Worth Reading: the Lure of the Easy Button

Russ White wrote a great blog post explaining why you have to understand the problem you’re solving instead of blindly believing the $vendor slide deck… or as I said a long time ago, think about how you’ll troubleshoot your network in because you won’t be able to reformat it once it crashes.

Taiji: managing global user traffic for large-scale Internet services at the edge

Taiji: managing global user traffic for large-scale internet services at the edge Xu et al., SOSP’19

It’s another networking paper to close out the week (and our coverage of SOSP’19), but whereas [Snap][Snap] looked at traffic routing within the datacenter, Taiji is concerned with routing traffic from the edge to a datacenter. It’s been in production deployment at Facebook for the past four years.

The problem: mapping user requests to datacenters

When a user makes a request to http://www.facebook.com, DNS will route the request to one of dozens of globally deployed edge nodes. Within the edge node, a load balancer (the Edge LB) is responsible for routing requests through to frontend machines in datacenters. The question Taiji addresses is a simple one on the surface: what datacenter should a given request be routed to?

There’s one thing that Taiji doesn’t have to worry about: backbone capacity between the edge nodes and datacenters— this is provisioned in abundance such that it is not a consideration in balancing decisions. However, there are plenty of other things going on that make the decision challenging:

• Some user requests are sticky (i.e., they have associated session state) and always Continue reading

DXC is betting IT apps and services will stay on-premises

DXC Technology, the massive service provider formed in the 2017 merger of HPE Enterprise Services (formerly EDS) and Computer Sciences Corp., has a new CEO who is focused on shedding distraction businesses and focusing on core businesses of IT outsourcing.That means looking at "strategic alternatives," including the possible divesture of three of its businesses it feels are a distraction and slowing the company’s growth. The company feels most IT apps and services will remain on-premises and will focus on supporting that business.Last week’s conference call with financial analysts to discuss Q2 earnings was the first for new CEO Mike Salvino, who joined the company in September after 22 years at Accenture. DXC did not have a good quarter. The company reported non-GAAP earnings of $1.38 per share, which fell short of the consensus estimate of $1.44 and way down from EPS of $2.02 from the same quarter a year ago. Revenue of $4.85 billion fell short of the analyst estimate of $4.92 billion.To read this article in full, please click here

DXC is betting IT apps and services will stay on-premises

DXC Technology, the massive service provider formed in the 2017 merger of HPE Enterprise Services (formerly EDS) and Computer Sciences Corp., has a new CEO who is focused on shedding distraction businesses and focusing on core businesses of IT outsourcing.That means looking at "strategic alternatives," including the possible divesture of three of its businesses it feels are a distraction and slowing the company’s growth. The company feels most IT apps and services will remain on-premises and will focus on supporting that business.Last week’s conference call with financial analysts to discuss Q2 earnings was the first for new CEO Mike Salvino, who joined the company in September after 22 years at Accenture. DXC did not have a good quarter. The company reported non-GAAP earnings of $1.38 per share, which fell short of the consensus estimate of $1.44 and way down from EPS of $2.02 from the same quarter a year ago. Revenue of $4.85 billion fell short of the analyst estimate of $4.92 billion.To read this article in full, please click here

NetApp Treads Troubled Waters in Q2

Librem13v2 TPM upgrade

I have upgraded my TPM firmware on my Librem13v2. Its keys are now safe. \o/

Back in 2017 we had the Infineon disaster (aka ROCA). I’ve written about it before about how bad it is and how to check if you’re affected with a simple tool.

I TAKE NO RESPONSIBILITY IF YOU BRICK YOUR DEVICE OR FOR ANYTHING ELSE BAD HAPPENING FROM YOU FOLLOWING MY NOTES.

Before the upgrade

$ tpm_version | grep Chip
Chip Version:        1.2.4.40    <--- Example vulnerable version
$ cbmem -c | grep Purism         # I upgraded coreboot/SeaBIOS just before doing this.
coreboot-4.9-10-g123a4c6101-4.9-Purism-2 Wed Nov 13 19:54:43 UTC 2019 […]
[…]
Found mainboard Purism Librem 13 v2

Download upgrade tool

$ wget https://repo.pureos.net/pureos/pool/main/t/tpmfactoryupd/tpmfactoryupd_1.1.2459.0-0pureos9_amd64.deb
[…]
$ alien -t tpmfactoryupd_1.1.2459.0-0pureos9_amd64.deb
[…]
$ tar xfz tpmfactoryupd-1.1.2459.0.tgz
$ mv usr/bin/TPMFactoryUpd .
$ sudo systemctl stop trousers.service         # Need to turn off tcsd for TPMFactoryUpd to work in its default mode.
[…]
$ ./TPMFactorUpd -info
  **********************************************************************
  *    Infineon Technologies AG   TPMFactoryUpd   Ver 01.01.2459.00    *
  **********************************************************************

       TPM information:
       ----------------
       Firmware valid                    :    Yes
       TPM family                        :    1.2
       TPM firmware version               Continue reading

Ericsson, Nokia, Samsung Hype Open Virtualization

Balancing patient security with healthcare innovation | TECH(talk)

Healthcare organizations are one of the most targeted verticals when it comes to cyberattacks. While those organizations must work to secure patients' sensitive data, it can also be helpful to analyze that data to improve patient outcomes. Jason James, CIO of Net Health, joins Juliet to discuss why attackers target healthcare organizations, Google's Project Nightingale and what it means for a tech giant to have access to the medical data of millions of people.

