NetworkingNexus.net

An EPYC trip to Rome: AMD is Cloudflare’s 10th-generation Edge server CPU

More than 1 billion unique IP addresses pass through the Cloudflare Network each day, serving on average 11 million HTTP requests per second and operating within 100ms of 95% of the Internet-connected population globally. Our network spans 200 cities in more than 90 countries, and our engineering teams have built an extremely fast and reliable infrastructure.

We’re extremely proud of our work and are determined to help make the Internet a better and more secure place. Cloudflare engineers who are involved with hardware get down to servers and their components to understand and select the best hardware to maximize the performance of our stack.

Our software stack is compute intensive and is very much CPU bound, driving our engineers to work continuously at optimizing Cloudflare’s performance and reliability at all layers of our stack. With the server, a straightforward solution for increasing computing power is to have more CPU cores. The more cores we can include in a server, the more output we can expect. This is important for us since the diversity of our products and customers has grown over time with increasing demand that requires our servers to do more. To help us drive compute performance, we needed Continue reading

BrandPost: C&S Takes Stock in Unity EdgeConnect SD-WAN Edge Platform

Keeping up to date on inventory, stocking, and data needs at thousands of grocery stores in North America is no easy task. That’s why C&S Wholesale Grocers decided it needed a major upgrade of its network using SD-WAN technology from Silver Peak to provide efficient, reliable, and secure communications among its data centers and warehouses. Founded in 1918, C&S is the largest grocery wholesaler in the United States. C&S recently embarked on a major network upgrade focused on implementing SD-WAN technology. The company selected the Silver Peak Unity EdgeConnect™ SD-WAN edge platform to enable more efficient and cost effective wide-area-networking (WAN) to support a variety of applications. To read this article in full, please click here

Intro to Automation Webhooks for Red Hat Ansible Automation Platform

If your organization has adopted DevOps culture, you're probably practicing some form of Infrastructures-as-Code (IaC) to manage and provision servers, storage, applications and networking using human-readable, and machine-consumable definitions and automation tools such as Ansible. It's also likely that Git is an essential in your DevOps toolchain, not only for the development of applications and services, but also in managing your infrastructure definitions.

With the release of Red Hat Ansible Tower v3.6, part of the Red Hat Ansible Automation Platform, we introduced Automation Webhooks that helps enable easier and more intuitive Git-centric workflows natively.

In this post we'll explore how you can make use of Automation Webhooks, but first let's look at IaC for some context and how this feature can be used to your organization's benefit.

Understanding Infrastructures-as-Code

Infrastructure-as-Code (IaC) is managing and provisioning computing resources through human-readable machine-consumable definition files, rather than physical hardware configuration or interactive configuration tools. It is considered one of the essential practices of DevOps along with continuous integration (CI), continuous delivery (CD), observability and others in order to automate development and operations processes and create a faster release cycle with higher quality. Treating infrastructure like it is code and subjecting Continue reading

Security that’s Designed for the Modern Data Center

The last 12 months have been incredibly exciting for the security business at VMware. Last year at RSA Conference 2019, VMware CEO Pat Gelsinger outlined our Intrinsic Security strategy in his keynote presentation, “3 Things the Security Industry Isn’t Talking About”. We also announced the VMware Service-defined Firewall, a stateful Layer 7 data center firewall. As pioneers of micro-segmentation, the Service-defined Firewall extended our leadership in protecting east-west traffic in the data center.

Later in the year, we announced two major acquisitions –Avi Networks and Carbon Black. The acquisition of Carbon Black brought to VMware an industry-leading endpoint security platform, and made the entire industry take notice of VMware’s intentions to transform security. With Avi Networks, we acquired a software-defined, elastic, and high-performance load balancer that comes equipped with a full-featured web application firewall (WAF). Maintaining the momentum in building out our security portfolio for the digital enterprise, we announced the VMware NSX Distributed Intrusion Detection and Prevention System which will bring advanced threat controls to the Service-defined Firewall.

At RSA Conference 2020, we are introducing VMware Advanced Security for Cloud Foundation, a modern data center security solution for today’s private and public clouds. This solution will include VMware Carbon Continue reading

Pragmatic EVPN Designs

While running the Using VXLAN And EVPN To Build Active-Active Data Centers workshop in early December 2019 I got the usual set of questions about using BGP as the underlay routing protocol in EVPN fabrics, and the various convoluted designs like IBGP-over-EBGP or EBGP-between-loopbacks over directly-connected-EBGP that some vendors love so much.

I got a question along the same lines from one of the readers of my latest EPVN rant who described how convoluted it is to implement the design he’d like to use with the gear he has (I won’t name any vendor because hazardous chemical substances get mentioned when I do).

