Cisco: 6 critical security alarms for UCS software, small-biz routers

Cisco today warned its Unified Computing System (UCS) customers about four critical fixes they need to make to stop nefarious agents from taking over or attacking their systems.The problems all have a severity rating of 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS).The critical bugs are found in the Cisco UCS Director and UCS Director Express for Big Data packages.To read this article in full, please click here

Cisco: 6 critical security alarms for UCS software, small-biz routers

Cisco today warned its Unified Computing System (UCS) customers about four critical fixes they need to make to stop nefarious agents from taking over or attacking their systems.The problems all have a severity rating of 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS).The critical bugs are found in the Cisco UCS Director and UCS Director Express for Big Data packages.To read this article in full, please click here

Creating Tagged Subnets Across AWS AZs Using Pulumi

As I mentioned back in May in this post on creating a sandbox for learning Pulumi, I’ve started using Pulumi more and more of my infrastructure-as-code needs. I did switch from JavaScript to TypeScript (which I know compiles to JavaScript on the back-end, but the strong typing helps a new programmer like me). Recently I had a need to create some resources in AWS using Pulumi, and—for reasons I’ll explain shortly—many of the “canned” Pulumi examples didn’t cut it for my use case. In this post, I’ll share how I created tagged subnets across AWS availability zones (AZs) using Pulumi.

In this particular case, I was using Pulumi to create all the infrastructure necessary to spin up an AWS-integrated Kubernetes cluster. That included a new VPC, subnets in the different AZs for that region, an Internet gateway, route tables and route table associations, security groups, an ELB for the control plane, and EC2 instances. As I’ve outlined in my latest post on setting up an AWS-integrated Kubernetes 1.15 cluster using kubeadm, these resources on AWS require specific AWS tags to be assigned in order for the AWS cloud provider to work.

As I started working on this, Continue reading

Can a Composable Hypervisor Re-Imagine Virtualization?

“Virtualization is changing and what people need from virtualization is changing,” said Intel's...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Big Switch Cozies Up to AWS Outposts

Big Switch says its software-defined networking products are “ideally suited” for cloud...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

CloudGenix Supercharges SD-WAN With Azure Integration

The company claims the integration will provide remote offices around the world secure, high-speed...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Big Switch targets shadow IT, hybrid cloud growth with fortified software family

Big Switch has rolled a variety of new software packages aimed at simplifying customer networks and helping them manage on-premises and hybrid-cloud data-center growth.The products include a version of its Big Cloud Fabric (BCF) for Amazon Web Services virtual private cloud  (VPC) management, adding support for Global VPCs (G-VPCs), and a cloud-based version of its Multi-Cloud Director (MCD).  VPCs provide the on-demand access to a pool of shared cloud-computing resources.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] Big Switch’s flagship BCF software lets customers manage physical switches as a single fabric that includes security, automation, orchestration and analytics. BCF can run on a variety of certified switches from Dell EMC, HPE and others. In addition, BCF Controller natively supports integration with various Cloud Management Platforms such as VMware (vSphere, NSX Manager, vSAN) and OpenStack. BCF also supports container orchestrators such as Kubernetes, all via a single interface. To read this article in full, please click here

Big Switch targets shadow IT, hybrid cloud growth with fortified software family

Big Switch has rolled a variety of new software packages aimed at simplifying customer networks and helping them manage on-premises and hybrid-cloud data-center growth.The products include a version of its Big Cloud Fabric (BCF) for Amazon Web Services virtual private cloud  (VPC) management, adding support for Global VPCs (G-VPCs), and a cloud-based version of its Multi-Cloud Director (MCD).  VPCs provide the on-demand access to a pool of shared cloud-computing resources.[ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] Big Switch’s flagship BCF software lets customers manage physical switches as a single fabric that includes security, automation, orchestration and analytics. BCF can run on a variety of certified switches from Dell EMC, HPE and others. In addition, BCF Controller natively supports integration with various Cloud Management Platforms such as VMware (vSphere, NSX Manager, vSAN) and OpenStack. BCF also supports container orchestrators such as Kubernetes, all via a single interface. To read this article in full, please click here

Best practices: MLAG backup IP

Recently there was a conversation in the Cumulus community (details in the debriefing below) about the best way to build a redundant backup IP link for multi-chassis link aggregation (MLAG). Like all good consulting-led blogs, we have a healthy dose of pragmatism that goes with our recommendations and this technology is no different. But if you’re looking for the short answer, let’s just say: it depends.

