Introducing NSX-T 2.4 – A Landmark Release in the History of NSX

In February 2017, we introduced VMware NSX-T Data Center to the world. For years, VMware NSX for vSphere had been spearheading a network transformation journey with a software-defined, application-first approach. In the meantime, as the application landscape was changing with the arrival of public clouds and containers, NSX-T was being designed to address the evolving needs of organizations to support cloud-native applications, bare metal workloads, multi-hypervisor environments, public clouds, and now, even multiple clouds.

Today, we are excited to announce an important milestone in this journey – the NSX-T 2.4 release. This fourth release of NSX-T delivers advancements in networking, security, automation, and operational simplicity for everyone involved – from IT admins to DevOps-style teams to developers. Today, NSX-T has emerged as the clear choice for customers embracing cloud-native application development, expanding use of public cloud, and mandating automation to drive agility.

Let’s take a look at some of the new features in NSX-T 2.4:

 

Operational Simplicity: Easy to Install, Configure, Operate

What if delivering new networks and network services was as easy as spinning up a workload in AWS? In keeping with the ethos that networking can be made easier, over the past few releases, we Continue reading

More Thoughts on Vendor Lock-In and Subscriptions

Albert Siersema sent me his thoughts on lock-in and the recent tendency to sell network device (or software) subscriptions instead of boxes. A few of my comments are inline.

Another trend in the industry is to convert support contracts into subscriptions. That is, the entrenched players seem to be focusing more on that business model (too). In the end, I feel the customer won't reap that many benefits, and you probably will end up paying more. But that's my old grumpy cynicism talking :)

While I agree with that, buying a subscription instead of owning a box (and deprecating it) also makes it easier to persuade the bean counters to switch the gear because there’s little residual value in existing boxes (and it’s easy to demonstrate total-cost-of-ownership). Like every decent sword this one has two blades ;)

Read more ...

GAN dissection: visualizing and understanding generative adversarial networks

GAN dissection: visualizing and understanding generative adversarial networks Bau et al., arXiv’18

Earlier this week we looked at visualisations to aid understanding and interpretation of RNNs, today’s paper choice gives us a fascinating look at what happens inside a GAN (generative adversarial network). In addition to the paper, the code is available on GitHub and video demonstrations can be found on the project home page.

We’re interested in GANs that generate images.

To a human observer, a well-trained GAN appears to have learned facts about the objects in the image: for example, a door can appear on a building but not on a tree. We wish to understand how a GAN represents such a structure. Do the objects emerge as pure pixel patterns without any explicit representation of objects such as doors and trees, or does the GAN contain internal variables that correspond to the objects that humans perceive? If the GAN does contain variables for doors and trees, do those variables cause the generation of those objects, or do they merely correlate? How are relationships between objects represented?

The basis for the study is three variants of Progressive GANs trained on LSUN scene datasets. To understand what’s going Continue reading

Re-Introducing VMware AppDefense, Part I – Application Security in Virtualized and Cloud Environments

This blog will be part of a series where we start off with a basic re-introduction of VMware AppDefense and then progressively get into integrations, best practices, mitigating attacks and anomaly detection with vSphere Platinum, vRealize Log Insight, AppDefense and NSX Data Center. Before we get into the meat of things, let’s level-set on a few core principles of what VMware believes to be appropriate cyber hygiene. The full white paper can be viewed here.

  1. Follow a least privileged model
    • The principle of least privilege is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function. For example, a user account created for pulling records from a database doesn’t need admin rights, while a programmer whose main function is updating lines of legacy code doesn’t need access to financial records. The principle of least privilege can also be referred to as the principle of minimal privilege (POMP) or the principle of least authority (POLA). Following the principle of least privilege is considered a best practice in information security.
    • The least privilege model works by allowing only enough access to perform the required job. In an IT environment, adhering to Continue reading

Western Digital launches SSDs for different enterprise use cases

Last week I highlighted a pair of ARM processors with very different use cases, and now the pattern repeats as Western Digital, a company synonymous with hard-disk technology, introduces a pair of SSDs for markedly different use.The Western Digital Ultrastar DC SN630 NVMe SSD and the Western Digital CL SN720 NVMe SSD both sport internally developed controller and firmware architectures, 64-layer 3D NAND technology and a NVMe interface, but that’s about where they end.To read this article in full, please click here

What to know about planning mobile edge systems (MEC)

Mobile edge computing (MEC) is a network architecture that supports compute, analytics and storage capacity at the edge of the network, and proponents say it provides substantial performance benefits for applications requiring low latency, especially IoT applications.To read this article in full, please click here(Insider Story)

Stretching GPU Database Performance With Flash Arrays

For the past decade, flash has been used as a kind of storage accelerator, sprinkled into systems here and crammed into bigger chunks there, often with hierarchical tiering software to make it all work as a go-between that sits between slower storage (or sometimes no other tier of storage) and either CPU DRAM or GPU HBM or GDDR memory.

Stretching GPU Database Performance With Flash Arrays was written by Timothy Prickett Morgan at .

Webinar: How the Internet Really Works

I’m doing a live webinar at Safari Books Online on March 15thabout the operation of the ‘net—

This live training will provide an overview of the systems, providers, and standards bodies important to the operation of the global Internet, including the Domain Name System (DNS), the routing and transport systems, standards bodies, and registrars.

You can register here.

Upgrade Scripts

We need to do “upgrades in the network” is one of those phrases that chills the bones of all IT engineers. Upgrades don’t have to be so painful and in this blog, we’re going to discuss the upgrade process recommended by Cumulus and leave you with some example automation to make the process as efficient as possible.

Upgrades are necessary to maintain stable and secure code but bring the risk of new bugs and sustained outages due to unforeseen circumstances, and they’re generally not very easy to perform. Anyone who has worked network operations knows that upgrade windows could run as quickly as an hour or as long as all night (and maybe for the next three nights). Even as I write this I am remembering experiences from upgrade windows of old where things did not go according to plan. But before we get into the specifics of the upgrade process with Cumulus, it is worth discussing why upgrades in the network are so fraught with peril.

DISCLAIMER: Rant Incoming

The biggest impediment to network upgrades is complexity. When we say complexity we mean the conscious choice to add complexity into the design of the network that most folks undertake Continue reading

The Serverlist Newsletter 2nd Edition: Available Now

The Serverlist Newsletter 2nd Edition: Available Now

Check out our second edition of The Serverlist below. Get the latest scoop on the serverless space, get your hands dirty with new developer tutorials, engage in conversations with other serverless developers, and find upcoming meetups and conferences to attend.

Sign up below to have The Serverlist sent directly to your mailbox.

Linux security: Cmd provides visibility, control over user activity

There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here

1 1,307 1,308 1,309 1,310 1,311 3,848