0

Fixing Firewall Ruleset Problem For Good

Before we start: if you’re new to my blog (or stumbled upon this blog post by incident) you might want to read the Considerations for Host-Based Firewalls for a brief overview of the challenge, and my explanation why flow-tracking tools cannot be used to auto-generate firewall policies.

As expected, the “you cannot do it” post on LinkedIn generated numerous comments, ranging from good ideas to borderline ridiculous attempts to fix a problem that has been proven to be unfixable (see also: perpetual motion).

0

What is a network switch, and how does it work?

Networks today are essential for supporting businesses, providing communication, delivering entertainment—the list goes on and on. A fundamental element networks have in common is the network switch, which helps connect devices for the purpose of sharing resources.What is a network switch? A network switch is a device that operates at the Data Link layer of the OSI model—Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends them out again, but only through the ports that lead to the devices the packets are intended to reach.To read this article in full, please click here

0

Ultra-Wideband Tech Powers COVID-19 Contact Tracing Tools for Enterprises

Technology is allowing IT managers to address safety concerns with sensors now; smartphone chips on the way.

0

Cisco slapped with $1.9 billion judgement in security patent lawsuit

Cisco this week lost a patent infringement case brought by security vendor Centripetal Networks and was hit with a $1.9 billion judgement.A non-jury judgement from U.S. District Judge Henry Morgan determined Cisco infringed on four security patents related to encrypted traffic and packet filtering technology belonging to plaintiff Centripetal Networks. The award directs $755.8 million in actual damages, multiplied by 2.5 to reflect "willful and egregious" conduct from Cisco, the judge found. The award also includes past damages and a running royalty of 10% on the apportioned sales of the patented products for a period of three years, followed by a second three-year term with a running royalty of 5% on such sales, which could take damages from the case north of $3 billion, according to a Centripetal statement about the case.To read this article in full, please click here

0

Cisco slapped with $1.9 billion judgement in security patent lawsuit

Cisco this week lost a patent infringement case brought by security vendor Centripetal Networks and was hit with a $1.9 billion judgement.A non-jury judgement from U.S. District Judge Henry Morgan determined Cisco infringed on four security patents related to encrypted traffic and packet filtering technology belonging to plaintiff Centripetal Networks. The award directs $755.8 million in actual damages, multiplied by 2.5 to reflect "willful and egregious" conduct from Cisco, the judge found. The award also includes past damages and a running royalty of 10% on the apportioned sales of the patented products for a period of three years, followed by a second three-year term with a running royalty of 5% on such sales, which could take damages from the case north of $3 billion, according to a Centripetal statement about the case.To read this article in full, please click here

0

AppIQ – Unprecedented visibility that Aviatrix CoPilot brings

Earlier in my career, I worked as a Network Engineer in the high-frequency trading industry at a capital market exchange. It was the time when electronic trading was gaining heavy momentum as open outcry was receding. This was thanks mainly in part to vendors such as Arista who leveraged merchant silicon from Broadcom to lead … Continue reading AppIQ – Unprecedented visibility that Aviatrix CoPilot brings →

0

RFC1925 Rule 2

According to RFC1925, the second fundamental truth of networking is: No matter how hard you push and no matter what the priority, you can’t increase the speed of light.

However early in the world of network engineering this problem was first observed (see, for instance, Tanenbaum’s “station wagon example” in Computer Networks), human impatience is forever trying to overcome the limitations of the physical world, and push more data down the pipe than mother nature intended (or Shannon’s theory allows).

One attempt at solving this problem is the description of an infinitely fat pipe (helpfully called an “infan(t)”) described in RFC5984. While packets would still need to be clocked onto such a network, incurring serialization delay, the ability to clock an infinite number of packets onto the network at the same moment in time would represent a massive gain in a network’s ability, potentially reaching speeds faster than the speed of light. The authors of RFC5984 describe several attempts to build such a network, including black fiber, on which the lack of light implies data transmission. This is problematic, however, because a lack of information can be interpreted differently depending on the context. A pregnant pause has far different meaning Continue reading

0

Let’s build a Cloudflare Worker with WebAssembly and Haskell

This is a guest post by Cristhian Motoche of Stack Builders.

At Stack Builders, we believe that Haskell’s system of expressive static types offers many benefits to the software industry and the world-wide community that depends on our services. In order to fully realize these benefits, it is necessary to have proper training and access to an ecosystem that allows for reliable deployment of services. In exploring the tools that help us run our systems based on Haskell, our developer Cristhian Motoche has created a tutorial that shows how to compile Haskell to WebAssembly using Asterius for deployment on Cloudflare.

What is a Cloudflare Worker?

Cloudflare Workers is a serverless platform that allows us to run our code on the edge of the Cloudflare infrastructure. It's built on Google V8, so it’s possible to write functionalities in JavaScript or any other language that targets WebAssembly.

WebAssembly is a portable binary instruction format that can be executed fast in a memory-safe sandboxed environment. For this reason, it’s especially useful for tasks that need to perform resource-demanding and self-contained operations.

Why use Haskell to target WebAssembly?

Haskell is a pure functional languages that can target WebAssembly. As such, It helps developers Continue reading

0

EVPN Control Plane in Infrastructure Cloud Networking

One of my readers sent me this question (probably after stumbling upon a remark I made in the AWS Networking webinar):

You had mentioned that AWS is probably not using EVPN for their overlay control-plane because it doesn’t work for their scale. Can you elaborate please? I’m going through an EVPN PoC and curious to learn more.

