Archive

Category Archives for "Networking"

IBM builds ransomware protection into on-prem storage

With ransomware attacks growing in frequency and little being done to stop them, IBM is well-timed with its anti-ransomware Safeguarded Copy for its FlashSystems and on-premises storage-as-a-serivce offerings.Safeguarded Copy is part of the IBM FlashSystem family of all-flash storage arrays, and it automatically creates immutable snapshots of date and stores them securely—meaning they cannot be accessed or altered by unauthorized users, the company says. Read about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space Safeguarded Copy is based on technology from IBM’s DS8000 mainframe storage array, which does the same thing as described above: it creates immutable copies  of data that can be used to restore damaged original data volumes or build new and uncorrupted volumes.To read this article in full, please click here

IBM builds ransomware protection into on-prem storage

With ransomware attacks growing in frequency and little being done to stop them, IBM is well-timed with its anti-ransomware Safeguarded Copy for its FlashSystems and on-premises storage-as-a-serivce offerings.Safeguarded Copy is part of the IBM FlashSystem family of all-flash storage arrays, and it automatically creates immutable snapshots of date and stores them securely—meaning they cannot be accessed or altered by unauthorized users, the company says. Read about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space Safeguarded Copy is based on technology from IBM’s DS8000 mainframe storage array, which does the same thing as described above: it creates immutable copies  of data that can be used to restore damaged original data volumes or build new and uncorrupted volumes.To read this article in full, please click here

What is NAS (network-attached storage) and how does it work?

Network-attached storage (NAS) is a category of file-level storage that’s connected to a network and enables data access and file sharing across a heterogeneous client and server environment.“Ideally, NAS is platform- and OS-independent, appears to any application as another server, can be brought online without shutting down the network and requires no changes to other enterprise servers,” says research firm Gartner in its definition of NAS. Be sure not to miss: What is a SAN and how does it differ from NAS? Pros and cons of hyperconvergence as a service NVMe over Fabrics creates data-center storage disruption Serverless computing: Ready or not? NAS history: evolution of network-attached storage NAS evolved from file servers used in the 1980s to provide access to files for network clients. NAS devices typically consist of bundled hardware and software with a built-in operating system, and they typically use industry-standard network protocols such as SMB and NFS for remote file service and data sharing and TCP/IP for data transfer. In an enterprise setting, NAS can allow IT teams to streamline data storage and retrieval while consolidating their server and storage infrastructure.To read this article in full, please click here

Introducing Workers Usage Notifications

Introducing Workers Usage Notifications
Introducing Workers Usage Notifications

So you’ve built an application on the Workers platform. The first thing you might be wondering after pushing your code out into the world is “what does my production traffic look like?” How many requests is my Worker handling? How long are those requests taking? And as your production traffic evolves overtime it can be a lot to keep up with. The last thing you want is to be surprised by the traffic your serverless application is handling.  But, you have a million things to do in your day job, and having to log in to the Workers dashboard every day to check usage statistics is one extra thing you shouldn’t need to worry about.

Today we’re excited to launch Workers usage notifications that proactively send relevant usage information directly to your inbox. Usage notifications come in two flavors. The first is a weekly summary of your Workers usage with a breakdown of your most popular Workers. The second flavor is an on-demand usage notification, triggered when a worker’s CPU usage is 25% above its average CPU usage over the previous seven days. This on-demand notification helps you proactively catch large changes in Workers usage as soon as those Continue reading

Pegasus Pisses Me Off

UnicornPegasus

In this week’s episode of the Gestalt IT Rundown, I jumped on my soapbox a bit regarding the latest Pegasus exploit. If you’re not familiar with Pegasus you should catch up with the latest news.

Pegasus is a toolkit designed by NSO Group from Israel. It’s designed for counterterrorism investigations. It’s essentially a piece of malware that can be dropped on a mobile phone through a series of unpatched exploits that allows you to create records of text messages, photos, and phone calls and send them to a location for analysis. On the surface it sounds like a tool that could be used to covertly gather intelligence on someone of interest and ensure that they’re known to law enforcement agencies so they can be stopped in the event of some kind of criminal activity.

Letting the Horses Out

If that’s where Pegasus stopped, I’d probably not care one way or the other. A tool used by law enforcement to figure out how to stop things that are tough to defend against. But because you’re reading this post you know that’s not where it stopped. Pegasus wasn’t merely a tool developed by intelligence agencies for targeted use. If I had to Continue reading

Upgrading the Cloudflare China Network: better performance and security through product innovation and partnership

Upgrading the Cloudflare China Network: better performance and security through product innovation and partnership
Upgrading the Cloudflare China Network: better performance and security through product innovation and partnership

Core to Cloudflare’s mission of helping build a better Internet is making it easy for our customers to improve the performance, security, and reliability of their digital properties, no matter where in the world they might be. This includes Mainland China. Cloudflare has had customers using our service in China since 2015 and recently, we expanded our China presence through a partnership with JD Cloud, the cloud division of Chinese Internet giant, JD.com. We’ve also had a local office in Beijing for several years, which has given us a deep understanding of the Chinese Internet landscape as well as local customers.

