0

Announcing Foundation DNS — Cloudflare’s new premium DNS offering

Today, we’re announcing Foundation DNS, Cloudflare’s new premium DNS offering that provides unparalleled reliability, supreme performance and is able to meet the most complex requirements of infrastructure teams.

Let’s talk money first

When you’re signing an enterprise DNS deal, usually DNS providers request three inputs from you in order to generate a quote:

• Number of zones
• Total DNS queries per month
• Total DNS records across all zones

Some are considerably more complicated and many have pricing calculators or opaque “Contact Us” pricing. Planning a budget around how you may grow brings unnecessary complexity, and we think we can do better. Why not make this even simpler? Here you go: We decided to charge Foundation DNS based on a single input for our enterprise customers: Total DNS queries per month. This way, we expect to save companies money and even more importantly, remove complexity from their DNS bill.

And don’t worry, just like the rest of our products, DDoS mitigation is still unmetered. There won’t be any hidden overage fees in case your nameservers are DDoS’d or the number of DNS queries exceeds your quota for a month or two.

Why is DNS so important?

The Domain Name System (DNS) Continue reading

0

Helping You Benefit from our Pluggable eBPF Data Plane – Introducing the New Calico eBPF Data Plane Certification

Why Create a Course About Calico’s eBPF Data Plane?

Calico is the industry standard for Kubernetes networking and security. It offers a proven platform for your workloads across a huge range of environments, including cloud, hybrid, and on-premises. 

Calico has had a high-quality, production-ready, performant, eBPF data plane option for some time!

However, although many users are deploying it in production and benefitting, we still sometimes see users who don’t know that Calico has an eBPF data plane or feel confident deploying it, and:

• Don’t understand the benefits of Calico’s pluggable architecture
• Don’t fully understand what eBPF is
• Don’t know that Calico has an eBPF data plane
• Don’t understand why it is not the default Calico data plane or best choice
• Don’t feel confident to deploy the Calico eBPF data plane

We created the new CCO-L2-EBPF (Certified Calico Operator: eBPF) course specifically to address these points. The course will help you to understand the strengths of eBPF and when it is, or is not, the right choice. It will also help you see how easy it is to deploy the Calico eBPF data plane if you have made the choice that it is right for you and your cluster.

Continue reading

0

Using whois/jwhois on Linux

The whois and jwhois commands allow you to retrieve a lot of information on Internet domains--likely a lot more than you might imagine. Here's how these commands work and how they can be useful.To get started, you probably already use nslookup to check on domain names. When you do, you'll see output like this:$ nslookup networkworld.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: networkworld.com Address: 151.101.2.165 Name: networkworld.com Address: 151.101.66.165 Name: networkworld.com Address: 151.101.194.165 Name: networkworld.com Address: 151.101.130.165 The nslookup command queries name servers, so its output provides IP addresses for the queried domain and verifies the domain name is valid, but whois commands provide extensive details on the domain registration, domain status, responsible organizations, their locations, etc., giving you a lot more insight into domains.To read this article in full, please click here

0

Using whois/jwhois on Linux

The whois and jwhois commands allow you to retrieve a lot of information on Internet domains--likely a lot more than you might imagine. Here's how these commands work and how they can be useful.To get started, you probably already use nslookup to check on domain names. When you do, you'll see output like this:$ nslookup networkworld.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: networkworld.com Address: 151.101.2.165 Name: networkworld.com Address: 151.101.66.165 Name: networkworld.com Address: 151.101.194.165 Name: networkworld.com Address: 151.101.130.165 The nslookup command queries name servers, so its output provides IP addresses for the queried domain and verifies the domain name is valid, but whois commands provide extensive details on the domain registration, domain status, responsible organizations, their locations, etc., giving you a lot more insight into domains.To read this article in full, please click here

0

What Are You Going to Test in Network Automation CI/CD Pipeline?

Network automation CI/CD pipeline seems to be the next hot thing, with vendors and bloggers describing in detail how you could get it done. How realistic is that idea for an average environment that’s barely starting its automation journey?

TL&DR: it will take a long time to get there, and lack of tests is the first showstopper.

0

What Are You Going to Test in Network Automation CI/CD Pipeline?

Network automation CI/CD pipeline seems to be the next hot thing, with vendors and bloggers describing in detail how you could get it done. How realistic is that idea for an average environment that’s barely starting its automation journey?

TL&DR: it will take a long time to get there, and lack of tests is the first showstopper.

0

Is SONiC Right for Your Data Center and Private Cloud Network?

There are a number of questions that enterprises, communication service providers and tier 2 cloud service providers need to ask themselves to understand if SONiC is a good choice for their on-prem data center and private cloud networks.

