Thinking about color

Color is my day-long obsession, joy and torment - Claude Monet

Over the last two years we’ve tried to improve our usage of color at Cloudflare. There were a number of forcing functions that made this work a priority. As a small team of designers and engineers we had inherited a bunch of design work that was a mix of values built by multiple teams. As a result it was difficult and unnecessarily time consuming to add new colors when building new components.

We also wanted to improve our accessibility. While we were doing pretty well, we had room for improvement, largely around how we used green. As our UI is increasingly centered around visualizations of large data sets we wanted to push the boundaries of making our analytics as visually accessible as possible.

Cloudflare had also undergone a rebrand around 2016. While our marketing site had rolled out an updated set of visuals, our product ui as well as a number of existing web properties were still using various versions of our old palette.

Our product palette wasn’t well balanced by itself. Many colors had been chosen one or two Continue reading

The VPN is dying, long live zero trust

The venerable VPN, which has for decades provided remote workers with a secure tunnel into the enterprise network, is facing extinction as enterprises migrate to a more agile, granular security framework called zero trust, which is better adapted to today’s world of digital business.VPNs are part of a security strategy based on the notion of a network perimeter; trusted employees are on the inside and untrusted employees are on the outside. But that model no longer works in a modern business environment where mobile employees access the network from a variety of inside or outside locations, and where corporate assets reside not behind the walls of an enterprise data center, but in multi-cloud environments.To read this article in full, please click here

The VPN is dying, long live zero trust

The venerable VPN, which has for decades provided remote workers with a secure tunnel into the enterprise network, is facing extinction as enterprises migrate to a more agile, granular security framework called zero trust, which is better adapted to today’s world of digital business.VPNs are part of a security strategy based on the notion of a network perimeter; trusted employees are on the inside and untrusted employees are on the outside. But that model no longer works in a modern business environment where mobile employees access the network from a variety of inside or outside locations, and where corporate assets reside not behind the walls of an enterprise data center, but in multi-cloud environments.To read this article in full, please click here

Amazon Detective, McAfee Hunt Down the Baddies

AWS Head Bemoans ‘Political Interference’ in JEDI Contract

Verizon Beats the Edge Drum With AWS

Business Considerations in Implementing an SD-Branch

Juniper broadens SD-Branch management, switch options

Juniper has taken the wraps off new software and switches that are designed to broaden user options in deploying software-defined branch offices and enterprise networks.The company bolstered its Contrail SD-WAN cloud package to include support for SD-LAN-specific operations, such as provisioning of new devices and managing branch office LANs.  READ MORE: SD-WAN creates new security challengesTo read this article in full, please click here

Snow Software Adds Embotics to Boost Hybrid Cloud Management

Verizon, Amazon team to offer 5G edge cloud computing via AWS Wavelength

Amazon and Verizon will offer the ability to run AWS-based applications with ultra-low latency via the former’s new Wavelength edge service, the companies announced this week at AWS re:Invent, letting organizations realize the benefits of edge computing without having to roll their own edge devices.The idea is a pretty simple one: Place small data centers running AWS’ software next to Verizon’s 5G points of presence. What this means is that applications running in that 5G coverage area can send their data to those remote edge data centers for rapid processing, as opposed to traveling across Verizon’s network, to the Internet at large, to AWS, and all the way back down the chain.To read this article in full, please click here

Silver Peak, Versa, Citrix, Aruba Bolster SD-WAN With AWS

Day Two Cloud 026: Build Cloud-Native Networks With Aviatrix (Sponsored)

Today on Day Two Cloud, we talk about multi-cloud networking with sponsor Aviatrix. Aviatrix has built a networking solution that’s multi-cloud capable and leverages cloud-native constructs wherever possible. And they do it in a way designed to make the life of IT engineers better. Our guests are Rod Stuhlmuller, VP Marketing; and Nauman Mustafa, VP Solutions Engineering.

The post Day Two Cloud 026: Build Cloud-Native Networks With Aviatrix (Sponsored) appeared first on Packet Pushers.

Day Two Cloud 026: Build Cloud-Native Networks With Aviatrix (Sponsored)

VMware at Gartner IOCS

The speed and agility delivered by fast-moving cloud technologies and modern application architectures have become central to digital business transformation efforts.  There is an emerging realization that IT infrastructure and operations (I&O) teams cannot continue to rely on proprietary, bespoke, and expensive hardware to perform data center functions like networking, security, and load balancing.  These functions can be performed more efficiently at scale with distributed software running on x86 hardware while also achieving reduced complexity and cost.

