-IS flooding in highly meshed fabric is as much of a problem as some people would like to make it. I won’t spoil the fun, read his blog post ;)

The really interesting part (for me) was the topology he built with netsim-tools and containerlab: seven leaf-and-spine fabrics connected with WAN links and superspines for a total of 68 instances of Arista cEOS. I hope he automated building the topology file (I’m a bit sorry we haven’t implemented composite topologies yet); after that all he had to do was to execute netlab up to get a fully-configured lab running IS-IS.

0

Largest netlab Topology I’ve Seen So Far

I stumbled upon a blog post by Diptanshu Singh discussing whether IS-IS flooding in highly meshed fabric is as much of a problem as some people would like to make it. I won’t spoil the fun, read his blog post ;)

The really interesting part (for me) was the topology he built with netlab and containerlab: seven leaf-and-spine fabrics connected with WAN links and superspines for a total of 68 instances of Arista cEOS. I hope he automated building the topology file (I’m a bit sorry we haven’t implemented composite topologies yet); after that all he had to do was to execute netlab up to get a fully-configured lab running IS-IS.

0

Proxmox/Ceph – Full Mesh HCI Cluster w/ Dynamic Routing

If you have ever used Proxmox, you know it’s a capable and robust open-source hypervisor. When coupled with Ceph, the two can provide a powerful HyperConverged (HCI) platform; rivaling mainstream closed-source solutions like those from Dell, Nutanix, VMWare, etc., and all based on free (paid support available) and open-source software. The distributed nature of HCI […]

The post Proxmox/Ceph – Full Mesh HCI Cluster w/ Dynamic Routing appeared first on Packet Pushers.

0

Tech Bytes: Palo Alto Networks Introduces Security As Flexible As Today’s Hybrid Workforce (Sponsored)

Today on the Tech Bytes podcast we talk with sponsor Palo Alto Networks about two new approaches for supporting remote and hybrid workers. First is Okyo Garde, a new wireless mesh product to support remote work. And second, a new bandwidth-on-demand option for Palo Alto’s Prisma SD-WAN.

The post Tech Bytes: Palo Alto Networks Introduces Security As Flexible As Today’s Hybrid Workforce (Sponsored) appeared first on Packet Pushers.

0

Tech Bytes: Palo Alto Networks Introduces Security As Flexible As Today’s Hybrid Workforce (Sponsored)

Today on the Tech Bytes podcast we talk with sponsor Palo Alto Networks about two new approaches for supporting remote and hybrid workers. First is Okyo Garde, a new wireless mesh product to support remote work. And second, a new bandwidth-on-demand option for Palo Alto’s Prisma SD-WAN.

0

IBM launches a software-defined storage server for AI

IBM has added a new member to its Spectrum Scale Enterprise Storage Server (ESS) portfolio that featuers a faster controller CPU and more throughput and that is designed  to work with Nvidia’s DGX dense compute servers for AI training.The new ESS 3500 is a 2U design with 24 drive bays and a maximum raw capacity of 368TB. But it can achieve up to 1PB through LZ4 compression, a first for the series that earlier ESS versions do not have. The ESS 3500 can achieve up to 91GB/s of throughput performance, better than the 80GB/s of the older models.To read this article in full, please click here

0

IBM launches a software-defined storage server for AI

IBM has added a new member to its Spectrum Scale Enterprise Storage Server (ESS) portfolio that featuers a faster controller CPU and more throughput and that is designed  to work with Nvidia’s DGX dense compute servers for AI training.The new ESS 3500 is a 2U design with 24 drive bays and a maximum raw capacity of 368TB. But it can achieve up to 1PB through LZ4 compression, a first for the series that earlier ESS versions do not have. The ESS 3500 can achieve up to 91GB/s of throughput performance, better than the 80GB/s of the older models.To read this article in full, please click here

0

Weekend Reads 052022

The steepening trajectory towards event-driven and real-time API architecture is imminent.

The idea of this declaration has a lot to do with the “Past of the Internet.” When the Internet was developing in the 1980s and 1990s, it was seen primarily as a tool that would expand individual freedoms worldwide, strengthen democracy, and create prosperity through innovation and economic progress.

