Archive

Category Archives for "Networking"

Don’t miss our session at SUSECON Digital 2021

Join us at SUSECON Digital 2021, taking place virtually from May 18–20. It’s free! Tigera VP Product Management & Business Development, Amit Gupta, will be leading a session on Kubernetes networking, security and observability with Rancher and Calico. Our team will also be at the Tigera booth waiting to speak with you.

Speaking session

Don’t miss our session on Kubernetes networking, security and observability with Rancher and Calico! You can add our session to your schedule here.

Session details

Title: Kubernetes Networking, Security and Observability with Rancher and Calico
Date: Tuesday, May 18 at 6:00–6:30 PM (BST)

Rancher enables enterprises to deliver Kubernetes-as-a-Service across any infrastructure, including hybrid, multi-cloud and multi-cluster environments. Kubernetes’ networking, security, and observability for such deployments are critical in preventing an organization’s exposure to a multitude of security and compliance issues.

In this session, you’ll learn about how you can leverage open-source Calico in Rancher (built-in) to secure your Kubernetes environments. You will also learn about how Calico Cloud and Calico Enterprise, built on open-source Calico, can help you address performance hotspots, troubleshoot microservice communication, and carry out anomaly detection. Lastly, you will learn how to bootstrap and configure your Rancher cluster along with sample network Continue reading

Heavy Networking 578: When Your Homegrown Tool Becomes Essential To The Team

Lots of network engineers develop tools to help them automate tasks. What happens if you build something so useful it becomes adopted in your organization? Ivan Del Rio, Senior IP Engineer at DQE Communications, stops by the podcast to talk about a tool he built to automate some of his own tasks that is now being widely used. He discusses how and why he built the tool, and how supporting and developing the tool affects his day-to-day responsibilities.

Heavy Networking 578: When Your Homegrown Tool Becomes Essential To The Team

Lots of network engineers develop tools to help them automate tasks. What happens if you build something so useful it becomes adopted in your organization? Ivan Del Rio, Senior IP Engineer at DQE Communications, stops by the podcast to talk about a tool he built to automate some of his own tasks that is now being widely used. He discusses how and why he built the tool, and how supporting and developing the tool affects his day-to-day responsibilities.

The post Heavy Networking 578: When Your Homegrown Tool Becomes Essential To The Team appeared first on Packet Pushers.

Internet Society Offers to Assist Establishing “XChange Point” in Inuvik

This article was originally published in The Inuvik Drum. Town pens letter of support for idea that would expand Internet activity in Delta Inuvik Town Council has penned a letter of support for establishing an “Internet XChange Point” (IXP) in the Beaufort Delta, should one or more of the NWT’s Telecommunications companies choose to pursue […]

The post Internet Society Offers to Assist Establishing “XChange Point” in Inuvik appeared first on Internet Society.

Networking Isn’t Just A Tool

BlueFiberOptic

It’s another event week for me at Networking Field Day 25 and I’m continually impressed with the level of technology that we see in the networking world. I think back to how things looked when I was still deploying the networks I built and it seems like a hundred years ago instead of a decade. More software driving better outcomes for users. Easier collection of analytics and telemetry to understand how to tune things and make them faster and better. And, honestly, more need for advanced technical people to tune everything and make it work better.

When you consider that the last year has been done over the Internet for most of us it gets even crazier. Meetings, software productivity, and even food delivery has been driven by apps running in the cloud that we communicate with over the Internet. I can remember a time when I didn’t have a mobile phone in my pocket with Internet capabilities. Today I can barely imagine not having it at my fingertips. When the network is not doing things the way we want we quickly find out how dependent we’ve become on our connectivity.

Generational Differences

My children are amazed that dial-up networking Continue reading

The Inevitable Transformation Of Networking – Packet Pushers LiveStream With Alkira (Video 1)

Greg Ferro speaks with Alkira Founder and CEO Amir Khan about the complications of cloud networking and customer struggles around day 2 operations, governance, compliance. They talk about how Alkira has built its own infrastructure to enable multi-cloud networking as-a-service in this video excerpt of the Packet Pushers Livestream event on April 22, 2021.

The post The Inevitable Transformation Of Networking – Packet Pushers LiveStream With Alkira (Video 1) appeared first on Packet Pushers.

Weekend Reads 051421


For this post, I wanted to explore some ways that an organisation or individual might start building a new security “habit” so that, in time, acting securely becomes automatic.


Research into methods of attacking machine-learning and artificial-intelligence systems has surged—with nearly 2,000 papers published on the topic in one repository over the last decade—but organizations have not adopted commensurate strategies to ensure that the decisions made by AI systems are trustworthy


Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse.


But the Advanced Persistent Threat (APT) carries with it a worrying sub-text that requires further exploration as companies continue to tackle the ongoing issues of a global pandemic and an increasingly fatigued and remote workforce.


