NetworkingNexus.net

vSAN Stretched Cluster Using an NSX-T Backed L3 Network

VMware vSAN and NSX-T Compatibility

There are lot of discussions that talk about VMware NSX and VMware vSAN, most of them around compatibility.

vSAN and NSX are compatible with each other, however, vSAN traffic is not supported on NSX overlay network. But, the way VDS Portgroups can be used to configure vSAN vmkernel adapters, NSX-T VLAN backed logical switches can also be used to configure vSAN vmkernel adapters. Apart from this, NSX-T logical routers can be used as gateways to route the vSAN traffic, of course the backing for such configuration must be with NSX-T VLAN logical switches.

In this blog post I cover how NSX-T can be used to setup configuration for vSAN stretched cluster.

Deep Dive of vSAN Stretched Cluster Using an NSX-T Backed L3 Network

One of the configurations for vSAN stretched cluster can be achieved with L3 networking between Data Nodes and the Witness Host. In such deployment, the Data Nodes and Witness Host may reside in different networks. Hence, the vSAN vmkernel adapters need to point to their gateways to talk to each other. Following is the high-level network view of such topology for vSAN stretched cluster where hosts use VDS Portgroups to configure the Continue reading

How inspiration from your data center can modernize your campus network.

Campus networks are undergoing a rapid evolution as they draw inspiration from their data center peers from both a technology and cost perspective. At the forefront of this evolution is open networking, led by innovation and cost efficiencies that apply equally across data center and campus networks.

Interestingly, Cumulus Linux was originally intended for data center networking, but without a doubt, we’re seeing the lines between data center and campus blurring with campus standing to benefit significantly, and it’s about time. It’s the data center that has historically benefited from innovation, especially in compute and storage. The data center network, however, seemed to lag for more than a decade until our founders set out in 2010 to develop a fundamentally different approach to the data center with Cumulus Networks.

Cumulus Networks introduced an open, modern and innovative network operating system called Cumulus Linux. Cumulus Linux was originally designed to emulate the network architecture of the web-scale giants including Google, Amazon, Apple, Microsoft and Facebook allowing you to automate, customize and scale your data center network like no other, and for the first time, bringing this capability to the masses.

Cumulus Networks is building the modern data center network for applications Continue reading

Microsoft’s Windows, Office 365 advice for secure elections

Microsoft has issued guidance and offered resources to help election officials and candidate campaigns to better protect their Windows and Office 365 systems.

How Did We End with 1500-byte MTU?

A subscriber sent me this intriguing question:

Is it not theoretically possible for Ethernet frames to be 64k long if ASIC vendors simply bothered or decided to design/make chipsets that supported it? How did we end up in the 1.5k neighborhood? In whose best interest did this happen?

Remember that Ethernet started as a shared-cable 10 Mbps technology. Transmitting a 64k frame on that technology would take approximately 50 msec (or as long as getting from East Coast to West Coast). Also, Ethernet had no tight media access control like Token Ring, so it would be possible for a single host to transmit multiple frames without anyone else getting airtime, resulting in unacceptable delays.

“I was told to buy a software or lose my computer: I ignored it.” A study of ransomware

“I was told to buy a software or lose my computer. I ignored it”: a study of ransomware Simoiu et al., SOUPS 2019

This is a very easy to digest paper shedding light on the prevalence of ransomware and the characteristics of those most likely to be vulnerable to it. The data comes from a survey of 1,180 US adults conducted by YouGov, an online global market research firm. YouGov works hard to ensure respondent participation representative of (in this case) the general population in the U.S., but the normal caveats apply.

We define ransomware as the class of malware that attempts to defraud users by restricting access to the user’s computer or data, typically by locking the computer or encrypting data. There are thousands of different ransomware strains in existence today, varying in design and sophistication.

The survey takes just under 10 minutes to complete, and goes to some lengths to ensure that self-reporting victims really were victims of ransomware (and not some other computer problem).

For respondents that indicated they had suffered from a ransomware attack, data was collected on month and year, the name of the ransomware variant, the ransom demanded, the payment method, Continue reading

Kubernetes, Ransomware to Hit Cloud and Data in 2020

Ransomware attacks shot up 500% in the last year with damage costs expected to soar up to $11...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Tech Bytes: Implementing Sensible Network Segmentation With Tufin (Sponsored)

Today's Tech Bytes podcast looks at how to implement sensible network segmentation to ensure compliance with security policies and accelerate business agility. Tufin is our sponsor, and we speak with guest Sagi Bar-Zvi, Strategic Pre-Sales Manager at Tufin.

Tech Bytes: Implementing Sensible Network Segmentation With Tufin (Sponsored)

The post Tech Bytes: Implementing Sensible Network Segmentation With Tufin (Sponsored) appeared first on Packet Pushers.