It’s safe to assume AWS uses some sort of overlay virtual networking (like every other sane large-scale cloud provider). We don’t know any details; AWS never felt the need to use conferences as recruitment drives, and what little they told us at re:Invent described the system mostly from the customer perspective.

0

NFA is officially out of Beta!

It’s been almost a year since our first NFA Beta commit. From there on, we’ve seen the product achieve widespread interest and

The post NFA is officially out of Beta! appeared first on Noction.

0

What is a service mesh what it means to data center networking

Microservices-style applications rely on fast, dependable network infrastructure in order to respond quickly and reliably, and the service mesh can be a powerful enabler.At the same time, service-mesh infrastructure can be difficult to deploy and manage at scale and may be too complex for smaller applications, so enterprises need to carefully consider its potential upsides and downsides in relation to their particular circumstances.[Get regularly scheduled insights by signing up for Network World newsletters.] What is a service mesh? A service mesh is infrastructure software that provides fast and reliable communications between the microservices that applications may need. Its networking features include application identification, load balancing, authentication, and encryption. To read this article in full, please click here

0

NFA is officially out of Beta!

The post NFA is officially out of Beta! appeared first on Noction.

0

VMware, Nvidia partner to boost AI, networking capabilities

If there was any doubt Nvidia has arrived as an enterprise player, its deal with VMware should erase all doubt.The GPU developer and VMware announced at the recent VMworld 2020 conference that they plan to integrate their respective core technologies through a series of development and networking partnerships.As part of the collaboration, Nvidia’s set of AI software-research tools on the Nvidia NGC hub will be integrated into VMware’s vSphere, Cloud Foundation, and Tanzu platforms. This will help accelerate AI adoption, enabling enterprises to extend existing infrastructure for AI, manage all applications with a single set of operations, and deploy AI-ready infrastructure where the data resides, across the data center, cloud and edge.To read this article in full, please click here

0

VMware, Nvidia partner to boost AI, networking capabilities

If there was any doubt Nvidia has arrived as an enterprise player, its deal with VMware should erase all doubt.The GPU developer and VMware announced at the recent VMworld 2020 conference that they plan to integrate their respective core technologies through a series of development and networking partnerships.As part of the collaboration, Nvidia’s set of AI software-research tools on the Nvidia NGC hub will be integrated into VMware’s vSphere, Cloud Foundation, and Tanzu platforms. This will help accelerate AI adoption, enabling enterprises to extend existing infrastructure for AI, manage all applications with a single set of operations, and deploy AI-ready infrastructure where the data resides, across the data center, cloud and edge.To read this article in full, please click here

0

What is a service mesh what it means to data center networking

Microservices-style applications rely on fast, dependable network infrastructure in order to respond quickly and reliably, and the service mesh can be a powerful enabler.At the same time, service-mesh infrastructure can be difficult to deploy and manage at scale and may be too complex for smaller applications, so enterprises need to carefully consider its potential upsides and downsides in relation to their particular circumstances.[Get regularly scheduled insights by signing up for Network World newsletters.] What is a service mesh? A service mesh is infrastructure software that provides fast and reliable communications between the microservices that applications may need. Its networking features include application identification, load balancing, authentication, and encryption. To read this article in full, please click here

0

Why Reining in Unnecessary Cloud Spending is IT’s Next Priority in the COVID Era

The faster businesses can understand their cloud consumption habits, clarify policies, and enact accountability, the sooner they can effectively manage their sprawling cloud spend.

0

Thoughts From Networking Field Day 23

I know I’m a little late getting this post out but Networking Field Day 23 was a jam-packed event with lots of things to digest. I wanted to share some quick thoughts about it here that should create some discussion amongst the community, hopefully.

• If you don’t believe that wireless is the new access edge, go look at Juniper. Their campus networking division is basically EX switching and Mist. That’s it. Remember how HPE called Aruba a “reverse acquisition” years ago? And how Aruba essentially took over the networking portion of HPE? Don’t be surprised to see Juniper getting more misty sooner rather than later. And that’s a good thing for everything that isn’t a carrier or service provider router.
• Network monitoring became telemetry and is now transforming into digital experience. What is the difference to me? Monitoring devices tells you point-in-time information. Telemetry gives you the story of those point-in-time measurements over the course of days or weeks and can help you find issues. Experience is all about how that looks to your users. Problems don’t always affect them the same way it might appear on a dashboard. Likewise, things you don’t always see in your alerts can affect Continue reading

0

Microsoft Exec: How Enterprises are Democratizing Data

During her Interop Digital keynote, Microsoft's Alysa Taylor will discuss how technology has been a catalyst for accelerated value and change in 2020.

0

Tech Bytes: NetMotion Integrates VPNs With The Software Defined Perimeter

Today's Tech Bytes, sponsored by NetMotion Software, explores how NetMotion integrates client VPNs with more modern approaches, including Zero Trust Network Access (ZTNA) and the Software Defined Perimeter. Our guest is Mike Spence, Systems Engineer at NetMotion.

The post Tech Bytes: NetMotion Integrates VPNs With The Software Defined Perimeter appeared first on Packet Pushers.

0

Tech Bytes: NetMotion Integrates VPNs With The Software Defined Perimeter

Today's Tech Bytes, sponsored by NetMotion Software, explores how NetMotion integrates client VPNs with more modern approaches, including Zero Trust Network Access (ZTNA) and the Software Defined Perimeter. Our guest is Mike Spence, Systems Engineer at NetMotion.