Archive

Category Archives for "Networking"

Use Layer 7 Application Identity in Your Segmentation Policies

With the launch of VMware NSX in 2013, VMware pioneered micro-segmentation. Back then our solution was based on stateful Layer 4 filtering. We’ve added in dynamic grouping, enabling policies based on VM context such as VM Name, Operating System or Security Tags. Using dynamic grouping, the life cycle of a Service-defined Firewall policy is directly tied to the life cycle of the workloads/application it’s protecting. This is radically different from traditional firewalls which use IP-address based policies. 

Another addition to our Service-defined firewall is Layer 7 Application Identity.  You may be familiar with the concept from the perspective of a perimeter firewall where it can be used to allow access to Facebook chat but block access to Facebook gamesThe data center is different and so are the use cases for layer 7 Application Identity.  

In this blog I will cover why organizations should use Layer 7 Application Identity in their data center segmentation policies. 

What Are the Problems with Port-Based Rules?

While stateful Layer 4 firewalls have significantly reduced both the complexity and security gaps that come with configuring stateless Access Control Continue reading

Network-Layer DDoS Attack Trends for Q1 2020

Network-Layer DDoS Attack Trends for Q1 2020
Network-Layer DDoS Attack Trends for Q1 2020

As we wrapped up the first quarter of 2020, we set out to understand if and how DDoS attack trends have shifted during this unprecedented time of global shelter in place. Since then, traffic levels have increased by over 50% in many countries, but have DDoS attacks increased as well?

Traffic increases are often observed during holiday seasons. During holidays, people may spend more time online; whether shopping, ordering food, playing online games or a myriad of other online activities. This higher usage translates into higher revenue per minute for the companies that provide those various online services.

Downtime or service degradation during these peak times could result in user churn and loss of significant revenue in a very short time. ITIC estimates that the average cost of an outage is $5,600 per minute, which extrapolates to well over $300K per hour. It is therefore no surprise that attackers capitalize on the opportunity by launching a higher number of DDoS attacks during the holiday seasons.

The current pandemic has a similar cause and effect. People are forced to stay home. They have become more reliant on online services to accomplish their daily tasks which has generated a surge in the Continue reading

Smart NICs with Silvano Gai on Software Gone Wild

A while ago we discussed a software-focused view of Network Interface Cards (NICs) with Luke Gorrie, and a hardware-focused view of them with Or Gerlitz (Mellanox), Andy Gospodarek (Broadcom) and Jiri Pirko (Mellanox).

Why would anyone want to implement features in hardware and not in software, and what would be the best hardware implementation? We discussed these dilemmas with Silvano Gai in Episode 110 of Software Gone Wild podcast.

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Growing a Beard

It's 2020 and the world is coming to an end. Everyone is in lock down due to some kind of killer bat virus. I have always wanted to grow a beard and seeing every one with their awesome lock down beards has inspired me to grow one of my own. The Problem I'll be 41 this year. I was...continue reading

Gartner: IT spending will drop 8% as COVID-19 hits enterprise wallets

Gartner this week said that IT spending across the globe is projected to total $3.4 trillion in 2020, a decline of 8% from 2019 due to the impact of the COVID-19 pandemic.In January Gartner had forecast Worldwide IT spending to total $3.9 trillion in 2020, an increase of 3.4% from 2019.[Get regularly scheduled insights by signing up for Network World newsletters.] Gartner’s new forecast says all market segments from enterprise software to communications service will experience a decline in 2020, with devices and data-center systems experiencing the largest drops in spending. To read this article in full, please click here

How HashiCorp Widened the Reach of the Consul Service Mesh

HashiCorp has expanded its Consul network control plane by widening its scope for different highly distributed services and environments — while simplifying and expanding its compliance and policy management capabilities. By adding gateway options and compliance features with today’s release of Consul 1.8, HashiCorp has made the control plane able to manage many different environments in a single interface, the company says. These might include services and applications running in containers, Kubernetes or virtual machines (VMs) on bare metal, traditional data centers or multicloud environments that are often widely dispersed geographically. “We are useful to customers because we offer a layer across [different environments] with a single management plane. The challenges customers have is they have many services that sit outside of service mesh, such as traditional applications, and need to bring them into the same fold,” HashiCorp, told The New Stack. “So how can services talk to your applications within your service mesh, and how do the applications in the service mesh talk out? Consul 1.8 solves that problem.” Consul 1.8’s audit logging and single sign-on (SSO) features (which are part of the enterprise version) Continue reading