VMware is excited to present this public cloud approach to infrastructure and operations at the Gartner IT Infrastructure, Operations & Cloud Strategies Conference next week, 9–12 December in Las Vegas.

Attend our Speaking Session

Tom Gillis, GM and SVP of VMware Networking and Security Business Unit, will deliver a session on Wednesday titled “A Public Cloud Experience Requires a Different Datacenter and WAN Design”.

Tom will talk about how you can bring the public cloud experience to your Data Center and WAN using a software-based, scale out architecture running on general purpose hardware.  Purpose-built hardware designed for homogeneous environments simply cannot handle the fast-moving realities of today’s business priorities.  Businesses shouldn’t have to carry the burden of exorbitant CapEx Continue reading

AWS rolls out Outposts for on-premises hybrid cloud

Looking to further nudge the data-center crowd into the cloud world, Amazon Web Services announced the availability of its long-awaited Outposts hybrid-cloud service this week.Outposts delivers on-premises hardware and services that enables AWS cloud services inside enterprise data centers. That on-premises market is huge according to Amazon Web Services CEO Andy Jassy who told the AWS re:Invent 2019 conference audience 97% of the $3.7T IT market is still on-prem and that the industry is still at the very early stages of a shift from on premises to the cloud.To read this article in full, please click here

AWS rolls out Outposts for on-premises hybrid cloud

Looking to further nudge the data-center crowd into the cloud world, Amazon Web Services announced the availability of its long-awaited Outposts hybrid-cloud service this week.Outposts delivers on-premises hardware and services that enables AWS cloud services inside enterprise data centers. That on-premises market is huge according to Amazon Web Services CEO Andy Jassy who told the AWS re:Invent 2019 conference audience 97% of the $3.7T IT market is still on-prem and that the industry is still at the very early stages of a shift from on premises to the cloud.To read this article in full, please click here

SD-WAN sector report: Growing with no end in sight

With the WAN in transition, incumbents make their move through acquisitions, while startups continue to innovate at the edge. Insider Pro looks at why SD-WAN is so hot.

Online Trust Audit for 2020 Presidential Campaigns Update

On 7 October 2019, the Internet Society’s Online Trust Alliance (OTA) released the Online Trust Audit for 2020 U.S. Presidential Campaigns. Overall, 30% of the campaigns made the Honor Roll, and 70% had a failure, mainly related to scores for their privacy statements. As part of this process, OTA reached out to the campaigns, offering to explain their specific Audit scores and ways to improve them. The campaigns were also told that they would be rescored in mid-November and the updated results would be published in early December. As a result, several campaigns contacted us to understand the methodology and scoring, and several of them made improvements.

Rescoring of all elements of the Audit was completed on 25 November, and the table below shows the updated results since release of the original Audit. Several campaigns have been suspended since early October (Messam, O’Rourke, Ryan, and Sanford, as well as Bullock and Sestak in early December). Campaigns shown in bold in the Honor Roll column made enough improvements to earn passing scores for their privacy statements and thereby achieve Honor Roll status. Campaigns shown in italics at the bottom of the table are new entrants since the Audit was released. Continue reading

Self-hosted videos with HLS: subtitles

In a previous article, I have described a solution to self-host videos while offering a delivery adapted to each user’s bandwith, thanks to HLS and hls.js. Subtitles¹ were not part of the game. While they can be declared inside the HLS manifest or embedded into the video, it is easier to include them directly in the <video> element, using the WebVTT format:

<video poster="poster.jpg"
       controls preload="none">
  <source src="index.m3u8"
          type="application/vnd.apple.mpegurl">
  <source src="progressive.mp4"
          type='video/mp4; codecs="avc1.4d401f, mp4a.40.2"'>
  <track src="de.vtt"
         kind="subtitles" srclang="de" label="Deutsch">
  <track src="en.vtt"
         kind="subtitles" srclang="en" label="English">
</video>

Watch the following demonstration, featuring Agent 327: Operation Barbershop, a video created by Blender Animation Studio and currently released under the Creative Commons Attribution No Derivatives 2.0 license:

You may want to jump to 0:12 for the first subtitle. Most browsers should display a widget to toggle subtitles. This works just fine with Chromium but Firefox will not show the menu Continue reading

Tuning BGP Convergence in High-Availability Firewall Cluster Design

Two weeks ago Nicola Modena explained how to design BGP routing to implement resilient high-availability network services architecture. The next step to tackle was obvious: how do you fine-tune convergence times, and how does BGP convergence compare to the more traditional FHRP-based design.