Introducing CIRCL: An Advanced Cryptographic Library

Introducing CIRCL: An Advanced Cryptographic Library
Introducing CIRCL: An Advanced Cryptographic Library

As part of Crypto Week 2019, today we are proud to release the source code of a cryptographic library we’ve been working on: a collection of cryptographic primitives written in Go, called CIRCL. This library includes a set of packages that target cryptographic algorithms for post-quantum (PQ), elliptic curve cryptography, and hash functions for prime groups. Our hope is that it’s useful for a broad audience. Get ready to discover how we made CIRCL unique.

Cryptography in Go

We use Go a lot at Cloudflare. It offers a good balance between ease of use and performance; the learning curve is very light, and after a short time, any programmer can get good at writing fast, lightweight backend services. And thanks to the possibility of implementing performance critical parts in Go assembly, we can try to ‘squeeze the machine’ and get every bit of performance.

Cloudflare’s cryptography team designs and maintains security-critical projects. It's not a secret that security is hard. That's why, we are introducing the Cloudflare Interoperable Reusable Cryptographic Library - CIRCL. There are multiple goals behind CIRCL. First, we want to concentrate our efforts to implement cryptographic primitives in a single place. This makes it easier Continue reading

Cracks appear in Intel’s grip on supercomputing

It’s June, so it’s that time again for the twice-yearly Top 500 supercomputer list, where bragging rights are established or, in most cases, reaffirmed. The list constantly shifts as new trends appear, and one of them might be a break in Intel’s dominance.Supercomputers in the top 10 list include a lot of IBM Power-based systems, and almost all run Nvidia GPUs. But there’s more going on than that.For starters, an ARM supercomputer has shown up, at #156. Astra at Sandia National Laboratories is an HPE system running Cavium (now Marvell) ThunderX2 processors. It debuted on the list at #204 last November, but thanks to upgrades, it has moved up the list. It won’t be the last ARM server to show up, either.To read this article in full, please click here

Major Updates to Cisco Certifications Part III (CCNP)

What is changing for CCNP? And why?

Some of the problems that existed in the current CCNP were:

  • No way of showing progress until you took all 3 exams and became CCNP certified, usually a 1+ year commitment
  • Needed to pass CCNA before being able to become CCNP certified
  • The certification wasn’t modular and it was a lot of work to update the certification
  • Difficult to stay current with new technologies

Effective 24 February 2020, it will be possible to jump in at CCNP level, meaning that you don’t need to be CCNA certified to become a CCNP.

Instead of taking 3 exams, only 2 exams are needed, one Core exam and one concentration exam. You can take them in any order and you can also keep taking concentration exams to show you have skills in newer technologies such as SD-WAN. These concentration exams will show as badges.

Because the certification is now more modular, it will be easier to keep the certification up to date and to update it as technologies evolve and new ones come to the fore.

Another change is that the RS and Wireless track are now merged into CCNP Enterprise where the Core exam is Continue reading

Impact of Controller Failures in Software-Defined Networks

Christoph Jaggi sent me this observation during one of our SD-WAN discussions:

The centralized controller is another shortcoming of SD-WAN that hasn’t been really addressed yet. In a global WAN it can and does happen that a region might be cut off due to a cut cable or an attack. Without connection to the central SD-WAN controller the part that is cut off cannot even communicate within itself as there is no control plane…

A controller (or management/provisioning) system is obviously the central point of failure in any network, but we have to go beyond that and ask a simple question: “What happens when the controller cluster fails and/or when nodes lose connectivity to the controller?”

Read more ...

Cisco connects with IBM to simplify hybrid-cloud deployment

Cisco and IBM said the companies would meld their data-center and cloud technologies to help customers more easily and securely build and support on-premises and hybrid-cloud applications.Cisco, IBM Cloud and IBM Global Technology Services (the professional services business of IBM) said they will work to develop a hybrid-cloud architecture that melds Cisco’s data-center, networking and analytics platforms with IBM’s cloud offerings. IBM's contribution includea a heavy emphasis on Kubernetes-based offerings such as Cloud Foundry and Cloud Private as well as a catalog of IBM enterprise software such as Websphere and open source software such as Open Whisk, KNative, Istio and Prometheus.To read this article in full, please click here

Cisco connects with IBM to simplify hybrid-cloud deployment

Cisco and IBM said the companies would meld their data-center and cloud technologies to help customers more easily and securely build and support on-premises and hybrid-cloud applications.Cisco, IBM Cloud and IBM Global Technology Services (the professional services business of IBM) said they will work to develop a hybrid-cloud architecture that melds Cisco’s data-center, networking and analytics platforms with IBM’s cloud offerings. IBM's contribution includea a heavy emphasis on Kubernetes-based offerings such as Cloud Foundry and Cloud Private as well as a catalog of IBM enterprise software such as Websphere and open source software such as Open Whisk, KNative, Istio and Prometheus.To read this article in full, please click here

Cisco connects with IBM in to simplify hybrid cloud deployment

Cisco and IBM said the companies would meld their data-center and cloud technologies to help customers more easily and securely build and support on-premises and hybrid-cloud applications.Cisco, IBM Cloud and IBM Global Technology Services (the professional services business of IBM) said they will work to develop a hybrid-cloud architecture that melds Cisco’s data-center, networking and analytics platforms with IBM’s cloud offerings. IBM's contribution includea a heavy emphasis on Kubernetes-based offerings such as Cloud Foundry and Cloud Private as well as a catalog of IBM enterprise software such as Websphere and open source software such as Open Whisk, KNative, Istio and Prometheus.To read this article in full, please click here

