Broadcom Targets 5G Networks, Hyperscale Security

NSX-T Data Center and EUC Design Guide Release

When it comes to VMware NSX, support for VMware Horizon deployments have been a staple ask every release.  NSX compliments Horizon deployments tremendously by:

• Helping to provide the networking for the Horizon components
• Identity and firewalling security for VDI and RDSH desktops
• Endpoint protection
• Load balancing

Earlier this year, NSX-T Data Center 2.4 was released which brought identity firewalling, endpoint protection, and other necessary features for customers to consume equivalent to NSX Data Center for vSphere.  The release of NSX-T Data Center 2.5 takes those features and provides even further scale enhancements to support small, medium, and the largest Horizon deployments.

NSX-T Data Center and EUC Design Guide

The NSX-T and EUC Design Guide takes information provided in the VMware Horizon Reference Architecture and the VMware NSX-T Reference Design Guide, and brings the two platforms together into a single solution.

Use Cases and What’s Covered

Let’s take a look at what all is covered and the use cases that NSX-T Data Center has for Horizon deployments:

Horizon Pod Alignment

NSX-T Data Center 2.5 supports massive scale that can cover an entire Horizon Pod scale, and more in some cases.  This design guide Continue reading

How Operators Can Work With Developers to Monetize Edge

Stateless’ Software-Defined Interconnect Battles NFV, SD-WAN

VMware NSX Achieves FIPS 140-2 Validation

Co-authored with Rajiv Prithvi, Product Manager Networking and Security Business Unit at VMware

During VMworld US 2019, we announced several new transformative capabilities in VMware NSX-T 2.5 release which is now shipping! The release strengthens the NSX platform’s intrinsic security, multi-cloud, container, and operational capabilities.

We also announced the successful FIPS 140-2 validation of NSX-T 2.5. FIPS compliance is mandatory for US federal agencies and has also been widely adopted in non-governmental sectors (e.g. financial services, utilities, healthcare). FIPS-140-2 establishes the integrity of cryptographic modules in use through validation testing done by NIST and CSE. With this validation, we further deliver on our confidentiality, integrity and availability objectives and provide our customers with a robust networking and security virtualization platform.

Compliance-Based Configuration with NSX-T 2.5

NSX-T 2.5 is configured to operate in FIPS mode by default. Any exceptions or deviations from established compliance norms are identified in a compliance report which can be used to review and configure your NSX-T Data Center environment to meet your IT policies and industry standards. Any exceptions to FIPS compliance including configuration errors can be retrieved from the compliance report using NSX Manager UI or APIs.

A sample FIPS Continue reading

Cleaning up bad bots (and the climate)

From the very beginning Cloudflare has been stopping malicious bots from scraping websites, or misusing APIs. Over time we’ve improved our bot detection methods and deployed large machine learning models that are able to distinguish real traffic (be it from humans or apps) from malicious bots. We’ve also built a large catalog of good bots to detect things like helpful indexing by search engines.

But it’s not enough. Malicious bots continue to be a problem on the Internet and we’ve decided to fight back. From today customers have the option of enabling “bot fight mode” in their Cloudflare Dashboard.

Once enabled, when we detect a bad bot, we will do three things: (1) we’re going to disincentivize the bot maker economically by tarpitting them, including requiring them to solve a computationally intensive challenge that will require more of their bot’s CPU; (2) for Bandwidth Alliance partners, we’re going to hand the IP of the bot to the partner and get the bot kicked offline; and (3) we’re going to plant trees to make up for the bot’s carbon cost.

Malicious bots harm legitimate web publishers and applications, hurt hosting providers by misusing resources, and they doubly hurt the planet Continue reading

MEF19 Preview: Accelerate Your Digital Transformation

Weekly Wrap: VMware CEO States IBM Paid Too Much for Red Hat

New in Docker Hub: Personal Access Tokens

On the heels of our recent update on image tag details, the Docker Hub team is excited to share the availability of personal access tokens (PATs) as an alternative way to authenticate into Docker Hub.

Already available as part of Docker Trusted Registry, personal access tokens can now be used as a substitute for your password in Docker Hub, especially for integrating your Hub account with other tools. You’ll be able to leverage these tokens for authenticating your Hub account from the Docker CLI – either from Docker Desktop or Docker Engine: 

docker login --username <username>

When you’re prompted for a password, enter your token instead.