I’m not sure that most people understand the extent to which our online experience has moved to the cloud – and this movement to the cloud means we’re using a lot more bandwidth than in the recent past.

Among the many disruptions facing modern communication service providers (CSPs), one of the biggest is the growing role of data centers (DCs) in their business.

A bargain-basement, $5 price tag on a 3-year-old remote access Trojan (RAT) has concerned some security researchers, who see the move as signs of a possible race to the bottom in terms of pricing — or that new, disrupting developers are entering the cybercriminal market.

Researchers are marveling at the scope and magnitude of a vulnerability that hackers are actively exploiting to take full control of network devices that run on some of the world’s biggest Continue reading

0

Canada bans Huawei, ZTE in 5G networks

Canada is the latest country to ban Huawei and ZTE equipment from use in the telecommunications field generally and 5G networks in particular, as the government's announcement this week detailed its intention to introduce a broad, new telecom security framework.Canadian telecom companies are to be barred officially from buying new Huawei or ZTE equipment as of September of this year, according to the government's policy statement Thursday. Canada will also mandate the removal of all Huawei and ZTE gear from 5G networks by June 28, 2024, as well as the removal of all those companies' 4G/LTE equipment by the end of 2027.This means that, like the US, Canada's move to ban certain Chinese networking gear extends to equipment already in use, so that telecom companies that have bought such gear will need to replace it. It's unclear from the announcement whether Canada will follow the US' lead in providing financial assistance to companies working to rid their networks of banned equipment, although the statement did say that the government plans to "engage with industry" in order to make sure that logistical considerations for gear replacement are taken into account.To read this article in full, please click here

0

Heavy Networking 631: Saying No

On today's Heavy Networking we talk about why it's important to say "No" when someone tries to put more work on you than you can handle. Guest Tom Hollingsworth wrote a controversial blog post entitled “No Is A Complete Sentence” about how to say "No," to even when it's hard to do. We talk about the nuances of this stance, the risks you take when you do, time management, balancing workloads, and more.

The post Heavy Networking 631: Saying No appeared first on Packet Pushers.

0

Heavy Networking 631: Saying No

On today's Heavy Networking we talk about why it's important to say "No" when someone tries to put more work on you than you can handle. Guest Tom Hollingsworth wrote a controversial blog post entitled “No Is A Complete Sentence” about how to say "No," to even when it's hard to do. We talk about the nuances of this stance, the risks you take when you do, time management, balancing workloads, and more.

0

Top No-Pain Perks You Can Use to Retain IT Staff

A handful of painless incentives can help minimize team turnover and production disruption.

0

Intel to build $700M sustainability-focused R&D lab

Intel has announced its intention to invest $700 million in a new research and development lab focused on developing sustainable data center technologies, such as immersion cooling, water usage effectiveness, and heat recapture and reuse.The 200,000-square-foot lab will be located at Intel’s Jones Farm campus in Hillsboro, Oregon. Construction will begin this year, with an estimated opening date of late 2023. To read this article in full, please click here

0

Intel to build $700M sustainability-focused R&D lab

Intel has announced its intention to invest $700 million in a new research and development lab focused on developing sustainable data center technologies, such as immersion cooling, water usage effectiveness, and heat recapture and reuse.The 200,000-square-foot lab will be located at Intel’s Jones Farm campus in Hillsboro, Oregon. Construction will begin this year, with an estimated opening date of late 2023. To read this article in full, please click here

0

How to use the grep command to cheat in Wordle: 2-Minute Linux Tips

In this Linux tip, learn how you can use the grep command to cheat when you play Wordle. Linux systems can be very helpful in this because of the many commands it provides and the fact that it includes a lengthy words file.

0

Video: Typical Kubernetes Inter-Pod Traffic Walk

Stuart Charlton did his best to explain the concept of pods in the Kubernetes Networking Deep Dive webinar, but we were still a bit confused. Next step: let’s talk about typical inter-pod traffic scenario.

0

Video: Typical Kubernetes Inter-Pod Traffic Walk

Stuart Charlton did his best to explain the concept of pods in the Kubernetes Networking Deep Dive webinar, but we were still a bit confused. Next step: let’s talk about typical inter-pod traffic scenario.