Archive

Category Archives for "Networking"

Backing up not just your data, but your productivity

Everyone knows that backups are important, but most of us tend to think of backups solely as the process of backing up our data files -- not necessarily our applications, our passwords or our computers. And, when we run into a serious problem that threatens our ability to get our work done, it just might be time to rethink what "backing up" should involve.Even if you have more than one computer at your disposal, it could easily be that only one of them is ready to help you with passwords you rarely use, provide access to your cloud backups, allow you to connect to the VPN you use for special projects, probe your network for problems or offer you a way to log into remote systems.To read this article in full, please click here

Don’t let subdomains sink your security

If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization’s main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has “only” 2,132 subdomains.What is DNS and how it works Whatever value subdomains bring to enterprises--and they bring plenty--they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.To read this article in full, please click here

White boxes in the enterprise: Why it’s not crazy

If you’re an enterprise CIO, CFO, or network operations type, you’ve probably been reading about how this service provider or that cloud provider have saved up to 50% on network equipment by using generic “white-box” technology instead of proprietary routers and switches.  It’s hard not to wonder whether your own network budget could buy twice as much gear, and what projects might now meet their business case.  Could enterprises get in on the white-box revolution?  Maybe, if they can address the issues that even service providers and cloud providers have already faced, and in some cases been bitten by.Compatibility The first issue is finding the hardware and software. White-box hardware needs software, either an all-inclusive “network operating system” that provides all the features you need, or an operating system plus a separate routing/switching package. The software can’t just be shoveled onto something and run; it has to match the hardware.  In some cases, the matching process is facilitated through the same sort of drivers found on PCs and servers, but not all hardware has a driver suitable for all software.  Pick a white box and you may not find software you like for it. Continue reading

Don’t let subdomains sink your security

If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization’s main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has “only” 2,132 subdomains.What is DNS and how it works Whatever value subdomains bring to enterprises--and they bring plenty--they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.To read this article in full, please click here

A Survey on Securing Inter-Domain Routing: Part 1 – BGP: Design, Threats and Security Requirements

The Border Gateway Protocol (BGP) is the Internet’s inter-domain routing protocol, and after some thirty years of operation BGP is now one of the more venerable of the Internet’s core” protocols. One of the major ongoing concerns related to BGP is its lack of effective security measures, and as a result the routing infrastructure of the Internet continues to be vulnerable to various forms of attack. In Part 1 of this study, we will look at the design of BGP, the threat model and the requirements from a security framework for BGP.

Is my Network Healthy?

Do you ask “Is my network healthy?” Do you know how to answer that question well? This is a critical question, but a hard and confusing one to answer well. It’s also one that I think most people don’t explicitly ask and should. As a network engineer, what does it...

Solo.io Adds Legacy SOAP Integration for Gloo Edge 1.8 Release

Service mesh integration software provider Solo.io has released into general availability (GA) version 1.8 of its Gloo Edge Kubernetes-native ingress controller and API gateway. Version 1.8 offers integration for legacy SOAP (Simple Object Access Protocol) web services and other features, as Solo seeks to improve API-centric support for scaling needs across cloud native environments. Based on the Gloo Edge now helps DevOps teams integrate decades-old SOAP through a single API. Gloo Edge 1.8’s support for SOAP is “the biggest breakout feature” of the release, blog post, Gaun described how SOAP, an XML messaging protocol from the turn of the century, “remains prevalent today for enterprise web services across a number of industries, including financial services and healthcare.” Yet, “Unfortunately, SOAP (and associated legacy middleware applications) hold back large-scale modernization efforts because there hasn’t been a viable migration approach in the market,” Gaun wrote. “Organizations haven’t been able to tackle incremental deprecation of SOAP web services over time without great difficulty.” Gloo Edge Enterprise 1.8, with the addition of

Network Break 340: Marvell Challenges NVIDIA With 5nm DPU; Startup WiteSand Tackles Multi-Vendor Campus Network Management

This week's podcast asks how many Data Processing Units (DPUs) the market can support, discusses a startup that wants to manage your multi-vendor campus network from the cloud, explores new security capabilities in Forward Networks' network verification software, and more tech news.

The post Network Break 340: Marvell Challenges NVIDIA With 5nm DPU; Startup WiteSand Tackles Multi-Vendor Campus Network Management appeared first on Packet Pushers.

Calico Enterprise: Leverage multiple benefits from the new eBPF data plane

Calico was designed from the ground up with a pluggable data plane architecture. The Enterprise 3.6 release introduces an exciting new eBPF (extended Berkeley Packet Filter) data plane that provides multiple benefits to users.

