0

Verizon Drives SDP Into Its Zero Trust Architecture

The new Zero Trust Architecture blocks connectivity to servers and applications from unknown...

Read More »

0

42 – LISP Network Deployment and Troubleshooting

Good day Network experts

It has been a great pleasure and an honor working with Tarique Shakil and Vinit Jain on this book below, deep-diving on this amazing LISP protocol.

I would like also to take this opportunity to thank Max Ardica, Victor Moreno and Marc Portoles Comeras for their invaluable help. I wrote the section on LISP Mobility deployment with traditional and modern data center fabrics (VXLAN EVPN based as well as ACI Multi-Pod/Multi-Site), however this could not have been done without the amazing support of these guys.

Available from Cisco Press
or from Safari book Online

Implement flexible, efficient LISP-based overlays for cloud, data center, and enterprise

The LISP overlay network helps organizations provide seamless connectivity to devices and workloads wherever they move, enabling open and highly scalable networks with unprecedented flexibility and agility.

LISP Network Deployment and Troubleshooting is the definitive resource for all network engineers who want to understand, configure, and troubleshoot LISP on Cisco IOS-XE, IOS-XR and NX-OS platforms. It brings together comprehensive coverage of how LISP works, how it integrates with leading Cisco platforms, how to configure it for maximum efficiency, and how to address key issues such Continue reading

0

Extreme targets data center automation with software, switches

Extreme this week took the wraps off new automation software and switches aimed at helping customers quickly turn-up and manage new data-center networking segments.Key to the network vendor’s data-center plans is an upgraded version of its Extreme Data Center Fabric, which has been available for over a year and is now upgraded to let customers deploy a fabric in minutes. Once  devices are cabled togtther and powered on,  customers run the Extreme Fabric Automation application from any Extreme SLX spine or leaf switch, which then confirms configuations, validates and tests the network to ensure it is set up and operating correctly.To read this article in full, please click here

0

Extreme targets data center automation with software, switches

Extreme this week took the wraps off new automation software and switches aimed at helping customers quickly turn-up and manage new data-center networking segments.Key to the network vendor’s data-center plans is an upgraded version of its Extreme Data Center Fabric, which has been available for over a year and is now upgraded to let customers deploy a fabric in minutes. Once  devices are cabled togtther and powered on,  customers run the Extreme Fabric Automation application from any Extreme SLX spine or leaf switch, which then confirms configuations, validates and tests the network to ensure it is set up and operating correctly.To read this article in full, please click here

0

Rachel Player Honored by Internet Security Research Group with Radiant Award

Internet security is accomplished by many unsung heroes. People who put their talent and passion into improving the Internet, making it secure and trustworthy. This is a feature of the Internet: security isn’t achieved through a central mandate but through the hard work and tenacity of individuals working across the globe.

Rachel Player, a cryptographic researcher, is one of those unsung heroes. She’s just been awarded the Radiant Award from the Internet Security Research Group, the folks behind Let’s Encrypt, for her work in post-quantum cryptography and homomorphic encryption. Homomorphic encryption allows people to do computations on encrypted data, so that information can remain private and still be worked with. This is a highly-relevant field in any area that deals with sensitive and personal data, such as medicine and finance. Player is also interested in lowering the barriers for young people – young women, especially – to work professionally on topics like cryptography.

To learn more, read the announcement by the Internet Security Research Group and Rachel Player’s blog post about her work and her interest in making the profession more accessible.

Want to know more about Let’s Encrypt? Read a comprehensive overview of the initiative – from inspiration to Continue reading

0

Learn how R is used in machine learning with this $29 training

Machine learning is a powerful tool for statistical analysis that allows businesses to gain valuable insights, and many companies are catching on. As such, the demand for programmers who have R environment skills is quickly growing, and with this certification course bundle, you too can learn statistical analysis with R for $29.The Complete R Programming Certification Bundle features 6 courses on how to apply the R programming language to data visualization, social media mining, and more. If you have zero R experience, the first course you should take is Statistics & Machine Learning for Regression Modeling with R. This course will introduce you to the OLS regression and how to create regression models for machine learning.To read this article in full, please click here

0

The Road Ahead for Cloud Area Network Migration

CIOs today mandate a ‘Cloud First’ or a ‘Cloud Only’ model for new IT investments with three different cloud models. 

0

Introducing Flan Scan: Cloudflare’s Lightweight Network Vulnerability Scanner

Today, we’re excited to open source Flan Scan, Cloudflare’s in-house lightweight network vulnerability scanner. Flan Scan is a thin wrapper around Nmap that converts this popular open source tool into a vulnerability scanner with the added benefit of easy deployment.

We created Flan Scan after two unsuccessful attempts at using “industry standard” scanners for our compliance scans. A little over a year ago, we were paying a big vendor for their scanner until we realized it was one of our highest security costs and many of its features were not relevant to our setup. It became clear we were not getting our money’s worth. Soon after, we switched to an open source scanner and took on the task of managing its complicated setup. That made it difficult to deploy to our entire fleet of more than 190 data centers.

We had a deadline at the end of Q3 to complete an internal scan for our compliance requirements but no tool that met our needs. Given our history with existing scanners, we decided to set off on our own and build a scanner that worked for our setup. To design Flan Scan, we worked closely with our auditors to understand Continue reading

0

Guest Speakers in the Networking in Public Cloud Deployments Online Course

We are proud to announce a great lineup of guest speakers for the first Networking in Public Cloud Deployments course that will run in Spring 2020:

• Joep Piscaer will dive into what changes public clouds bring and what these changes mean for you, as well as what developers and other consumers of cloud resources expect from you in the new public cloud, DevOps and Infrastructure-as-Code world.
  