With organizational data practices coming under increasing scrutiny, demand is growing for mechanisms that can assist organizations in meeting their data-management obligations


All good parties come to an end, and the one that Intel has enjoyed for an unbelievable dozen years, starting with the rollout of the “Nehalem” Xeon E5500 processors back in March 2009, is over. Find the Advil, grab a glass of water, and try not to drop all the pills Continue reading

Don’t miss our session at SUSECON Digital 2021

Join us at SUSECON Digital 2021, taking place virtually from May 18–20. It’s free! Tigera VP Product Management & Business Development, Amit Gupta, will be leading a session on Kubernetes networking, security and observability with Rancher and Calico. Our team will also be at the Tigera booth waiting to speak with you.

Speaking session

Don’t miss our session on Kubernetes networking, security and observability with Rancher and Calico! You can add our session to your schedule here.

Session details

Title: Kubernetes Networking, Security and Observability with Rancher and Calico
Date: Tuesday, May 18 at 6:00–6:30 PM (BST)

Rancher enables enterprises to deliver Kubernetes-as-a-Service across any infrastructure, including hybrid, multi-cloud and multi-cluster environments. Kubernetes’ networking, security, and observability for such deployments are critical in preventing an organization’s exposure to a multitude of security and compliance issues.

In this session, you’ll learn about how you can leverage open-source Calico in Rancher (built-in) to secure your Kubernetes environments. You will also learn about how Calico Cloud and Calico Enterprise, built on open-source Calico, can help you address performance hotspots, troubleshoot microservice communication, and carry out anomaly detection. Lastly, you will learn how to bootstrap and configure your Rancher cluster along with sample network Continue reading

Tetrate Service Bridge to Close Enterprise Application Networking Gap via Service Mesh

At some point, you’ve got to stop building something you think people need and start putting it out there to test in the market. You have to go get users. This is where the first engineers of the Istio service mesh at Google found themselves about four years ago. But, like many things in the still-emerging cloud native space, the first response was: Well, what is it? Who else is using it? Tetrate Service Bridge to act as an application connectivity platform or a technical bridge to take you from those legacies to those modern environments, and to increase reliability and availability. Also called TSB, it looks to solve the issue of networking for heterogeneous workloads. Tetrate Service Bridge, built on Istio and now in general availability, presents itself as the solution to enterprise-grade challenges that can’t be just abstracted out with a Kubernetes layer. The Tetrate team has built out the core set of functionality around controlling traffic across an entire fleet of services, from the edge to the mesh. Butcher says TSB bridges the gap between having service mesh capabilities and actually realizing those capabilities in a way that is safe. He said, “This service mesh is great, but how do I actually use it in my enterprise? How do I change my process to take advantage of the mesh? And actually changing processes is really expensive, so how do I not change my process either?” And those enterprise processes aren’t simple either. They look to use service mesh to enforce security and compliance requirements. Or to gain control and visibility across entire complex infrastructures. How to put security controls in place across highly heterogeneous environments. “Service mesh serves a lot of problems I have but you are telling me I can only have it in Kubernetes? I want those things to help me get from my legacy to a modern environment, not already in that,” Butcher said. TSB helps you manage across the full breadth of compute, connecting Kubernetes and legacy infrastructure. He gives examples you can use to link with Istio and Envoy and just start assembling your application network. “Tetrate Service Bridge is a platform for applications to communicate securely and successfully without having to get into the weeds of what lives there.”— Zack Butcher, Founding Engineer, Tetrate Butcher says then there’s the enterprise management side, teams need to be able to prove they are using service mesh correctly and securely. He says TSB enables teams to divvy up their physical infrastructure and cloud-based environments, with multitenancy and controls, so you can use service mesh to “do cool things at runtime.” The connectivity tool works not only with Istio and the Apache Skywalking, enabling observability across whole systems. They are clear that while they are a tool to ease the use of these open source tools and the whole Tetrate team is contributors to the open source projects they depend on, they are not an open core company, intentionally. “In my opinion, there’s this really big tension in open-core companies. If me, as a developer, I have to decide project or product that people pay for — he doesn’t want to make the value prop decision,” Butcher explained. He continued, “We are building a layer on top of the open source pieces. We are assembling these open source pieces together in a coherent system.” Another part of this decision is that, since they are still essentially using open source tools, enterprises can do so in a relatively cheap way through Tetrate. Butcher points to the fundamental difference between enterprise closed source products like TCB and the open source projects it serves. “Capabilities go in open source and then how you manage those capabilities and how you use them within an organization, that’s what you put in the product,” he said.” While they only went fully public with TSB in April, they built it alongside adopters from the start. Butcher, paraphrasing Socrates, said that after the “pain of adopting Istio — we were in a cave without users” they were determined to build hand in hand with users. One such early adopter was FICO, the organization that creates the predominant credit risk score in the U.S. One emerging use case for service mesh is encryption in transit to ensure compliance to ever-changing regulations and standards from HIPAA and GDPR to automate enforcement of

Automating Cloudflare Tunnel with Terraform

Automating Cloudflare Tunnel with Terraform
Automating Cloudflare Tunnel with Terraform

Cloudflare Tunnel allows you to connect applications securely and quickly to Cloudflare’s edge. With Cloudflare Tunnel, teams can expose anything to the world, from internal subnets to containers, in a secure and fast way. Thanks to recent developments with our Terraform provider and the advent of Named Tunnels it’s never been easier to spin up.

