Stretched VLANs: What Problem Are You Trying to Solve?
One of ipSpace.net subscribers sent me this interesting question:
I am the network administrator of a small data center network that spans 2 buildings. The main building has a pair of L2/L3 10G core switches. The second building has a stack of access switches connected to the main building with 10G uplinks. This secondary datacenter has got some ESX hosts and NAS for remote backup and some VM for development and testing, but all the Internet connection, firewall and server are in the main building.
There is no routing in the secondary building and most of the VLANs are stretched. Do you think I must change that (bringing routing to the secondary datacenter), or keep it simple like it is now?
As always, it depends, this time on what problem are you trying to solve?
Will SASE Mark the End of the Network as We Know It?
SD-WAN's days appear to be numbered. SASE promises to become the go-to networking technology for linking together virtually all types of users and devices.Introducing VMware NSX Advanced Firewall for VMware Cloud on AWS
We are pleased to announce the introduction of VMware NSX Advanced Firewall for VMware Cloud on AWS, which takes the network security capabilities of VMware Cloud on AWS SDDC to a new level. Adding NSX Advanced Firewall features allows organizations to define security policies at Layer 7 while enabling deep packet inspection across all vNICS within the software-defined data center (SDDC).
NSX Advanced Firewall capabilities help you secure your applications against a never-expanding set of threats on the internet. Specifically, it includes a robust set of networking and security capabilities that enable customers to run production applications in the cloud.
This capability allows you to:
- Detect attempts at exploiting vulnerabilities in your workloads.
- Gain protection against vulnerabilities inside your SDDC with granular application-level security policies.
- Reduce the attack surface of your workloads by allowing only the intended application traffic to run in your SDDC.
- Seamlessly provide inspection for all traffic without a single inspection bottleneck.
- Achieve your compliance goals.
- Customers can purchase the NSX Advanced Firewall as an add-on in VMware Cloud on AWS.
Get the full summary on the VMware Cloud Blog or directly access the product page.
The post Introducing VMware NSX Advanced Firewall for VMware Cloud on AWS appeared first on Network and Security Virtualization.
Introducing IRP Lite 3.11.1 – mighty, feature-rich, 100% free!
Big day today! We are releasing the new IRP Lite v 3.11.1. Most of the features first introduced in the regular IRP
The post Introducing IRP Lite 3.11.1 – mighty, feature-rich, 100% free! appeared first on Noction.
Day Two Cloud 103: Scality ARTESCA Is More Than An Object Store (Sponsored)
On today's Day Two Cloud podcast we talk storage with sponsor Scality about its ARTESCA platform, cloud-native object storage for modern workloads. It integrates with Kubernetes, serves as storage for your public cloud, and more. We dive into the product architecture, use cases, and hardware options via Scality's partnership with HPE.
The post Day Two Cloud 103: Scality ARTESCA Is More Than An Object Store (Sponsored) appeared first on Packet Pushers.
Day Two Cloud 103: Scality ARTESCA Is More Than An Object Store (Sponsored)
On today's Day Two Cloud podcast we talk storage with sponsor Scality about its ARTESCA platform, cloud-native object storage for modern workloads. It integrates with Kubernetes, serves as storage for your public cloud, and more. We dive into the product architecture, use cases, and hardware options via Scality's partnership with HPE.Announcing Rollbacks and API Access for Pages
A couple of months ago, we announced the general availability of Cloudflare Pages: the easiest way to host and collaboratively develop websites on Cloudflare’s global network. It’s been amazing to see over 20,000 incredible sites built by users and hear your feedback. Since then, we’ve released user-requested features like URL redirects, web analytics, and Access integration.
We’ve been listening to your feedback and today we announce two new features: rollbacks and the Pages API. Deployment rollbacks allow you to host production-level code on Pages without needing to stress about broken builds resulting in website downtime. The API empowers you to create custom functionality and better integrate Pages with your development workflows. Now, it’s even easier to use Pages for production hosting.
Rollbacks
You can now rollback your production website to a previous working deployment with just a click of a button. This is especially useful when you want to quickly undo a new deployment for troubleshooting. Before, developers would have to push another deployment and then wait for the build to finish updating production. Now, you can restore a working version within a few moments by rolling back to a previous working build.
To rollback to a previous build, Continue reading
Why Do We Need BGP-LS?
One of my readers sent me this interesting question:
I understand that an SDN controller needs network topology information to build traffic engineering paths with PCE/PCEP… but why would we use BGP-LS to extract the network topology information? Why can’t we run OSPF with controller by simulating a software based OSPF instance in every area to get topology view?