The MLAG backup IP feature goes by many names in the industry. In Cisco-land you might call this the “peer keepalive link,” in Arista-ville you might call this the “peer-address heartbeat” and in Dell VLTs it is known as the “backup destination.” No matter what you call it, the functionality offered is nearly the same.

What does it do?

Before we get into the meat of the recommendation, let’s talk about what the backup IP is designed to do. The backup IP link provides an additional value for MLAG to monitor, so a switch knows if its peer is reachable. Most implementations use this backup IP link solely as a heartbeat, meaning that it is not used to synchronize MAC addresses between the two MLAG peers. This is also the case with Cumulus Continue reading

The Sky is Not Falling For Ekahau

Ekahau Hat (photo courtesy of Sam Clements)

You may have noticed quite a few high profile departures from Ekahau recently. A lot of very visible community members, concluding Joel Crane (@PotatoFi), Jerry Olla (@JOlla), and Jussi Kiviniemi (@JussiKiviniemi) have all decided to move on. This has generated quite a bit of discussion among the members of the wireless community as to what this really means for the company and the product that is so beloved by so many wireless engineers and architects.

Putting the people aside for a moment, I want to talk about the Ekahau product line specifically. There was an undercurrent of worry in the community about what would happen to Ekahau Site Survey (ESS) and other tools in the absence of the people we’ve seen working on them for so long. I think this tweet from Drew Lentz (@WirelessNerd) best exemplifies that perspective:

Intel Reveals AI Accelerator Chips for Deep Learning in Data Centers

Intel revealed its first chipsets designed for artificial intelligence in large data centers.

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

VMware Buying Spree Continues With Intrinsic

VMware bought Intrinsic, an application security startup, in its fifth acquisition in three months,...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Microsoft, Intel, and Red Hat Back Confidential Computing

The Linux Foundation’s Confidential Computing Consortium is a who’s who of cloud providers,...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

MEF Unveils Long-Awaited SD-WAN Standard

MEF unveiled the first standardized definition for SD-WAN. The the definition stands to help to...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Brief History of VMware NSX

I spent a lot of time during this summer figuring out the details of NSX-T, resulting in significantly updated and expanded VMware NSX Technical Deep Dive material… but before going into those details let’s do a brief walk down the memory lane ;)

We’re running an NSX Deep Dive workshop in Zurich in early September, followed by NSX-T update webinar in mid-November.

You might remember a startup called Nicira that was acquired by VMware in mid-2012… supposedly resulting in the ever-continuing spat between Cisco and VMware (and maybe even triggering the creation of Cisco ACI).

Read more ...

Statistical foundations of virtual democracy

Statiscal foundations of virtual democracy Kahng et al., ICML’19

This is another paper on the theme of combining information and making decisions in the face of noise and uncertainty – but the setting is quite different to those we’ve been looking at recently. Consider a food bank that receives donations of food and distributes it to those in need. The goal is to implement an automated decision making system such that when a food donation is received, the system outputs the organisation (e.g. housing authority or food pantry) that should receive it. We could hard code a set of rules, but what should they be? And who gets to decide?

A democratic solution to this would be to give each of the stakeholders a vote on every decision. In the food bank setting, identified classes of stakeholders include the donors, the recipients, the volunteers (who pick up food from the donor and deliver it to the recipient), and employees. Their votes encode their own preferences and biases, perhaps in a way that even the voters themselves couldn’t neatly codify in a set of explicit rules.

It’s not really practical to have an actual vote with all stakeholders participating Continue reading

Real-world backup woes and how to fix them

Data backup and restoration can be somewhat of a black-box effort. You often don’t know whether you fully nailed it until disaster strikes, and there is always room for improvement, especially as cloud and hybrid options grow. We asked four network professionals to share what made them realize they should do more to bolster their organization’s backup and recovery processes, and how they made that happen. Here are their stories.To read this article in full, please click here(Insider Story)