Security Power Block Series: Secure Your Data Center with NSX Firewall
We get it. The world of network security is changing, and it’s hard to keep up. Between your regular duties, pressure to adapt to changing realities, and pandemic stress on both your work and home life, it’s a challenge to find the time to build new skills.
Understanding that your time is precious, we’ve created a series of succinct, 30-minute, security-focused webinars that take a deep dive into the topics, strategies, and techniques you need to know. The four sessions in our Security Power Block Series will explore the new security landscape, how our unique architecture is ideal for protecting East-West traffic from modern security threats, and real-world use cases you can use to operationalize your data center security at scale.
You can register for one, two, three, or all sessions at once and you’ll automatically receive invitations with session links that you can add directly to your calendar. Staying informed — and learning new skills — couldn’t be easier.
Network Segmentation Made Easy
April 14, 2021
10:00 a.m. PT
Zoning or segmenting data center networks into manageable chunks Continue reading
Netsim-tools Release 0.5 Work with Containerlab
TL&DR: If you happen to like working with containers, you could use netsim-tools release 0.5 to provision your container-based Arista EOS labs.
Why does it matter? Lab setup is blindingly fast, and it’s easier to integrate your network devices with other containers, not to mention the crazy idea of running your network automation CI pipeline on Gitlab CPU cycles. Also, you could use the same netsim-tools topology file and provisioning scripts to set up container-based or VM-based lab.
What is containerlab? A cool project that builds realistic virtual network topologies with containers. More details…
Netsim-tools Release 0.5 Work with Containerlab
TL&DR: If you happen to like working with containers, you could use netsim-tools release 0.5 to provision your container-based Arista EOS labs.
Why does it matter? Lab setup is blindingly fast, and it’s easier to integrate your network devices with other containers, not to mention the crazy idea of running your network automation CI pipeline on Gitlab CPU cycles. Also, you could use the same netsim-tools topology file and provisioning scripts to set up container-based or VM-based lab.
What is containerlab? A cool project that builds realistic virtual network topologies with containers. More details…
In Defense Of EIGRP With Zig Zsiga And Ethan Banks – Video
Zig Zsiga and Ethan Banks talk through use cases for the sometimes maligned EIGRP, a popular choice in Cisco networks for decades. The conversation covers EIGRP design basics, the stuck-in-active problem, stub routing, and RFC7868. Comparisons are made to how OSPF design differs to accomplish similar goals. This was originally published as an audio-only podcast […]
The post In Defense Of EIGRP With Zig Zsiga And Ethan Banks – Video appeared first on Packet Pushers.
Bringing AI to the edge with NVIDIA GPUs
Cloudflare has long used machine learning for bot detection, identifying anomalies, customer support and business intelligence. And internally we have a cluster of GPUs used for model training and inference.
For even longer we’ve been running code “at the edge” in more than 200 cities worldwide. Initially, that was code that we wrote and any customization was done through our UI or API. About seven years ago we started deploying custom code, written in Lua, for our enterprise customers.
But it’s quite obvious that using a language that isn’t widely understood, and going through an account executive to get code written, isn’t a viable solution and so four years ago we announced Cloudflare Workers. Workers allows anyone, on any plan, to write code that gets deployed to our edge network. And they can do it in the language they choose.
After launching Workers we added storage through Workers KV as programs need algorithms plus data. And we’ve continued to add to the Workers platform with Workers Unbound, Durable Objects, Jurisdictional Restrictions and more.
But many of today’s applications need access to the latest machine learning and deep learning methods. Those applications need three things: to scale easily, Continue reading
What’s In A Title? Network Engineer Vs. Professional Or Licensed Engineer
In the US, do not call yourself a "Professional Engineer" or "Licensed Engineer" as your title. Those are specially reserved titles for those who actually ARE licensed. However, calling yourself a "Network Engineer" is okay. If you want to know more details, read on.
The post What’s In A Title? Network Engineer Vs. Professional Or Licensed Engineer appeared first on Packet Pushers.
Don’t Poke Holes in Our Digital Security Shield
In only a few days the European Union will close the doors on our chance to provide feedback on an initiative which could grant law enforcement agencies backdoor access to encrypted messaging services. Doing this would poke holes in our most important digital security shield. It misleadingly claims it to protect kids’ safety online. As […]
The post Don’t Poke Holes in Our Digital Security Shield appeared first on Internet Society.
Finally! Local Traffic Remained Local
During a recent broadcast of an Italian Series A Championship football match, something extraordinary was happening behind the scenes. Local Internet traffic remained local. Cristiano Zanforlin, Chief Commercial Officer of Milan Internet Exchange (MIX), Flavio Luciani, Chief Technology Officer of Consorzio Namex, and Luca Cicchelli, Interconnection Manager of Consorzio TOP-IX, explain how Italian IXPs helped […]
The post Finally! Local Traffic Remained Local appeared first on Internet Society.
