The Tale of the Mysterious Traceroute

If you follow me on Twitter ( https://twitter.com/danieldibswe), you know I have been doing a lot of SD-WAN lately and I recently built my own lab. In this lab, I wanted to try a feature known as service chaining. What is service chaining? It’s a method of sending traffic through one or more services, such as a firewall, before the traffic takes the “normal” path towards its destination.

Before we dive deeper in, let me show the topology in use:

When I tested this feature, the data plane was working perfectly but my traceroute looked very strange. The traceroute was also not finishing.

root@B1-S1:/# traceroute 10.1.2.10
traceroute to 10.1.2.10 (10.1.2.10), 30 hops max, 60 byte packets
 1  10.1.1.1 (10.1.1.1)  6.951 ms  36.355 ms  39.604 ms
 2  10.1.0.2 (10.1.0.2)  11.775 ms  15.047 ms  15.535 ms
 3  10.0.0.18 (10.0.0.18)  28.540 ms  28.538 ms  28.532 ms
 4  10.1.2.10 (10.1.2.10)  41.748 ms  41.746 ms  41.736  Continue reading

Intel Focuses on Scale Out AI Training With New Chip

Carey Kloss has been intimately involved with the rise of AI hardware over the last several years, most notably with his work building the first Nervana compute engine, which Intel captured and is rolling into two separate products: one chip for training, another for inference. …

Intel Focuses on Scale Out AI Training With New Chip was written by Nicole Hemsoth at .

Cybersecurity Tech Accord Adopts Bug Disclosure Policies

The 111 Cybersecurity Tech Accord companies compete daily but all agree on the big picture:...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Network Equipment Market Positioned for Five Years of Growth

Revenue attributed to network equipment and services is expected to improve following a five-year...

Read More »

Deep Dive: How Healthcare Organizations Practice Privacy and Security

In April, the Online Trust Alliance published the 11th annual Online Trust Audit assessing the security and privacy of 1,200 top organizations across several industry sectors. For the first time, this year’s Audit covered 100 of the top healthcare organizations, including lab testing companies, pharmacies, hospital chains, and insurance providers.

How did they do?

Since this is the first year these organizations were included, we do not have historical comparisons, but we can compare how healthcare sites fared against the other audited sectors. Overall, 57% of healthcare sites made this year’s Honor Roll, the lowest of all the sectors we studied. By far the most common reason for failure in the healthcare sector was weak email security (35%, nearly triple the overall average). Failure due to privacy was better than average, while failure due to site security was slightly worse than average.

Email Security

SPF and DKIM help protect against forged email. Overall 87% of healthcare organizations had SPF on their top-level domain and 67% had DKIM (the lowest of any sector, and the main source of healthcare’s failing scores). DMARC builds on SPF and DKIM results, provides a means for feedback reports, and adds visibility for Continue reading

Druva Adds Smart Storage Tiering, Disaster Recovery

Druva added two new cloud services: a multi-tier intelligent data storage technology for AWS and...

Read More »

Big Blue Open Sources Power Chip Instruction Set

It has been a long time coming, and it might have been better if this had been done a decade ago. …

Big Blue Open Sources Power Chip Instruction Set was written by Timothy Prickett Morgan at .

DDoS Mitigation and BGP Flowspec

The post DDoS Mitigation and BGP Flowspec appeared first on Noction.

BrandPost: A Compelling Justification for Your Business-driven SD-WAN Investment at Your Fingertips!

This is the second of a two-part blog series that explores how enterprise IT leaders can effectively measure the return on SD-WAN investments. In my first installment of this series, I discussed how IT leaders can make a business case for moving from a traditional router-centric architecture to a business-first networking model SD-WAN, like the one delivered by Silver Peak. According to a recent report by IDC[1], the SD-WAN market is poised to reach $5.25 Billion in 2023. The report also predicts the SD-WAN industry to grow at a compound annual growth rate (CAGR) of 30.8 percent from 2018 to 2023, and that is driving a lot of attention to this new way of deploying WAN infrastructure. CIOs are asking how and why they will use SD-WAN and how they can justify making SD-WAN investments.To read this article in full, please click here

AWS ABCs: Granting A Third-Party Access to Your Account

There can be times when you’re working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example:

A contractor or a specialist needs to perform some work on your behalf
You’re having AWS Professional Services or a partner from the Amazon Partner Network do some work in your account
You’re conducting a pilot with AWS and you want your friendly neighborhood Solutions Architect to review something

In each of these cases you likely want to grant the permissions the third-party needs but no more. In other words, no granting of AdministratorAccess policies because it’s easy and just works. Instead, adherence to the principle of least privilege.

This post will describe two methods–IAM users and IAM roles–for proving limited access to third-parties.

Comparing the Two Approaches

The big difference with the IAM user approach vs the role-based approach is the way the credentials for each entity are handed out.

IAM users have long-term credentials that only change by a manual action (either the user or an administrator changes the credentials). Those credentials will continue to provide access to the account until they’re either changed or the user is disabled/deleted.

