Review: SaltStack brings SecOps to network orchestration and automation

SaltStack Enterprise, and its optional SecOps modules, is one of the only platforms available today that can fully manage complex enterprise environments while also protecting them.

Review: SaltStack brings SecOps to network orchestration and automation

SaltStack Enterprise, and its optional SecOps modules, is one of the only platforms available today that can fully manage complex enterprise environments while also protecting them.

EVPN Auto-RD and Duplicate MAC Addresses

Another EVPN reader question, this time focusing on auto-RD functionality and how it works with duplicate MAC addresses:

If set to Auto, RD generated will be different for the same VNI across the EVPN switches. If the same route (MAC and/or IP) is present under different leaves of the same L2VNI, since the RD is different there is no best path selection and both will be considered. It’s a misconfiguration and shouldn’t be allowed. How will the BGP deal with this?

BGP in 2019 – Part 2

Serverless computing: Ready or not?

Until a few years ago, physical servers were a bedrock technology, the beating digital heart of every data center. Then the cloud materialized. Today, as organizations continue to shovel an ever-growing number of services toward cloud providers, on-premises servers seem to be on the verge of becoming an endangered species.Serverless computing is doing its share to accelerate the demise of on-premises servers. The concept of turning to a cloud provider to dynamically manage the allocation of machine resources and bill users only for the actual amount of resources consumed by applications is gaining increasing acceptance. A late 2019 survey conducted by technical media and training firm O'Reilly found that four out of 10 enterprises, spanning a wide range of locations and industries, have already adopted serverless technologies.To read this article in full, please click here

Serverless computing: Ready or not?

Until a few years ago, physical servers were a bedrock technology, the beating digital heart of every data center. Then the cloud materialized. Today, as organizations continue to shovel an ever-growing number of services toward cloud providers, on-premises servers seem to be on the verge of becoming an endangered species.Serverless computing is doing its share to accelerate the demise of on-premises servers. The concept of turning to a cloud provider to dynamically manage the allocation of machine resources and bill users only for the actual amount of resources consumed by applications is gaining increasing acceptance. A late 2019 survey conducted by technical media and training firm O'Reilly found that four out of 10 enterprises, spanning a wide range of locations and industries, have already adopted serverless technologies.To read this article in full, please click here

Google Absorbs AppSheet to Automate Code

Daily Roundup: Nokia Slashes Jobs

Microsoft Patches Critical Windows Security Flaw

SDxCentral Adds Career Resources for IT Professionals

Instant, secure ‘teleportation’ of data in the works

Sending information instantly between two computer chips using quantum teleportation has been accomplished reliably for the first time, according to scientists from the University of Bristol, in collaboration with the Technical University of Denmark (DTU). Data was exchanged without any electrical or physical connection – a transmission method that may influence the next generation of ultra-secure data networks.Teleportation involves the moving of information instantaneously and securely. In the “Star Trek” series, fictional people move immediately from one place to another via teleportation. In the University of Bristol experiment, data is passed instantly via a single quantum state across two chips using light particles, or photons. Importantly, each of the two chips knows the characteristics of the other, because they’re entangled through quantum physics, meaning they therefore share a single physics-based state.To read this article in full, please click here

AT&T Wins 5G Contract for Nellis Air Force Base

Deep Dive: U.S. Federal Government’s Security and Privacy Practices

In April 2019, the Internet Society’s Online Trust Alliance released its 10th Annual Online Trust Audit & Honor Roll. The Audit looks at the security and privacy practices of over 1,000 of the top sites on the Internet, from retailers to government sites. In this post we will take a deeper dive into the U.S. Federal Government sector of the Audit. The Government sector is defined as the top 100 sites in the U.S. Federal Government by traffic (based on Alexa ranking). Given the nature of the U.S. Government compared to companies, this sample has some unique properties, namely site security.

The most obvious place the government excels is in the area of encryption. The reason for this is largely due to a mandate from the Homeland Security Department that all U.S. Government sites be encrypted, but the standard should still be the same for any site. Put another way, the other sectors in the Audit do not have an excuse for lagging in security.

