Juniper advances network automation community, skillsets

Juniper is positioning the company to be an evangelist for network automation by announcing applications, tools, labs and libraries that it says will hasten adoption the technology for businesses and network professionals.The inherent role of automation is to reduce the daily toil of repetitive tasks that lead to mistakes. It also provides guardrails to ensure service-level agreement guarantees. SLAs and reliability are not left to caffeine-powered individual heroics, but are achieved through well-trained automation heroes, also known as network reliability engineers (NRE), wrote Juniper CTO and vice president, Bikash Koley in a blog about the announcement. To read this article in full, please click here

Worth Watching: Machine Learning in a Nutshell

This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.

What could be better than an SDN product to bring you closer to a networking nirvana? You guessed it – an SDN product using machine learning.

Want to have some fun? The next time your beloved $vendor rep drops by trying to boost his bonus by persuading you to buy the next-generation machine-learning tool his company just released, invite him to watch James Mickens’ Usenix Security Symposium keynote with you.

Read more ...

Training the next generation of network engineers in Kyrgyzstan

The Internet Society in conjunction with Packet Clearing House (PCH), our Kyrgyzstan Chapter (ISOC-KG) and the CAREN Project organised a BGP and Peering capacity building workshop on 3-7 September 2018 in Bishkek, Kyrgyzstan. This five-day workshop was aimed at training engineers for the existing KG-IX Internet Exchange in the capital Bishkek, but also for the prospective Ferghana Valley Internet Exchange being established in the southern city of Osh.

The workshop was led by Nishal Goburdhan who’s an Internet Analyst at PCH, a non-profit organisation that builds and support IXPs around the world. He was assisted by myself (Kevin Meynell), with the workshop being hosted by the National Academy of Sciences of the Republic of Kyrgyzstan.

The workshop was comprised of a mix of lectures and hands-on lab work to teach the skills required for interconnecting networks on the Internet, and participating in an Internet Exchange. It commenced with Internet address planning using both IPv4 and IPv6, followed by setting-up OSPF on different internal networks, then interconnecting those using BGP and applying routing policy and filtering. The workshop concluded with how to set-up an IXP and discuss current best practices for peering.

Twelve participants attended the workshop, drawn from the incumbent Continue reading

BrandPost: Discover the Four Key Capabilities for Better IT Management

Management has always struggled how to optimize and oversee IT resources, tasks and operations. This challenge is becoming more complex due to “digital disruption”. As a result less tech-savvy companies are more likely to fall behind the competition and not able to attract top talent.Most of the times it is not that managers do not see the dangers of digital disruption coming. They do understand the challenges as well as the opportunities, and they know the competition sees them as well. Unfortunately, top management decisions often tend to focus on who is responsible for IT and where IT should be located, rather than the how.Generally, the assumption is that the right people will do the right work, either internally or in another company. However, this assumption is flawed. In that regard, an important reminder is that digital transformation is more about how companies do things, and less about who or where those tasks are performed. Digital disruption changes entire industries so fast that companies lack a structured process or the capabilities to handle it. IT management should offer not only the resources (people and equipment), but also the processes and capabilities to eliminate the risks, tackle the problems Continue reading

Introducing Single Sign-On for the Cloudflare Dashboard

Introducing Single Sign-On for the Cloudflare DashboardIntroducing Single Sign-On for the Cloudflare Dashboard

The Challenge of Managing User Access to SaaS Applications

As the  number of SaaS services people use everyday grows, it has become more challenging to juggle the number of password and multi-factor authentication combinations users have to keep track of to get online.

Adopting identity services have allowed companies to centralize employee authentication. With Cloudflare Access, companies can ensure employees use a company managed identity provider when accessing websites behind Cloudflare. Last week, Sam published a blog on how Cloudflare has made it easier to connect Cloudflare Access to the Atlassian suite of tools.

Since Cloudflare has simplified access control for corporate applications, many enterprise customers have commonly asked for the ability to extend the same ease of access and control to the Cloudflare dashboard itself.

Single Sign-On for the Cloudflare Dashboard

Today, we are announcing support for enterprise customers to use single sign-on (SSO) through their identity provider to access the Cloudflare dashboard.

Cloudflare is a critical piece of infrastructure for customers, and SSO ensures that customers can apply the same authentication policies to access the Cloudflare dashboard as other critical resources.

Introducing Single Sign-On for the Cloudflare Dashboard


Once onboarded for SSO, all company user logins to the Cloudflare dashboard redirect to the customer’s identity provider. Once all required authentication checks complete successfully, the user is seamlessly redirected back to dash.cloudflare.com and logged in.

Leveraging Access & Workers to Build SSO

At Cloudflare, we  dogfood our own services as both a way to make them better for our customers and to make developing new services more efficient and robust. With SSO, this is no different. Authentication configurations are managed through Access, which allows us to launch with support for the same identity providers available in Access today, including SAML.

Cloudflare is 8 years old and we built our user authentication system way before Cloudflare Access existed. In order to connect Access to our existing authentication system, we built a Cloudflare Worker that converts Access authentication tokens to our own authentication tokens. This greatly simplified the code changes required in our system, and results in faster SSO logins because the Worker runs at the network edge and reduces the number of round trips required to authenticate users.

In addition to leveraging Cloudflare services to build Single Sign-On, we are moving all Cloudflare employees to use SSO through our existing G Suite setup. This ensures Cloudflare can uniformly enforce multi-factor authentication policies for the services we protect with Cloudflare itself.

How to Start using SSO for the Cloudflare Dashboard

Cloudflare Enterprise customers can reach out to their Customer Success Manager to learn how to start using SSO to log-in to the Cloudflare dashboard. If you are interested in using SSO yourself and becoming a Cloudflare Enterprise customer, then please get in touch.

A Tour Inside Cloudflare’s G9 Servers

A Tour Inside Cloudflare's G9 Servers

Cloudflare operates at a significant scale, handling nearly 10% of the Internet HTTP requests that is at peak more than 25 trillion requests through our network every month. To ensure this is as efficient as possible, we own and operate all the equipment in our 154 locations around the world in order to process the volume of traffic that flows through our network. We spend a significant amount of time specing and designing servers that makes up our network to meet our ever changing and growing demands. On regular intervals, we will take everything we've learned about our last generation of hardware and refresh each component with the next generation…

If the above paragraph sounds familiar, it’s a reflecting glance to where we were 5 years ago using today’s numbers. We’ve done so much progress engineering and developing our tools with the latest tech through the years by pushing ourselves at getting smarter in what we do.

Here though we’re going to blog about muscle.

Since the last time we blogged about our G4 servers, we’ve iterated one generation each of the past 5 years. Our latest generation is now the G9 server. From a G4 server comprising 12 Intel Continue reading

1 1,383 1,384 1,385 1,386 1,387 3,785