I've been publishing on Etherealmind for more than ten years and its been quite a journey. I've changed and its time move on.
The post Closing the Shutters on EtherealMind appeared first on EtherealMind.
MEF unveiled the first standardized definition for SD-WAN. The the definition stands to help to...
I spent a lot of time during this summer figuring out the details of NSX-T, resulting in significantly updated and expanded VMware NSX Technical Deep Dive material… but before going into those details let’s do a brief walk down the memory lane ;)
You might remember a startup called Nicira that was acquired by VMware in mid-2012… supposedly resulting in the ever-continuing spat between Cisco and VMware (and maybe even triggering the creation of Cisco ACI).
Read more ...I want to thank both Bhushan Pai, and Matt Karnowski, who joined VMware from the Avi Networks acquisition, for helping with the Avi Networks setup in my VMware Cloud on AWS lab and helping with some of the details in this blog.
Humair Ahmed, Sr. Technical Product Manager, VMware NSBU
Bhushan Pai, Sr. Technical Product Manager, VMware NSBU
Matt Karnowski , Product Line Manager, VMware NSBU
With the recent acquisition of Avi Networks, a complete VMware solution leveraging advanced load balancing and Application Delivery Controller (ADC) capabilities can be leveraged. In addition to load balancing, these capabilities include global server load balancing, web application firewall (WAF) and advanced analytics and monitoring.
In this blog, we walk through an example of how the Avi Networks load balancer can be leveraged within a VMware Cloud on AWS software-defined data center (SDDC).
IBM's Steve Fields explained that software optimization can improve hardware performance by up to...
The tenth meeting of Africa Peering and Interconnection Forum (AfPIF) kicked off in Balaclava, Mauritius, with participants celebrating the achievements and looking forward to further collaboration.
Andrew Sullivan, the President and CEO of the Internet Society, opened by highlighting the importance of the meeting, which helps create a community that supports the growth of the Internet in Africa, identifies challenges, and ensures that understanding spreads.
In his speech, he noted that traffic exchanged inside Africa has expanded enormously as a result of the work done by AfPIF over the years. One of AfPIF goals is to increase the level of local content exchanged locally to 80% by 2020.
Sullivan, who has extensive experience working with international Internet bodies, emphasized the need for a robust community in Africa, led by Af-IX, that will continue working together to ensure that the Internet is built in Africa, according to the needs of Africans and the African network experience.
The annual meeting, brings together chief technology officers, peering coordinators and business development managers from the African region, Internet service providers and operators, telecommunications policymakers and regulators, content providers, Internet exchange point (IXP) operators, infrastructure providers, data center managers, National Research and Education Networks (NRENs), Continue reading
CenturyLink's network outage impacted as many as 22 million customers across 39 states, and at...
If you follow me on Twitter ( https://twitter.com/danieldibswe), you know I have been doing a lot of SD-WAN lately and I recently built my own lab. In this lab, I wanted to try a feature known as service chaining. What is service chaining? It’s a method of sending traffic through one or more services, such as a firewall, before the traffic takes the “normal” path towards its destination.
Before we dive deeper in, let me show the topology in use:
When I tested this feature, the data plane was working perfectly but my traceroute looked very strange. The traceroute was also not finishing.
root@B1-S1:/# traceroute 10.1.2.10 traceroute to 10.1.2.10 (10.1.2.10), 30 hops max, 60 byte packets 1 10.1.1.1 (10.1.1.1) 6.951 ms 36.355 ms 39.604 ms 2 10.1.0.2 (10.1.0.2) 11.775 ms 15.047 ms 15.535 ms 3 10.0.0.18 (10.0.0.18) 28.540 ms 28.538 ms 28.532 ms 4 10.1.2.10 (10.1.2.10) 41.748 ms 41.746 ms 41.736 Continue reading
The 111 Cybersecurity Tech Accord companies compete daily but all agree on the big picture:...
Revenue attributed to network equipment and services is expected to improve following a five-year...
In April, the Online Trust Alliance published the 11th annual Online Trust Audit assessing the security and privacy of 1,200 top organizations across several industry sectors. For the first time, this year’s Audit covered 100 of the top healthcare organizations, including lab testing companies, pharmacies, hospital chains, and insurance providers.
How did they do?
Since this is the first year these organizations were included, we do not have historical comparisons, but we can compare how healthcare sites fared against the other audited sectors. Overall, 57% of healthcare sites made this year’s Honor Roll, the lowest of all the sectors we studied. By far the most common reason for failure in the healthcare sector was weak email security (35%, nearly triple the overall average). Failure due to privacy was better than average, while failure due to site security was slightly worse than average.
Email Security
SPF and DKIM help protect against forged email. Overall 87% of healthcare organizations had SPF on their top-level domain and 67% had DKIM (the lowest of any sector, and the main source of healthcare’s failing scores). DMARC builds on SPF and DKIM results, provides a means for feedback reports, and adds visibility for Continue reading
Druva added two new cloud services: a multi-tier intelligent data storage technology for AWS and...
The post DDoS Mitigation and BGP Flowspec appeared first on Noction.
There can be times when you’re working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example:
In each of these cases you likely want to grant the permissions the third-party needs but no more. In other words, no granting of AdministratorAccess
policies because it’s easy and just works. Instead, adherence to the principle of least privilege.
This post will describe two methods–IAM users and IAM roles–for proving limited access to third-parties.
The big difference with the IAM user approach vs the role-based approach is the way the credentials for each entity are handed out.
IAM users have long-term credentials that only change by a manual action (either the user or an administrator changes the credentials). Those credentials will continue to provide access to the account until they’re either changed or the user is disabled/deleted.
By contrast, roles Continue reading