In mid 2000s I wrote a number of articles describing various TCP/IP features. Most of them are a bit outdated, so I decided to clean up, update and repost the most interesting ones on ipSpace.net, starting with Never-Ending Story of IP Fragmentation.
The first part of that article is already online, covering MTU basics and drawbacks of IP fragmentation.
Dell and VMware launched an SD-WAN appliance powered by VMware's VeloCloud and a new product called...
Open networking is based on open standards, interoperability, and open source software such as Linux. One of the things that has made Linux so ubiquitous is the unparalleled control it offers to users in terms of customization and building intelligence into the network. Much of this advantage comes in the form of the automation and orchestration possible with Linux-based networking.
First adopted by hobbyists, widespread use of Linux in production environments only started to take off in the mid-1990s in the supercomputing field, where organizations such as NASA started to replace their overly expensive hardware with clusters of inexpensive commodity computers running Linux. Today, Linux systems are used throughout computing.
Linux can be found in servers, clouds, and network equipment. Linux is ubiquitous in the embedded systems space, and is the operating system upon which virtually all modern supercomputers are built. Even Microsoft (which once derided Linux as “a cancer”) now champions Linux, building its own Linux distributions for its Azure cloud networking and making it possible to run Linux on top of Windows.
Linux offers organizations numerous ways to automate devices and workloads. This includes task scheduling, scripting, automation, and policy management. Because Linux is used widely in so Continue reading
We all can make some pretty rash decisions under stress. I once burned a hole through my undershirt instead of ironing my button-down shirt because I was so nervous before a presentation.
The Internet has its challenges and sometimes can seem like a scary place. In the 2019 survey, the CIGI-Ipsos Global Survey on Internet Security and Trust, 62% of respondents who said they distrust the Internet cited a lack of Internet security as a reason why.
When it comes to facing challenges on the Internet, everyone, from average Internet users to government officials, tends to act the same way I do before presentations – frantically and with questionable results.
In pursuit of security, some governments are making decisions that could harm the Internet as we know it. They’ve taken actions that could weaken digital security, have the potential to fracture the Internet, and some have even shut the Internet down in their country. Like burning a hole through an undershirt and having to wear a wrinkled button-down shirt to a presentation, these actions do little, and make things worse.
The survey results highlighted in our report, “The State of User Privacy and Trust Online,” tell a Continue reading
VMware rolled out updates to its NSX networking platform including a new analytics engine and load...
Rackspace rolled out five new enhancements to its hybrid cloud portfolio aimed at helping customers...
Security Automation seems to be a growing topic of interest. This year at AnsibleFest we will have a track for Security Automation. We talked with Track Lead Massimo Ferrari to learn more about the Security Automation track and the sessions within it.
Who is this track best for?
This track is intended for professionals in security operations and vulnerability management who want to learn how Ansible can support and simplify their activities, and automation experts tasked to expand the footprint of their automation practice and support security teams in their organization.
What topics will this track cover?
Sessions included in this track cover how to introduce and consume Ansible Automation in different stages of maturity of a security or cross-functional organization. They include guidance from Red Hat subject matter experts, customer stories and technical deep downs from partners that are suitable for both automation veterans and security professionals looking at automation for the first time.
What should attendees expect to learn from this track?
People attending the sessions in this track will learn how Ansible can be leveraged in security environments to support activities like incident investigation and response, compliance enforcement and Continue reading
The Qualcomm Networking Pro Series and Qualcomm FastConnect 6800 Subsystem are based on completely...
Yesterday I published a high-level overview of Cluster API (CAPI) that provides an introduction to some of the concepts and terminology in CAPI. In this post, I’d like to walk readers through actually using CAPI to bootstrap a Kubernetes cluster on AWS.
It’s important to note that all of the information shared here is also found in the “Getting Started” guide in the AWS provider’s GitHub repository. My purpose here is provide an additional walkthrough that supplements that official documentation, not to supplant the official documentation, and to spread the word about how the process works.
