On the ‘net: FDDI
Token Ring, in its original form, was clearly a superior technology. For instance, because of the token passing capabilities, it could make use of more than 90% of the available bandwidth. In contrast, Ethernet systems, particularly early Ethernet systems used a true “single wire” broadcast domain. The Fiber Distributed Data Interface (FDDI), is like Token Ring in many ways.
NFV Equipment and Software to Top $48B by 2023, Ovum Says
Although Tier 1 operators are leading the way with NFV, the research firm says that it believes smaller operators will begin to see the benefits as well.
Nuage Networks SD-WAN 2.0 Brings Connectivity Beyond Branches
SD-WAN 2.0 takes into account the new requirements of IT and new enterprise communication patterns to spread SD-WAN across multiple locations and clouds, says Nuage CEO Sunil Khandekar.
Google Rounds Out Insight into TPU Architecture and Inference
This week we have heard much about the inference side of the deep learning workload, with a range of startups emerging at the AI Hardware Summit. …
Google Rounds Out Insight into TPU Architecture and Inference was written by Nicole Hemsoth at .
Announcing general availability of VMware NSX-T Data Center 2.3.0
With this release, NSX-T 2.3 continues to enable VMware’s vision of delivering consistent, pervasive connectivity and intrinsic security for applications and data across any environment. These new advancements help customers implement a more secure, end-to-end software-based network architecture – a Virtual Cloud Network – that supports their multi-cloud enterprises and advanced security in new and compelling ways.
NSX-T Data Center 2.3 extends advanced multi-cloud networking and security capabilities to AWS, in addition to Microsoft Azure and on-premises environments, and adds support for bare metal hosts as well.
Here are a few highlighted features among what’s new in this release.
Extending NSX-T Data Center support for Bare-Metal
NSX-T Data Center 2.3 introduces support for bare metal hosts, in addition to hypervisor and container environments. This includes Linux-based workloads running on bare-metal servers, as well as containers running on bare-metal servers without a hypervisor. To support this new capability, NSX-T leverages the Open vSwitch, allowing any Linux host to be an NSX-T transport node.
Bare-Metal Server Support
This release introduces support for Bare-Metal native compute workloads running RHEL 7.4, 7.5, CentOS 7.4, and Ubuntu 16.0.4 operating systems that allows users to network Bare-Metal compute Continue reading
How do you explain the unreasonable effectiveness of cloud security?
With the enormous attack surface of cloud providers like AWS, Azure, and GCP, why aren't there more security problems? Data breaches and cyber attacks occur daily. How do you explain the unreasonable effectiveness of cloud security?
Google has an ebook on their security approach; Microsoft has some web pages. Both are the equivalent of that person who is disgustingly healthy and you ask them how they do it and they say "I don't know. I just eat right, exercise, and get plenty of sleep." Not all that useful. Most of us want a hack, a trick to good health. Who wants to eat right?
I'm sure Amazon also eats right, exercises, and gets plenty of sleep (probably not the people who work there), but AWS also has a secret that when that disgustingly healthy person starts talking about at a party, you just can't help leaning in and listening.
What's the trick to 6-pack security? Proving systems correct. Does your datacenter do that? I didn't think so. AWS does.
Dr. Byron Cook gave an enthusiastic talk on Formal Reasoning about the Security of Amazon Web Service. He's clearly excited about finally applying his research in a Continue reading
Datanauts 147: What’s Your Private Cloud Strategy?
On today’s Datanauts podcast, we break down what it takes to build out a private cloud on your premises. Our guest is Rita Younger, National Practice Lead SDDC / SDN and Technical Innovation Group at CDW.
The post Datanauts 147: What’s Your Private Cloud Strategy? appeared first on Packet Pushers.
Trump and Peekaboo: Hackers Target Political Malware, Surveillance Software
McAfee says Presidents Trump and Obama have malware campaigns named after them. Tenable discloses a flaw that could affect hundreds of thousands of security cameras globally.
Windows Server 2008 Cutoff: How Docker Enterprise Cures Migration Headaches
The coming end-of-support for Windows Server 2008 is the perfect opportunity for IT organizations to tap Docker Enterprise to modernize and secure legacy applications while saving millions in the process.
THE END IS NIGH (FOR WINDOWS SERVER 2008)
The coming end-of-support for Windows Server 2008 in January 2020 leaves IT organizations with a few viable options: migrate to a supported operating system (OS), rehost in Azure, or pay for an extended support contract (up to 75% of the license fee per year) to receive security updates beyond the cut-off date. The option of doing nothing (running applications on unsupported OS versions) is a non-starter for the vast majority of businesses, as this poses a significant security and compliance risk. We saw the impact of this last year when a massive ransomware attack that affected nearly 100 countries spread by targeting end-of-life and unpatched systems.
THE APPLICATION MIGRATION MIGRAINE
Upgrading will be no small feat as roughly 80% of all enterprise applications run on Windows Server. Of those applications, 70% still run on Windows Server 2008 or earlier versions*. Migrating all of these critical applications to a supported version of Windows Server is painful and costly, due to rigid legacy Continue reading
Episode 35 – Do You Really Need Good Engineers?
