Archive

Category Archives for "Networking"

Lightning-Fast Kubernetes Networking with Calico and VPP

Reza Ramezanpour Reza is a developer advocate at Tigera, working to promote adoption of Project Calico. Before joining Tigera, Reza worked as a systems engineer and network administrator. Public cloud infrastructures and microservices are pushing the limits of resources and service delivery beyond what was imaginable until very recently. To keep up with the demand, network infrastructures and network technologies had to evolve as well. Software-defined networking (SDN) is the pinnacle of advancement in cloud networking. By using SDN, developers can deliver an optimized, flexible networking experience that can adapt to the growing demands of their clients. This article will discuss how Tigera’s new Project Calico is an open source networking and security solution. Although it focuses on securing Kubernetes networking, Calico can also be used with OpenStack and other workloads. Calico uses a modular data plane that allows a flexible approach to networking, providing a solution for both current and future networking needs. VPP Continue reading

Video: Typical Large-Scale Bridging Use Cases

In the previous video in the Switching, Routing and Bridging section of How Networks Really Work webinar we compared transparent bridging with IP routing. Not surprisingly (given my well-known bias toward stable solutions) I recommended using IP routing as much as possible, but there are still people out there pushing large-scale transparent bridging solutions.

In today’s video we’ll look at some of the supposed use cases and stable solutions you could use instead of stretching a virtual thick yellow cable halfway across a continent.

Watch the video
The video is available with Free ipSpace.net Subscription.

CEO Gelsinger shakes up Intel

A new CEO invariably means a reorganization around his/her vision of things and an attempt to address perceived problems in the company’s organizational structure. In hindsight, that’s another clue that Bob Swan wasn’t long for the CEO’s job at Intel, since he never did a reorg.Pat Gelsinger, who has been Intel’s CEO for just over four months, on the other hand, completely flipped the table with a major reorganization that creates two new business units, promoted several senior technologists to leadership roles, and saw the departure of a major Intel veteran.Now see "How to manage your power bill while adopting AI" The two new units: one for software and the other on high performance computing and graphics. Greg Lavender will serve as Intel’s chief technology officer and lead the new Software and Advanced Technology Group. As CTO, he will head up research programs, including Intel Labs. Lavender comes to Intel from VMware, where he was also CTO, and has held positions Citigroup, Cisco, and Sun Microsystems.To read this article in full, please click here

CEO Gelsinger shakes up Intel

A new CEO invariably means a reorganization around his/her vision of things and an attempt to address perceived problems in the company’s organizational structure. In hindsight, that’s another clue that Bob Swan wasn’t long for the CEO’s job at Intel, since he never did a reorg.

Pat Gelsinger, who has been Intel’s CEO for just over four months, on the other hand, completely flipped the table with a major reorganization that creates two new business units, promoted several senior technologists to leadership roles, and saw the departure of a major Intel veteran.

The two new units: one for software and the other on high performance computing and graphics. Greg Lavender will serve as Intel’s chief technology officer and lead the new Software and Advanced Technology Group. As CTO, he will head up research programs, including Intel Labs. Lavender comes to Intel from VMware, where he was also CTO, and has held positions Citigroup, Cisco, and Sun Microsystems.

To read this article in full, please click here

Hedge 89: Dana Iskoldski and A House Divided

Bluecat, in cooperation with an outside research consultant, jut finished a survey and study on the lack of communication and divisions between the cloud and networking teams in deployments to support business operations. Dana Iskoldski joins Tom Ammon and Russ White to discuss the findings of their study, and make some suggestions about how we can improve communication between the two teams.

Please find a copy of the study at http://bluecatnetworks.com/hedge.

download

Integrating MISP with NSX Advanced Threat Analyzer

 Contributors: Stefano Ortolani (NSBU TAU)

MISP (originally Malware Information Sharing Platform) is a platform to share, store, and correlate Indicators of Compromise (IOCs) from targeted attacks, threat intelligence, or even financial fraud information. One of the reasons underlying MISP’s success is its extensibility via third-party modules. However, as the number of contributors increases, coordination and distribution can quickly become a challenge. To solve this issue, MISP’s authors created a satellite project called MISP modules.