By contrast, roles Continue reading

Dell Joins AT&T to Further Develop Airship, Metal3-io, Ironic

Dell Technologies has joined with AT&T to collaborate on a number of open source technologies that the companies say will contribute to edge computing and 5G deployments, namely the Metal3-io (for Kubernetes) and Ryan Van Wyk, AT&T assistant vice president of network cloud software engineering at AT&T, in an interview with The New Stack. “The net effect is we’re helping to accelerate the deployment of open infrastructure that supports [software defined network] workloads. We see it as a flywheel effect in terms of making it easier for folks to deploy infrastructure and that makes it easier for them to grow their SDN ecosystem,” said Van Wyk. “Dell’s going to bring some focus to an area that’s core to their competency. When it comes to working on how to manage the RAID, the discs, the servers, the BIOS configurations, and validation of the hardware itself, and then integrate some of that stuff natively back into the Kubernetes Cluster API, those are things that are Continue reading

The First Networking Fundamentals Videos are Online

In mid-June I started another pet project - a series of webinars focused on networking fundamentals. In the first live session on June 18th we focused on identifying the challenges one has to solve when building an end-to-end networking solution, and the role of layered approach to networking.

Not surprisingly, we quickly went down the rabbit holes of computer networking history, including SCSI cables, serial connections and modems… but that’s where it all started, and some of the concepts developed at that time are still used today… oftentimes heavily morphed by recursive application of RFC 1925 Rule 11.

The View From On High On How To Beat Moore’s Law

The rapid changes underway in modern datacenters and HPC environment are demanding more compute power from a tech industry that is running into significant barriers to supplying that capacity. …

The View From On High On How To Beat Moore’s Law was written by Jeffrey Burt at .

When private 4G LTE is better than Wi-Fi

While cellular wireless is often thought of as a carrier service, IT organizations can benefit from deploying private 4G LTE technology to complement or even replace Wi-Fi and for specific use cases such as supporting IoT devices that generate large data sets and that are spread out over large areas.To read this article in full, please click here(Insider Story)

When private LTE is better than Wi-Fi

While cellular wireless is often thought of as a carrier service, IT organizations can benefit from deploying private LTE technology to complement or even replace Wi-Fi and for specific use cases such as supporting IoT devices that generate large data sets and that are spread out over large areas.To read this article in full, please click here(Insider Story)

VMworld 2019: Sneak Peak at Our Keynote Sessions. Plus a Chance to Win!

Networking & Security Keynotes at VMworld 2019

About a month ago, we published a VMworld security guide with shortlisted 100 to 300 level sessions that best illustrate real-world application of our products. This time, we’ll be focusing on two networking and security keynotes. The first keynote will highlight how VMware’s single-stack, complete networking and security platform can achieve a consistent operational network fabric for hybrid cloud environments, and the second keynote will focus on how users can leverage existing VMware infrastructure to implement a more effective, intrinsic security.

In addition, you will have a shot at winning Bose headphones simply by attending each event. Although chances are slim (1250 times harder to win both as opposed to just one), duplicate winners will be acknowledged so if you are looking for a present for yourself and a significant other, make sure to register and save on your yearly bonus! Winners will be announced at the end of each keynote, so make sure to stay until the end!

Showcase Keynote: Networking and Security for the Cloud Era [NETS3413KU]

There has never been a more exciting and challenging time in the networking space. As the cloud, application developers, IoT, Continue reading

AWS ABCs: Granting A Third-Party Access to Your Account

There can be times when you're working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example:

A contractor or a specialist needs to perform some work on your behalf
You're having AWS Professional Services or a partner from the Amazon Partner Network do some work in your account
You're conducting a pilot with AWS and you want your friendly neighborhood Solutions Architect to review something

In each of these cases you likely want to grant the permissions the third-party needs but no more. In other words, no granting of AdministratorAccess policies because it's easy and just works. Instead, adherence to the principle of least privilege.

This post will describe two methods—IAM users and IAM roles—for proving limited access to third-parties.

Live Preview: Build and Test Workers Faster with Wrangler CLI 1.2.0

As part of my internship on the Workers Developer Experience team, I set out to polish the Wrangler CLI for Cloudflare Workers. If you're not familiar with Workers, the premise is quite simple: Write a bit of Javascript that takes in an HTTP request, does some processing, and spits out a response. The magic lies in where your Workers scripts run: on Cloudflare's edge network, which spans 193 cities in more than 90 countries. Workers can be used for nearly anything from configuring Cloudflare caching behavior to building entire serverless web applications. And, you don't have to worry about operations at all.

I was excited to focus on Wrangler, because Wrangler aims to make developing and publishing Workers projects a pleasant experience for everyone, whether you're a solo dev working on the next big thing, or an engineer at a Fortune 100 enterprise. The whole point of serverless is about reducing friction, and Wrangler reflects that ethos.

However, when I started at Cloudflare in early June, some parts of the development experience still needed some love. While working on a new WASM tutorial for the Workers documentation, I noticed a storm brewing in my browser…

Wrangler lets you test your Continue reading

Network Break 248: VMware Acquires Veriflow; Xirrus Changes Hands

Ned Bellavance drops in as guest co-host while Drew takes time off to make craft virtual donuts with an artisan baker in a remote mountain village. Ned and Greg analyze VMware's latest acquisition, discuss why Xirrus has changed hands, explore a new low-cost switch, opine on CloudFlare's forthcoming IPO, and more.

Network Break 248: VMware Acquires Veriflow; Xirrus Changes Hands

The post Network Break 248: VMware Acquires Veriflow; Xirrus Changes Hands appeared first on Packet Pushers.

« Previous 1 … 1,136 1,137 1,138 1,139 1,140 … 3,809 Next »