IT staffing budgets are shrinking and consequently many organizations are forgoing having strong engineering talent on staff. In this episode we explore the dynamics of staffing good engineers and whether or not it’s possible to remove that cost in modern networks.
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Episode 35 – Do You Really Need Good Engineers? appeared first on Network Collective.
Dell EMC’s Shatzkamer Outlines How Service Providers Should Prepare for Digital Transformation
The modern service provider is embracing technologies that were once used only by enterprise IT.
We’ve Added a New Cisco CCNA Certification Course To Our Library!
Tune into Gabe Rivas’s most recent course release, Network Foundation Protection: Management Plane, the second in a series of eight CCNA security courses.
Network Foundation Protection is a security framework that provides with strategies to protect three functional areas of a device: Management Plane, Control Plane, and Data plane. In this Course we will focus on the management plane functionality and we will look at ways to protect and secure management access to network devices. We will compare the Pros and Cons of using an in-band vs an out-of-band management network and we will learn how to use network management protocols such as SNMP, NTP, SCP, RADIUS, TACACS+, Telnet, SSH, HTTP, and HTTPS to name a few. We will also learn the difference between the Cisco ACS and ISE servers and configure TACACS+ on ISE and an IOS device to provide with AAA for device administration. As a bonus, we will look at commonly used tools that can help you determine Cisco product vulnerabilities, best recommended software, and how to search bugs.
Prerequisites
If this was a single course covering the entire CCNA Security blueprint, the pre-requisite would have been the CCENT Certification or equivalent knowledge. Since this is Continue reading
Learning by Doing: Have You Heard of the Suusamyr Community Network in Kyrgyzstan?
Last week, the Internet Society together with our Kyrgyz chapter and the wider local community held discussions about Internet connectivity in remote areas in Bishkek, Kyrgyzstan. Approximately 35% of the Kyrgyz population use the Internet (ITU data, 2017) and most users are located in cities and urban areas.
In cooperation with its Kyrgyz chapter, the Internet Society is piloting the community networks approach in the village of Suusamyr, located some 150 kilometers south of the capital city Bishkek. We had an opportunity to visit this village of about 4000 people, tucked away in a wide valley surrounded by high mountains. The economic activity revolves around farming, horse and cattle keeping, and tourism.
While the final phase of the Suusamyr community network is still under implementation, we can already draw some lessons learnt from the preparatory and testing phases.
Partnerships
As a starting point, the Internet Society Kyrgyz chapter consolidated a partnership with the government, Internet Service Providers (ISP), and the local community in Suusamyr. The Kyrgyz government saw the opportunity for local economic development. Two ISPs agreed to lease their existing backbone infrastructure to connect the last mile. And most importantly, the local community embraced this initiative with a Continue reading
38 – DCNM 11 and VXLAN EVPN Multi-site
Hot networks served chilled, DCNM style
When I started this blog for Data Center Interconnection purposes some time ago, I was not planning to talk about network management tools. Nevertheless, I recently tested DCNM 11 to deploy an end-to-end VXLAN EVPN Multi-site architecture, hence, I thought about sharing with you my recent experience with this software engine. What pushed me to publish this post is that I’ve been surprisingly impressed with how efficient and time-saving DCNM 11 is in deploying a complex VXLAN EVPN fabric-based infrastructure, including the multi-site interconnection, while greatly reducing the risk of human errors caused by several hundred required CLI commands. Hence, I sought to demonstrate the power of this fabric management tool using a little series of tiny videos, even though I’m usually not a fan of GUI tools.
To cut a long story short, if you are not familiar with DCNM (Data Center Network Manager), DCNM is a software management platform that can run from a vCenter VM, a KVM machine, or a Bare metal server. It focuses on Cisco Data Center infrastructure, supporting a large set of devices, services, and architecture solutions. It covers multiple types of Data Center Fabrics; from the Storage Continue reading
RPKI and BGP: our path to securing Internet Routing
This article will talk about our approach to network security using technologies like RPKI to sign Internet routes and protect our users and customers from route hijacks and misconfigurations. We are proud to announce we have started deploying active filtering by using RPKI for routing decisions and signing our routes.
Back in April, articles including our blog post on BGP and route-leaks were reported in the news, highlighting how IP addresses can be redirected maliciously or by mistake. While enormous, the underlying routing infrastructure, the bedrock of the Internet, has remained mostly unsecured.
At Cloudflare, we decided to secure our part of the Internet by protecting our customers and everyone using our services including our recursive resolver 1.1.1.1.
From BGP to RPKI, how do we Internet ?
A prefix is a range of IP addresses, for instance, 10.0.0.0/24, whose first address is 10.0.0.0 and the last one is 10.0.0.255. A computer or a server usually have one. A router creates a list of reachable prefixes called a routing table and uses this routing table to transport packets from a source to a destination.
On the Internet, network Continue reading