The post Is SONiC Right for Your Data Center and Private Cloud Network? appeared first on Pluribus Networks.

0

Is SONiC Right for Your Data Center and Private Cloud Network?

Many data center operators are interested in bringing the benefits of hyperscaler technologies to on-prem data centers. One of these technologies is SONiC, an open source network operating system that is being advanced under the auspices of the Open Compute Project (OCP). There are a number of questions that enterprises, communication service providers and tier 2 cloud service providers need to ask themselves to understand if SONiC is a good choice for their on-prem data center and private cloud networks.

What is SONiC?

SONiC, which stands for “Software for Open Networking in the Cloud,” is a network operating system originally designed by Microsoft for their data center networks. Microsoft was frustrated with the overly complex operating systems provided by vendors like Cisco, Juniper and Arista that included many features that Microsoft simply did not need for their Azure cloud network. Thus, SONiC was built by Microsoft in a completely modular way based on running networking functions in containers so components could be added or removed as a mechanism to build a lean, optimized OS that only contained the essential features to run the Microsoft Azure cloud network. They also developed the Switch Abstraction Interface (SAI) with a goal of enabling Continue reading

0

FTC investigation of Nvidia/Arm deal will only hurt Arm

The proposed Nvidia-Arm merger had another roadblock thrown in front of it when the US Federal Trade Commission’s filed a lawsuit objecting to the $40 billion deal last week.The acquisition met with almost immediate opposition from UK entities when it was announced in September 2020. Now, 15 months laster the FTC weighs in and has set an administrative trial for Aug. 9, 2022.“Tomorrow’s technologies depend on preserving today’s competitive, cutting-edge chip markets,” said Holly Vedova, director of the FTC’s Bureau of Competition in a statement. “This proposed deal would distort Arm’s incentives in chip markets and allow the combined firm to unfairly undermine Nvidia’s rivals.”To read this article in full, please click here

0

APIs pose the latest threat of vendor-lock-in networking

In my surveys of enterprises, the number worried about vendor lock-in has hovered around 90% for 30 years.  When you ask enterprises how they avoid it, they respond “standard interfaces” or “open-source”. Even today, the percentage who include “managing APIs” in their list of lock-in avoidance measures is in the statistical noise level, but APIs are perhaps the fastest-growing lock-in problem today, and they’re surely going to become a major problem in the future.API stands for “application programming interface”, but the term is broadly used in software today to describe the interfaces between all the software components used in an application, a cloud, or even a network. APIs let pieces of software talk with each other, and they’re essential in every situation where software components rather than hardware devices are connected. What’s creating a challenge in lock-in from APIs today is the fact that networking is shifting more to software, which means it’s shifting to a model where APIs are just as important as those standard interfaces, and enterprises aren’t tracking that important shift.To read this article in full, please click here

0

FTC investigation of Nvidia/Arm deal will only hurt Arm

The proposed Nvidia-Arm merger had another roadblock thrown in front of it when the US Federal Trade Commission’s filed a lawsuit objecting to the $40 billion deal last week.The acquisition met with almost immediate opposition from UK entities when it was announced in September 2020. Now, 15 months laster the FTC weighs in and has set an administrative trial for Aug. 9, 2022.“Tomorrow’s technologies depend on preserving today’s competitive, cutting-edge chip markets,” said Holly Vedova, director of the FTC’s Bureau of Competition in a statement. “This proposed deal would distort Arm’s incentives in chip markets and allow the combined firm to unfairly undermine Nvidia’s rivals.”To read this article in full, please click here

0

APIs pose the latest threat of networking-vendor lock-in

In my surveys of enterprises, the number worried about vendor lock-in has hovered around 90% for 30 years.  When you ask enterprises how they avoid it, they respond “standard interfaces” or “open-source”. Even today, the percentage who include “managing APIs” in their list of lock-in avoidance measures is in the statistical noise level, but APIs are perhaps the fastest-growing lock-in problem today, and they’re surely going to become a major problem in the future.API stands for “application programming interface”, but the term is broadly used in software today to describe the interfaces between all the software components used in an application, a cloud, or even a network. APIs let pieces of software talk with each other, and they’re essential in every situation where software components rather than hardware devices are connected. What’s creating a challenge in lock-in from APIs today is the fact that networking is shifting more to software, which means it’s shifting to a model where APIs are just as important as those standard interfaces, and enterprises aren’t tracking that important shift.To read this article in full, please click here