Google, Microsoft Azure Beat AWS in Cloud Performance

VMware Expands Nokia Test Integration

Cisco Sinks on Rocky Q1, Dour Q2 Revenue Outlook  

AWS Launches Data Exchange, Simplifies Third-Party Sharing

BrandPost: Addressing Scalability Challenges with SD-WANs

It’s always difficult to tell how fast your business will grow, and hence how quickly you’ll need to scale your network and other IT infrastructure. When it comes to software-defined wide-area networks (SD-WAN), the scalability issue is particularly thorny because of the myriad factors that play into the equation.Some will tell you scaling an SD-WAN is a simple matter of adding appliances, but that is far from the case, says David Greenfield, Secure Networking Evangelist with Cato Networks. Cato provides a cloud-based SD-WAN service, so Greenfield is well-versed in the factors that make SD-WAN scalability so challenging. In this post, we’ll examine a handful of them.To read this article in full, please click here

Samsung Taps HPE, Openet for Multi-Vendor 5G SA Core Test

Cray to license Fujitsu Arm processor for supercomputers

Cray says it will be the first supercomputer vendor to license Fujitsu’s A64FX Arm-based processor with high-bandwidth memory (HBM) for exascale computing.Under the agreement, Cray – now a part of HPE – is developing the first-ever commercial supercomputer powered by the A64FX processor, with initial customers being the usual suspects in HPC: Los Alamos National Laboratory, Oak Ridge National Laboratory, RIKEN, Stony Brook University, and University of Bristol.[Get regularly scheduled insights by signing up for Network World newsletters.] As part of this new partnership, Cray and Fujitsu will explore engineering collaboration, co-development, and joint go-to-market to meet customer demand in the supercomputing space. Cray will also bring its Cray Programming Environment (CPE) for Arm processors over to the A64FX to optimize applications and take full advantage of SVE and HBM2.To read this article in full, please click here

Cray to license Fujitsu Arm processor for supercomputers

Cray says it will be the first supercomputer vendor to license Fujitsu’s A64FX Arm-based processor with high-bandwidth memory (HBM) for exascale computing.Under the agreement, Cray – now a part of HPE – is developing the first-ever commercial supercomputer powered by the A64FX processor, with initial customers being the usual suspects in HPC: Los Alamos National Laboratory, Oak Ridge National Laboratory, RIKEN, Stony Brook University, and University of Bristol.[Get regularly scheduled insights by signing up for Network World newsletters.] As part of this new partnership, Cray and Fujitsu will explore engineering collaboration, co-development, and joint go-to-market to meet customer demand in the supercomputing space. Cray will also bring its Cray Programming Environment (CPE) for Arm processors over to the A64FX to optimize applications and take full advantage of SVE and HBM2.To read this article in full, please click here

IoT Security Policy Platform Wants to Raise the Bar On Global IoT Security

By next year, five Internet of Things (IoT) devices are projected to be in use for every person on the planet.

IoT devices offer endless opportunities to improve productivity, economic growth, and quality of life. Think smart cities, self-driving cars, and the ways connected medical devices can monitor our health. The potential growth of IoT is virtually infinite.

But with opportunity comes a significant amount of risk. As much as we’d like to trust manufacturers to make sure burglars can’t watch our homes through data from an automated vacuum, many new devices lack even basic security features. And thousands of new devices are coming online each year without commitment to basic measures such as using unique passwords, encrypting our data, or updating software to address vulnerabilities.

To help people and businesses around the world prepare, a dedicated group is rising to the challenge of securing the Internet of Things though cooperation across borders and sectors.

They are government agencies, non-governmental organizations, and other organizations and experts working on IoT security joined together to form the IoT Security Policy Platform. We are proud to say the Internet Society is amongst them too. Together we’ve been discussing and sharing best practices and Continue reading

BrandPost: SD-WAN as MPLS Replacement: Why the Internet Isn’t Enough

As companies turn to SD-WAN services, they’re often looking to migrate away from expensive MPLS services at the same time and employ Internet services instead. But the public Internet doesn’t provide the kind of predictable performance that enterprises need, and it can introduce unacceptable security risks.A sound alternative is a global, privately managed cloud-based network that can provide the consistent performance and low latency that enterprises demand, but at a fraction of the cost of MPLS – and with security built in. To get a sense for the requirements companies should look for in a managed cloud backbone to make for a successful SD-WAN migration, I spoke with Dave Greenfield, Secure Networking Evangelist with Cato Networks, which has built just such a backbone.To read this article in full, please click here

IPv6 Buzz 039: Bringing IPv6 Into Enterprise Wireless

IPv6 Buzz 039: Bringing IPv6 Into Enterprise Wireless

This week's IPv6 Buzz discusses getting IPv6 into enterprise wireless environments. We discuss what proper vendor support for v6 looks like, evaluate the impact of a lack of DHCPv6 support in Android, why running dual stack is more work than a clean cutover, and more. Our guest is Joe Neville, a technical consultant at HPE Aruba.

The post IPv6 Buzz 039: Bringing IPv6 Into Enterprise Wireless appeared first on Packet Pushers.