Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.
download
How does a company building a product from an open-source project get off the ground? How does it communicate its value, attract contributors, and develop a user base? And how does it spread the word without turning off engineers with typical tech marketing? Guest Emily Omier is a positioning consultant who helps companies and projects get it right.
The post Day Two Cloud 118: Growing Your Open-Source Community appeared first on Packet Pushers.
In any L2 overlay network, ARP handling will always remain a big pain for network operators.
This post explains why you should always set ARP timeout to less than 5 minutes in L3 EVPN, and always be cautious of potential …
The power and potential of the next generation cognitive campus are transformative as the industry undergoes a massive transition to hybrid work in the post-pandemic era. A key underpinning to successful campus networking deployments has been our very first acquisition of Mojo Networks for cognitive Wi-Fi. Arista’s entry into wireless is only in its third year, yet the advances in this space will be profound over the next decade.
We are excited to announce that Enterprise customers now have the ability to test custom uploaded certificates in a staging environment before pushing them to production.
If you’re running a website or the API that’s behind a popular app, you know your users have high expectations: it can't just be up and running; it also has to be fast and secure. One of the easiest and most standardized ways to secure connections is with the TLS protocol. To do that, you need to acquire a TLS certificate for your domain.
One way to get a certificate is by using a CDN provider, like Cloudflare. We make the process really easy by issuing certificates on your behalf. Not just that, but when your certificate is getting closer to its expiration date, we are responsible for re-issuing it. But, if you don’t want Cloudflare to issue the certificate on your behalf and want to obtain the certificate yourself, you can do so. You can either keep control of your private key, or generate a Certificate Signing Request (CSR) through Cloudflare, so we maintain the private key, but you can still use the certificate authority (CA) of Continue reading
Etienne-Victor Depasquale sent me a pointer to an interesting NANOG discussion: why would we need Segment Routing. It’s well worth reading the whole thread (until it devolves into “that is not how MPLS works” arguments), which happens to be somewhat aligned with my thinking:
Enjoy!
The year 2020 has been a rough ride. A lot of companies went out of business and a lot of people lost their jobs. However the job market is continuously evolving and it is still very competitive even after taking a hit during the pandemic. Technology is changing the way that employers find employees and employees find employers.
Employers are always looking for creative, efficient, innovative and empathetic individuals who are productive and can help in creating a better workplace for everyone. Employees will be looking for organizations who have a clear mission statement and are able to provide them with structure, clarity and meaning in their work.
Let’s take a look at some of the tips for job seekers in 2021.
The first thing that a job seeker needs to do is have a portfolio of work that they can show off to potential employers. It’s no longer good enough just to have a CV, they need an online presence that reflects their personality and creativity.
Job seekers also need to make sure that they are on top of new developments in the industry and keep their LinkedIn Continue reading
Amazon EKS Anywhere is an official Kubernetes distribution from AWS. It’s a new deployment option for Amazon EKS that allows the creation and operation of on-premises Kubernetes clusters on your existing infrastructure.
Since its general availability release, we’ve been working hard to ensure support for Calico on EKS Anywhere, and are happy to announce that users can now choose to use Calico for container networking and security. This gives organizations already using or planning to adopt EKS Anywhere the flexibility to choose the best container networking solution for their needs. Organizations currently using Calico can add EKS Anywhere clusters and use the same Calico solution for networking and security across on-premises and cloud platforms.
Let’s take a look at how you can get started with Calico on EKS Anywhere.
Notes:
Install EKS Anywhere as normal on vSphere, by following this documentation.
Removing Cilium from a cluster requires using the Cilium CLI, so Continue reading
In the first public test of is kind for Network Detection and Response, SE Labs awards the industry’s first NDR AAA rating to VMware NSX Network Detection and Response (NDR). The modern cyber battlefield is everywhere, and every attacker has to traverse multiple networks and in most cases many firewalls to achieve their goals. Internal to networks they look to move freely within the environment discovering valuable information they wish to exfiltrate. As attackers have continually innovated so must the industry and our testing. As a leader in the security industry, VMWare has gone through the industry’s first Network Detection and Response (NDR) test and received a AAA rating. It is well-known that attackers continually evolve and chain together an ever increasingly complex chain of events. These techniques, tactics and procedures occur across networks and often traverse and bypass traditional security tools like firewalls and antivirus. As our understanding of attacker’s behaviors evolve, so must our engineering and testing.
VMware customers can be assured that their data is better protected in this new arena as they continue to modernize their application and network infrastructure as part of their digital transformation initiatives.
According to the results from SE Labs, VMware NSX Continue reading