Great performance, lower latency for load-balanced traffic

When compared with the standard Linux data plane (based on iptables), the eBPF data plane:

  • Scales to higher throughput, using less CPU per GBit
  • Natively supports Kubernetes services (without kube-proxy) in a way that:
    • Reduces latency
    • Preserves external client source IP addresses
    • Supports direct server return (DSR) for reduced latency and CPU usage
    • Uses less CPU than kube-proxy to keep the data plane in sync

The impact of NAT on source IP

The application of network address translation (NAT) by kube-proxy to incoming network connections to Kubernetes services (e.g. via a service node port) is a frequently encountered friction point with Kubernetes networking. NAT has the unfortunate side effect of removing the original client source IP address from incoming traffic. When this occurs, Kubernetes network policies can’t restrict incoming traffic from specific external clients. By the time the traffic reaches the pod it no longer has the original client IP address. For some applications, knowing the Continue reading

4 Advancements That Led to Decentralized Cloud Storage

The evolution of cloud storage as we know it is a fascinating journey filled with projects that built on one another to bring us to where we are today. Interestingly enough, most of the technology used to build a decentralized cloud storage network today has been available for decades. The fact that decentralized cloud storage is viable is mostly because of the growth of storage capacity available at the edge and the incredible increases we’ve made across the globe in bandwidth. Here are four key advancements throughout the years that have paved the way for decentralized cloud storage. Advancement #1: Network Bandwidth Increased JT Olio JT is the CTO at Storj. He oversees product development and led the re-architecture of Storj’s distributed cloud storage platform. He was previously director of engineering at Space Monkey, which was acquired by Vivint in 2014. JT has an MS in computer science from the University of Utah and a BS in computer science and mathematics from the University of Minnesota. There is a great paper by Charles Blake and Rodrigo Rodrigues entitled “

The chip shortage is real, but driven by more than COVID

By now you’ve undoubtedly heard the complaining about computing parts shortages, particularly from gamers who can’t get modern GPU cards and from car makers, since new cars these days are a rolling data center.The problem is also affecting business IT but in a different way, and there are steps you can take to address the problem. The first step, though, is patience. This shortage isn’t due to staffing or fabs being out of commission, it’s that demand is so high that it’s leading to very long lead times.Chip shortage will hit hardware buyers for months to years That delay can mean 36 weeks, according to Mario Morales, program vice president for the semiconductor and enabling technologies team at IDC, with the demand for components “seeing untempered demand.”To read this article in full, please click here

The chip shortage is real, but driven by more than COVID

By now you’ve undoubtedly heard the complaining about computing parts shortages, particularly from gamers who can’t get modern GPU cards and from car makers, since new cars these days are a rolling data center.The problem is also affecting business IT but in a different way, and there are steps you can take to address the problem. The first step, though, is patience. This shortage isn’t due to staffing or fabs being out of commission, it’s that demand is so high that it’s leading to very long lead times.Chip shortage will hit hardware buyers for months to years That delay can mean 36 weeks, according to Mario Morales, program vice president for the semiconductor and enabling technologies team at IDC, with the demand for components “seeing untempered demand.”To read this article in full, please click here

Install Calico to Enhance Kubernetes’ Built-in Networking Capability

Calico, from network software provider Tigera, is a third-party plugin for Kubernetes geared to make full network connectivity more flexible and easier. Out of the box, Kubernetes provides the NetworkPolicy API for managing network policies within the cluster. The problem many Kubernetes admins find (especially those new to the technology) is that network can quickly become a rather complicated mess of YAML configurations, where you must configure traffic ingress and egress properly, or communication between Kubernetes objects (such as pods and containers) can be difficult. That’s where the likes of Flannel, which cannot configure network policies. With Calico, you can significantly enhance the Kubernetes networking configuration. Take, for instance, the feature limitations found in the default NetworkPolicy, which are: Policies are limited to a single environment and are applied only to pods marked with labels. You can only apply rules to pods, environments, or subnets. Rules can only contain protocols, numerical ports, or named ports. When you add the Calico plugin, the Continue reading

Intel stumbles in supercomputer rankings, delays next-gen CPU

This week the TOP500 list of the world’s fastest supercomuters found that, once again, Fugaku is number one, benchmarking at 442 Pflop/sec, making it three times faster than the second place machine. Impressive, but also indicative that it might also be the first to break the exaflop barrier if it’s working on the right kind of problem.TOP500 pointed out that Fugaku’s score (and everyone else’s) is based on double-precision benchmarks, the most accurate floating point math calculation you can do. But much of AI and machine learning is single-precision, which can be less than half the compute power of double precision.To read this article in full, please click here

1 590 591 592 593 594 3,455