When preparing an answer to an interesting idea left as a comment to my unequal-cost load balancing blog post, I realized I never described the difference between topology-based and congestion-driven load balancing.
To keep things simple, let’s start with an easy leaf-and-spine fabric:
When preparing an answer to an interesting idea left as a comment to my unequal-cost load balancing blog post, I realized I never described the difference between topology-based and congestion-driven load balancing.
To keep things simple, let’s start with an easy leaf-and-spine fabric:
Cloudflare uses a vendor called Verkada for cameras in our offices in San Francisco, Austin, New York, London and Singapore. These cameras are used at the entrances, exits and main thoroughfares of our offices and have been part of maintaining the security of offices that have been closed for almost a year.
Yesterday, we were notified of a breach of Verkada that allowed a hacker to access Verkada’s internal support tools to manage those cameras remotely, as well as access them through a remote root shell. As soon as we were notified of the breach, we proceeded to shut down the cameras in all our office locations to prevent further access.
To be clear: this hack affected the cameras and nothing else. No customer data was accessed, no production systems, no databases, no encryption keys, nothing. Some press reports indicate that we use a facial recognition feature available in Verkada. This is not true. We do not.
Our internal systems follow the same Zero Trust model that we provide to our customers, and as such our corporate office networks are not implicitly trusted by our other locations or data centers. From a security point of view connecting from one of Continue reading
In this episode we discuss the 80/20 rule for SaaS and IaaS, what it is according to Vince, and why you should care. Is this a temporary phenomenon due to the pandemic and WFH or is it how we should view WAN traffic from now on? We’ll answer that question and more in this episode.
Reference Links:
The post 80/20 Rule For SaaS and IaaS appeared first on Network Collective.
Our guest is Taylor Desseyn, Sr. Recruiter Advocate at Vaco. Taylor knows tech recruiting forwards and backwards. He gives us an insider's view of how recruiters look at you and how you should look at them to maximize the benefit of the relationship. Because it IS a relationship. And like any relationship, you need to work at it.
The post Day Two Cloud 088: The Tech Recruiter – Friend Or Foe? appeared first on Packet Pushers.
By Electronic Frontier Foundation, Mozilla, and The Internet Society
As people learn more about how companies like Google and Facebook track them online, they are taking steps to protect themselves. But there is one relatively unknown way that companies and bad actors can collect troves of data.
Internet Service Providers (ISPs) like Comcast, Verizon, and AT&T are your gateway to the Internet. These companies have complete, unfettered, and unregulated access to a constant stream of your browsing history that can build a profile that they can sell or otherwise use without your consent.
Last year, Comcast committed to a broad range of DNS privacy standards. Companies like Verizon, AT&T, and T-Mobile, which have a major market share of mobile broadband customers in the U.S., haven’t committed to the same basic protections, such as not tracking website traffic, deleting DNS logs, or refusing to sell users’ information. What’s more, these companies have a history of abusing customer data. AT&T, Sprint, and T-Mobile, sold customer location data to bounty hunters, and Verizon injected trackers bypassing user control.
Every single ISP should have a responsibility to protect the privacy of its users – and as mobile internet access continues Continue reading
Note: This Post was written by Fish’s Mom, Dr Patricia Fishburne No one in my family had gone to college and, having married at 18, there seemed little likelihood that I would either. My husband, on the other hand, had... Read More ›
The post “It Only Took 22 Years to Get an Education” appeared first on Networking with FISH.
Imagine you decided to deploy an SD-WAN (or DMVPN) network and make an Azure region one of the sites in the new network because you already deployed some workloads in that region and would like to replace the VPN connectivity you’re using today with the new shiny expensive gadget.
Everyone told you to deploy two SD-WAN instances in the public cloud virtual network to be redundant, so this is what you deploy:
Imagine you decided to deploy an SD-WAN (or DMVPN) network and make an Azure region one of the sites in the new network because you already deployed some workloads in that region and would like to replace the VPN connectivity you’re using today with the new shiny expensive gadget.
Everyone told you to deploy two SD-WAN instances in the public cloud virtual network to be redundant, so this is what you deploy: