How Cloudflare keeps employees productive from any location
Cloudflare employs more than 1,200 people in 13 different offices and maintains a network that operates in 200 cities. To do that, we used to suffer through a traditional corporate VPN that backhauled traffic through a physical VPN appliance. It was, frankly, horrible to work with as a user or IT person.
With today’s mix of on-prem, public cloud and SaaS and a workforce that needs to work from anywhere, be it a coffee shop or home, that model is no longer sustainable. As we grew in headcount, we were spending too much time resolving VPN helpdesk tickets. As offices around the world opened, we could not ask our workforce to sit as every connection had to go back through a central location.
We also had to be ready to scale. Some organizations are currently scrambling to load test their own VPN in the event that their entire workforce needs to work remotely during the COVID-19 outbreak. We could not let a single physical appliance constrain our ability to deliver 26M Internet properties to audiences around the world.
To run a network like Cloudflare, we needed to use Cloudflare’s network to stay fast and secure.
We built Cloudflare Access, part Continue reading
SD-WAN Summit 2020 : Call for Proposals
The 5th SD-WAN Summit will take place from 22nd to 24th September 2020. The SD-WAN Summit will...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Heavy Networking 505: Achieving Consistent Multi-Cloud Network Policy With VeloCloud (Sponsored)
Today's Heavy Networking dives into a multitude of topics with sponsor VeloCloud (a VMware company), including getting consistent network policies in a multi-cloud world, the emerging SASE category and what it means for SD-WAN and security, and how VeloCloud is incorporating analytics from Nyansa, which VMware recently acquired. Our guest is Craig Connors, Chief Architect at VeloCloud.Heavy Networking 505: Achieving Consistent Multi-Cloud Network Policy With VeloCloud (Sponsored)
Today's Heavy Networking dives into a multitude of topics with sponsor VeloCloud (a VMware company), including getting consistent network policies in a multi-cloud world, the emerging SASE category and what it means for SD-WAN and security, and how VeloCloud is incorporating analytics from Nyansa, which VMware recently acquired. Our guest is Craig Connors, Chief Architect at VeloCloud.
The post Heavy Networking 505: Achieving Consistent Multi-Cloud Network Policy With VeloCloud (Sponsored) appeared first on Packet Pushers.
CentOS 8
Find the latest Host sFlow version on the Host sFlow download page.
wget https://github.com/sflow/host-sflow/releases/download/v2.0.26-3/hsflowd-centos8-2.0.26-3.x86_64.rpmThe above commands download and install the software.
sudo rpm -i hsflowd-centos8-2.0.26-3.x86_64.rpm
sudo systemctl enable hsflowd
sflow {
collector { ip=10.0.0.30 }
pcap { speed=1G-1T }
tcp { }
systemd { }
}Edit the /etc/hsflowd.conf file. The above example sends sFlow to a collector at 10.0.0.30, enables packet sampling on all network adapters, adds TCP performance information, and exports metrics for Linux services. See Configuring Host sFlow for Linux for the complete set of configuration options.sudo systemctl restart hsflowdRestart the Host sFlow daemon to Continue reading
Weekly Wrap: AT&T Puts More Jobs on the Chopping Block
SDxCentral Weekly Wrap for March 6, 2020: The telecom giant cited "headcount rationalization" as a...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
There Are No More Green Fields
I’ve looked at quite a few pieces of technology in the past few years. Some have addressed massive issues that I had when I was a practicing network engineer. Others have shown me new ways to do things I never thought possible. But one category of technology still baffles me to this day: The technology that assumes greenfield deployment.
For those not familiar, “greenfield” is a term that refers to a project that is built on a site completely from scratch. It originally comes from a day when the project in question was a factory or other capital improvement that was literally being built in a field with green grass growing on top. The alternative to that project was one where something was being built in a location where there was existing infrastructure or other form of site pollution. And, of course because everyone in humanity never gets older than twelve, this is called a “brownfield” site.
Getting back to the technology side of things, let’s talk about greenfield deployments. When was the last time you walked into a building and found zero technology of any kind? Odds are good that’s not the case. Sure, there are some SMBs that Continue reading
Announcing the VMware NSX vExpert Program
The VMware NSX team is excited to announce the new NSX vExperts program. If you’re not familiar with vExperts, the program is designed to recognize individuals who are passionate about sharing their knowledge on VMware technologies with the broader community. While the vExpert program has been around for over 10 years, this is the first year we’re introducing the NSX vExpert subprogram and badge.
What is an NSX vExpert?
Individuals awarded NSX vExpert status are the crème of the crop when it comes to their knowledge in NSX use cases like micro-segmentation, network automation, multi-cloud networking, service mesh and modern apps. They’re advocates of VMware NSX and love “giving back” to the community by sharing their knowledge with their peers— whether it be through blogging or public speaking at events like VMworld and VMUG.
Benefits of the NSX vExpert Program
Becoming an NSX vExpert is not without its perks. In addition to bragging rights and the cool badge, VMware will provide great opportunities to give you the recognition you deserve.
Here’s what vExperts gain:
- Amplification of any articles you write
- Exposure at VMware physical and virtual events
- Opportunities to interface and provide feedback to the NSX product team
- Invite Continue reading
Minister Bains, Let’s Rethink Canada’s Spectrum Auction
Yesterday’s announcement by the Government of Canada to drive down cell phone prices will only end up costing Canada in the long run.
In a press conference held yesterday, Minister Navdeep Bains of Innovation Science and Economic Development Canada (ISED) laid out a plan that will not only allow the government to evoke further regulation to boost competition but allow it to sell off spectrum to the highest bidder.
It is a case of short-term gain that will lead to long-term pain.
It could have been an opportunity for ISED to bring many Canadians – particularly those living in rural and remote areas – closer to the government’s goal of universal broadband for all by 2030. Unfortunately, we believe that the auction rules announced yesterday by Minister Bains for this spectrum band are a step backward for innovative approaches to bring affordable access to the regions of Canada that most need it.
Currently, Canadians pay some of the highest prices in the world to come online and much of the country still does not have fiber needed for broadband.
There are solutions to affordable access in Canada. One of which is community networks.
The Internet Society has long championed community Continue reading
International Women’s Day 2020: Building a Modern Security Team
When we started at Cloudflare in the summer of 2018, we joined a small security team intent on helping it grow quickly. Cloudflare was already a successful “unicorn” startup and its profile was changing fast, providing cyber security protection for millions of Internet-facing properties and moving towards becoming a public company. We were excited to help build the team that would ensure the security of Cloudflare’s systems and the sensitive customer data that flows through them.
Competing for security talent in the tech industry - where every company is investing heavily on security - isn't easy. But, in 18 months, we have grown our team 400% from under 10 people to almost 50 (and still hiring). We are proud that 40% of our team are women and 25% are from an under-represented minority. We believe from experience, and the research shows, that more diverse teams drive better business results and can be a better place to work.
In honor of International Women’s Day this Sunday, we wanted to share some of our lessons learned on how to build a diverse team and inclusive culture on a modern security team.
Lessons Learned Building a Diverse Team
- Our effort to Continue reading
My Cisco Certified DevNet Professional Journey, Part 2 by Nick Russo
On 27 February 2020, I took and passed the Automating Cisco Enterprise Solutions (ENAUTO) exam on my first attempt. This was the last exam I took that day, having taken DEVASC and DEVCOR in earlier. This exam was a bit different for a few reasons, which I’ll discuss shortly. Passing both DEVCOR and ENAUTO has earned me the Cisco Certified DevNet Professional certification. Like the other DevNet exams, it was fair and reasonably well-written.
I’ve been working with Cisco products for more than 10 years and earning Cisco certifications for about 8 years, and this was my first specialist exam. You can learn more about the ENAUTO exam here. About 40% of the exam is based on general programming principles and network automation techniques, most of which overlap nicely with DEVASC and DEVCOR. The remaining 60% is divided evenly between Cisco’s biggest three enterprise solutions: DNA Center, SD-WAN, and Meraki at 20% each.
Before attempting this exam, you should already have a DevNet Associate certification (not required) or comparable knowledge, plus at least 3 years of network automation experience. Those skills alone cover probably 30% of the blueprint. If you already passed the DEVCOR exam (or have comparable Continue reading
Video: FRRouting Usability Enhancements
After covering configuration and performance optimizations introduced in recent FRRouting releases, Donald Sharp focused on some of the recent usability enhancements, including BGP BestPath explanations, BGP Hostname, BGP Failed Neighbors, and improved debugging.
You need Free ipSpace.net Subscription to watch the video.
Video: FRRouting Usability Enhancements
After covering configuration and performance optimizations introduced in recent FRRouting releases, Donald Sharp focused on some of the recent usability enhancements, including BGP BestPath explanations, BGP Hostname, BGP Failed Neighbors, and improved debugging.
You need Free ipSpace.net Subscription to watch the video.
Daily Roundup: AT&T Slashes Jobs
AT&T slashed more jobs; Google targeted telcos with Global Mobile Edge Cloud platform; and...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Google Cloud Careens Into Mobile Operator Landscape
Google Cloud has created the Global Mobile Edge Cloud, an open cloud platform for it and network...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Verizon Boosts Security With Blockchain, Adds MDR
One of the services encrypts and replicates identity data across multiple online servers on the...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Nokia Taps Intel, Marvell for 5G Chips; Samsung Expands Arm Investment
The announcements come days after Marvell unveiled its latest Octeon chips and over a week after...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
IPv6 Buzz 046: Managing Networks With IPv6 And NAT64
In this week's IPv6 Buzz episode, we talk to Cody Christman about managing networks with IPv6 using the critical transition/translation technology NAT64. We cover why overlapping IPv4 addresses are a big driver for using NAT64, the technical debt of IPv4 NAT, how IPv6 re-simplifies networking, and more.
The post IPv6 Buzz 046: Managing Networks With IPv6 And NAT64 appeared first on Packet Pushers.
IPv6 Buzz 046: Managing Networks With IPv6 And NAT64
In this week's IPv6 Buzz episode, we talk to Cody Christman about managing networks with IPv6 using the critical transition/translation technology NAT64. We cover why overlapping IPv4 addresses are a big driver for using NAT64, the technical debt of IPv4 NAT, how IPv6 re-simplifies networking, and more.Headcount: Firings, Hirings, and Retirings — February 2020
SAP revamped org structure, exited 2 board members; Intel slashed jobs despite record quarter; plus...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.