Context-aware Micro-segmentation with NSX-T 2.4

With last’s week landmark release of NSX-T 2.4,  and the RSA conference in full swing,  this is the perfect time to talk about to some of the new security functionality we are introducing in NSX-T 2.4.

If you prefer seeing NSX-T in action, you can watch this demo which covers Layer 7 application identity, FQDN Filtering and Ientity Firewall. Or if you are around at RSAC in San Francisco this week, swing by the VMware booth. 

Micro-segmentation has been one of the key reasons why our customers deploy NSX. With Micro-segmentation, NSX enables organizations to implement a  zero-trust network security model  in their on-premise datacenter as well as in the cloud and beyond.  A key component making Micro-segmentation possible is the Distributed Firewall, which is deployed at the logical port of every workload allowing the most granular level of enforcement, regardless of the form factor of that workload – Virtual Machine – Container – Bare Metal Server or where that workload resides – On Premise – AWS -Azure – VMC.

NSX-T 2.4 provides significant new security features and functionality such as Context-aware Micro-segmentation, Network (and Security) Intrastructure as Code, E-W Service Insertion and Guest Continue reading

Cumulus content roundup: February

It’s time to officially unveil our Cumulus content roundup- February edition! In case you missed any of the content from the last month we, naturally, have you covered with links to it all below. Dig into the latest and greatest resources and news including two great podcasts that we recommend you queue up and listen to during your commute.

From Cumulus Networks:

How to make CI/CD with containers viable in production: Software-defined infrastructure is no longer a nice to have. It’s an absolute must using modern development approaches, such as CI/CD, containers, etc.

Kernel of Truth season 2 episode 1- EVPN on the host: Guess who’s back? Back again? The real Kernel of Truth is back with season 2 and we’re starting off this season with all things EVPN! This topic is near and dear to Attilla de Groots’ heart having talked about it in his recent blog here. He now joins Atul Patel and our host Brian O’Sullivan to talk more about EVPN on host for multi-tenancy.

BGP: What is it, how can it break, and can Linux BGP fix it?: Border Gateway Protocol is one of the most important protocols on the internet. Linux BGP allows for in-depth monitoring and Continue reading

Diving into Technical SEO using Cloudflare Workers

Diving into Technical SEO using Cloudflare Workers

This is a guest post by Igor Krestov and Dan Taylor. Igor is a lead software developer at SALT.agency, and Dan a lead technical SEO consultant, and has also been credited with coining the term “edge SEO”. SALT.agency is a technical SEO agency with offices in London, Leeds, and Boston, offering bespoke consultancy to brands around the world. You can reach them both via Twitter.

With this post we illustrate the potential applications of Cloudflare Workers in relation to search engine optimization, which is more commonly referred to as ‘SEO’ using our research and testing over the past year making Sloth.

This post is aimed at readers who are both proficient in writing performant JavaScript, as well as complete newcomers, and less technical stakeholders, who haven’t really written many lines of code before.

Endless practical applications to overcome obstacles

Working with various clients and projects over the years we’ve continuously encountered the same problems and obstacles in getting their websites to a point of “technical SEO excellence”. A lot of these problems come from platform restriction at an enterprise level, legacy tech stacks, incorrect builds, and years of patching together various services and infrastructures.

As a team of Continue reading

Silo 2: On-Premise with DevOps

I had a great time stirring up the hornet’s nest with the last post about DevOps, so I figured that I’d write another one with some updated ideas and clarifications. And maybe kick the nest a little harder this time.

Grounding the Rules

First, we need to start out with a couple of clarifications. I stated that the mantra of DevOps was “Move Fast, Break Things.” As has been rightly pointed out, this was a quote from Mark Zuckerberg about Facebook. However, as has been pointed out by quite a few people, “The use of basic principles to enable business requirements to get to production deployments with appropriate coordination among all business players, including line of business, developers, classic operations, security, networking, storage and other functional groups involved in service delivery” is a bit more of definition than motto.

