New Features in MANRS Observatory: More Informative, Intuitive, and Easy to Use
In August 2019, the Internet Society supported the Mutually Agreed Norms for Routing Security (MANRS) initiative by creating a platform to visualize its members’ routing security data from around the globe. The MANRS Observatory’s interactive dashboard allows networks to check their progress in improving their routing security.
Last week, we updated some key features of the MANRS Observatory guided by member feedback. Below we share a summary of those changes.
Please note, detailed statistics and reports for specific networks are only available to MANRS participants. Your organization can become an MANRS member for free, and join a global group of people committed to making the Internet safer for us all. Find out how.
MANRS Observatory 3.0.1: Latest updates
- Shorter reporting cycle
- Improved favorite functionality
- Access to RIPEstat widget
- Change to how we round numbers
1. Shorter reporting cycle
Previously the MANRS Observatory provided status report updates up to 31 days after members’ had added their latest figures. While this wasn’t a real problem when looking at general trends, it was an issue for network operators who use the platform to check their network conformance. It was also an issue for the MANRS team, as we Continue reading
Network Automation Can Relieve Network Engineers Stretched Thin by Covid-19
The network has never been more vulnerable. Covid-19 has flung users out from the data center to home offices—where they are accessing critical systems, applications, and other users from unsecured devices and WiFi connections. As a result, it’s all hands on deck for IT, with network engineers deputized as IT support staff in a mad rush to give remote users fast and reliable, yet secure, access to the tools and information they need.
But what of the regular duties of these engineers? They are being pushed back in favor of new priorities—stretching network engineering resources, already spread thin, to the breaking point.
Enter network automation. VMware NSX-T allows organizations to automate and simplify operations in the age of Covid. Tasks that were once performed manually through the UI or CLI can now be automated with the NSX API—creating the foundation for dynamic, flexible and responsive network architectures that can support a world where users, devices, applications and data connect across private, public and hybrid cloud environments.
Networking professionals who want to learn more about how to automate operations should check out the following on-demand sessions from VMworld:
NSX-T Network Automation: What To Do When You Have Continue reading
UK Black History Month at Cloudflare
In February 2019, I started my journey at Cloudflare. Back then, we lived in a COVID-19 free world and I was lucky enough, as part of the employee onboarding program, to visit our San Francisco HQ. As I took my first steps into the office, I was greeted by a beautiful bouquet of Protea flowers at the reception desk. Being from South Africa, seeing our national flower instantly made me feel at home and welcomed to the Cloudflare family - this memory will always be with me.
Later that day, I learnt it was Black History Month in the US. This celebration included African food for lunch, highlights of Black History icons on Cloudflare’s TV screens, and African drummers. At Cloudflare, Black History Month is coordinated and run by Afroflare, one of many Employee Resource Groups (ERGs) that celebrates diversity and inclusion. The excellent delivery of Black History Month demonstrated to me how seriously Cloudflare takes Black History Month and ERGs.
Today, I am one of the Afroflare leads in the London office and led this year’s UK Black History Month celebration. 2020 has been a year of historical events, which made this celebration uniquely significant. George Floyd’s murder Continue reading
Worth Reading: Protocol Options Rusted Shut
A long while ago I found a great article explaining TLS 1.3 and its migration woes on CloudFlare blog. While I would strongly recommend you read it just to get familiar with TLS 1.3, the real fun starts when the author discusses migration problems, kludges you have to use trying to fix them, less-than-compliant implementations breaking those kludges, and options that were supposed to be dynamic, but turn out to be static (rusted shut) due to middleboxes that implemented protocols as-seen-in-the-wild not as-described-in-RFCs.
Change a few TLAs and you could be reading about TCP, IP stack, IPv6, BGP… I addressed those aspects in the ossification and centralization part of Upcoming Internet Challenges webinar.
Worth Reading: Protocol Options Rusted Shut
A long while ago I found a great article explaining TLS 1.3 and its migration woes on CloudFlare blog. While I would strongly recommend you read it just to get familiar with TLS 1.3, the real fun starts when the author discusses migration problems, kludges you have to use trying to fix them, less-than-compliant implementations breaking those kludges, and options that were supposed to be dynamic, but turn out to be static (rusted shut) due to middleboxes that implemented protocols as-seen-in-the-wild not as-described-in-RFCs.
Change a few TLAs and you could be reading about TCP, IP stack, IPv6, BGP… I addressed those aspects in the ossification and centralization part of Upcoming Internet Challenges webinar.
Exploring Vendor-Agnostic Extended Detection and Response
Extended Detection and Response (XDR) unifies data to truly detect threats in real-time and respond to them.Internet Insights – On Track for Launch
Things might have seemed quiet on our Measuring the Internet activities for the last few weeks, but lots of work has been taking place behind the scenes to ensure that the Internet Society’s Internet Insights platform will be ready for phase one of its launch in December 2020.
What We’re Working On
To help everyone gain deeper insight into the Internet, we’re consolidating trusted third-party Internet measurement data from various sources into a single platform – Insights. We’ll use this data to examine trends, generate reports, and tell data-driven stories. Insights will be available to everyone, everywhere so that anyone can better understand the health, availability, and evolution of the Internet.
Our Data Partners
Phase one of Insights will launch with an initial set of data that will help to illustrate two of our four focus areas: Internet Shutdowns and Enabling Technologies. We’re sharing data sourced from the following trusted third-party data providers and are working to integrate data from more organizations as the platform develops.
The Hedge #59: Dan Blum and Rational Cybersecurity
Security has taken on an aura of mystery to many network engineers—why can’t we approach security in the way we do many other topics, rationally? It turns out we can. Dan Blum joins Tom Ammon and Russ White to discuss the concepts and techniques behind rational cybersecurity.
