Nvidia Research: The Real Reason Big Green Commands Big Profits

It is safe to say in 2025 that the best job in the world is the chief executive officer of Nvidia, and that the company’s co-founder, Jensen Huang, has steered the company to great heights as much as fellow co-founders Thomas Watson ever did with International Business Machines, Larry Ellison ever did with Oracle, and Steve Jobs ever did with Apple Computer.

Nvidia Research: The Real Reason Big Green Commands Big Profits was written by Timothy Prickett Morgan at The Next Platform.

TNO022: Secure Automation at Enterprise Scale for the Public Sector with Red Hat Ansible (Sponsored)

There are both benefits and challenges when adopting automation in the public sector, but Red Hat Ansible enhances efficiency, security and service delivery. With the right tooling, network operators can integrate automation into existing environments and improve network security.  Providing insights into adopting automation in the public sector are Tony Dubiel, Principal Specialist Solution Architect... Read more »

HN774: Who Put These OT Risks In My IT Ops? Fortinet Has Answers (Sponsored)

IT and infosec professionals are used to operating and protecting mission-critical infrastructure; servers, databases, load balancers, and so on. But what about valves that control the flow of gas or oil in a refinery? Temperature and vibration sensors that monitor industrial manufacturing processes? If you’re thinking “That’s not my problem” think again. There’s a whole... Read more »

Weekend Reads 032825


With global Route Origin Authorization (ROA) coverage surpassing 50% for both IPv4 and IPv6, implementing Route Origin Validation (ROV) has become increasingly critical for securing network operations


One of the mysteries for me in IP networks was the Path MTU Discovery (PMTUD) process. I’ve seldom seen any problems with the MTU at all.


It is arguable, however, that Xsight Labs is trying to push programmability to the extreme, eventually allowing customers to use P4, Python, C/C++, Rust, Go, or what have you (maybe even NPL) to hack the data plane inside switches using its X1 and now X2 ASICs.


With phpIPAM, it became possible to establish a structured, easily searchable database. This structured data now serves as the network’s SoT — a reliable foundation for network automation.


On Wednesday, web infrastructure provider Cloudflare announced a new feature called “AI Labyrinth” that aims to combat unauthorized AI data scraping by serving fake AI-generated content to bots.

Passive BGP Sessions

The Dynamic BGP Peers lab exercise gave you the opportunity to build a large-scale environment in which routers having an approved source IP addresses (usually matching an ACL/prefix list) can connect to a BGP route reflector or route server.

In a more controlled environment, you’d want to define BGP neighbors on the BGP RR/RS but not waste CPU cycles trying to establish BGP sessions with unreachable neighbors. Welcome to the world of passive BGP sessions.

Click here to start the lab in your browser using GitHub Codespaces (or set up your own lab infrastructure). After starting the lab environment, change the directory to session/8-passive and execute netlab up.

N4N019: Howdy, Neighbor! And Other Routing Stuff

In today’s episode, we continue the discussion about routing and routing protocols by focusing on commonalities rather than differences among  protocols such as OSPF, RIP, EIGRP, or BGP. We explain how, in general, routing protocols discover each other, communicate, maintain relationships, and exchange routing information. Next, we explore the topics of selecting best paths in... Read more »

Response: Any-to-Any Connectivity in the Internet

Bob left a lengthy comment arguing with the (somewhat black-and-white) claims I made in the Rise of NAT podcast. Let’s start with the any-to-any connectivity:

From my young millennial point of view, the logic is reversed: it is because of NATs and firewalls that the internet became so asymmetrical (client/server) just like the Minitel was designed (yes, I am French), whereas the Internet (and later the web, although a client/server protocol, was meant for everyone to be a client and a server) was designed to be more balanced.

Let’s start with the early Internet. It had no peer-to-peer applications. It connected a few large computers (mainframes) that could act as servers but also allowed terminal-based user access and thus ran per-user clients.

Read more …

Three chapters at Cloudflare: Programmer to CTO to Board of Directors

Today, after more than 13 years at the company, I am joining Cloudflare’s board of directors and retiring from my full-time position as CTO.

