Archive

Category Archives for "Networking"

Registrar for Everyone

Registrar for Everyone
Registrar for Everyone

Today, we are excited to announce that all Cloudflare customers now have full Registrar access, including the ability to register new domains.

Second, starting today — and over the course of the next few weeks — we will be introducing over 40 new top-level domains (TLDs). We’re starting with .uk, our most requested country code extension. Initially, customers will only be able to transfer in existing .uk domains from other registrars, but support for new registrations will become available within the next few weeks. In keeping with our at-cost model, .uk domains will be priced at the wholesale registry fee.

A short registrar primer

In the domain name world, there are two key players: registrars and registries. Understandably, the two are often confused. One way to look at it is that registries are the wholesalers and registrars are the retailers. Registries host the centralized database of registered domains within a TLD. They are responsible for establishing the policies and business rules for the TLD. They also set the wholesale price. Registrars sell domains to end users and manage those registrations on an ongoing basis. They set the retail fee, collect payment, provide customer support, and ensure registrations are renewed Continue reading

A Better Internet with UN Global Compact

A Better Internet with UN Global Compact
A Better Internet with UN Global Compact

Every year during Birthday Week, we talk about what we mean by our mission to help build a better Internet. We release support for new standards and products that help the global Internet community and give things like unmitigated DDoS Protection away for free. We also think about our role as an active participant in the global community of individuals, companies and governments that make the Internet what it is.

In 2020, we decided to formalize our commitment to being an active partner in the global community by joining the UN Global Compact (UNGC) as a signatory. We share the view that achievement of the Sustainable Development Goals set out in the UN Global Compact are the blueprint for a better and more sustainable future. Today, we are proud to release our first Communication on Progress, which describes how we are integrating UNGC principles across our company and as part of helping build a better Internet.

Shared values, economy, and Internet

In 1999, then UN Secretary General Kofi Annan shared a sober message with business leaders gathered at the World Economic Forum in Davos. He argued that basic protections like human rights, environmental sustainability, and fair labor practices are Continue reading

Gartner: SD-WAN, SASE biggest drivers of WAN edge infrastructure

The past several years have seen a large-scale shift from traditional MPLS-based customer edge routers to SD-WAN technology, according to Gartner’s 2021 Magic Quadrant for WAN Edge Infrastructure.  Overall spending on WAN edge will grow by 2.6% per year through 2025, according to the report. The increased sales of WAN edge technology in general is driven by SD-WAN equipment designed to support work-from-home and in-office environments are slightly dampened by the fact that sales of traditional branch office routers are sharply down as a consequence, Gartner says. As the world shifts from working from home to working from anywhere, companies have begun to shift away from the VPN as the main tool for keeping remote workers secure, and towards more-fully featured SD-WAN technologies, with the idea of eventually implementing zero-trust network access for maximal security, Gartner’s report noted.To read this article in full, please click here

How and why automation can improve network-device security

The recent T-Mobile data breach, reportedly facilitated by attackers gaining access to an unprotected router and from there into the network, could have been prevented through the use of network automation.IDS, IPS, SASE, and other newer technologies get a lot more attention, but automation is critical to modern network security. Here’s a look at how automation should be used to enhance network security.To read this article in full, please click here

How and why automation can improve network-device security

The recent T-Mobile data breach, reportedly facilitated by attackers gaining access to an unprotected router and from there into the network, could have been prevented through the use of network automation.IDS, IPS, SASE, and other newer technologies get a lot more attention, but automation is critical to modern network security. Here’s a look at how automation should be used to enhance network security.To read this article in full, please click here

Graceful Restart 101

In the Non-Stop Forwarding (NSF) article, I mentioned that the routers adjacent to the device using NSF have to play along to make the idea work. That capability is called Graceful Restart. Today we’ll explore its intricate details, be diplomatic, and leave the shortcomings and tradeoffs for the next blog post.

The Problem

Imagine an access (provider edge) router providing connectivity services to its clients and running a routing protocol with one or more upstream devices.

Graceful Restart (GR) 101

In the Non-Stop Forwarding (NSF) article, I mentioned that the routers adjacent to the device using NSF have to play along to make the idea work. That capability is called Graceful Restart. Today we’ll explore its intricate details, be diplomatic, and leave the shortcomings and tradeoffs for the next blog post.

