Example: Fully-Automated AWS Network Infrastructure Deployment
Regular readers of my blog probably remember the detailed explanations Erik Auerswald creates while solving hands-on exercises from our Networking in Public Cloud Deployments online course (previous ones: create a virtual network, deploy a web server).
This time he documented the process he went through to develop a Terraform configuration file that deploys full-blown AWS networking infrastructure (VPC, subnets, Internet gateway, route tables, security groups) and multiple servers include an SSH bastion host. You’ll also see what he found out when he used Elastic Network Interfaces (spoiler: routing on multi-interface hosts is tough).
Listen to the Hedge Podcast 39 to Learn about the Open Standards Everywhere Project
What is our Open Standards Everywhere (OSE) project all about? How did it get started? What are the project goals? What are some of the challenges web server operators face? How can we work together to make web servers more secure and available?
Recently Russ White and his team interviewed me on The Hedge Podcast Episode 39 to discuss all these questions and much more. I’ve known Russ for a good number of years and it was fun to talk with him and his co-hosts Eyvonne Sharp and Tom Ammon about all things related to the OSE project. I hope you enjoy listening to the episode as much as we enjoyed having the conversation!
I would encourage you to listen to some of the other Hedge podcast episodes, too, as they have some great content. A few I personally enjoyed included: episode 37 about DNS privacy; episode 31 about network operator groups (NOGs); and episode 30 with Ethan Banks from the Packet Pushers Network about why understanding the fundamentals of networking is so important.
Thank you to Russ, Eyvonne, and Tom for having me on the show!
Want to be more involved Continue reading
Nokia Mellows 5G Outlook for 2020
“There have been some customers that have slightly pushed back their plans, but by and large...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Daily Roundup: Coronavirus Claims GSMA Jobs
Coronavirus claimed 200 GSMA jobs; IBM Cloud suffered a massive outage; and Versa helped service...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Siemplify SOARs With Cloud-Native Security Operations
Siemplify competes against SOAR vendors including Palo Alto Networks, IBM, Splunk, and Swimlane...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
The Hedge Podcast Episode 39: Dan York and Open Standards Everywhere
The Internet Society exists to support the growth of the global ‘net across the world by working with stakeholders, building local connectivity like IXs and community based networks, and encouraging the use of open standards. On this episode of the Hedge, Dan York joins us to talk about the Open Standards Everywhere project which is part of the Internet Society. More information about Open Standards Everywhere can be found—
IBM Cloud Back Online After Mass Outage
Outage tracking services reported a surge in errors beginning shortly before 6 p.m. in the Eastern...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Coronavirus Claims 200 Jobs at GSMA
Massive job cuts, which impacted about a fifth of the association’s workforce, hit four months...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Day Two Cloud 052: Moving Back Home From The Cloud
Today's Day Two Cloud episode is a frank conversation about cloud migration, multicloud, cloud repatriation, and more. If you're here for rainbows and unicorns, prepare for disappointment. We talk about what's real, how expensive it can be to move to cloud, why people bring workloads back on premises, and more. Our guest is Bobby Allen, CTO at CloudGenera.
The post Day Two Cloud 052: Moving Back Home From The Cloud appeared first on Packet Pushers.
Day Two Cloud 052: Moving Back Home From The Cloud
Today's Day Two Cloud episode is a frank conversation about cloud migration, multicloud, cloud repatriation, and more. If you're here for rainbows and unicorns, prepare for disappointment. We talk about what's real, how expensive it can be to move to cloud, why people bring workloads back on premises, and more. Our guest is Bobby Allen, CTO at CloudGenera.NTC – Security and Networking
The increased rate of change in networking isn’t just impacting the operational models used to run networks. Network security posture, infrastructure, and operations are having to adapt quickly as well. In this episode we sit down with Henry Jiang, CISO of Diligent Corporation, to talk about how security is adapting to current infrastructure trends.
Henry Jiang
Guest
Rick Sherman
Host
Jordan Martin
Host
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post NTC – Security and Networking appeared first on Network Collective.
High Availability Load Balancers with Maglev
Background
We run many backend services that power our customer dashboard, APIs, and features available at our edge. We own and operate physical infrastructure for our backend services. We need an effective way to route arbitrary TCP and UDP traffic between services and also from outside these data centers.
Previously, all traffic for these backend services would pass through several layers of stateful TCP proxies and NATs before reaching an available instance. This solution worked for several years, but as we grew it caused our service and operations teams many issues. Our service teams needed to deal with drops of availability, and our operations teams had much toil when needing to do maintenance on load balancer servers.
Goals
With the experience with our stateful TCP proxy and NAT solutions in mind, we had several goals for a replacement load balancing service, while remaining on our own infrastructure:
- Preserve source IPs through routing decisions to destination servers. This allows us to support servers that require client IP addresses as part of their operation, without workarounds such as X-Forwarded-For headers or the PROXY TCP extension.
- Support an architecture where backends are located across many racks and subnets. This prevents solutions that cannot Continue reading
How Should Network Architects Deal with Network Automation
A network architect friend of mine sent me a series of questions trying to figure out how he should approach network automation, and how deep he should go.
There is so much focus right now on network automation, but it’s difficult for me to know how to apply it, and how it all makes sense from an Architect’s PoV.
A network architect should be the bridge between the customer requirements and the underlying technologies, which (in my opinion) means he has to have a good grasp of both as opposed to fluffy opinions glanced from vendor white papers, or brushed off so-called thought leaders.
MANRS Fellowship Program Now Open
The first-ever MANRS (Mutually Agreed Norms for Routing Security) Fellowship Program is now accepting applications. If you are an emerging leader eager to improve the well-being of the Internet’s global routing system, apply now.
The program gives highly motivated individuals the chance to work alongside MANRS ambassadors, who are industry leaders participating in the Ambassador Program. Together, they will train diverse communities on good routing practices, analyze routing incidents, research into ways to secure routing, and survey the global policy landscape.
Fellows will improve their skills and bring new perspectives and ideas to MANRS. They will also gain valuable insights and networking opportunities from well-respected professionals called MANRS Ambassadors under the MANRS Ambassadors Program. The selection process for this program is currently underway.
The Internet Society supports this program as part of its work to reduce common routing threats and establish norms for network operations.
You can apply for a fellowship in three different areas: training, research, and policy. Each fellow will receive a stipend of $750 a month. There is no age requirement and you can apply for more than one category but will only be selected for one of them.
Online training
Responsible for: Conducting MANRS online tutorial Continue reading
Aruba Assembles SDN Tech for Edge Services Platform
Aruba Edge Services Platform is comprised of 35 services, including a dozen new insights that were...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Daily Roundup: IBM Quits Facial Recognition Biz
IBM quit the facial recognition business; A10, Dell teamed up on application delivery; and Alibaba...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
7 Layers: IoT Part 2 — IoT Devices are Dangerously Insecure
This week is the second in a two-part series on the Internet of Things. We cover IoT security...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
The History of Networking: Ivan Pepelnjak and the Internet Behind the Iron Curtain
Ivan Pepelnjak was a founding member of the first IX in Slovenia twenty-five years ago. He joins us to describe the origins of the Internet, from the first dial-up circuits to the founding of the first IX and local DNS services here on the History of Networking. Ivan is an independent consultant and trainer; his work can be found at https://ipspace.net.
TSMC Secures US Subsidies for Arizona Fab
The announcement comes weeks after the Taiwanese chipmaker announced plans to build the facility.
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.