Four basic steps are involved in bootstrapping a Kubernetes cluster on AWS using CAPI:
The following sections take a look at each of these steps in a bit more detail. First, though, I think it’s important to mention that CAPI is still in its early days (it’s currently at v1alpha1). As such, it’s possible that commands may (will) change, and API specifications may (will) change as further development Continue reading
If you’ve worked in IT for a few years, you’ve seen it happen. You select an application framework, operating system, database platform, or other infrastructure because it meets the checklist, the price is right, or sometimes because of internal politics. You quickly discover that it doesn’t play well with other solutions or across platforms — except of course it’s “easy and seamless” when used with offerings from the same vendor.
But try telling your developers that they can’t use their favorite framework, development toolset, or have to use a specific operating system for everything they do. If developers feel like they don’t have flexibility, they quickly adopt their own tools, creating a second wave of shadow IT.
And it doesn’t just affect developers. IT operations and security get bogged down in managing multiple systems and software sprawl. The business suffers because efficiency and innovation lag when teams get caught up in fighting fires.
Below are 5 things that can go wrong when you get locked in to an infrastructure platform:
Will the platform you pick work with any combination of public and private clouds? Will you get cornered into Continue reading
One of the best practices we advocate and measure in our Online Trust Audit is that privacy statements should have a date stamp visible at the top of the page. This is an issue of transparency and lets readers know when the statement was last updated. Combined with another advocated best practice – access to prior versions of the privacy statement, which unfortunately is offered by only 3% of sites – readers get a sense of what changed between versions and when those changes happened.
For the first time this year, we captured the actual date stamps of more than 1,000 privacy statements across the audited sectors, and though we made some high level comments in the Audit, we thought it would be insightful to show another layer of detail. One of the reasons we captured specific dates was the fact that many privacy statements were updated in the months prior to (or shortly after) May 25, 2018, when the General Data Protection Regulation (GDPR) went into effect in the European Union.
The graph below shows the date stamps from most to least recent (ending with those that have no date stamp) across the audited sectors. The green bars represent Continue reading
The smartest networking minds converge on VMware's Future:Net. Among them is Albert Greenberg,...
Avi Networks is now part of VMware and our product is now called VMware NSX Advanced Load Balancer. You can read about it here in our press release from VMworld.
But our story is far from over.
The acquisition marked VMware’s official entry into the ADC (Application Delivery Controller) space. The Avi team, which remains intact, is at the helm of delivering the world’s leading software-defined load balancing solution for VMware — both as a standalone platform for on-prem and multi-cloud environments and as an integrated VMware NSX solution.
We originally founded Avi Networks because we believed that the traditional ADC industry had failed its customers. Hardware and virtual appliances are rigid, cumbersome, and offer little automation or application insight. As enterprises re-architect applications as microservices, re-define the data center through software, and re-build infrastructure as hybrid and multi-cloud environments, ADC appliances work against the goals of modernizing enterprises.
This belief is shared by hundreds of the world’s largest companies that have decided to replace load balancing appliances with the Avi solution. VMware also believed this, which is why we are a part of the company today.
Avi re-imagined the ADC as a distributed Continue reading
NSX-T has seen great success in the market for multi-platform network and security use-cases, including automation, multi-cloud adoption, and containers as customers move through the digital transformation initiative. NSX-T is the industry’s only network and security platform delivering a wide range of L2-L7 services, built from the ground up for workloads running on all types of infrastructure – virtual machines, containers, physical servers and both private and public clouds.
This year, we are hyper-focused on innovation, and in bringing transformative capabilities to market through NSX-T, which is the foundation for both our VMware NSX Data Center and NSX Cloud offerings. This release of NSX-T further strengthens our intrinsic security capabilities architected directly into networks and public and private cloud workloads that applications and data live on, reducing the attack surface. This version also keeps up the accelerated pace of innovation we are delivering on for scalability, cloud-native support, and operational simplicity which can accelerate customers’ adoption of a Virtual Cloud Network architecture.
Key Focus Areas in NSX-T 2.5
NSX Intelligence is a distributed analytics engine that provides continuous data-center wide visibility Continue reading