Archive

Category Archives for "Networking"

RFC1925, Rule 1

According to RFC1925, the first fundamental truth of networking is: it has to work. While this might seem to be overly simplistic, it has proven—over the years—to be much more difficult to implement in real life than it looks like in a slide deck. Interestingly, those with extensive experience in failures, however, can often make a better guess at what is possible to make work than those without such experience. The good news, however, is the experience of failure can be shared, especially through self-deprecating humor.

Dell and Cisco extend VxBlock integration with new features

Just two months ago Dell EMC and Cisco renewed their converged infrastructure vows, and now the two have taken another step in the alliance. At this year’s at Cisco Live event taking place in San Diego, the two announced plans to expand VxBlock 1000 integration across servers, networking, storage, and data protection.This is done through support of NVMe over Fabrics (NVMe-oF), which allows enterprise SSDs to talk to each other directly through a high-speed fabric. NVMe is an important advance because SATA and PCI Express SSDs could never talk directly to other drives before until NVMe came along.To read this article in full, please click here

Meraki In The Middle – Smart Security Cameras

I’ve been looking at security cameras recently, in part because my home owners association needs to upgrade the system which monitors some of the amenities. We want motion detection features and, obviously, remote access to view live cameras and recorded footage without having to go to the location. Unfortunately there’s a gap in the market which seems to be exactly where I’m looking. Cisco Meraki may have just stepped in and bridged that gap.

The Problem Space

Low-End Products

Over the last few years, a wide variety of small security cameras have become available, any of which which at first glance would appear suitable. These include products like Netgear’s Arlo, Amazon’s Blink, Google’s Nest Cam and more. After some brief testing, however, I’m a little less convinced that they are what we’re looking for. It sounds silly to say it, because it’s not like this is something they hide, but these products are all aimed at the home user market. Dashboard logins are single user, based on an email address and the web interfaces may not work well for much more than five or so cameras. The camera choices are fairly limited, and as they’ll be streaming their Continue reading

Cumulus content roundup: May

May is well in the books and summer seems to be in full swing with recent heatwaves across the country. Since we know life can get pretty busy and you may have missed some of May’s great content, we’ve rounded up some of our favorite podcasts, blog posts, and articles for you here. So settle in, hopefully, stay cool, and get ready for all things open networking!

From Cumulus Networks:

Minipack Highlight Video from OCP Summit: Listen to Brian O’Sullivan & Michael Lane, VP of Business Development at Edgecore Networks discuss the recently launched Minipack, open, modular switch.

Kernel of Truth season 2 episode 7: Certifications: Listen as we discuss the value of certifications, if any, what works for certifications and what doesn’t, who should be taking certifications and more!

Installing Cumulus packages on air-gapped equipment: Check out this excerpt to help you get additional packages into an air-gapped environment for the install where you don’t have a repo or mirror available to pull from.

ngrok on Cumulus Linux: If you have a good idea of what ngrok is and what it does, here are step-by-step instructions for turning up ngrok ssh services on Cumulus Linux.

The Continue reading

Day Two Cloud 011: Going All In On Serverless And DevOps

What's it like using serverless in production? We answer that question in this Day Two Cloud podcast with guest Robb Schiefer, who's running a live application on AWS Lambda for a healthcare company. We talk about why the organization adopted serverless, how they chose AWS, and how DevOps practices are key for ongoing operations.

The post Day Two Cloud 011: Going All In On Serverless And DevOps appeared first on Packet Pushers.

IDG Contributor Network: Software Defined Perimeter (SDP): Creating a new network perimeter

Networks were initially designed to create internal segments that were separated from the external world by using a fixed perimeter. The internal network was deemed trustworthy, whereas the external was considered hostile. However, this is still the foundation for most networking professionals even though a lot has changed since the inception of the design.More often than not the fixed perimeter consists of a number of network and security appliances, thereby creating a service chained stack, resulting in appliance sprawl. Typically, the appliances that a user may need to pass to get to the internal LAN may vary. But generally, the stack would consist of global load balancers, external firewall, DDoS appliance, VPN concentrator, internal firewall and eventually LAN segments.To read this article in full, please click here

Caribbean Community Gathers Together to Discuss Improving Connectivity in the Region

Cooperation has been key to expanding Internet access around the globe. Ten years ago, the African region created AfPIF, a space focused on collaboration about among regional actors on topics related to peering and interconnection. Inspired by that project, in 2014 I approached Bevil Wooding to create a similar space for the Caribbean.

In recent years, the Caribbean has been losing its traditional industries, such as sugar and banana production. In this context, the Internet can be seen as a good opportunity to leverage the local economy. Fortunately, the idea gained the support of the Caribbean Telecommunications Union (CTU) and the Caribbean Network Operators Group (CaribNOG). That’s how the Caribbean Peering and Interconnection Forum (CarPIF) was born.

From its inaugural meeting in 2015, CarPIF has sought to bring together key infrastructure, service, and content providers to improve network interconnection, lower the cost of connectivity, and increase the number of Internet users and services in the Caribbean. This year, the meeting will be held from 12 to 13 June in Grenada, with the aim of highlight the active role played by the Organization of Eastern Caribbean States (OECS) in the successful deployment of Internet Continue reading

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Today is the 5th anniversary of Cloudflare's Project Galileo. Through the Project, Cloudflare protects—at no cost—nearly 600 organizations around the world engaged in some of the most politically and artistically important work online. Because of their work, these organizations are attacked frequently, often with some of the fiercest cyber attacks we’ve seen.

