0

Cato and the Secure Access Service Edge: Where Your Digital Business Network Starts

In this blog explore how the Secure Access Service Edge (SASE) converges enterprise security and...

Read More »

0

Terraforming Cloudflare: in quest of the optimal setup

This is a guest post by Dimitris Koutsourelis and Alexis Dimitriadis, working for the Security Team at Workable, a company that makes software to help companies find and hire great people.

This post is about our introductive journey to the infrastructure-as-code practice; managing Cloudflare configuration in a declarative and version-controlled way. We’d like to share the experience we’ve gained during this process; our pain points, limitations we faced, different approaches we took and provide parts of our solution and experimentations.

Terraform world

Terraform is a great tool that fulfills our requirements, and fortunately, Cloudflare maintains its own provider that allows us to manage its service configuration hasslefree.

On top of that, Terragrunt, is a thin wrapper that provides extra commands and functionality for keeping Terraform configurations DRY, and managing remote state.

The combination of both leads to a more modular and re-usable structure for Cloudflare resources (configuration), by utilizing terraform and terragrunt modules.
We’ve chosen to use the latest version of both tools (Terraform-v0.12 & Terragrunt-v0.19 respectively) and constantly upgrade to take advantage of the valuable new features and functionality, which at this point in time, remove important limitations.

Workable context

Our set up includes Continue reading

0

InfluxDB 2.0

Introducing the Next-Generation InfluxDB 2.0 Platform mentions that InfluxDB 2.0 will be able to scrape Prometheus exporters. Get started with InfluxDB provides instructions for running an alpha version of the new software using Docker:

docker run --name influxdb -p 9999:9999 quay.io/influxdb/influxdb:2.0.0-alpha

Prometheus exporter describes an application that runs on the sFlow-RT analytics platform that converts real-time streaming telemetry from industry standard sFlow agents. Host, Docker, Swarm and Kubernetes monitoring describes how to deploy agents on popular container orchestration platforms.
The screen capture above shows three scrapers configured in InfluxDB 2.0:

1. sflow-rt-analyzer,
   URL: http://10.0.0.70:8008/prometheus/analyzer/txt
2. sflow-rt-dump,
   URL: http://10.0.0.70:8008/prometheus/metrics/ALL/ALL/txt
3. sflow-rt-flow-src-dst,
   URL: http://10.0.0.70:8008/app/prometheus/scripts/export.js/flows/ALL/txt?metric=flow_src_dst_bps&key=ipsource,ipdestination&value=bytes&aggMode=max&maxFlows=100&minValue=1000&scale=8

InfluxDB 2.0 now includes the data exploration and dashboard building capabilities that were previously in the separate Chronograf application. The screen Continue reading

0

Islamabad Chapter Brings First Internet Governance Event to Quetta, Pakistan

The 5th Pakistan School on Internet Governance (pkSIG 2019) was successfully held last month in Quetta, Pakistan. This represents a significant achievement for the Internet Society Pakistan Islamabad Chapter as it played an instrumental role in bringing the first-ever Internet Governance event to the provincial capital of Balochistan.

For those who may not know, Balochistan has the largest land area among the four provinces of Pakistan, yet it is the least populated and least developed. Only 27% of its population lives in urban areas and Internet penetration is low. Finding adequate sponsors, and more importantly, diversity among the students to participate was a critical concern. But, pkSIG 2019 in Quetta proved to be one of the best editions of this school.

Over 60 people (one-third of them female) registered for the event, including students, professionals, startup founders, speakers, and some guests who showed keen interest in the program. Following a four-week long process of registration and shortlisting, 35 students were selected for pkSIG 2019 and five were awarded fellowships. Since all the sessions were livestreamed, a sizeable audience participated online as well. (The sessions and presentations are available online.)

“It’s our fifth consecutive year conducting pkSIG – Continue reading

0

VMware NSX Killed My EVPN Fabric

A while ago I had an interesting discussion with someone running VMware NSX on top of VXLAN+EVPN fabric - a pretty common scenario considering:

• NSX’s insistence on having all VXLAN uplink from the same server in the same subnet;
• Data center switching vendors being on a lemming-like run praising EVPN+VXLAN;
• Non-FANG environments being somewhat reluctant to connect a server to a single switch.

His fabric was running well… apart from the weird times when someone started tons of new VMs.

Read more ...

0

Ansible + ServiceNow Part 3: Making outbound RESTful API calls to Red Hat Ansible Tower

Red Hat Ansible Tower offers value by allowing automation to scale in a checked manner - users can run playbooks for only the processes and targets they need access to, and no further. 

Not only does Ansible Tower provide automation at scale, but it also integrates with several external platforms. In many cases, this means that users can use the interface they are accustomed to while launching Ansible Tower templates in the background. 

One of the most ubiquitous self service platforms in use today is ServiceNow, and many of the enterprise conversations had with Ansible Tower customers focus on ServiceNow integration. With this in mind, this blog entry walks through the steps to set up your ServiceNow instance to make outbound RESTful API calls into Ansible Tower, using OAuth2 authentication. 

This is part 3 in a multi-part series, feel free to refer to part 1 and part 2 for more context.