Cisco connects with IBM in to simplify hybrid cloud deployment

Cisco and IBM said the companies would meld their data-center and cloud technologies to help customers more easily and securely build and support on-premises and hybrid-cloud applications.Cisco, IBM Cloud and IBM Global Technology Services (the professional services business of IBM) said they will work to develop a hybrid-cloud architecture that melds Cisco’s data-center, networking and analytics platforms with IBM’s cloud offerings. IBM's contribution includea a heavy emphasis on Kubernetes-based offerings such as Cloud Foundry and Cloud Private as well as a catalog of IBM enterprise software such as Websphere and open source software such as Open Whisk, KNative, Istio and Prometheus.To read this article in full, please click here

Network-as-a-Service Part 2 – Designing a Network API

In the previous post, we’ve examined the foundation of the Network-as-a-Service platform. A couple of services were used to build the configuration from data models and templates and push it to network devices using Nornir and Napalm. In this post, we’ll focus on the user-facing part of the platform. I’ll show how to expose a part of the device data model via a custom API built on top of Kubernetes and how to tie it together with the rest of the platform components.

Interacting with a Kubernetes API

There are two main ways to interact with a Kubernetes API: one using a client library, which is how NaaS services communicate with K8s internally, the other way is with a command line tool called kubectl, which is intended to be used by humans. In either case, each API request is expected to contain at least the following fields:

  • apiVersion - all API resources are grouped and versioned to allow multiple versions of the same kind to co-exist at the same time.
  • kind - defines the type of object to be created.
  • metadata - collection of request attributes like name, namespaces, labels etc.
  • spec - the actual payload Continue reading

Tech Bytes: Network Automation In Multi-Vendor Environments With Anuta ATOM (Sponsored)

On today's Tech Bytes we talk with sponsor Anuta Networks about its ATOM network automation software. Guest Kiran Sirupa explains ATOM’s capabilities including low-code automation, network device configurations, compliance checks, telemetry collection, and more.

The post Tech Bytes: Network Automation In Multi-Vendor Environments With Anuta ATOM (Sponsored) appeared first on Packet Pushers.

Cisco issues critical security warnings on SD-WAN, DNA Center

Cisco has released two critical warnings about security issues with its SD-WAN and DNA Center software packages. The worse, with a Common Vulnerability Scoring System rating of 9.3 out of 10, is a vulnerability in its Digital Network Architecture (DNA) Center software that could let an unauthenticated attacker connect an unauthorized network device to the subnet designated for cluster services. More about SD-WAN How to buy SD-WAN technology: Key questions to consider when selecting a supplier How to pick an off-site data-backup method SD-Branch: What it is and why you’ll need it What are the options for security SD-WAN? A successful exploit could let an attacker reach internal services that are not hardened for external access, Cisco stated.  The vulnerability is due to insufficient access restriction on ports necessary for system operation, and the company discovered the issue during internal security testing, Cisco stated.To read this article in full, please click here

Cisco issues critical security warnings on SD-WAN, DNA Center

Cisco has released two critical warnings about security issues with its SD-WAN and DNA Center software packages. The worse, with a Common Vulnerability Scoring System rating of 9.3 out of 10, is a vulnerability in its Digital Network Architecture (DNA) Center software that could let an unauthenticated attacker connect an unauthorized network device to the subnet designated for cluster services. More about SD-WAN How to buy SD-WAN technology: Key questions to consider when selecting a supplier How to pick an off-site data-backup method SD-Branch: What it is and why you’ll need it What are the options for security SD-WAN? A successful exploit could let an attacker reach internal services that are not hardened for external access, Cisco stated.  The vulnerability is due to insufficient access restriction on ports necessary for system operation, and the company discovered the issue during internal security testing, Cisco stated.To read this article in full, please click here

Applications for 2019 Chapterthon Now Open

We’re happy to announce that the call for applications for the 2019 Chapterthon is now open.

Our world is more digitally connected than ever before, yet barriers still remain for the half of the world’s population who are unconnected.

For 2019, Chapterthon projects will help with Connecting the Unconnected. The Internet for everyone, including every last person on the planet, and we won’t rest until each person has the option of choosing to be connected.

Want to take part in this challenge?

We are looking for creative, innovative, and impactful short-term projects from our Chapters and Special Interest Groups (SIGs) that are for the community, with the community, by the community.

Find out how to apply at: https://www.internetsociety.org/grants/chapterthon/2019/

Only one project will be selected per Chapter to participate in this contest. The selected projects then participate in the global Chapterthon contest. The three winning projects will receive an award!

To guide you through this process, we’ve organised an info session on 27 June 2019 at 11:00 UTC.You can register in advance at:
https://isoc.zoom.us/meeting/register/5b0fba421a1ce3737510d14dfea9e911

All other information about the Chapterthon is available here:https://www.internetsociety.org/grants/chapterthon/2019/

Take part  and help us connect the world one community Continue reading

Validation vibes: How we’ve won the praise of customers and employees alike

The success of a company is often defined by two key factors: how your customers feel about you and how your employees feel about you. We’re excited to share that recently we’ve had some great validation by both!

Customer validation

We’re very honored to work with a variety of innovative companies that are breaking the status quo with open networking principles in data centers designed to scale. All of our customers have realized the need for an open, modern data center and are looking to build infrastructure with purpose. From web-scale giants to visionary enterprises, we give them all the ability to build something “EPIC.”

This was recently highlighted when for the second year in a row, our customers have rallied around our vision for the future of data center networking and recognized us as “The Best Data Center Networking 2019” with their reviews through Gartner Peer Insights.

As Gartner puts it, “The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, taking into account both the number of reviews and the overall user ratings.” To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with Continue reading

1 1,206 1,207 1,208 1,209 1,210 3,844