Back in 2012 I wrote a short post on my personal site simply titled: Programmer. The post announced that I’d recently joined a company called CloudFlare (still sporting that capital “F”) with the job title Programmer. I’d chosen that title in part because it was the very first title I’d ever had, and because it would reflect what I’d be doing at Cloudflare.

I had spent a lot of time working at startups—in technical and then management roles—and wanted to go back to the really technical part that I loved most. Cloudflare gave me that opportunity, and I worked on a lot of systems that make up the Cloudflare that so many people around the world use today.

Looking back on my time at the company it’s really, really hard to pick my top highlights. In 2019 I wrote 6,000 words on the experience of helping build Cloudflare. But here are five that stand out:

Always be shipping

The night we finished the preparation to launch Universal SSL sticks in my memory. We set out to Continue reading

Introducing Calico 3.30: A New Era of Open Source Network Security and Observability for Kubernetes

When we first launched Project Calico in 2016, we set out to make Kubernetes networking easy, reliable, and scalable for all organizations. Our goal was to abstract away the complexity and performance overheads of other CNI plugins while simultaneously extending Kubernetes network policy to make it easier to secure your Kubernetes workloads.

Over the last 9 years, we’ve seen our community grow alongside Calico Open Source, which has become the most widely adopted Kubernetes networking tool that now powers over 8 million nodes across more than 166 countries. We’ve seen the challenges our community has faced as more organizations adopt Kubernetes, and as the scale and complexity of these Kubernetes deployments has increased. Through our commercial offerings, we’ve helped solve networking and network security challenges for some of the world’s largest Kubernetes deployments, from financial institutions to telcos.

Calico OSS 3.30

With the release of Calico OSS 3.30 in May, we are open sourcing our battle-tested observability and security tools from our commercial editions. This includes the following key features:

  • Goldmane – A gRPC-based API for accessing and capturing flow logs and policy evaluation metrics
  • Whisker – A web-based tool for viewing and filtering flow logs to troubleshoot Continue reading

NAN088: See Something, Improve Something – An Iterative Approach to Automation Success

On today’s Network Automation Nerds, industry veteran Michael Bushong talks about lessons learned from failure. As the network industry grapples with automation and network engineers confront yet another cycle of upskilling and grinding out new certs, he warns against executives and practice leads aiming for the biggest, shiniest project. His advice? Find something that matters... Read more »

Project Jengo for Sable — final winners!

With Cloudflare’s victory against patent trolls Sable IP and Sable Networks in the books, it’s time to close out the case’s Project Jengo competition. 

In our last update, we talked about the conclusion of Sable’s 3+ year campaign to extort a payment from Cloudflare based on meritless patent infringement claims. After Cloudflare’s victory at trial in February 2024, Sable finally — and fully — capitulated, agreeing to: (1) pay Cloudflare $225,000, (2) grant Cloudflare a royalty-free license to Sable’s entire patent portfolio, and (3) dedicate all of Sable’s patents to the public. 

With the fight against Sable ended, we announced the Conclusion of the Case under the Project Jengo Sable Rules. Now that the Grace Period has passed, we are pleased to announce the final winners of Project Jengo for the Sable case!

Read on for background on the case, details on the Project Jengo final winners, and other patent troll-related updates.

The Sable win

For anyone unfamiliar with the Sable case, the story can be traced back all the way to 2006, when patent troll Sable bought patents from a company going out of business. In 2021, fifteen years after buying the patents, Sable filed suit Continue reading

PP055: News Roundup – BotNet Targets TP-Link, Threat Hunting In the Electric Grid, Apple Vs. UK Snoops, and More

This week we dive into security headlines including a botnet bonanza that includes TP-Link routers, Chinese attackers targeting Juniper and Fortinet, and a case study of nation-state actors penetrating the operator of a small US electric utility. We also discuss ransomware attacks targeting critical infrastructure, a backdoor in an Android variant used in streaming devices,... Read more »

HS098: Just Following Orders?

What do you do when your colleagues or senior leaders ask you to do something illegal? It’s hardly hypothetical; recent years have seen high-profile firings and convictions of CIOs and CISOs who’ve been ordered to break the law. John and Johna discuss steps that tech leaders can take if they’re put on the spot. Episode... Read more »
1 9 10 11 12 13 3,783