2020 Latin America Chapter Workshop: Celebrating Successes and Mobilizing for an Internet of Opportunity
Our global community of Chapters is vibrant. Chapter members implement projects, share ideas, and take actions that help bring the Internet Society’s vision to life. In particular, the leaders of the Latin American Chapters have had the opportunity to meet annually in a workshop dedicated to them.
2020 has led us to think of new ways to keep in touch and continue working for the Internet to remain open, globally-connected, trustworthy, and secure for everyone. This is why, from October 26 to 30, we held the 2020 Latin American Chapters Workshop in virtual format, with 100% participation of the Latin American Chapters.
Through 20 sessions, the workshop was a collaborative space and a meeting point for the staff and the Internet Society community. The 333 people who participated shared their knowledge and experience around topics related to our 2020 Action Plan. To offer a holistic approach, we also held sessions on leadership and Chapter management.
At the end of each day we created a summary of the most important points of each session. For these summaries we decided to give the audio format a try and created a playlist that you cannot miss. Listen – each episode lasts about five Continue reading
Tech Bytes: Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored)
Today's Day Two Cloud Tech Bytes is all about proactive network monitoring with sponsor Riverbed. The goal of proactive network monitoring is to see and respond to an emerging issue before it becomes a problem that affects end users or application performance. Our guest is Chris Eckert, Technical Solutions Architect at Riverbed.Tech Bytes: Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored)
Today's Day Two Cloud Tech Bytes is all about proactive network monitoring with sponsor Riverbed. The goal of proactive network monitoring is to see and respond to an emerging issue before it becomes a problem that affects end users or application performance. Our guest is Chris Eckert, Technical Solutions Architect at Riverbed.
The post Tech Bytes: Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored) appeared first on Packet Pushers.
My internship: Brotli compression using a reduced dictionary
Brotli is a state of the art lossless compression format, supported by all major browsers. It is capable of achieving considerably better compression ratios than the ubiquitous gzip, and is rapidly gaining in popularity. Cloudflare uses the Google brotli library to dynamically compress web content whenever possible. In 2015, we took an in-depth look at how brotli works and its compression advantages.
One of the more interesting features of the brotli file format, in the context of textual web content compression, is the inclusion of a built-in static dictionary. The dictionary is quite large, and in addition to containing various strings in multiple languages, it also supports the option to apply multiple transformations to those words, increasing its versatility.
The open sourced brotli library, that implements an encoder and decoder for brotli, has 11 predefined quality levels for the encoder, with higher quality level demanding more CPU in exchange for a better compression ratio. The static dictionary feature is used to a limited extent starting with level 5, and to the full extent only at levels 10 and 11, due to the high CPU cost of this feature.
We improve on the limited dictionary use approach and add Continue reading
DENT
Introducing DENT OS, switchdev NOS for the rest of us talk, presented at the recent Open Source Summit, describes the Linux Foundation DENT project. The slides from the presentation are available.
Linux switchdev is an in-kernel driver model for switch devices which offload the forwarding (data) plane from the kernel. Integrating switch ASIC drivers in the Linux kernel makes switch ports appear as additional Linux network interfaces that can be configured and managed using standard Linux tools.
DENT is an Ubuntu based Linux distribution that packages the drivers for switch hardware (fans, temperature sensors, ASIC, etc) along with the open source FRRouting routing protocol suite which includes protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP. The FRRouting software uses the Linux netlink API to program Linux kernel packet forwarding, which on a hardware switch platform is offloaded by the switchdev driver to the ASIC for line rate forwarding.
A major benefit of DENT's approach to making Linux into the network operating system is that the same tools used to configure, manage and monitor Linux servers can also be used to manage network switches. In addition, a DENT virtual machine behaves in exactly the same way as Continue reading
Mark Your Calendars – The Modern Network for a Future Ready Business
Applications are going through a major transformation – they are becoming more dynamic, complex, and distributed. They are often built on cloud-native principles and run on-premises and in the cloud. As we speak with our customers and industry analysts, we consistently hear about the need to rethink how the network supports this transformation and why it is so important for the business.
VMware is hosting a global online event – The Modern Network for a Future Ready Business. VMware executives will join industry analysts, customers, and partners to create an event that will be memorable and worthwhile, whether you are a business leader, an architect, a developer, or part of enterprise IT.
In this virtual event, we will take a look at the traditional networking model, carefully identify its shortcomings when it comes to servicing the application and the end user and make the case for a new framework – the Modern Network. Traditional networking takes a bottom up approach – focusing on connecting boxes in the campus, branch and data center with little attention paid to the apps running on top of the infrastructure. In contrast, the Modern Network keeps the end user application experience front Continue reading
Tech Leaders on the Future of Remote Work
Dozens of top leaders and thinkers from the tech industry and beyond recently joined us for a series of fireside chats commemorating Cloudflare’s 10th birthday. Over the course of 24 hours of conversation, many of these leaders touched on how the workplace has evolved during the pandemic, and how these changes will endure into the future.
Here are some of the highlights.
On the competition for talent
Stewart Butterfield
Co-founder and CEO, Slack
The thing that I think people don't appreciate or realize is that this is not a choice that companies are really going to make on an individual basis. I've heard a lot of leaders say, “we're going back to the office after the summer.”
If we say we require you to be in the office five days a week and, you know, Twitter doesn't, Salesforce doesn't — and those offers are about equal — they'll take those ones. I think we would also lose existing employees if they didn't believe that they had the flexibility. Once you do that, it affects the market for talent. If half of the companies support distributed work or flexible hours and flexible time in the office, you can compensate Continue reading