The new Cloudflare China Network built in partnership with JD Cloud has been live for several months, with significant performance and security improvements compared to the previous in-country network. Today, we’re excited to describe the improvements we made to our DNS and DDoS systems, and provide data demonstrating the performance gains customers are seeing. All customers licensed to operate in China can now benefit from these innovations, with the click of a button in the Cloudflare dashboard or via the API.

Serving DNS inside China

With over 14% of all domains on the Internet using Cloudflare’s nameservers we Continue reading

Wi-Fi 6E: Don’t let hype push you off your refresh cycle

Despite the inarguable advantages of operating Wi-Fi in the 6GHz frequency range, analysts say that the smart time to buy Wi-Fi 6E is whenever an organization would ordinarily make an upgrade – and not before.Wi-Fi 6E is mostly identical to Wi-Fi 6, but the key difference is the 6E standard’s ability to take advantage of the 6GHz spectrum that was made available for unlicensed use by the U.S. last year. It’s a great deal of new bandwidth, enabling larger channels and consequently higher data rates, as well as being a much less busy area of the spectrum compared to the heavily used 2.4GHz and 5GHz bands.To read this article in full, please click here

Survey: Home-office networks demand better monitoring tools

(Enterprise Management Associates has published research called “Post-Pandemic Networking: Enabling the Work-From-Anywhere Enterprise,” a survey of 312 network-infrastructure and operations professionals that finds nearly all of them are budgeting for monitoring tools to better support users working from home. This article by EMA Vice President of Research Networking Shamus McGillicuddy details the major findings.)Network managers will need to update their network monitoring and troubleshooting tools to support the huge increase in end users who will continue to work from home even after the COVID-19 pandemic is over.To read this article in full, please click here

CNCF Projects Bring Service Mesh Interoperability, Benchmarks

Both the Service Mesh Performance (SMP) projects joined the Cloud Native Computing Foundation (CNCF) earlier this month at the Sandbox level. Meshery is a multiservice mesh management plane offering lifecycle, configuration, and performance management of service meshes and their workloads, while SMP is a standard for capturing and characterizing the details of infrastructure capacity, service mesh configuration, and workload metadata. When the projects first applied in April for inclusion, the Technical Oversight Committee (TOC) had one clarifying question for them: should they be combined with or aligned in some manner with the Lee Calcote, founder of verifies that, in fact, it is a certain kind of a service mesh,” said Calcote. “So all in one Continue reading

Hedge 92: The IETF isn’t the Standards Police

In most areas of life, where the are standards, there is some kind of enforcing agency. For instance, there are water standards, and there is a water department that enforces these standards. There are electrical standards, and there is an entire infrastructure of organizations that make certain the fewest number of people are electrocuted as possible each year. What about Internet standards? Most people are surprised when they realize there is no such thing as a “standards police” in the Internet.

Listen in as George Michaelson, Evyonne Sharp, Tom Ammon, and Russ White discuss the reality of standards enforcement in the Internet ecosystem.

download

LISP – OMP – BGP EVPN Interoperability – Part II: VPNv4 Update from Control Plane to Border-PxTR

 

The previous chapter describes how Edge-xTR-11 used LISP Map-Register message to advertise EID-to-RLOC information to MapServ-22. It also explained how MapSrv-22, as a role of Mapping Server, stores the information into Mapping Data Base. MapSrv-22 is also Map-Resolver. This means that when it receives the LISP Map-Requestmessage from the xTR device, it will respond with a Map-Reply message. If MapSrv-22 knows the EID-to-RLOC mapping, it places this information into the Map-Reply message. If MapSrv-22 doesn’t have mapping information, it instructs requesting xTR to forward traffic to its Proxy-xTR. This, however, is not the case in our example. What we want to do is advertise the EP1 reachability information to Border-PxTR. In order to do that, we need to a) export EID-to-RLOC information from the Mapping Data Base to instance-specific VRF_100 RIB. Then we can advertise it by using BGP and because we want to include virtual network identifier into update we use MP-BGP VPNv4 because there we have Route Target Attribute. The next sections describe the process in detail.

 

Phase 1: Map-Server - RIB Update

 

LISP Map-Server doesn’t install EID-to-RLOC mapping information from the Mapping Database into a RIB by default. To do that we need to export the information from the LISP Mapping DataBase to RIB by using the LISP Instance-specific command route-export site-registrations.  Example 1-6 illustrates the update process. Example 1-7 shows the RIB entry concerning EP1 IP address 172.16.100.10/32 in VRF 100_NWKT. Due to redistribution, the route is shown as directly connected, via Null0. If you take a look at the timestamps in example 1-6 and compare it to timestamps in example 1-3, you will see that the RIB update happens right after the unreliable EID-to-RLOC registration process.

 Complete device configuration can be found in chapter 1 Appendix 1.


Figure 1-10: EID-to-RLOC information from LISP to RIB.

 

Continue reading
1 607 608 609 610 611 3,478