NB 469: Arista Debuts Network Observability Service; Startups Aim To Break Nvidia’s AI Chip Grip
This week we discuss a new network observability offering from Arista that integrates network telemetry with application data, why startups such as Groq and Taalas think they can break Nvidia’s grip on the AI chip market, and how Microsoft is hedging its LLM bets. Amazon goes nuclear with the purchase of a reactor-powered data center... Read more »What is Network-as-a-Service (NaaS)? A Complete Guide
Network-as-a-Service (NaaS) offers a flexible, cost-effective, and efficient way for businesses to manage their networking needs. Here is an overview to guide your selection and use of NaaS.Security Week 2024 wrap up
The next 12 months have the potential to reshape the global political landscape with elections occurring in more than 80 nations, in 2024, while new technologies, such as AI, capture our imagination and pose new security challenges.
Against this backdrop, the role of CISOs has never been more important. Grant Bourzikas, Cloudflare’s Chief Security Officer, shared his views on what the biggest challenges currently facing the security industry are in the Security Week opening blog.
Over the past week, we announced a number of new products and features that align with what we believe are the most crucial challenges for CISOs around the globe. We released features that span Cloudflare’s product portfolio, ranging from application security to securing employees and cloud infrastructure. We have also published a few stories on how we take a Customer Zero approach to using Cloudflare services to manage security at Cloudflare.
We hope you find these stories interesting and are excited by the new Cloudflare products. In case you missed any of these announcements, here is a recap of Security Week:
Responding to opportunity and risk from AI
| Title | Excerpt |
|---|---|
| Cloudflare announces Firewall for AI | Cloudflare announced the development of Firewall for AI, Continue reading |
Cyber Crane Mesh Topology Built with netlab
Milan Zapletal submitted the source code for a huge lab topology they built with netlab. It has almost 50 routers and over 50 Linux nodes to emulate end-users and servers.
They used netlab to configure VLANs, VRFs, IS-IS, OSPF, EIGRP, BGP, MPLS, VXLAN, and EVPN. Imagine how long it would take to configure all that by hand using a more traditional labbing tool.
Cyber Crane Mesh Topology Built with netlab
Milan Zapletal submitted the source code for a huge lab topology they built with netlab. It has almost 50 routers and over 50 Linux nodes to emulate end-users and servers.
They used netlab to configure VLANs, VRFs, IS-IS, OSPF, EIGRP, BGP, MPLS, VXLAN, and EVPN. Imagine how long it would take to configure all that by hand using a more traditional labbing tool.
KeyTrap!
Yet another DNS vulnerability has been exposed. The language of the press release revealing the vulnerabil;ity is certainly dramatic, with "devasting consequences" and the threat to "completely disable large parts of the worldwide Internet."" If this is really so devastating then perhaps we should look at this in a little more detail to see what’s going on, how this vulnerability works, and what the response has been.KeyTrap!
Yet another DNS vulnerability has been exposed. The language of the press release revealing the vulnerabil;ity is certainly dramatic, with "devasting consequences" and the threat to "completely disable large parts of the worldwide Internet."" If this is really so devastating then perhaps we should look at this in a little more detail to see what’s going on, how this vulnerability works, and what the response has been.The Future of Network Engineering in the AI/ML era
It seems like yesterday when I saw my first network automation presentation at a conference. I remember it very well; it was in 2015 at the Cisco Network Innovation Summit in Prague. Mr. Tim Szigeti was presenting the first version of the Cisco APIC-EM, the future Cisco Digital Network Architecture (DNA) controller. I talked already about it in a previous article, written in 2018, about my journey toward network programmability and automation. After its presentation, and for many years afterward, the question was on everyone’s lips: Is this the end…
The post The Future of Network Engineering in the AI/ML era appeared first on AboutNetworks.net.
Slurp’it – Network Inventory & Discovery Tool
I recently came across a neat tool called 'Slurp'it', a Network Inventory and Discovery solution. If you've been following my blog for a while, you know I just had to give it a try and share my findings with you. So, in this post, I'm going to quickly go over how to get it up and running, along with a few ways you might find it useful. Let's dive in.
What We Will Cover?
- What is Slurp'it?
- Licenses
- Installation and Setup
- Data Collection
- Custom Planning
- Some Use Cases
What is Slurp'it?