How to prevent IPv6 VPN breakout

Enterprises unaware of the role IPv6 plays on remote users’ devices run the risk that these machines might access banned sites despite using VPNs that are meant to restrict what they access.This hole stems from the fact that some of these remote-access VPNs are configured to inspect and apply security controls only to IPv4 traffic as it passes through a VPN concentrator without enabling similar protections for IPv6 traffic.[Get regularly scheduled insights by signing up for Network World newsletters.] This leaves IPv6 traffic free to access the Internet directly without those controls being applied. Known as IPv6 VPN breakout, the issue is well known yet often remains overlooked.To read this article in full, please click here

Heavy Networking 478: Leveraging LTE For SD-WAN With Cradlepoint (Sponsored)

Today's Heavy Networking show is sponsored by Cradlepoint, which provides wireless WAN networking. Our guest Marc Bresniker, VP of Product Management, joins us to discuss using LTE for WAN connections including IoT, and to explore the benefits of using Cradlepoint's LTE solutions as part of your SD-WAN strategy.

The post Heavy Networking 478: Leveraging LTE For SD-WAN With Cradlepoint (Sponsored) appeared first on Packet Pushers.

Network Break 256: Startup Forward Networks Nabs $35 Million; Vodafone Dials OpenRAN For Incumbent Alternatives

Today's Network Break podcast is chock full of inspirational cynicism. We cover fresh funding for Forward Networks, Vodafone trialing OpenRAN gear, SUSE closing the door on OpenStack, Extreme Networks shifting StackStorm to the Linux Foundation, and more tech news.

Network Break 256: Startup Forward Networks Nabs $35 Million; Vodafone Dials OpenRAN For Incumbent Alternatives

The post Network Break 256: Startup Forward Networks Nabs $35 Million; Vodafone Dials OpenRAN For Incumbent Alternatives appeared first on Packet Pushers.

PCI-Express Steps Up To The Bandwidth Challenge

Moore’s Law might be slowing down CPU compute capacity increases in recent years, but the innovation has been coming at a steady drumbeat for the interconnects used inside servers and between nodes in distributed computing systems. …

PCI-Express Steps Up To The Bandwidth Challenge was written by Timothy Prickett Morgan at The Next Platform.

Linux sudo flaw can lead to unauthorized privileges

A newly discovered and serious flaw in the sudo command can, if exploited, enable users to run commands as root in spite of the fact that the syntax of the /etc/sudoers file specifically disallows them from doing so.Updating sudo to version 1.8.28 should address the problem, and Linux admins are encouraged to do so as soon as possible. [Get regularly scheduled insights by signing up for Network World newsletters.] How the flaw might be exploited depends on specific privileges granted in the /etc/sudoers file. A rule that allows a user to edit files as any user except root, for example, would actually allow that user to edit files as root as well. In this case, the flaw could lead to very serious problems.To read this article in full, please click here

Forcepoint Web Security Footprint Spans 160 Global PoPs

The vendor rolled out its Web Security platform across 160 points of presence as it builds out a...

Read More »

Toshiba Taps Cybera’s SD-WAN for Retail Terminals

Under the agreement, Cybera becomes Toshiba's preferred SD-WAN vendor in the Asia-Pacific...

Read More »

Intel Snaps Up Smart Edge Amid 5G Push

The company is expanding into edge computing, which it estimates will be a $65 billion silicon...

Read More »

Who's Hiring?

Sisu Data is looking for machine learning engineers who are eager to deliver their features end-to-end, from Jupyter notebook to production, and provide actionable insights to businesses based on their first-party, streaming, and structured relational data. Apply here.

Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.

Need excellent people? Advertise your job here!

Cool Products and Services

Stateful JavaScript Apps. Effortlessly add state to your Javascript apps with FaunaDB. Generous free tier. Try now!

Grokking the System Design Interview is a popular course on Educative.io (taken by 20,000+ people) that's widely considered the best System Design interview resource on the Internet. It goes deep into real-world examples, offering detailed explanations and useful pointers on how to improve your approach. There's also a no questions asked 30-day return policy. Try a free preview today.

PA File Sight - Actively protect servers from ransomware, audit file access to see who is deleting files, reading files or moving files, and detect file copy activity from the server. Historical audit reports Continue reading

DiversyFund makes real estate investment accessible to everyone

Few investment opportunities are as lucrative as real estate. By buying low, renovating, and selling when the time is right, investors have the potential to make millions of dollars in profit. Unfortunately, this practice is typically reserved for the ultra-wealthy since buying a single property let alone building a real estate portfolio requires more than most of us have lying around. The good news for the 99% is that financial tech company, DiversyFund, is on a mission to change that. With DiversyFund, anyone can participate in building a diversified real estate portfolio, and all you need is $500 to get started. To read this article in full, please click here

Lenovo’s Charles Ferland Shares What’s in Store for SDN, NFV, and Telecoms

Hear from Lenovo's Charles Ferland as he dives into the company's latest ideas in telecom...

Read More »

« Previous 1 … 1,124 1,125 1,126 1,127 1,128 … 3,841 Next »