Before joining the NSX family, we at Lastline contributed three different modules to the MISP project in order to better integrate MISP with the sandbox that is now part of the NSX Advanced Threat Analyzer (ATA) product offering. The main idea was to enrich the file indicators referencing an artifact with behavioral information extracted by detonating the artifact in the sandbox, or by retrieving the analysis result of previous detonations. We accomplished this by relying on three different modules:

  • lastline_submit: An enrichment module used to submit new files to the sandbox; as dynamic analysis requires some time to terminate, the output of this module is an external analysis link represented by a new MISP attribute.
  • lastline_query: An enrichment module to expand a Continue reading

Browser VNC with Zero Trust Rules

Browser VNC with Zero Trust Rules
Browser VNC with Zero Trust Rules

Starting today, we’re excited to share that you can now shift another traditional client-driven use case to a browser. Teams can now provide their users with a Virtual Network Computing (VNC) client fully rendered in the browser with built-in Zero Trust controls.

Like the SSH flow, this allows users to connect from any browser on any device, with no client software needed. The feature runs in every one of our data centers in over 200 cities around the world, bringing the experience closer to your end users. We also built the experience using Cloudflare Workers, to offer nearly instant start times. In the future we will support full auditability of user actions in their VNC and SSH sessions.

A quick refresher on VNC

VNC is a desktop sharing platform built on top of the Remote Frame Buffer protocol that allows for a GUI on any server. It is built to be platform-independent and provides an easy way for administrators to make interfaces available to users that are less comfortable with a command-line to work with a remote machine. Or to complete work better suited for a visual interface.

In my case, the most frequent reason I use VNC is Continue reading

Stretched VLANs: What Problem Are You Trying to Solve?

One of ipSpace.net subscribers sent me this interesting question:

I am the network administrator of a small data center network that spans 2 buildings. The main building has a pair of L2/L3 10G core switches. The second building has a stack of access switches connected to the main building with 10G uplinks. This secondary datacenter has got some ESX hosts and NAS for remote backup and some VM for development and testing, but all the Internet connection, firewall and server are in the main building.

There is no routing in the secondary building and most of the VLANs are stretched. Do you think I must change that (bringing routing to the secondary datacenter), or keep it simple like it is now?

As always, it depends, this time on what problem are you trying to solve?

Read more …

Introducing VMware NSX Advanced Firewall for VMware Cloud on AWS

We are pleased to announce the introduction of VMware NSX Advanced Firewall for VMware Cloud on AWS, which takes the network security capabilities of VMware Cloud on AWS SDDC to a new level. Adding NSX Advanced Firewall features allows organizations to define security policies at Layer 7 while enabling deep packet inspection across all vNICS within the software-defined data center (SDDC). 

NSX Advanced Firewall capabilities help you secure your applications against a never-expanding set of threats on the internet. Specifically, it includes a robust set of networking and security capabilities that enable customers to run production applications in the cloud. 

This capability allows you to: 

  • Detect attempts at exploiting vulnerabilities in your workloads. 
  • Gain protection against vulnerabilities inside your SDDC with granular application-level security policies. 
  • Reduce the attack surface of your workloads by allowing only the intended application traffic to run in your SDDC. 
  • Seamlessly provide inspection for all traffic without a single inspection bottleneck. 
  • Achieve your compliance goals. 
  • Customers can purchase the NSX Advanced Firewall as an add-on in VMware Cloud on AWS. 

Get the full summary on the VMware Cloud Blog or directly access the product page

 

The post Introducing VMware NSX Advanced Firewall for VMware Cloud on AWS appeared first on Network and Security Virtualization.

HPE expands GreenLake services

Hewlett Packard Enterprise announced several expansions of its managed GreenLake services during its HPE Discover conference this week.GreenLake is HPE’s consumption model for hardware and services. Rather than make an outright purchase, customers determine the configuration they will need and HPE installs it, with a slight overprovisioning just in case. If the customer ends up needing more hardware capacity, it’s just turned on. Until then, it just sits there, unused, and at no charge.To read this article in full, please click here

HPE expands GreenLake services

Hewlett Packard Enterprise announced several expansions of its managed GreenLake services during its HPE Discover conference this week.GreenLake is HPE’s consumption model for hardware and services. Rather than make an outright purchase, customers determine the configuration they will need and HPE installs it, with a slight overprovisioning just in case. If the customer ends up needing more hardware capacity, it’s just turned on. Until then, it just sits there, unused, and at no charge.To read this article in full, please click here

Day Two Cloud 103: Scality ARTESCA Is More Than An Object Store (Sponsored)

On today's Day Two Cloud podcast we talk storage with sponsor Scality about its ARTESCA platform, cloud-native object storage for modern workloads. It integrates with Kubernetes, serves as storage for your public cloud, and more. We dive into the product architecture, use cases, and hardware options via Scality's partnership with HPE.

The post Day Two Cloud 103: Scality ARTESCA Is More Than An Object Store (Sponsored) appeared first on Packet Pushers.

1 497 498 499 500 501 3,344