0

Aryaka broadens enterprise targets with managed SD-WAN, SASE services

Aryaka Networks is looking to target more enterprises with a new managed secure access service edge (SASE) offering and an improved, lower cost SD-WAN offerings.Aryaka is known for offering WAN and SD-WAN services over its global Layer 2 network with more than 40 points . The new services spring from that backbone to provide additional, flexible WAN services. SD-WAN buyers guide: Key questions to ask vendors The first is based on a new iteration of Aryaka’s L2 core—the L3—which is optimized for cost and non-mission critical applications or sites that don’t require top-shelf performance. The L2 core is optimized for performance-sensitive applications.To read this article in full, please click here

0

Aryaka broadens enterprise targets with managed SD-WAN, SASE services

Aryaka Networks is looking to target more enterprises with a new managed secure access service edge (SASE) offering and an improved, lower cost SD-WAN offerings.Aryaka is known for offering WAN and SD-WAN services over its global Layer 2 network with more than 40 points . The new services spring from that backbone to provide additional, flexible WAN services. SD-WAN buyers guide: Key questions to ask vendors The first is based on a new iteration of Aryaka’s L2 core—the L3—which is optimized for cost and non-mission critical applications or sites that don’t require top-shelf performance. The L2 core is optimized for performance-sensitive applications.To read this article in full, please click here

0

AWS Unveils Private 5G Service, Validating Enterprise Use Case

Technology giant Amazon Web Services enters the private 5G service space. Here’s what it means for the enterprise.

0

AWS Unveils Private 5G Service: Validates Enterprise Use-Case Need

Technology giant Amazon Web Services enters the private 5G service space. Here’s what it means for the enterprise.

0

Update From the FishBowl

Hello EVERYONE I’m back! Let me share a random “update from the FIshBowl”. 🙂 So many things I have been working on and doing that I am just beyond excited to share. So expect lots of upcoming blogs and YouTube... Read More ›

The post Update From the FishBowl appeared first on Networking with FISH.

0

Cumulus Basics Part II – bridging

This second blog on Cumulus looks at basic layer2 functionality in Cumulus Linux.

0

What’s New in vRealize Network Insight Cloud and vRealize Network Insight 6.4 for NSX-T 3.2

We’re pleased to announce another close collaboration between NSX-T 3.2, vRealize Network Insight Cloud, and vRealize Network Insight 6.4 in this latest release. As enterprises strive for the latest in cloud networking, the network management piece combines the end-user experience, applications, and technology to provide the visibility needed to ensure applications are consistently performing and secure. As we know, broad network observability is a critical step in securing the infrastructure.

vRealize Network Insight Cloud is available as a SaaS or on-premises solution for end-to-end network visibility, troubleshooting, and analytics. It works closely with NSX-T 3.2. vRealize Network Insight Cloud also helps optimize multi-cloud network performance with troubleshooting capabilities for applications, virtual machines, physical servers, or Kubernetes.

NSX Federation

Customers use NSX Federation to scale across different locations globally, making it easier to create hierarchies and dramatically simplifying management. vRealize Network Insight Cloud now supports network visibility for NSX Federation. This new feature will enable customers to leverage views across multiple NSX-T data centers at the global, regional, and local site levels. Several new cross-site VM to VM paths will be available, including inter-site VM-VM paths, intra-site VM-VM paths, VM-VM across sites with NAT, VM-VM paths across Continue reading

0

VMware NSX 3.2 Delivers New, Advanced Security Capabilities 

It’s an impactful release focused on significant NSX Security enhancements

Putting a hard shell around a soft core is not a recipe for success in security, but somehow legacy security architectures for application protection have often looked exactly like that: a hard perimeter firewall layer for an application infrastructure that was fundamentally not built with security as a primary concern. VMware NSX Distributed Firewall pioneered the micro-segmentation concept for granular access controls for cloud applications with the initial launch of the product in 2013. The promise of Zero Trust security for applications, the simplicity of deployment of the solution, and the ease of achieving internal security objectives made NSX an instant success for security-sensitive customers.

Our newest release — NSX-T 3.2 — establishes a new marker for securing application infrastructure by introducing significant new features to identify and respond to malware and ransomware attacks in the network, to enhance user identification and L7 application identification capabilities, and, at the same time, to simplify deployment of the product for our customers.

“Modern day security teams need to secure mission-critical infrastructure from both external and internal attacks. By providing unprecedented threat visibility leveraging IDS, NTA, and Network Detection and Response (NDR) capabilities along with granular controls leveraging L4-L7 Firewall, IPS, and Malware Prevention capabilities, NSX 3.2 delivers an incredible security solution for our customers“  

– Umesh Mahajan, SVP, GM (Networking and Security Business Unit) 

This blog captures critical enhancements NSX-T 3.2 delivers from a security perspective. And stay tuned —we’ll follow up with more detailed blogs on Continue reading