0

Heavy Networking 562: Juniper’s Paragon Automation Portfolio Prioritizes Service Experience (Sponsored)

In today’s sponsored show with Juniper Networks, we dive into Juniper's Paragon product portfolio, which measures service quality for critical applications. The portfolio allows service providers and enterprises to get deeper visibility into, and automated control over, their networks. Our guests from Juniper to walk us through the portfolio are Peter Weinberger and Jonas Krogell.

0

SEC 3. Building your own containerised PKI (root CA) with Linux and Docker to simplify and secure network automation

Hello my friend,

You know our passion to network automation. We truly believe, that this is the only sustainable way for the network development and operation. In the same time, one the key goals of the automation is to make your network secure and safe. Therefore, the security of the automation and communication channels used by automation is very important. So today we’ll take a look how to build

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Can automation make your network better?

Automation is the key component of the perpetual engine of your network development and operation. It allows you to run the network quick, stable, and safe. And we are willing you to benefit as much as you can from that.

We have created a new training, which is focused only on the Nornir and you can use it for the network (and not only) automation. It is an organic extension of our network automation training, which assumes you are already Continue reading

0

Smart ways to compare files on Linux

Commands for comparing files have proliferated since the early days of Linux. In this post, we'll look at a suite of commands available for comparing files and highlight the advantages that some of the newer ones provide.diff One of the oldest and still popular commands for detecting and reporting on file differences is the diff command. Comparing two lists of meeting attendees, the diff command will simply and clearly show you the differences.$ diff attendance-2020 attendance-2021 10,12c10 < Monroe Landry < Jonathon Moody < Donnell Moore --- > Sandra Henry-Stocker Only the lines that are different are displayed. The output precedes lines that are only in the first file with < and those only in the second file with >.To read this article in full, please click here

0

Smart ways to compare files on Linux

Commands for comparing files have proliferated since the early days of Linux. In this post, we'll look at a suite of commands available for comparing files and highlight the advantages that some of the newer ones provide.diff One of the oldest and still popular commands for detecting and reporting on file differences is the diff command. Comparing two lists of meeting attendees, the diff command will simply and clearly show you the differences.$ diff attendance-2020 attendance-2021 10,12c10 < Monroe Landry < Jonathon Moody < Donnell Moore --- > Sandra Henry-Stocker Only the lines that are different are displayed. The output precedes lines that are only in the first file with < and those only in the second file with >.To read this article in full, please click here

0

Full Stack Journey 051: Knowing When It’s Time For A Career Transition

Career changes and transitions seem inevitable in technology. When is the right time? How do you know you're ready? Is it a smart move? How do you deal with imposter syndrome? Full Stack Journey Scott Lowe and guest Massimo Re Ferre discuss these and other IT career questions.

0

Full Stack Journey 051: Knowing When It’s Time For A Career Transition

Career changes and transitions seem inevitable in technology. When is the right time? How do you know you're ready? Is it a smart move? How do you deal with imposter syndrome? Full Stack Journey Scott Lowe and guest Massimo Re Ferre discuss these and other IT career questions.

The post Full Stack Journey 051: Knowing When It’s Time For A Career Transition appeared first on Packet Pushers.

0

Introducing ACE Cloud Operations

Recently Aviatrix developed a new course in the Aviatrix Certified Engineer (ACE) program. Aviatrix Certified Engineer – Multi-Cloud Network Operations (or ACE Cloud Ops for short) is catered towards cloud operations practitioners who need to successfully run, operate, and manage business-critical Day-2 workloads in the cloud. The ACE program recently announced its 10,000th certified engineer. … Continue reading Introducing ACE Cloud Operations →

0

History of FARNT with Laura Breeden

FARNT was a regional consortium of smaller network operators that eventually helped drive the adoption of TCP/IP and the global Internet, as well as helping efforts to commercialize Internet access. Join Donald Sharp and Russ White as Laura Breeden discusses the origins of FARNT, it’s importance in the adoption of early Internet technologies, and the many hurdles regional network operators had to overcome.

Laura is now the Board Chair at the National Digital Inclusion Alliance.

download

0

On the ‘net: The Art of Conviction

I was recently a guest on The Art of Conviction podcast, where we covered a bit of my background, some of the challenges I’ve faced in getting where I am, and then we moved into a discussion around my recently finished dissertation. I’m working to find places to publish more in the area of worldview and culture; I’ll point to those here as I can find a “home” for that side of my life.

You can find the recording here.

Beyond my episode, The Art of Conviction is a fascinating podcast; you should really subscribe and listen in.

0

Palo Alto grows cloud security portfolio with new Prisma release, Bridgecrew buy

Palo Alto had a busy week. First, it rolled out a number of new features for its Prisma cloud-based security package, and then it announced plans to buy cloud security vendor Bridgecrew for about $156 million in cash.Palo Alto's Prisma is a cloud-based security package that includes access control, advanced threat protection, user behavior monitoring and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, zero-trust network access, a cloud access security broker and a secure web gateway.To read this article in full, please click here

0

Palo Alto grows cloud security portfolio with new Prisma release, Bridgecrew buy

Palo Alto had a busy week. First, it rolled out a number of new features for its Prisma cloud-based security package, and then it announced plans to buy cloud security vendor Bridgecrew for about $156 million in cash.Palo Alto's Prisma is a cloud-based security package that includes access control, advanced threat protection, user behavior monitoring and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, zero-trust network access, a cloud access security broker and a secure web gateway.To read this article in full, please click here

0

Living on the Edge

Having enjoyed the benefits of an increasingly digital existence, most consumers are not only willing but demand to continue living on the edge.