Pragmatic EVPN Designs

Juniper bolsters wireless security; fights against encrypted malicious threats

Juniper is filling out its enterprise security portfolio this week by integrating support for its Mist wireless customers and adding the capability for customers to gain better visibility and control over encrypted traffic threats.With the new additions, Juniper is looking to buttress its ability to let users secure all traffic traversing the enterprise network via campus, WAN or data center. The moves are part of Juniper's grand Connected Security platform that includes a variety of security products including its next-generation firewalls that promise to protect networked resources across infrastructure and endpoints.To read this article in full, please click here

Cisco goes to the cloud with broad enterprise security service

Cisco has unveiled a cloud-based security platform it says will go a long way in helping customers protect their far-flung networked resources.Cisco describes the new SecureX service as offering an open, cloud-native system that will let customers detect and remediate threats across Cisco and third-party products from a single interface. IT security teams can then automate and orchestrate security management across enterprise cloud, network and applications and end points.Network pros react to new Cisco certification curriculum “Until now, security has largely been piecemeal with companies introducing new point products into their environments to address every new threat category that arises,” wrote Gee Rittenhouse senior vice president and general manager of Cisco’s Security Business Group in a blog about SecureX.To read this article in full, please click here

Juniper bolsters wireless security; fights against encrypted malicious threats

Cisco goes to the cloud with broad enterprise security service

Fortinet Forges FortiAI Security Service

The service utilizes a "self-learning" deep neural network to automate rote security tasks to...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Train to become a skilled Python coder for just $50

Python is one of the most widely used coding languages in the world. And, good news, it isn’t very difficult to learn — especially for those experienced using other platforms. If you want an introduction to the language, but would rather avoid a traditional college education, then give The Complete 2020 Python Programming Certification Bundle a try.To read this article in full, please click here

Daily Roundup: Cisco SecureX All-In on Cloud Native

Cisco went all-in on cloud-native security with SecureX; AT&T joined Open Cybersecurity...

Read More »

Weathering Heights: Of Resolutions And Ensembles

In the past year or so, watching supercomputer maker Cray, which is now part of Hewlett Packard Enterprise, has been a bit like playing a country and western song backwards on the record player. …

Weathering Heights: Of Resolutions And Ensembles was written by Timothy Prickett Morgan at The Next Platform.

Seamless remote work with Cloudflare Access

The novel coronavirus is actively changing how organizations work in real-time. According to Fortune, the virus has led to the “world’s largest work-from-home experiment.” As the epidemic crosses borders, employees are staying home and putting new stress on how companies manage remote work.

This is only accelerating an existing trend, however. Remote work has gained real traction in the last decade and Gartner projects that it will only continue. However, teams which are moving to a distributed model tend to do so slowly. When those timelines are accelerated, IT and security administrators need to be able to help their workforce respond without disrupting their team members.

Cloudflare Access can help teams migrate to a model that makes it seamless for users to work from any location, or any device, without the need for lengthy migrations or onboarding sessions. Cloudflare Access can be deployed in less than one hour and bring SaaS-like convenience and speed to the self-hosted applications that previously lived behind a VPN.

Leaving the castle-and-moat

When users share a physical space, working on a private network is easy. Users do not need clunky VPN clients to connect to the resources they need. Team members physically sit close Continue reading

Topology matters: how port-per-workload management strategies no longer hold up

In the beginning, there were switches. And connected to these switches were servers, routers and other pieces of gear. These devices ran one application, or at a stretch, multiple applications on the same operating system and thus IP stack. It was very much one-server-per-port; the SQL Server was always on port 0/8, and shutting down port 0/8 would affect only that machine.

This is no longer true, as network engineers well know. Physical hardware no longer dictates what, where, and how servers and other workloads exist. Cloud computing, multi-tenant virtual infrastructures and dynamically reallocated virtual resources mean that one port can cover 20 or 200 servers. Conversely, link aggregation and other forms of port density protocols mean that one server can have fault-tolerant aggregated links across one, five or 50 ports.

A new way of looking at switching—as a logical, rather than physical, topology—is required. In this view, switches aren’t so much pieces of the network architecture themselves, but simply ports that can be used to set up much more complex logical links. This article will focus on two main concepts: routing protocols (to allow better utilization of underutilized switching links) and switching protocols such as STP (those used to Continue reading

Tech Bytes: Getting A Full-Fidelity View Of Network Security With Riverbed (Sponsored)

On today's Tech Bytes we discuss the essential role that visibility plays in network security. Riverbed is our sponsor. We explore how Riverbed brings together logs, flow records, and packet capture to provide a full-fidelity view from multiple angles to help you respond to analyze security events. Our guests are Marco Di Benedetto, SVP and CTO; and Vincent Berk, VP and Chief Architect for Security at Riverbed.

Tech Bytes: Getting A Full-Fidelity View Of Network Security With Riverbed (Sponsored)

The post Tech Bytes: Getting A Full-Fidelity View Of Network Security With Riverbed (Sponsored) appeared first on Packet Pushers.

Verizon Warns of Rising Enterprise Mobile Security Risk

The operator’s third annual survey on mobile security concluded that 43% of respondents believe...

Read More »

Socratic vs. Euclidean Forms of API Documentation

I was emailing a service about their documentation and while their doc was good, about one particularly tricky concept they told me that once you use it for a while, that’s when you’ll understand it.

In other words: you’ll only understand it after you understand it.

I didn’t like that response. I want documentation that takes me from an unproductive newbie to a somewhat functioning journeyperson. Not an expert, but I want to get stuff done as soon as possible. And for that you need to understand the mental model behind the API. Otherwise, how do you know how to make anything happen?

I realize it’s hard to make good documentation. I spent a lot of time writing Explain the Cloud Like I'm 10 just to communicate the mental model behind the cloud. It’s not easy.

Then I read that something that showed me there are two different styles of documentation: Euclidean and Socratic:

Euclidean - state your axioms and let users derive the rest. Easiest for the API provider, but hardest on the user. This is the most common form of documentation. You see it all the time. Each entry point in the API is sort of Continue reading

« Previous 1 … 1,010 1,011 1,012 1,013 1,014 … 3,833 Next »