There are several reasons to use BGP-LS:
The Best Technology Stocks to Invest In 2021
The technology sector like all other businesses in the world, has been very volatile lately. However there are still some tech stocks that can get you great results. There are many tech companies that have not only outperformed other tech companies in the world but other types of businesses as well. If you are looking for the most valuable tech stocks to invest in the market then we have gathered an amazing list for you.
Best Value tech stocks:
You always pick a stock that has the highest investing value and get those results by comparing the stock’s price with one or more fundamental basic metrics. The fundamental basic metric is the qualitative and quantitative study that tells the financial well-being of a company and its economic condition. A widely accepted price metric is the P/E ratio which is called price to earnings ratio. It is the ratio for valuing a company measuring its new share price relative to its per-sharing earnings. The investors believe that if a business is reasonable compared to its worth considering the P/E ratio, the stock value could rise quicker than the others because the value comes back in line with the price of the Continue reading
Heavy Networking 584: Optimize Your Peering With Crosswork Cloud Traffic Analysis (Sponsored)
Today's Heavy Networking explores Crosswork Cloud Traffic Analysis from episode sponsor Cisco. This tool is designed to make you deeply knowledgeable about your BGP peering relationships and traffic flows throughout your infrastructure. It will also recommend the routing tweaks in your IGPs, BGP, RSVP-TE, and segment routing to eliminate those pesky congestion points. We also discuss the pros and cons of putting network management capabilities in the cloud.
The post Heavy Networking 584: Optimize Your Peering With Crosswork Cloud Traffic Analysis (Sponsored) appeared first on Packet Pushers.
Heavy Networking 584: Optimize Your Peering With Crosswork Cloud Traffic Analysis (Sponsored)
Today's Heavy Networking explores Crosswork Cloud Traffic Analysis from episode sponsor Cisco. This tool is designed to make you deeply knowledgeable about your BGP peering relationships and traffic flows throughout your infrastructure. It will also recommend the routing tweaks in your IGPs, BGP, RSVP-TE, and segment routing to eliminate those pesky congestion points. We also discuss the pros and cons of putting network management capabilities in the cloud.More products, more partners, and a new look for Cloudflare Logs
We are excited to announce a new look and new capabilities for Cloudflare Logs! Customers on our Enterprise plan can now configure Logpush for Firewall Events and Network Error Logs Reports directly from the dashboard. Additionally, it’s easier to send Logs directly to our analytics partners Microsoft Azure Sentinel, Splunk, Sumo Logic, and Datadog. This blog post discusses how customers use Cloudflare Logs, how we’ve made it easier to consume logs, and tours the new user interface.
New data sets for insight into more products
Cloudflare Logs are almost as old as Cloudflare itself, but we have a few big improvements: new datasets and new destinations.
Cloudflare has a large number of products, and nearly all of them can generate Logs in different data sets. We have “HTTP Request” Logs, or one log line for every L7 HTTP request that we handle (whether cached or not). We also provide connection Logs for Spectrum, our proxy for any TCP or UDP based application. Gateway, part of our Cloudflare for Teams suite, can provide Logs for HTTP and DNS traffic.
Today, we are introducing two new data sets:
Firewall Events gives insight into malicious traffic handled by Cloudflare. It provides detailed information Continue reading
Introducing IRP Lite 3.11.1
The post Introducing IRP Lite 3.11.1 appeared first on Noction.
Sudan’s exam-related Internet shutdowns
To prevent cheating in exams many countries restrict or even shut down Internet access during critical exam hours. I wrote two weeks ago about Syria having planned Internet shutdowns during June, for exams.
Sudan is doing the same thing and has had four shutdowns so far. Here's the Internet traffic pattern for Sudan over the last seven days. I've circled the shutdowns on Saturday, Sunday, Monday and Tuesday (today, June 22, 2021).
Cloudflare Radar allows anyone to track Internet traffic patterns around the world, and it has country-specific pages. The chart for the last seven days (shown above) came from the dedicated page for Sudan.
The Internet outages start at 0600 UTC (0800 local time) and end three hours later at 0900 UTC (1100 local time). This corresponds to the timings announced by the Sudanese Ministry of Education.
Further shutdowns are likely in Sudan on June 24, 26, 27, 29 and 30 (thanks to Twitter user _adonese for his assistance). Looking deeper into the data, the largest drop in use is for mobile Internet access in Sudan (the message above talks about mobile Internet use being restricted) while some non-mobile access appears to continue.
That can be seen by looking Continue reading