SD-WAN can help solve challenges of multi-cloud

With SD-WAN becoming remote users’ primary access to cloud-based applications, and with organizations deploying multi-cloud environments to optimize performance, it’s important for IT pros to choose SD-WAN technology that supports secure, low-latency and easy-to-manage connectivity to their cloud providers.To read this article in full, please click here(Insider Story)

SD-WAN can help solve challenges of multi-cloud

With SD-WAN becoming remote users’ primary access to cloud-based applications, and with organizations deploying multi-cloud environments to optimize performance, it’s important for IT pros to choose SD-WAN technology that supports secure, low-latency and easy-to-manage connectivity to their cloud providers.To read this article in full, please click here(Insider Story)

Operating Cisco ACI the Right Way

This is a guest blog post by Andrea Dainese, senior network and security architect, and author of UNetLab (now EVE-NG) and  Route Reflector Labs. These days you’ll find him busy automating Cisco ACI deployments.


In this post we’ll focus on a simple question that arises in numerous chats I have with colleagues and customers: how should a network engineer operate Cisco ACI? A lot of them don’t use any sort of network automation and manage their Cisco ACI deployments using the Web Interface. Is that good or evil? As you’ll see we have a definite answer and it’s not “it depends”.

Read more ...

BrandPost: Top Ten Reasons to Think Outside the Router #4: Broadband is Used Only for Failover

Continuing our homage to the iconic David Letterman Top Ten List from his former Late Show, Silver Peak is counting down the Top Ten Reasons to Think Outside the Router. Click for the #5, #6, #7, #8, #9 and #10 reasons to replace conventional branch routers with a business-driven SD-WAN platform.To read this article in full, please click here

IBM Cloud Internet Services protects any cloud – now with Cloudflare Spectrum and Workers

At Cloudflare, we have an ambitious mission of helping to build a better Internet. Partnerships are a core part of how we achieve this mission. Last year we joined forces with IBM. Their expertise and deep relationships with the world's largest organizations are highly complementary with Cloudflare's cloud-native, API-first architecture that provides superior security, performance, and availability for Internet-facing workloads.  Our shared goal of enabling and supporting a hybrid and multi-cloud world is becoming a greater component of our combined message to the market.

As we prepare for the IBM Think customer conference in San Francisco this week, the Cloudflare team is excited about the opportunities ahead. We closed 2018 with momentum, bringing several of the world’s leading brands onto the Cloud Internet Services (CIS) platform in 2018. Customers have used CIS for several purposes, including:

  • The CIS Global Load Balancer provides high availability across IBM Cloud regions for customers in Europe, North America, and Latin America
  • CIS caching capabilities have ensured availability and performance for world spectator events with high traffic spikes
  • The CIS authoritative DNS delivers greater availability and performance for Internet-facing workloads supporting thousands of developers

At Think, please visit Cloudflare at our booth (#602). In addition, Continue reading

Learn to Code?

A long, long time ago, in a galaxy far away, I went to school to learn art and illustration. In those long ago days, folks in my art and illustration classes would sometimes get into a discussion about what, precisely, to do with an art degree. My answer was, ultimately, to turn it into a career building slides and illustrations in the field of network engineering. ? And I’m only half joking.

The discussion around the illustration board in those days was whether it was better to become an art teacher, or to focus just on the art and illustration itself. The two sides went at it hammer and tongs over weeks at a time. My only contribution to the discussion was this: even if you want to be the ultimate in the art world, a fine artist, you must still have a subject. While much of modern art might seem to be about nothing much at all, it has always seemed, to me, that art must be about something.

This week I was poking around one of the various places I tend to poke on the ‘net and ran across this collage. Click to see the full image.

Get the Continue reading

Red Hat announces container flaw CVE-2019-5736

Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here

Red Hat announces container flaw CVE-2019-5736

Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here

Red Hat announces container flaw CVE-2019-5736

Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here