The following software versions are used:

• Ansible Tower: 3.4, 3.5
• ServiceNow: London, Madrid

If you sign up for a ServiceNow Developer account, ServiceNow offers a free instance that can be used for replicating and testing this functionality. Your ServiceNow instance needs to be able Continue reading

0

Dark Traffic

This a report on a four-year long experiment in advertising a 'dark' prefix on the internet and examining the profile of unsolicited traffic that is sent to a traffic collector.

0

Aparavi’s Storage Focus Is on Data, Not Devices

The offering features a hybrid and multi-cloud file backup tool that enables long-term retention...

Read More »

0

Schneider Electric launches wall-mounted server rack

Floor space is often at a premium in a cramped data center, and Schneider Electric believes it has a fix for that: a wall-mounted server rack.The EcoStruxure Micro Data Center Wall Mount is a 6U design, meaning it has the capacity of six rack units. Schneider is pushing its space-saving option as an edge solution. The company's EcoStruxure IT Expert remote management and vulnerability assessment service will be available for the wall-mount units, even when installed in non-secured edge locations. READ MORE: Micro-modular data centers set to multiplyTo read this article in full, please click here

0

Schneider Electric launches wall-mounted server rack

Floor space is often at a premium in a cramped data center, and Schneider Electric believes it has a fix for that: a wall-mounted server rack.The EcoStruxure Micro Data Center Wall Mount is a 6U design, meaning it has the capacity of six rack units. Schneider is pushing its space-saving option as an edge solution. The company's EcoStruxure IT Expert remote management and vulnerability assessment service will be available for the wall-mount units, even when installed in non-secured edge locations. READ MORE: Micro-modular data centers set to multiplyTo read this article in full, please click here

0

Sprint’s 5G Prospects, Future at Stake Amid Merger Uncertainty

“I wouldn’t put another dime into the network," said industry analyst Earl Lum. "They’ve...

Read More »

0

Heavy Networking 476: Running ACI And NSX In The Same Data Center

On today's Heavy Networking our guest walks us through a project that brought both ACI and NSX into the same data center at a very large company. We discuss the drivers for ACI in the underlay and NSX in the overlay, the learning curves on each product, challenges and successes, and more. Our guest is Derek Wilson, a Principal Network Consultant.

The post Heavy Networking 476: Running ACI And NSX In The Same Data Center appeared first on Packet Pushers.

0

Arm CEO Segars: Silicon Partners Can Now Create ‘Fully Unique Chips’

Arm CEO Simon Segars said that the company is adding a new feature to its processors that will...

Read More »

0

US Eyes Nokia, Ericsson Subsidies to Fight Huawei

U.S. government officials are floating the idea of subsidizing Huawei's competitors to match the...

Read More »

0

Forward Networks Secures Funds, Focused on Network Operations

The company raised $35 million in Series C funding that was led by Goldman Sachs, which is one of...

Read More »

0

Microsoft, Pivotal Team on Azure Spring Cloud

The platform uses Kubernetes to make it easier to deploy and operate Spring Cloud applications and...

Read More »

0

Early adopter finds SD-WAN yields better management, costs, uptime

Managing the Wide Area Network (WAN) for Redmond Inc., a supplier of industrial and commercial products – from salt that’s used to protect winter roadways to organic dairy products and health items – is an easier job today for the company’s technical project manager Aaron Gabrielson than it was a year ago.Redmond manages a phone system, point of sale and fax centrally out of headquarters in Heber City, Utah, which means each of Redmond’s 10 branch sites across the Midwest need a reliable connection back to headquarters in Utah. That’s easier for some sites, like those in Salt Lake City, than others, such as rural areas where there may only be a handful of workers on a farm.To read this article in full, please click here

0

Learn how to invest & save for your future with GoBankingRates.com

The average consumer constantly thinks about money, and yet, many misconceptions and unknowns plague our minds when our own personal finances are brought up. Financial literacy is an often neglected topic despite it making a major impact on our lives and our future. If terms like CD rates, mortgages, APR, and taxes leave you scratching your head in confusion, then GOBankingRates.com is here to help.GOBankingRates.com is your one-stop source for financial education. It offers a wealth of information (pun intended) from financial experts on everything money-related, from opening a bank account and credit card to investing in stocks for the first time. GOBankingRates.com demystifies money and provides step-by-step guidance on how to take control of your financial journey and live richer.To read this article in full, please click here

0

Templating Device Configurations

One of the core functions of network automation is the ability to generate network device configurations from a template. This is a discrete, intentional process which unfortunately is often conflated with the totally separate act of applying a rendered configuration to a device. In this article we'll look at how to establish a template from existing configurations, define and organize variable data, and ultimately render a series of configurations automatically using a simple Python script.

What is a Template?

The term template describes any sort of mold or pattern from which new, identical objects can be created. For instance, a cookie cutter is a sort of template that can be used to create an arbitrary number of identically-shaped cookies from a sheet of dough. But in our case, we're inexplicably more interested in creating network device configuration files than baking cookies, and creating wholly identical copies of a file isn't terribly useful, since each network device typically has a handful of unique characteristics such as hostname, authentication credentials, IP addresses, and so on.

To address this need to define changing pieces of data within an otherwise unchanging document, we employ variables. A variable serves as a placeholder within the template, Continue reading

0

Pi-Hole for home DNS

Pi-hole? Huh? DNS? What I am going on about now you may ask. Pi-hole is billed as a “Network-wide Ad …

Continue reading →

The post Pi-Hole for home DNS appeared first on Fryguy's Blog.