0

Industry-First Pay-as-you-go SaaS Platform for Kubernetes Security and Observability

We are excited to introduce Calico Cloud, a pay-as-you-go SaaS platform for Kubernetes security and observability. With Calico Cloud, users only pay for services consumed and are billed monthly, getting immediate value without upfront investment.

Introduction

Calico Cloud gives DevOps, DevSecOps, and Site Reliability Engineering (SRE) teams a single pane of glass across multi-cluster and multi-cloud Kubernetes environments to deploy a standard set of egress access controls, enforce security policies, ensure compliance, get end-to-end visibility, and troubleshoot applications. Calico Cloud is Kubernetes-native and provides native extensions to enable security and observability as code for easy and consistent enforcement across Kubernetes distributions, multi-cloud and hybrid environments. It scales automatically with the managed clusters according to the user requirements to ensure uninterrupted real-time visibility at any scale.

Security and Observability Challenges

• North-South Controls: Often microservices need to communicate with services or API endpoints running outside the Kubernetes cluster. Implementing access control from Kubernetes pods to external endpoints is hard. Most traditional or cloud provider’s firewalls do not understand the Kubernetes context which forces the ops team to allow traffic from the entire cluster or a set of worker nodes.
• East-West Controls: Even after effective perimeter-based north-south controls, the organizations face challenges to Continue reading

0

Network Break 320: Juniper Rebrands Service Provider Automation Offerings; Fortinet Gets SASE With Latest OS

This week's Network Break dives into Juniper reorganizing and rebranding automation products as the Paragon portfolio, new SASE and ZTNA capabilities from Fortinet, the rise of cyber-insurance premiums, an HPE server getting launched into space, and more tech news.

The post Network Break 320: Juniper Rebrands Service Provider Automation Offerings; Fortinet Gets SASE With Latest OS appeared first on Packet Pushers.

0

Network Break 320: Juniper Rebrands Service Provider Automation Offerings; Fortinet Gets SASE With Latest OS

This week's Network Break dives into Juniper reorganizing and rebranding automation products as the Paragon portfolio, new SASE and ZTNA capabilities from Fortinet, the rise of cyber-insurance premiums, an HPE server getting launched into space, and more tech news.

0

Anthos developer sandbox demo

Anthos developer sandbox is pretty cool as it allows developers to experience Kubernetes/GKE/Anthos from right inside their favorite IDE. I made the following demo to showcase how you can use Anthos developer sandbox.

0

Availability Zones and Regions in AWS, Azure and GCP

My friend Daniel Dib sent me this interesting question:

As I understand it, subnets in Azure span availability zones. Do you see any drawback to this? Does subnet matter if your VMs are in different AZs?

I’m positive I don’t have to tell you what networks, subnets, and VRFs are, but you might not have worked with public cloud availability zones before. Before going into the details of Daniel’s question (and it will take us three blog posts to get to the end), let’s introduce regions and availability zones (you’ll find more details in AWS Networking and Azure Networking webinars).

0

Availability Zones and Regions in AWS, Azure and GCP

My friend Daniel Dib sent me this interesting question:

As I understand it, subnets in Azure span availability zones. Do you see any drawback to this? Does subnet matter if your VMs are in different AZs?

I’m positive I don’t have to tell you what networks, subnets, and VRFs are, but you might not have worked with public cloud availability zones before. Before going into the details of Daniel’s question (and it will take us three blog posts to get to the end), let’s introduce regions and availability zones (you’ll find more details in AWS Networking and Azure Networking webinars).

0

Farewell to Northbound Networks

Digging through my office looking for some other technology which I had misplaced, I stumbled across a small box containing a Northbound Networks Zodiac-FX, a small 4-port FastEthernet OpenFlow SDN switch which I had picked up after backing a 2015 kickstarter campaign.

These were a pretty cool idea, and at the time OpenFlow (OF) was the hottest thing around, everything was being SDN-washed, and the idea that a regular user like myself could afford actual hardware with OF capabilities to toy with in the home lab was beyond belief. Of course, it was possible to virtualize OF with Mininet, but there’s something about using a real switch that goes beyond that. Even though, as you’ll in a future post, I ended up wasting that opportunity, I am still honored to have backed it, and my hat is off to Northbound Networks’ founder Paul Zanna for what he has accomplished.

Paying My Respects

With that in mind, I’m sad to note that when I went to the Northbound Networks website, I discovered that some time around August 2020 the company stopped manufacturing SDN hardware.

Since the original Zodiac FX campaign, Paul had expanded the available products to include an 802. Continue reading

0

Rethinking BGP on the DC Fabric (part 3)

The fist post on this topic considered some basic definitions and the reasons why I am writing this series of posts. The second considered the convergence speed of BGP on a dense topology such as a DC fabric, and what mechanisms we normally use to improve BGP’s convergence speed. This post considers some of the objections to slow convergence speed—convergence speed is not important, and ECMP with high fanouts will take care of any convergence speed issues. The network below will be used for this discussion.

Two servers are connected to this five-stage butterfly: S1 and S2 Assume, for a moment, that some service is running on both S1 and S2. This service is configured in active-active mode, with all data synchronized between the servers. If some fabric device, such as C7, fails, traffic destined to either S1 or S2 across that device will be very quickly (within tens of milliseconds) rerouted through some other device, probably C6, to reach the same destination. This will happen no matter what routing protocol is being used in the underlay control plane—so why does BGP’s convergence speed matter? Further, if these services are running in the overlay, or they are designed to discover Continue reading