• Ned Bellavance will review the principles of Infrastructure as Code (IaC) and how they apply to public cloud solutions. Then he will take a look at the landscape of IaC tools that exist and examine their pros and cons.
  
• Howard Marks will review the types of storage available across public clouds, how they differ between cloud providers and the applications and pitfalls associated with each of them.
  
• Connecting on-premises data centers or office locations to a public cloud has some unique challenges. Ed Horley will help you create a framework and a checklist to make sure you have the required redundancy, throughput, routing, and security all baked in from day one.
  
• Matthias Luft will cover the aspects of securing your public cloud deployments.
  
• Justin Warren will explain how to make good tradeoffs between Continue reading

0

Network Neighborhood 04: We The Sales Engineers With Ramzi Marjaba

In this episode of Network Neighborhood, we welcome Ramzi Marjaba, Hybrid Senior Sales Engineer at Ixia Solutions Group at Keysight Technologies. Ramzi is also the creative power behind WeTheSalesEngineers.com, a career-oriented resource site for sales engineers featuring a blog, a podcast, and more.

The post Network Neighborhood 04: We The Sales Engineers With Ramzi Marjaba appeared first on Packet Pushers.

0

IoT sensors must have two radios for efficiency

For the Internet of Things to become ubiquitous, many believe that inefficiencies in the powering of sensors and radios has got to be eliminated. Battery chemistry just isn’t good enough, and it’s simply too expensive to continually perform truck-rolls, for example, whenever batteries need changing out. In many cases, solar battery-top-ups aren’t the solution because that, usually-fixed, technology isn’t particularly suited to mobile, or impromptu, ad hoc networks.Consequently, there’s a dash going on to try to find either better chemistries that allow longer battery life or more efficient chips and electronics that just sip electricity. An angle of thought being followed is to wake-up network radios only when they need to transmit a burst of data. Universities say they are making significant progress in this area.To read this article in full, please click here

0

Cumulus Networks updates its network-centric Linux distribution

The Linux distribution ecosystem is pretty set, with Red Hat and Canonical in the leadership positions, followed closely by SuSe and home brews from the likes of IBM and other major vendors. Even Microsoft has its own distro for Azure users.And then there is Cumulus Networks, which specializes in networking software. It just released Cumulus Linux 4.0 and NetQ 2.4, its cloud network deployment and management console. With this release, Cumulus is claiming its Linux is its most stable and reliable software stack yet and NetQ is the most comprehensive end-to-end network automation product.To read this article in full, please click here

0

Rancher Labs K3s Rides Kubernetes to the Edge

K3s is basically a slimmer version of Kubernetes that is targeted at resource-constrained edge...

Read More »

0

Go Notes: Functions

All about functions in Golang.

0

Go Notes: Functions

Functions group operations into a unit of code. A function is defined with the func keyword A function name, its parameters and return types make up a functions signature go // Basic function that accepts no arguments and returns nothing func stuff() // Function that accepts an...

0

Google Cloud Toughens Up Encryption, Network Security

This includes a new External Key Manager, which allows companies to store and manage encryption...

Read More »

0

MEF Presses Managed Security in SD-WAN

“SD-WAN is the gateway for security,” MEF CTO Pascal Menezes said during his keynote at MEF...

Read More »

0

IBM Boosts Open Tech With Cloud Pak for Security

The platform uses an open-source connector to integrate with IBM and other vendors’ security...

Read More »

0

BrandPost: What Palo Alto Networks Won’t Tell You About Its New SASE Service

It has been a long time since I shared an office with Nir Zuk, the co-founder and CTO of Palo Alto Networks (PAN). Back in 1998, at Check Point’s office in San Francisco, it was early days for the network security company co-founded by Gil Shwed, Marius Nacht, and me. Since then, Nir launched PAN, which became a global leader in network security. I was honored to support Nir and the PAN team early in their journey.Last week, our paths converged again. This time, we shared a vision for the future of networking and security. On the stage of PAN’s annual event, Nir presented PAN’s vision of a converged cloud-based architecture that will displace the legacy appliance stack of today. Nir did a great job advocating for the convergence of the numerous point solutions piled in IT departments everywhere.To read this article in full, please click here

0

Even faster connection establishment with QUIC 0-RTT resumption

One of the more interesting features introduced by TLS 1.3, the latest revision of the TLS protocol, was the so called “zero roundtrip time connection resumption”, a mode of operation that allows a client to start sending application data, such as HTTP requests, without having to wait for the TLS handshake to complete, thus reducing the latency penalty incurred in establishing a new connection.

The basic idea behind 0-RTT connection resumption is that if the client and server had previously established a TLS connection between each other, they can use information cached from that session to establish a new one without having to negotiate the connection’s parameters from scratch. Notably this allows the client to compute the private encryption keys required to protect application data before even talking to the server.

However, in the case of TLS, “zero roundtrip” only refers to the TLS handshake itself: the client and server are still required to first establish a TCP connection in order to be able to exchange TLS data.

Zero means zero

QUIC goes a step further, and allows clients to send application data in the very first roundtrip of the connection, without requiring any other handshake to be Continue reading