The advantage of using tokens is the ability to create and manage multiple tokens at once so you can generate different tokens for each integration – and revoke them independently at any time.

Create and Manage Personal Access Tokens in Docker Hub 

Personal access tokens are created and managed in your Account Settings.

From here, you can:

• Create new access tokens
• Modify existing tokens
• Delete access tokens

Note that the actual token is only shown once, at the time Continue reading

Microsoft Gifts Semmle to GitHub, Plans $40B Stock Buyback

AT&T, Sprint, and Cisco Execs Throw Cold Water on 5G

IBM’s Public Cloud set for 53-Qubit Quantum Computing Boost

Huawei Booted From FIRST Cybersecurity Trade Group

Cloudflare’s Approach to Research

Cloudflare’s mission is to help build a better Internet. One of the tools used in pursuit of this goal is computer science research. We’ve learned that some of the difficult problems to solve are best approached through research and experimentation to understand the solution before engineering it at scale. This research-focused approach to solving the big problems of the Internet is exemplified by the work of the Cryptography Research team, which leverages research to help build a safer, more secure and more performant Internet. Over the years, the team has worked on more than just cryptography, so we’re taking the model we’ve developed and expanding the scope of the team to include more areas of computer science research. Cryptography Research at Cloudflare is now Cloudflare Research. I am excited to share some of the insights we’ve learned over the years in this blog post.

Cloudflare’s research model

GitLab Inhales $268M Series E, Valuation Hits $2.75B

VMworld US 2019: Networking and Security Recap

VMworld US 2019 has come to a close. If you didn’t attend, don’t worry as we still have VMworld Europe right around the corner. Join us November 4-7, 2019 to hear experts discuss cloud, networking and security, digital workspace, digital trends and more!  Register for VMworld Europe now.

Below is a quick recap and resources to check out from VMworld US 2019.

Stats from VMworld US 2019

• For networking and security we delivered 91 Breakout Sessions + 2 Showcase Keynotes
  • VMware NSX-T – Getting Started was the second most played video post-VMworld!
• VMware NSX was the #1 attended Hands-On-Lab (HOL), and there was a total of 1,922 labs taken on NSX
  • 17,277 NSX networks were created at HOL
• VMware NSX Intelligence won TechTarget’s Best of Show award – Judge’s Choice for Disruptive Technology

Congratulations to our NSX Intelligence team: Anirban Sengupta, Umesh Mahajan, Farzad Ghannadian, Kausum Kumar, Catherine Fan and Ray Budavari.

Surprise guest Michael Dell stopped by the Solutions Exchange to check out demos of what’s new from the networking and security business unit demoed by Chris McCain.

Technical Networking and Security Sessions from VMworld US 2019

Below is a list of sessions that jump into the NSX Continue reading

Oracle Pushes More Automation Into Cloud Security

Cloudflare IPO Scorches Wall Street

How Cloudflare and Wall Street Are Helping Encrypt the Internet Today

Today has been a big day for Cloudflare, as we became a public company on the New York Stock Exchange (NYSE: NET). To mark the occasion, we decided to bring our favorite entropy machines to the floor of the NYSE. Footage of these lava lamps is being used as an additional seed to our entropy-generation system LavaRand — bolstering Internet encryption for over 20 million Internet properties worldwide.

(This is mostly for fun. But when’s the last time you saw a lava lamp on the trading floor of the New York Stock Exchange?)

A little context: generating truly random numbers using computers is impossible, because code is inherently deterministic (i.e. predictable). To compensate for this, engineers draw from pools of randomness created by entropy generators, which is a fancy term for "things that are truly unpredictable".

It turns out that lava lamps are fantastic sources of entropy, as was first shown by Silicon Graphics in the 1990s. It’s a torch we’ve been proud to carry forward: today, Cloudflare uses lava lamps to generate entropy that helps make millions of Internet properties more secure.

Housed in our San Francisco headquarters is a wall filled with dozens of lava lamps, Continue reading

Huawei Offers 5G Technology License Up for Bid to the West