In site security the Government sector fared the best with 100% adoption of “Always-On Secure Socket Layer” (AOSSL) and/or “HTTP Strict Transport Security” (HSTS), compared to 91% of sites overall. The Continue reading

Google Partners With CNCF, HackerOne on Kubernetes Bug Bounty

Embattled GTT Fortifies Its SD-WAN With Fortinet

Get this essential cloud security certification training bundle for only $49

Most businesses operate via the cloud. That means now is an ideal time to consider a career keeping them secure. But that doesn’t necessarily mean that you’d have to go back to school for professional training. Instead, you can easily learn from home — and prep to earn valuable credentials that’ll help you land a job — with The Essential Cloud Security Certification Bundle, now just $49.To read this article in full, please click here

A cost-effective and extensible testbed for transport protocol development

This was originally published on Perf Planet's 2019 Web Performance Calendar.

At Cloudflare, we develop protocols at multiple layers of the network stack. In the past, we focused on HTTP/1.1, HTTP/2, and TLS 1.3. Now, we are working on QUIC and HTTP/3, which are still in IETF draft, but gaining a lot of interest.

QUIC is a secure and multiplexed transport protocol that aims to perform better than TCP under some network conditions. It is specified in a family of documents: a transport layer which specifies packet format and basic state machine, recovery and congestion control, security based on TLS 1.3, and an HTTP application layer mapping, which is now called HTTP/3.

Let’s focus on the transport and recovery layer first. This layer provides a basis for what is sent on the wire (the packet binary format) and how we send it reliably. It includes how to open the connection, how to handshake a new secure session with the help of TLS, how to send data reliably and how to react when there is packet loss or reordering of packets. Also it includes flow control and congestion control to interact well with other transport protocols in Continue reading

Get Up To Speed on NSX Cloud with 5 Easy Resources

Over the last few years, as public and hybrid cloud adoption proliferated, organizations began looking for seamless and consistent manageability of their public cloud and private cloud workloads. This is one of the reasons why VMware brought NSX Cloud to the market.

Overview of NSX Cloud

In a nutshell, NSX Cloud provides consistent networking and security across hybrid and multi-cloud workloads. The key benefits and features of NSX Cloud include:

• Single-pane-of-glass visibility
• Essential networking capabilities
• Consistent security policy
• Granular micro-segmentation across on-premises and native public cloud environments such as AWS and Azure

NSX Cloud plays a key role in VMware’s Virtual Cloud Network vision of connecting and protecting workloads of all types (VMs, containers, bare metal) from data center to cloud to edge.   

“With NSX Cloud, we got a very compact firewall policy—easy to review and easy to manage. The power, administratively, is that we go to one place to update our policy and when we publish it, it automatically deploys it to every cloud server instance. This was a big win for us.”

Brian Jemes, Network Manager, University of Idaho
VMworld US 2018, NET1516BU

Top 5 Resources on NSX Cloud 

Here is a compilation of the Continue reading

BrandPost: SD-WAN Enables Large-Scale Enterprise Deployments Including Mobile & IoT

As global enterprises continue to adopt and deploy SD-WAN as a key enabler of cloud and digital transformation initiatives, they must also consider the importance of infrastructure scalability to accommodate the dynamic nature of connecting users to business applications and services regardless of where they are physically located. This is driving an increased focus on ease-of-use, automation, and orchestration, which industry analyst firm Futuriom cites as one of the top features of SD-WAN functionality.Why is this becoming increasingly important? Many large-scale global enterprises have multiple divisions, business units or subsidiaries that may each require a dedicated SD-WAN fabric to comply with company financial policies, geography, business jurisdiction or regulatory requirements or simply to create independent administrative domains. Each fabric can be individually orchestrated and managed yet still provides centralized network-wide visibility and control, including aggregated observability of the entire network.To read this article in full, please click here

Selective Activity has Consequences

On doing the things you do well

The post Selective Activity has Consequences appeared first on EtherealMind.