Classic Tunnels to Named Tunnels

Historically, the biggest limitation to using Cloudflare Tunnel at scale was that the process to create a tunnel was manual. A user needed to download the binary for their OS, install/compile it, and then run the command cloudflared tunnel login. This would open a browser to their Cloudflare account so they could download a cert.pem file to authenticate their tunnel against Cloudflare’s edge with their account.

With the jump to Named Tunnels and a supported API endpoint Cloudflare users can automate this manual process. Named Tunnels also moved to allow a .json file for the origin side tunnel credentials instead of (or with) the cert.pem file. It has been a dream of mine since joining Cloudflare to write a Cloudflare Tunnel as code, along with my instance/application, and deploy it while I go walk my dog. Tooling should Continue reading

SP. Part 9. Health check of Segment Routing Traffic Engineering (SR-TE) tunnels with seamless BFD in Nokia SR OS

Hello my friend,

For a long time we haven’t posted blogs about pure network technologies. However, recently we were working on some interesting use case, which so far is not yet covered at a level of the working details nowhere in the internet. As such, we decided to share with you our findings and working details.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

How automation can help with SR-TE in SP network?

In some (big) networks the BGP-SR-TE is a good signal the SR-TE policies, so that the PE routers can build the SR-TE tunnels without the need to configure them locally. However, the BGP-SR-TE requires a full pledged SDN controller, so that you can generate the SR-TE policy in the backend using some UI/API and send the policies down to the network elements using the BGP. If you want to have a somewhat simpler setup, you may need need to deploy the tunnels manually. In this case, the automation is your closest Continue reading

Join us at our inaugural Kubernetes Security and Observability Summit

We are excited to announce that the inaugural Kubernetes Security and Observability Summit, brought to you by Tigera, will take place on June 3, 2021.

The journey to Kubernetes adoption can be riddled with challenges and roadblocks. These challenges are magnified in a cloud-native context, where organizations are running hundreds—sometimes thousands—of applications simultaneously across numerous business units, for customers around the world.

What does security and observability mean in this context? What challenges should Kubernetes practitioners anticipate and what opportunities should they explore? To address these questions and to explore emerging trends, we are gathering industry experts under one (virtual) roof at the Kubernetes Security and Observability Summit.

As the industry’s first and only conference solely focused on Kubernetes security and observability, this (free) live virtual event will include discussions with technology leaders and Kubernetes users on real-world experiences, fundamentals, and best practices for securing and troubleshooting Kubernetes environments.

What to expect

The Kubernetes Security and Observability Summit is a place for DevOps, SREs, platform architects, and security teams to come together to explore trends, strategies, and technologies for securing, observing and troubleshooting cloud-native applications.

During the summit, experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, Continue reading

BrandPost: The secret of delivering private-line experience over optical networks

The world stands on the brink of the fourth industrial revolution – the confluence of new technologies like cloud computing, big data analytics, and IoT have reached a tipping point where enterprises can successfully process workloads in the cloud like never before.Indeed, 85% of enterprises will have deployed new digital infrastructure in the cloud by 2025, according to industry analyst IDC. In the US, the cloud migration rate of enterprises has exceeded 85% and in EU countries has reached 70%.Governments are a key catalyst for this change, as they push whole economies to digitize to improve whole of society benefits and increase national productivity. To read this article in full, please click here

The Hedge 83: Bruce Davie and the System View

Network engineers tend to look at the world through the lens of a single device—an individual appliance, sold by a vendor, with a well-developed CLI for configuration and maintenance. Networks, however, are the “odd person out” in the world of information technology. In the broader technology world, a stronger systems-oriented view is more common. In this episode of the Hedge, Bruce Davie joins Tom Ammon and Russ White to discuss a systems view of the world, as well as a new publishing model he’s working on, and some thoughts on the place of SDN.

download

You can find Bruce’s book, Computer Networks: A Systems Approach, here.

Join us at our inaugural Kubernetes Security and Observability Summit

We are excited to announce that the inaugural Kubernetes Security and Observability Summit, brought to you by Tigera, will take place on June 3, 2021.

The journey to Kubernetes adoption can be riddled with challenges and roadblocks. These challenges are magnified in a cloud-native context, where organizations are running hundreds—sometimes thousands—of applications simultaneously across numerous business units, for customers around the world.

What does security and observability mean in this context? What challenges should Kubernetes practitioners anticipate and what opportunities should they explore? To address these questions and to explore emerging trends, we are gathering industry experts under one (virtual) roof at the Kubernetes Security and Observability Summit.

As the industry’s first and only conference solely focused on Kubernetes security and observability, this (free) live virtual event will include discussions with technology leaders and Kubernetes users on real-world experiences, fundamentals, and best practices for securing and troubleshooting Kubernetes environments.

What to expect

The Kubernetes Security and Observability Summit is a place for DevOps, SREs, platform architects, and security teams to come together to explore trends, strategies, and technologies for securing, observing and troubleshooting cloud-native applications.

During the summit, experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, Continue reading

1 515 516 517 518 519 3,344