The Song Remains The Same

RedHat-IBM-Announcement

Now that Red Hat is a part of IBM, some people may wonder about the future of the Ansible project. Here is the good news: the Ansible community strategy has not changed.

As always, we want to make it as easy as possible to work with any projects and communities who want to work with Ansible. With the resources of IBM behind us, we plan to accelerate these efforts. We want to do more integrations with more open source communities and more technologies.

One of the reasons we are excited for the merger is that IBM understands the importance of a broad and diverse community. Search for “Ansible plus <open source project>” and you can find Ansible information, such as playbooks and modules and blog posts and videos and slide decks, intended to make working with that project easier. We have thousands of people attending Ansible meetups and events all over the world. We have millions of downloads. We have had this momentum because we provide users flexibility and freedom. IBM is committed to our independence as a community so that we can continue this work.

We’ve worked hard to be good open source citizens. We value the trust Continue reading

Network Break 243: Zoom Changes Tone On Security Vulnerabilities; Cisco Spends $2.6 Billion For Acacia

Today's Network Break analyzes Zoom's change of course on security vulnerabilities, discusses the reasons behind Cisco's multibillion acquisition of Acacia, examines IBM's closing of its Red Hat purchase, and more tech news.

The post Network Break 243: Zoom Changes Tone On Security Vulnerabilities; Cisco Spends $2.6 Billion For Acacia appeared first on Packet Pushers.

The Week in Internet News: Amazon, Microsoft Look to Expand Internet Access

More access, please: Two large tech companies have announced plans to expand Internet access. First, Microsoft and Ohio-based telecom firm Watch Communications have announced an agreement to extend broadband service to underserved areas in Ohio, Indiana, and Illinois, the Associated Press reports, via the Jacksonville Journal Courier. The project is part of Microsoft’s Airband Initiative, an effort to expand service across the U.S.

Look to the sky: Secondly, Amazon has asked the U.S. Federal Communications Commission for permission to launch more than 3,200 satellites, with plans to launch a global broadband network, Smart Cities Dive says. The Amazon plan would target underserved areas across the globe as well as aircraft, ships, and submarines.

That’s a long time without service: More than 350 Internet shutdowns during the last three years have caused the equivalent of 15 years of lost access, The Telegraph reports. About two-third of those shutdowns were in India, and protests or political instability were the reasons for the government actions, according to a report from Access Now.

Warning shot: Two companies, British Airways and Marriott, are facing nine-figure fines (in U.S. dollars) under the European Union’s General Data Protection Regulation for past data breaches Continue reading

Service-defined Firewall Benchmark and Solution Architecture

Today we are happy to introduce the Service-defined Firewall Validation Benchmark report and Solution Architecture document. Firewalls and firewalling technology have come a very long way in thirty years. To understand how VMware is addressing the demands of modern application frameworks, while addressing top concerns for present day CISO’s, let’s take a brief look at the history of this technology.

 

A Brief Firewall History

Over time, the network firewall has grown up, from initially being very basic to more advanced with the inclusion of additional features and functionality. The network firewall incrementally incorporated increasingly complex functionality to address many threats in the modern security landscape.

While the network firewall initially progressed rapidly to keep pace with the development of network technology and rapid evolution of network threat vectors, over the past decade there has been very little in terms of innovation in this space. The requirements of next-generation (NGFW) haven’t changed tremendously since its late 2000’s introduction to the market, and with the uptick in adoption of modern micro-services based architectures into the modern enterprise, applications are becoming more and more distributed in nature, with growing scale and security concerns around the ephemeral nature of the infrastructure.

Micro-services, which Continue reading

Data Shapley: equitable valuation of data for machine learning

Data Shapley: equitable valuation of data for machine learning Ghorbani & Zou et al., ICML’19

It’s incredibly difficult from afar to make sense of the almost 800 papers published at ICML this year! In practical terms I was reduced to looking at papers highlighted by others (e.g. via best paper awards), and scanning the list of paper titles looking for potentially interesting topics. For the next few days we’ll be looking at some of the papers that caught my eye during this process.

The now somewhat tired phrase “data is the new oil” (something we can consume in great quantities to eventually destroy the world as we know it???) suggests that data has value. But pinning down that value can be tricky – how much is a given data point worth, and what framework can we use for thinking about that question?

As data becomes the fuel driving technological and economic growth, a fundamental challenge is how to quantify the value of data in algorithmic predictions and decisions…. In this work we develop a principled framework to address data valuation in the context of supervised machine learning.

One of the nice outcomes is that once you’ve understood Continue reading

BrandPost: The Latest in Innovation in the SD-WAN Managed Services Market

As enterprisesincreasingly focus on improving network performance to support applications and deliver a better customer experience, SD-WAN solutions are in the spotlight. One of the key components of providing ongoing IT support is ensuring that networks have the agility needed to adapt to changing business priorities at speed.In one recent IDG survey, 91% of enterprises that implemented SD-WAN technologies saw an increase in network speed. SD-WAN managed services have come to the forefront as a choice that allows enterprises to capture the benefits of SD-WAN, along with the expertise to make the most of the technology. Solutions offer access to the knowledge needed to design, deploy and manage SD-WAN networks, while letting the enterprise maintain visibility and control as desired.To read this article in full, please click here

Arista BGP FlowSpec


The video of a talk by Peter Lundqvist from DKNOG9 describes BGP FlowSpec, use cases, and details of Arista's implementation.

FlowSpec for real-time control and sFlow telemetry for real-time visibility is a powerful combination that can be used to automate DDoS mitigation and traffic engineering. The article, Real-time DDoS mitigation using sFlow and BGP FlowSpec, gives an example using the sFlow-RT analytics software.

EOS 4.22 includes support for BGP FlowSpec. This article uses a virtual machine running vEOS-4.22 to demonstrate how to configure FlowSpec and sFlow so that the switch can be controlled by an sFlow-RT application (such as the DDoS mitigation application referenced earlier).

The following output shows the EOS configuration statements related to sFlow and FlowSpec:
!
service routing protocols model multi-agent
!
sflow sample 16384
sflow polling-interval 30
sflow destination 10.0.0.70
sflow run
!
interface Ethernet1
   flow-spec ipv4 ipv6
!
interface Management1
   ip address 10.0.0.96/24
!
ip routing
!
router bgp 65096
   router-id 10.0.0.96
   neighbor 10.0.0.70 remote-as 65070
   neighbor 10.0.0.70 transport remote-port 1179
   neighbor 10.0.0.70 send-community extended
   neighbor 10.0.0.70 maximum-routes 12000 
   !
   address-family flow-spec ipv4
      neighbor 10.0.0.70  Continue reading
1 1,179 1,180 1,181 1,182 1,183 3,832