Expanding the Cloudflare Workers Observability Ecosystem
One of the themes of Developer Week is “it takes a village”, and observability is one area where that is especially true. Cloudflare Workers lets you quickly write code that is infinitely scalable — no availability regions, no scaling policies. Your code runs in every one of our data centers by default: region Earth, as we like to say. While fast time to market and effortless scale are amazing benefits, seasoned developers know that as soon as your code is in the wild… stuff happens, and you need the tools in place to investigate, diagnose, fix and monitor those issues.
Today we’re delighted to add to our existing analytics partners. We’re announcing new partnerships with six observability-focused companies that are deeply integrated into the Cloudflare Workers ecosystem. We’re confident these partnerships will provide immediate value in building the operational muscle to maintain and make your next generation of applications fast, secure and bullet-proof in production.
console.log(`Got request. Extracted name=${name}. Saving…`);
Cloudflare wrangler gives you the ability to generate, configure, build, preview and publish your projects, from the comfort of your dev environment. Writing code in your favorite IDE with a fully-fledged CLI tool that also allows you to simulate Continue reading
Location-based personalization at the edge with Cloudflare Workers
We’re excited to announce an update to Cloudflare Workers, our serverless code platform built on our global network. Geolocation data is now accessible and free for all developers on our Workers platform, including users on the free plan!
You can now serve personalized experiences for users based on their location using Workers. Personalization is critical to building intuitive apps for users and it unlocks new possibilities for what you can build on our platform. Whether you’re building a social networking app or an automatic shipping cost estimator for an e-commerce site, a one-size-fits-all experience doesn’t cut it. Location-based personalization helps you show what’s most relevant to your users, be it tickets for movies in their area or content in their local language.
With geolocation data available on the server side, there’s no configuration needed for users to set their location.
Each request to a Worker includes the user’s (example data shown):
- Country: “US”
- City: “Austin”
- Continent: “NA”
- Latitude: "30.27130"
- Longitude: “-97.74260”
- Postal code: "78701"
- Metro code(dma): “635”
- Region: “Texas”
- Timezone: “America/Chicago”
Geolocation data on Workers makes it even easier to build server rendered apps and customized services.
Refer to the documentation to learn more.
In case you need Continue reading
Nokia Lab | LAB 3 IS-IS |
Hello everyone!
It's the next Nokia lab. Today we will review routing protocol widely spread across service providers networks.
Please check my first lab for input information.
Topology example
Lab tasks and questions:
- Basic IS-IS
- configure IS-IS between R1 and R2 (use P2P interface type, Level 2 only, "system" interface as passive, area 49.01)
- check neighbors state
- examine IS-IS control plane PDUs (You can use debug or packet capture)
- describe all IS-IS PDU and their purpose
- What transport does IS-IS use for control plane PDU delivery? Any difference with OSPF?
- Examine destination MAC address of control plane PDU
- examine LSP in detail
- What TLV types does it contain? Examine every TLV
- What is the default preference of IS-IS routes?
- What is max-metric of IS-IS routes (default configuration)?
- How to change behavior? How to take into account link bandwidth?
- Multi-area IS-IS
- configure R3 and R4 as L1/L2 IS-IS routers (use P2P interface type, area 49.02)
- configure R5 and R6 as L1-only IS-IS routers (use P2P interface type, area 49.02)
- check IS-IS adjacency on R3
- What adjacency types do you see?
- make attention to LSP attributes
- Is there ATT Continue reading
Must Read: Automate Nexus-OS Fabric Deployment
Some networking engineers breeze through our Network Automation online course, others disappear after a while… and a few of those come back years later with a spectacular production-grade solution.
Stephen Harding is one of those. He attended the automation course in spring 2019 and I haven’t heard from him in almost two years… until he submitted one of the most mature data center fabric automation solutions I’ve seen.
Not only that, he documented the solution in a long series of must-read blog posts. Hope you’ll find them useful; I liked them so much I immediately saved them to Internet Archive (just in case).
Must Read: Automate Nexus-OS Fabric Deployment
Some networking engineers breeze through our Network Automation online course, others disappear after a while… and a few of those come back years later with a spectacular production-grade solution.
Stephen Harding is one of those. He attended the automation course in spring 2019 and I haven’t heard from him in almost two years… until he submitted one of the most mature data center fabric automation solutions I’ve seen.
Not only that, he documented the solution in a long series of must-read blog posts. Hope you’ll find them useful; I liked them so much I immediately saved them to Internet Archive (just in case).