Improving Internet Trust: Ironing out the Details

We all can make some pretty rash decisions under stress. I once burned a hole through my undershirt instead of ironing my button-down shirt because I was so nervous before a presentation.

The Internet has its challenges and sometimes can seem like a scary place. In the 2019 survey, the CIGI-Ipsos Global Survey on Internet Security and Trust, 62% of respondents who said they distrust the Internet cited a lack of Internet security as a reason why.

When it comes to facing challenges on the Internet, everyone, from average Internet users to government officials, tends to act the same way I do before presentations – frantically and with questionable results.

In pursuit of security, some governments are making decisions that could harm the Internet as we know it. They’ve taken actions that could weaken digital security, have the potential to fracture the Internet, and some have even shut the Internet down in their country. Like burning a hole through an undershirt and having to wear a wrinkled button-down shirt to a presentation, these actions do little, and make things worse.

The survey results highlighted in our report, “The State of User Privacy and Trust Online,” tell a Continue reading

VMware Adds Load Balancer, Analytics Engine to NSX

Rackspace Targets Hybrid-Cloud Adoption With New Services

AnsibleFest Atlanta – Security Automation

Security Automation seems to be a growing topic of interest. This year at AnsibleFest we will have a track for Security Automation. We talked with Track Lead Massimo Ferrari to learn more about the Security Automation track and the sessions within it. 

Who is this track best for? 

This track is intended for professionals in security operations and vulnerability management who want to learn how Ansible can support and simplify their activities, and automation experts tasked to expand the footprint of their automation practice and support security teams in their organization.

What topics will this track cover? 

Sessions included in this track cover how to introduce and consume Ansible Automation in different stages of maturity of a security or cross-functional organization. They include guidance from Red Hat subject matter experts, customer stories and technical deep downs from partners that are suitable for both automation veterans and security professionals looking at automation for the first time.

What should attendees expect to learn from this track? 

People attending the sessions in this track will learn how Ansible can be leveraged in security environments to support activities like incident investigation and response, compliance enforcement and Continue reading

How to build a startup evaluation toolkit

In the first installment of our startup evaluation guide, we cover five essential tools you need to ensure you are heading in the right direction.

Qualcomm Links WiFi 6 to 5G in New Products

Bootstrapping a Kubernetes Cluster on AWS with Cluster API

Yesterday I published a high-level overview of Cluster API (CAPI) that provides an introduction to some of the concepts and terminology in CAPI. In this post, I’d like to walk readers through actually using CAPI to bootstrap a Kubernetes cluster on AWS.

It’s important to note that all of the information shared here is also found in the “Getting Started” guide in the AWS provider’s GitHub repository. My purpose here is provide an additional walkthrough that supplements that official documentation, not to supplant the official documentation, and to spread the word about how the process works.

Four basic steps are involved in bootstrapping a Kubernetes cluster on AWS using CAPI:

1. Installing the necessary tools (a one-time task)
2. Preparing the AWS account with the correct IAM roles and policies (this is a one-time task)
3. Creating a management cluster (not required every single time)
4. Creating a workload cluster

The following sections take a look at each of these steps in a bit more detail. First, though, I think it’s important to mention that CAPI is still in its early days (it’s currently at v1alpha1). As such, it’s possible that commands may (will) change, and API specifications may (will) change as further development Continue reading

5 Things That Happen When You Get Locked In to an Application Platform

The Consequences of Application Platform Lock-in 

If you’ve worked in IT for a few years, you’ve seen it happen. You select an application framework, operating system, database platform, or other infrastructure because it meets the checklist, the price is right, or sometimes because of internal politics. You quickly discover that it doesn’t play well with other solutions or across platforms — except of course it’s “easy and seamless” when used with offerings from the same vendor.

But try telling your developers that they can’t use their favorite framework, development toolset, or have to use a specific operating system for everything they do. If developers feel like they don’t have flexibility, they quickly adopt their own tools, creating a second wave of shadow IT.