The Problem

Imagine an access (provider edge) router providing connectivity services to its clients and running a routing protocol with one or more upstream devices.

Nornir – The Basics

If you have an understanding of Python and have been working with Ansible it is likely at some point you will get to the stage where you ask yourself ‘there has to be something better’. For network automation that better could well be Nornir.

Learn How to Implement Stronger Multi-Cloud Security at VMworld 2021

One of the major focuses at VMworld 2021 is to educate network security teams on how they can achieve the strongest security posture by enabling Zero Trust. The Zero Trust model is essential to securing your entire digital footprint and to remain secure as it grows. Leaders like the White House, CISOs, and industry analysts of all kinds, agree that the Zero Trust approach to network architecture is the best way to protect not only the existing perimeter but also the critical apps and workloads inside.  

During the Never Trust: Building Zero Trust Networks VMworld 2021 session, industry leaders will take a practical look at what it takes to adopt Zero Trust at scale, offer a blueprint to the Zero Trust Architecture model, and suggest next steps to implement Zero Trust for your organization. 

An extension of learning to build Zero Trust networks is sharing tangible solutions to get your business the strength and security it needs. VMware leaders Christopher Kruegel, VP of Security Services, and Vivek Bhandri, Senior Director of Product Marketing, share VMware’s NSX Distributed Firewall service that will strengthen your East-West security to protect any workload in any cloud. Add A Modern Firewall For Any Cloud and Any Workload [SEC2688] to your VMworld itinerary now.   

To gain visibility and control within the network via Zero Trust, means giving enterprises room to breathe.  Eliminating any hesitation when it comes to threat prevention hardens your organization’s security infrastructure Continue reading

Tech Bytes: Getting Performance Visibility Into The Last 6 Feet (Sponsored)

You’ve heard of the last mile problem. Today on the Tech Bytes podcast we’re talking problems with the last six feet. With work-from-anywhere becoming commonplace, one of the hardest challenges for IT is how to measure user experience and troubleshoot problems happening somewhere between the desktop and a home router. Our sponsor AppNeta has some ideas on how to help.

The post Tech Bytes: Getting Performance Visibility Into The Last 6 Feet (Sponsored) appeared first on Packet Pushers.

Tech Bytes: Getting Performance Visibility Into The Last 6 Feet (Sponsored)

You’ve heard of the last mile problem. Today on the Tech Bytes podcast we’re talking problems with the last six feet. With work-from-anywhere becoming commonplace, one of the hardest challenges for IT is how to measure user experience and troubleshoot problems happening somewhere between the desktop and a home router. Our sponsor AppNeta has some ideas on how to help.

Network Break 352: Nokia Announces 800G Routing Silicon; Pica8 Enticingly Prices Its Campus Controller, Switches

This week's Network Break podcast discusses Nokia's new beefed-up routing silicon, how Pica8 is pursuing campus switching with a controller/switch pricing bundle, and the latest critical security patches from Cisco. We also look at the latest ransomware attacks against US agricultural companies, a MacOS bug, and more tech news.

The post Network Break 352: Nokia Announces 800G Routing Silicon; Pica8 Enticingly Prices Its Campus Controller, Switches appeared first on Packet Pushers.

Network Break 352: Nokia Announces 800G Routing Silicon; Pica8 Enticingly Prices Its Campus Controller, Switches

This week's Network Break podcast discusses Nokia's new beefed-up routing silicon, how Pica8 is pursuing campus switching with a controller/switch pricing bundle, and the latest critical security patches from Cisco. We also look at the latest ransomware attacks against US agricultural companies, a MacOS bug, and more tech news.

Easily creating and routing email addresses with Cloudflare Email Routing

Easily creating and routing email addresses with Cloudflare Email Routing
Easily creating and routing email addresses with Cloudflare Email Routing

Over four billion people — or half of the world’s population — have at least one email address, many of whom use it as an essential tool to stay on top of their personal and professional matters. More than 300 billion emails are sent and received every day, but seeing email as just a communications tool wouldn’t do it justice. Its impact in our lives goes far beyond being a vessel for messages — its use cases also cover being a common way of validating one’s identity online, and serving as the gateway for other communication platforms.