The official definition is "Slurp’it is a powerful and easy-to-use network discovery solution that offers 100% accurate network inventory. No coding required." Out of the box, the tool supports almost all the vendors (117 as of writing this)
In a nutshell, Slurp'it simplifies the whole process of understanding your network's inventory. All you need to do is provide the IP address or hostname of your devices, along with the login credentials. Slurp'it takes it from there. It executes various 'show' commands on your devices, usesTextFSM to parse the outputs, and finally presents you with a tidy table detailing everything it has discovered. It's straightforward yet effective, Continue reading
Understanding BGP Communities
The post Understanding BGP Communities appeared first on Noction.
Worth Reading: Talent Gap in IT
If you need a good rant about Thought Leaders, Talent Gap, and Certification-Based-Hiring, look no further than I see a different gap from here!. Here’s a choice tidbit:
Every single job description that requires some sort of certification must be treated with suspicion. Demanding a certification usually means that you don’t know what you want, and you’re just outsourcing your thinking to someone else.
Have fun!
Worth Reading: Talent Gap in IT
If you need a good rant about Thought Leaders, Talent Gap, and Certification-Based-Hiring, look no further than I see a different gap from here!. Here’s a choice tidbit:
Every single job description that requires some sort of certification must be treated with suspicion. Demanding a certification usually means that you don’t know what you want, and you’re just outsourcing your thinking to someone else.
Have fun!
AWS EKS Cluster with Terraform
https://codingpackets.com/blog/aws-eks-cluster-with-terraform
How Undersea Cable Cuts are Making Global Business Increasingly Risky
With no viable alternatives, governments, enterprises, and operators team to tackle longstanding undersea cable resiliency challenges.Worth Exploring: PCAP Analysis with Generative AI
John Capobianco published the source code of his Packet Buddy application on GitHub. It’s a Python UI that takes a PCAP file, converts it to JSON, and includes that JSON as part of the ChatGPT chat, allowing you to discuss the captured packets with ChatGPT.
His idea is one of the best uses of generative AI in networking I’ve seen so far, as long as you remember that you’re dealing with an overconfident intern who has no problem making up an answer just to sound smart. Have fun!
Finally, if you don’t want to use ChatGPT (I wouldn’t blame you) or send captured data into The Cloud, someone already adapted his idea to use local LLMs.
Worth Exploring: PCAP Analysis with Generative AI
John Capobianco published the source code of his Packet Buddy application on GitHub. It’s a Python UI that takes a PCAP file, converts it to JSON, and includes that JSON as part of the ChatGPT chat, allowing you to discuss the captured packets with ChatGPT.
His idea is one of the best uses of generative AI in networking I’ve seen so far, as long as you remember that you’re dealing with an overconfident intern who has no problem making up an answer just to sound smart. Have fun!
Finally, if you don’t want to use ChatGPT (I wouldn’t blame you) or send captured data into The Cloud, someone already adapted his idea to use local LLMs.
Hedge 216: Automation Success Stories
One thing we often hear about automation is that its hard because there are so many different interfaces. On this episode of the Hedge, Daniel Teycheney joins Ethan Banks and Russ White to discuss how they started from a simple idea and ended up building an automation system that does cross vendor boundaries within a larger discussion about automation and APIs.
HN724: How Packets Move Through a Network Device
Today we metaphorically pop open the hood of switches and routers, taking a look at the mechanics of how they work. We cover the three states: configuration, operational, and forwarding. We talk RIB and FIB, along with CAM, TCAM, and MPLS. We also cover line rate, port-to-port latency, and buffers. Whether it’s been awhile since... Read more »Now’s the Time to Optimize Cloud Costs: Here’s How
By choosing the right cloud at the right time, adjusting one’s cloud strategy as needed, and factoring in hidden fees, businesses have the best chance at optimizing cloud costs effectively.Protocol detection with Cloudflare Gateway
Cloudflare Gateway, our secure web gateway (SWG), now supports the detection, logging, and filtering of network protocols regardless of their source or destination port. Protocol detection makes it easier to set precise policies without having to rely on the well known port and without the risk of over/under-filtering activity that could disrupt your users’ work. For example, you can filter all SSH traffic on your network by simply choosing the protocol.
Today, protocol detection is available to any Enterprise user of Gateway and supports a growing list of protocols including HTTP, HTTPS, SSH, TLS, DCE/RPC, MQTT, and TPKT.
Why is this needed?
As many configuration planes move to using RESTful APIs, and now even GraphQL, there is still a need to manage devices via protocols like SSH. Whether it is the only management protocol available on a new third party device, or one of the first ways we learned to connect to and manage a server, SSH is still extensively used.
With other legacy SWG and firewall tools, the process of blocking traffic by specifying only the well known port number (for example, port 22 for SSH) can be both insecure and inconvenient. For example, if you used SSH Continue reading