And it doesn’t just affect developers. IT operations and security get bogged down in managing multiple systems and software sprawl. The business suffers because efficiency and innovation lag when teams get caught up in fighting fires.

Below are 5 things that can go wrong when you get locked in to an infrastructure platform:

#1 Other Platforms Become Inaccessible

Will the platform you pick work with any combination of public and private clouds? Will you get cornered into Continue reading

How “Fresh” is That Privacy Statement?

One of the best practices we advocate and measure in our Online Trust Audit is that privacy statements should have a date stamp visible at the top of the page. This is an issue of transparency and lets readers know when the statement was last updated. Combined with another advocated best practice – access to prior versions of the privacy statement, which unfortunately is offered by only 3% of sites – readers get a sense of what changed between versions and when those changes happened.

For the first time this year, we captured the actual date stamps of more than 1,000 privacy statements across the audited sectors, and though we made some high level comments in the Audit, we thought it would be insightful to show another layer of detail. One of the reasons we captured specific dates was the fact that many privacy statements were updated in the months prior to (or shortly after) May 25, 2018, when the General Data Protection Regulation (GDPR) went into effect in the European Union.

The graph below shows the date stamps from most to least recent (ending with those that have no date stamp) across the audited sectors. The green bars represent Continue reading

Microsoft’s Albert Greenberg, Fellow Networking Wizards Unite at Future:Net

VMware fortifies its hybrid-cloud portfolio with management, automation, AWS and Dell offerings

SAN FRANCISCO—VMware has uncorked a variety of software products and services aimed at letting customers more quickly and securely build and manage hybrid-cloud environments.More apps will be built and deployed in the next five years than in the last 40 to support workloads including analytics and connecting IoT devices, said Kip Colbert, vice president and cloud CTO for VMware, and that will require more expansive hybrid-cloud platform.RELATED: How Notre Dame is going all in with Amazon’s cloud VMware used its VMworld customer event here to expand its cloud role to Dell/EMC and broadened its role with Amazon Web Services (AWS). VMware's Cloud portfolio, its underlying hybrid-cloud platform, already supports Azure, Google Cloud, IBM Cloud services, plus more than 60 VMware Cloud Verified partners. More than 70 million workloads run on VMware. Of these, 10 million are in the cloud, Colbert said.To read this article in full, please click here

Avi Networks — Same Team, Same Mission, New Home

Avi Networks is now part of VMware and our product is now called VMware NSX Advanced Load Balancer. You can read about it here in our press release from VMworld.

But our story is far from over.

The acquisition marked VMware’s official entry into the ADC (Application Delivery Controller) space. The Avi team, which remains intact, is at the helm of delivering the world’s leading software-defined load balancing solution for VMware — both as a standalone platform for on-prem and multi-cloud environments and as an integrated VMware NSX solution.

We originally founded Avi Networks because we believed that the traditional ADC industry had failed its customers. Hardware and virtual appliances are rigid, cumbersome, and offer little automation or application insight. As enterprises re-architect applications as microservices, re-define the data center through software, and re-build infrastructure as hybrid and multi-cloud environments, ADC appliances work against the goals of modernizing enterprises.

This belief is shared by hundreds of the world’s largest companies that have decided to replace load balancing appliances with the Avi solution. VMware also believed this, which is why we are a part of the company today.

Avi re-imagined the ADC as a distributed Continue reading

NSX-T 2.5 – A New Marker on the Innovation Timeline

NSX-T has seen great success in the market for multi-platform network and security use-cases, including automation, multi-cloud adoption, and containers as customers move through the digital transformation initiative. NSX-T is the industry’s only network and security platform delivering a wide range of L2-L7 services, built from the ground up for workloads running on all types of infrastructure – virtual machines, containers, physical servers and both private and public clouds.