Today, most people use their email for sensitive purposes, such as logging in to their bank account, or communicating with governmental entities. At the same time, they will use that email to sign up for a 10% off coupon they found online, which will surely spam them for months to come. Despite these two use cases being polar opposites in relation to importance and security, people take the risk, usually for the sake of conveniently managing one account.

Much in the same way, businesses want to have different email addresses for different types of inquiries, such as sales and support, but often find Continue reading

Tackling Email Spoofing and Phishing

Tackling Email Spoofing and Phishing
Tackling Email Spoofing and Phishing

Today we’re rolling out a new tool to tackle email spoofing and phishing and improve email deliverability: The new Email Security DNS Wizard can be used to create DNS records that prevent others from sending malicious emails on behalf of your domain. This new feature also warns users about insecure DNS configurations on their domain and shows recommendations on how to fix them. The feature will first be rolled out to users on the Free plan and over the next weeks be made available for Pro, Business and Enterprise customers, as well.

Tackling Email Spoofing and Phishing

Before we dive into what magic this wizard is capable of, let’s take a step back and take a look at the problem: email spoofing and phishing.

What is email spoofing and phishing?

Spoofing is the process of posing as someone else which can be used in order to gain some kind of illicit advantage. One example is domain spoofing where someone hosts a website like mycoolwebpaqe.xyz  to trick users of mycoolwebpage.xyz to provide sensitive information without knowing they landed on a false website. When looking at the address bar side by side in a browser, it’s very hard to spot the difference.

Tackling Email Spoofing and Phishing

Then, there is Continue reading

Report: The chip shortage’s next victim is data-center switching

Enterprise looking to buy data-center switches face longer lead times and lack of stock over the course of the next year or so as demand continues to substantially outpace supply, according to a report from the Dell’Oro Group.Sameh Boujelbene, leader of the analyst firm’s campus and data-center research team, said that one canary in the coal mine was Broadcom’s announcement earlier this year that 90% of its total chip output for 2021 had been spoken for as early as March. That’s the result not just of material shortages that have affected the semiconductor market as a whole, but of human behaviors that arose in response.Chip shortage will hit hardware buyers for months to years Whether they’re smaller enterprises or big hyperscalers building out capacity, IT decision makers tend to rush into pre-orders whenever headlines about shortages appear, Boujelbene said, and Dell’Oro projects that will true in 2022.To read this article in full, please click here

Report: The chip shortage’s next victim is data-center switching

Enterprise looking to buy data-center switches face longer lead times and lack of stock over the course of the next year or so as demand continues to substantially outpace supply, according to a report from the Dell’Oro Group.Sameh Boujelbene, leader of the analyst firm’s campus and data-center research team, said that one canary in the coal mine was Broadcom’s announcement earlier this year that 90% of its total chip output for 2021 had been spoken for as early as March. That’s the result not just of material shortages that have affected the semiconductor market as a whole, but of human behaviors that arose in response.Chip shortage will hit hardware buyers for months to years Whether they’re smaller enterprises or big hyperscalers building out capacity, IT decision makers tend to rush into pre-orders whenever headlines about shortages appear, Boujelbene said, and Dell’Oro projects that will true in 2022.To read this article in full, please click here

VMware gears up for a challenging future

After a big year of change in everything from its ownership and executive suite to its cloud and network offerings, VMware is girding for battle in the challenges ahead.At the company’s VMworld 2021 conference (Oct. 5-7)  many of the technologies the company provides—from multicloud connectivity and cloud management to NSX networking, security,and other digital-transformation tools—will be front-and-center in over 900 sessions.To read this article in full, please click here

State of IT Security in 2021

Patrik Schindler sent me his views on code quality and resulting security nightmares after reading the Cisco SD-WAN SQL Injection saga. Enjoy!


I think we have a global problem with code quality. Both from a security perspective, and from a less problematic but still annoying bugs-everywhere perspective. I’m not sure if the issue is largely ignored, or we’ve given up on it (see also: Cloud Complexity Lies or Cisco ACI Complexity).