Archive

Category Archives for "Networking"

What’s new in Calico Enterprise 3.7: eBPF data plane, high availability, and more!

As our enterprise customers build out large, multi-cluster Kubernetes environments, they are encountering an entirely new set of complex security, observability, and networking challenges, requiring solutions that operate at scale and can be deployed both on-premises and across multiple clouds. New features in our latest release add to the already formidable capabilities of Calico Enterprise.

New feature: High-availability connectivity for Kubernetes with dual ToR

 

Many platform operators who run Kubernetes on-premises want to leverage Border Gateway Protocol (BGP) to peer with other infrastructure. Calico uses BGP to peer with infrastructure within the cluster as well as outside of the cluster, and integrates with top-of-rack (ToR) switches to provide that connectivity.

Calico ToR connectivity has existed for some time now. However, for cluster operators using BGP who need reliable, consistent connectivity to resources outside of the cluster as well as cluster nodes on different racks, Calico Enterprise dual ToR connectivity ensures high availability with active-active redundant connectivity planes between cluster nodes and ToR switches. A cluster that is peered to two ToR switches will still have an active link, even if one switch becomes unavailable, thus ensuring the cluster always has a network connection. Kubernetes cannot do this on its Continue reading

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Ransomware recovery: Plan for it now

If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it’s important to understand how ransomware works.How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it’s important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.To read this article in full, please click here

Hedge 90: Andrew Wertkin and a Naïve Reliance on Automation

Automation is surely one of the best things to come to the networking world—the ability to consistently apply a set of changes across a wide array of network devices has speed at which network engineers can respond to customer requests, increased the security of the network, and reduced the number of hours required to build and maintain large-scale systems. There are downsides to automation, as well—particularly when operators begin to rely on automation to solve problems that really should be solved someplace else.

In this episode of the Hedge, Andrew Wertkin from Bluecat Networks joins Tom Ammon and Russ White to discuss the naïve reliance on automation.

download

We Can’t Achieve the Sustainable Development Goals without the Internet

The Internet is a critical enabler for sustainable development. It unlocks human capabilities and provides the platform upon which an emerging digital economy can thrive. As the Internet and digital technologies become more essential, it also becomes more urgent to connect the people who are being left behind.

The post We Can’t Achieve the Sustainable Development Goals without the Internet appeared first on Internet Society.

Day Two Cloud 105: How The Fly.io Cloud Brings Apps Closer To Users

Fly.io is a public cloud that can run your applications all over the world. The goal of Fly.io is to allow developers to self-service complicated infrastructure without an ops team, while making multi-region a default setting to get apps as close to the user as possible. Our guest is founder Kurt Mackey. This is not a sponsored show.

The post Day Two Cloud 105: How The Fly.io Cloud Brings Apps Closer To Users appeared first on Packet Pushers.

Backing up not just your data, but your productivity

Everyone knows that backups are important, but most of us tend to think of backups solely as the process of backing up our data files -- not necessarily our applications, our passwords or our computers. And, when we run into a serious problem that threatens our ability to get our work done, it just might be time to rethink what "backing up" should involve.Even if you have more than one computer at your disposal, it could easily be that only one of them is ready to help you with passwords you rarely use, provide access to your cloud backups, allow you to connect to the VPN you use for special projects, probe your network for problems or offer you a way to log into remote systems.To read this article in full, please click here

Backing up not just your data, but your productivity

Everyone knows that backups are important, but most of us tend to think of backups solely as the process of backing up our data files -- not necessarily our applications, our passwords or our computers. And, when we run into a serious problem that threatens our ability to get our work done, it just might be time to rethink what "backing up" should involve.Even if you have more than one computer at your disposal, it could easily be that only one of them is ready to help you with passwords you rarely use, provide access to your cloud backups, allow you to connect to the VPN you use for special projects, probe your network for problems or offer you a way to log into remote systems.To read this article in full, please click here

Don’t let subdomains sink your security

If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization’s main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has “only” 2,132 subdomains.What is DNS and how it works Whatever value subdomains bring to enterprises--and they bring plenty--they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.To read this article in full, please click here

White boxes in the enterprise: Why it’s not crazy

If you’re an enterprise CIO, CFO, or network operations type, you’ve probably been reading about how this service provider or that cloud provider have saved up to 50% on network equipment by using generic “white-box” technology instead of proprietary routers and switches.  It’s hard not to wonder whether your own network budget could buy twice as much gear, and what projects might now meet their business case.  Could enterprises get in on the white-box revolution?  Maybe, if they can address the issues that even service providers and cloud providers have already faced, and in some cases been bitten by.Compatibility The first issue is finding the hardware and software. White-box hardware needs software, either an all-inclusive “network operating system” that provides all the features you need, or an operating system plus a separate routing/switching package. The software can’t just be shoveled onto something and run; it has to match the hardware.  In some cases, the matching process is facilitated through the same sort of drivers found on PCs and servers, but not all hardware has a driver suitable for all software.  Pick a white box and you may not find software you like for it. Continue reading

Don’t let subdomains sink your security

If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization’s main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has “only” 2,132 subdomains.What is DNS and how it works Whatever value subdomains bring to enterprises--and they bring plenty--they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.To read this article in full, please click here

A Survey on Securing Inter-Domain Routing: Part 1 – BGP: Design, Threats and Security Requirements

The Border Gateway Protocol (BGP) is the Internet’s inter-domain routing protocol, and after some thirty years of operation BGP is now one of the more venerable of the Internet’s core” protocols. One of the major ongoing concerns related to BGP is its lack of effective security measures, and as a result the routing infrastructure of the Internet continues to be vulnerable to various forms of attack. In Part 1 of this study, we will look at the design of BGP, the threat model and the requirements from a security framework for BGP.
1 492 493 494 495 496 3,344