What exactly is DevOps then? Well, as I have been educated, it’s a principle. It’s an idea. A premise, if you will. An ideal to strive for. So, to say that someone is on a DevOps team is wrong. There is no such thing as a classic DevOps team. DevOps is instead something that many other teams do in Continue reading

How blockchain will manage networks

Ethernet networking technology is flawed, say some engineers. The problem is it doesn’t have any inherent security built in to it. Ethernet also hard to manage because it's centralized. It’s out-of-date, and it needs revamping, researchers say.One attempt to address the issue is the Marconi protocol, which is a strategy to shift network and packet management over to a smart contract, decentralized chain-based system. Smart contracts are trackable, verifiable transactions. They’re performed through encrypted blockchains and are self-enforcing.To read this article in full, please click here

How blockchain will manage networks

Ethernet networking technology is flawed, say some engineers. The problem is it doesn’t have any inherent security built in to it. Ethernet also hard to manage because it's centralized. It’s out-of-date, and it needs revamping, researchers say.One attempt to address the issue is the Marconi protocol, which is a strategy to shift network and packet management over to a smart contract, decentralized chain-based system. Smart contracts are trackable, verifiable transactions. They’re performed through encrypted blockchains and are self-enforcing.To read this article in full, please click here

Wireless spectrum shortage? Not so fast

The wireless industry has always had to deal with regular (and alarming) pronouncements that we're somehow running out of radio spectrum. We’re not. But the misconception regardless gives many IT and network managers pause. After all, if the availability, reliability and especially the capacity of wireless were to degrade to the point of a de-facto shortage, the situation would be dire for communications at the edges of both the LAN and WAN.So let’s start putting to rest any conjecture regarding a spectrum shortage and focus on reality: Thanks to a combination of continual advances in wireless technologies, recent enhancements to spectrum regulatory policy, and novel thinking around spectrum allocation, we can be assured that a “spectrum shortage” is, and will remain, an abstract theoretical concept.To read this article in full, please click here

Don’t Throw the Multicloud Out with the Bathwater

https://twitter.com/CTOAdvisor/status/1103034794781429761 https://www.youtube.com/watch?v=wNOA-sPqf80& https://twitter.com/randybias/status/1103713819195408384 https://twitter.com/C_Z_Raisch/status/1103723011037900800 Keith was totally right to push back on the idea that multicloud was about cost optimization. Not only is this a fantasy, it’s also off-brand for most enterprises. In my experience, the enterprise is totally fine paying a premium on what they consider best of breed technology solutions. to me, multicloud isn’t about trying to boil the ocean and build some master plan for world dominance that includes dynamic blah blah blah.

Deutsche Welle Profiles Community Networks Around the World

How can the Internet change lives in rural and remote regions? Deutsche Welle, Germany’s public broadcaster, asks these questions in three stories that explore community networks in Zimbabwe, the Republic of Georgia, and South Africa.

Read about the community networks and listen to their stories!

Murambinda Works started as an Internet café in 2002 in the Buhera District in eastern Zimbabwe. Since then it’s grown to provide training in computer literacy for teachers at nearly 218 primary and secondary schools. Murambinda Works, in partnership with the Internet Society and others, is also working to connect eight schools, one nurse training school, and offices of the Ministry of Education.

Tusheti, a mountainous, isolated region in the Republic of Georgia, had been left unconnected by commercial operators. The Internet Society partnered with its Georgian Chapter and other local organizations to help build access to the Internet, which was completed in 2017. (The Tusheti community network was also profiled in The New York Times.)

The Zenzeleni Network in Mankosi, is one of South Africa’s most economically disadvantaged communities. Zenzeleni – which means “do it yourself” in the local language, isiXhosa – was launched in 2012 to provide affordable voice service Continue reading

1 1,298 1,299 1,300 1,301 1,302 3,848