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

Since it launched in 2014, we haven't talked about Galileo much externally because we worry that drawing more attention to these organizations may put them at increased risk. Internally, however, it's a source of pride for our whole team and is something we dedicate significant resources to. And, for me personally, many of the moments that mark my most meaningful accomplishments were born from our work protecting Project Galileo recipients.

The promise of Project Galileo is simple: Cloudflare will provide our full set of security services to any politically or artistically important organizations at no cost so long as they are either non-profits or small commercial entities. I'm still on the distribution list that receives an email whenever someone applies to be a Project Galileo participant, and those emails remain the first I open every morning.

Project Galileo: Lessons from 5 years of protecting the most vulnerable online

The Project Galileo Backstory

Five years ago, Project Galileo was born Continue reading

Cisco offers cloud-based security for SD-WAN resources

SAN DIEGO— As many companies look to SD-WAN technology to reduce costs, improve connectivity and streamline branch office access, one of the key requirements will be solid security technologies to protect corporate resources.At its Cisco Live customer event here this week, the company took aim at that need by telling customers it added support for the its cloud-based security gateway – known as Umbrella – to its SD-WAN software offerings.  More about SD-WAN How to buy SD-WAN technology: Key questions to consider when selecting a supplier How to pick an off-site data-backup method SD-Branch: What it is and why you’ll need it What are the options for security SD-WAN? At its most basic, SD-WAN lets companies aggregate a variety of network connections – including MPLS, 4G LTE and DSL – into a branch or network-edge location and provides a management software that can turn up new sites, prioritize traffic and set security policies. SD-WAN's driving principle is to simplify the way big companies turn up new links to branch offices, better manage the way those links are utilized – for data, voice or video – and potentially save money in the process.To read this article in full, please Continue reading

IoT security vs. privacy: Which is a bigger issue?

If you follow the news surrounding the internet of things (IoT), you know that security issues have long been a key concern for IoT consumers, enterprises, and vendors. Those issues are very real, but I’m becoming increasingly convinced that related but fundamentally different privacy vulnerabilities may well be an even bigger threat to the success of the IoT.In June alone, we’ve seen a flood of IoT privacy issues inundate the news cycle, and observers are increasingly sounding the alarm that IoT users should be paying attention to what happens to the data collected by IoT devices.[ Also read: It’s time for the IoT to 'optimize for trust' and A corporate guide to addressing IoT security ] Predictably, most of the teeth-gnashing has come on the consumer side, but that doesn’t mean enterprises users are immune to the issue. One the one hand, just like consumers, companies are vulnerable to their proprietary information being improperly shared and misused. More immediately, companies may face backlash from their own customers if they are seen as not properly guarding the data they collect via the IoT. Too often, in fact, enterprises shoot themselves in the foot on privacy issues, with practices that Continue reading

IoT security vs. privacy: Which is a bigger issue?

If you follow the news surrounding the internet of things (IoT), you know that security issues have long been a key concern for IoT consumers, enterprises, and vendors. Those issues are very real, but I’m becoming increasingly convinced that related but fundamentally different privacy vulnerabilities may well be an even bigger threat to the success of the IoT.In June alone, we’ve seen a flood of IoT privacy issues inundate the news cycle, and observers are increasingly sounding the alarm that IoT users should be paying attention to what happens to the data collected by IoT devices.[ Also read: It’s time for the IoT to 'optimize for trust' and A corporate guide to addressing IoT security ] Predictably, most of the teeth-gnashing has come on the consumer side, but that doesn’t mean enterprises users are immune to the issue. One the one hand, just like consumers, companies are vulnerable to their proprietary information being improperly shared and misused. More immediately, companies may face backlash from their own customers if they are seen as not properly guarding the data they collect via the IoT. Too often, in fact, enterprises shoot themselves in the foot on privacy issues, with practices that Continue reading

Switch Buffer Sizes and Fermi Estimates

In my quest to understand how much buffer space we really need in high-speed switches I encountered an interesting phenomenon: we no longer have the gut feeling of what makes sense, sometimes going as far as assuming that 16 MB (or 32MB) of buffer space per 10GE/25GE data center ToR switch is another $vendor shenanigan focused on cutting cost. Time for another set of Fermi estimates.

Let’s take a recent data center switch using Trident II+ chipset and having 16 MB of buffer space (source: awesome packet buffers page by Jim Warner). Most of switches using this chipset have 48 10GE ports and 4-6 uplinks (40GE or 100GE).

Read more ...

DC/SP. Part 13/8. Real-time data analytics and closed-loop automation with InfluxData Kapacitor for the Data Centre Fabric

Hello my friend,

This article is kind of a special one for me. It doesn’t mean that everything I have written before has a little sense. Everything what I have written about the Data Centre Fabric project was steps towards fully automated data centre operation, and today we make a final step towards the closed-loop automation based using the real-time data analytics by InfluxData Kapacitor.

Join Network Automation Expert Course


1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Brief description

Read the previous article about the DC/SP naming

According to the official website, InfluxData Kapacitor is alerting system following publish-subscribe design pattern, which supports both steam and batch data processing. If we translate it from the geeks’ language, it means that Kapacitor can subscribe to a certain to topics in the data producer (e.g., time series database – InfluxDB or collector – Telegraf) and start getting information out of it:

  • Steam processing means that all the information coming to the subscribed Continue reading
1 916 917 918 919 920 3,345