This year, we are hyper-focused on innovation, and in bringing transformative capabilities to market through NSX-T, which is the foundation for both our VMware NSX Data Center and NSX Cloud offerings. This release of NSX-T further strengthens our intrinsic security capabilities architected directly into networks and public and private cloud workloads that applications and data live on, reducing the attack surface. This version also keeps up the accelerated pace of innovation we are delivering on for scalability, cloud-native support, and operational simplicity which can accelerate customers’ adoption of a Virtual Cloud Network architecture.

Key Focus Areas in NSX-T 2.5

Launching NSX Intelligence – A Native, Distributed Analytics Engine

Analytics-based policy recommendation and compliance, streamlined security operations

NSX Intelligence is a distributed analytics engine that provides continuous data-center wide visibility Continue reading

Juniper SRX Cluster Failover Tuning

If you check Juniper configuration guide for SRX firewall clustering, there will be a default example of redundancy-group weight values which are fine if you have one Uplink towards outside and multiple inside interfaces on that firewall. set chassis cluster redundancy-group 0 node 0 priority 100 set chassis cluster redundancy-group 0 node 1 priority 1 set chassis cluster redundancy-group 1 node 0 priority 100 set chassis cluster redundancy-group 1 node 1 priority 1 set chassis cluster redundancy-group 1 interface-monitor ge-0/0/5 weight 255 set chassis cluster redundancy-group 1 interface-monitor ge-0/0/4 weight 255 set chassis cluster redundancy-group 1 interface-monitor ge-5/0/5 weight 255

The post Juniper SRX Cluster Failover Tuning appeared first on How Does Internet Work.

NETCONF and RESTCONF Overview

Andrea Dainese decided to describe a series of mechanisms and protocols you can use in network automation. He started with Zero-Touch Provisioning and continued with screen scraping. Next one on his list: NETCONF and RESTCONF

An Introduction to Kubernetes Cluster API

In this post, I’d like to provide a high-level introduction to the Kubernetes Cluster API. The aim of Cluster API (CAPI, for short) is, as outlined in the project’s GitHub repository, “a Kubernetes project to bring declarative, Kubernetes-style APIs to cluster creation, configuration, and management”. This high-level introduction serves to establish some core terminology and concepts upon which I’ll build in future posts about CAPI.

First, let’s start with some terminology:

Bootstrap cluster: The bootstrap cluster is a temporary cluster used by CAPI. It’s used to create a more permanent cluster that is CAPI-enabled (the management cluster). Typically, the bootstrap cluster is created locally using kind (other options are possible), and is destroyed once the management cluster is up and running.

Management cluster: The CAPI-enabled cluster created by the temporary bootstrap cluster is the management cluster. The management cluster is long-lived, is running the CAPI provider components, and understands the CAPI Custom Resource Definitions (CRDs). Typically, users would use the management cluster to create and manage the lifecycle of one or more workload clusters.

Workload cluster: This is a cluster whose lifecycle is managed by CAPI via the management cluster, but isn’t actually CAPI-enabled itself and it doesn’t manage Continue reading

VMware plan elevates Kubernetes to star enterprise status

San Francisco – VMware has announced an initiative that will help make it easier for current vSphere customers to build and manage Kubernetes containers as the platform evolves.The company, at its VMworld customer event, announced VMware Tanzu which is made up of myriad new and existing VMware technologies to create a portfolio of products and services aimed at  enterprises looking to more quickly build software in Kubernetes containers.Learn how to make hybrid cloud work VMware believes that Kubernetes has emerged as the infrastructure layer to accommodate a diversity of applications. VMware says that from 2018 to 2023 – with new tools/platforms, more developers, agile methods, and lots of code reuse – 500 million new logical apps will be created serving the needs of many application types and spanning all types of environments.  To read this article in full, please click here

VMware CEO Sets Lofty Open Source Goals

Mellanox Reveals SmartNICs With 200 Gb/s Connectivity

Habana Takes Training And Inference Down Different Paths

Processor hardware for machine learning is in their early stages but it already taking different paths. …

Habana Takes Training And Inference Down Different Paths was written by Michael Feldman at .