NetworkingNexus.net

Extending the Power of NSX to Bare-metal Workloads

Authors – Sridhar Subramanian and Geoff Wilmington

VMware NSX Data Center was built with the goal of consistent networking and security services independent of changing application frameworks or physical infrastructure. In the last couple of years, NSX Data Center has focused on delivering network and security abstractions for applications on any compute platform. In our journey, we have handled VM’s, containers, cloud, and now we are also looking to help our customers with scenarios where they need a unified experience for bare-metal workloads. The goal being to maintain a consistent security experience regardless of location or platform the workload is running on.

This experience means being able to take any workload, add it to an NSX Data Center Security Group and through the NSX Data Center Distributed Firewall have a consistent policy applied regardless of location and workload type. This consistent approach leverages the NSX DFW capabilities with stateful firewalling for the workloads. This is accomplished outside of using native OS capabilities like IP Tables or Windows Firewall so security admins only need to understand how to apply security through NSX DFW, and not have to understand the myriad of native OS approaches and complexity. By centralizing Continue reading

To Tackle the VPNFilter Botnet, It’s Going to Take Help from You and Me

If you’ve been reading the news lately, you might have seen headlines like “FBI to America: Reboot Your Routers, Right Now” or “F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware”. These headlines can be pretty alarming, and you may find yourself thinking, “things must be pretty bad if the FBI is putting out such an urgent warning.”

Cyber threats are not uncommon, but the good news is that the security community is working around the clock to tackle these threats as early and quickly as possible. Most of the time we do not see all this hard work, nor are we often asked to play a large part in taking down a botnet. But this time, by rebooting our routers, we can help the law enforcement and information security communities to identify infected routers so they can be cleaned up, moving us closer to a permanent fix for a particular kind of malware – VPNFilter.

Here is what happened …

From Discovery to Takedown

On 23 May, 2018, researchers at Cisco’s Talos publicly shared their findings about a large botnet of infected networking devices (home routers) they called “VPNFilter” because of concerns that the Continue reading

Worth Reading: A hard rain is going to fall in public cloud

The public cloud, like Internet service and Internet hosting, is a rich person’s game. If you can’t pony up billions of dollars for infrastructure design, manufacturing, and installation each quarter, then you probably are not going to get the kind of low infrastructure costs that AWS, Google, Microsoft, IBM, and Alibaba can, and therefore you are going to be priced out of the infrastructure cloud. —Timothy Prickett Morgan @The Next Platform

BrandPost: How to Future-proof Your Storage Investments

The emergence of data-heavy applications such as artificial intelligence (AI), machine learning, and the Internet of Things (IoT) has upped the enterprise storage ante. Combined with the data in apps used daily to run the business, the limits of storage are being stretched.Yet having to continually procure storage capacity doesn’t make sense; forward-looking CIOs and IT decision makers must future-proof their investments. Here’s what to consider. Performance Digital business will constantly evolve, meaning organizations will need to deploy applications and services as business needs change or new objectives emerge.To read this article in full, please click here

Connecting the Unconnected: The Land of Zero Connect

As we move to a more digitally-connected world, the need for Internet access has never been greater. In many parts of the world, the Internet has firmly established itself as a core part of everyday life – and this holds true for everyone from kids to adults to senior citizens. Yet, there remain communities and places around the world that are still offline. In some instances, these are probably the hardest locations to connect. And there are many reasons for this – geography and terrain could be one reason, commercial viability of service provision is another, as is affordability – the capacity of the community to pay for devices and Internet connectivity.

In 2010, the Internet Society Asia-Pacific Bureau launched the award-winning Wireless for Communities Programme. This was a pioneering effort that placed the local community front and centre, with its catchphrase – “for the community, with the community, by the community”.

The focus of the programme is to provide Internet access and connectivity to underserved and unserved rural areas in a holistic manner that leads to socioeconomic empowerment. A key component involves developing communities’ capacity to build and operate the wireless network, and at the same time, empowering them Continue reading

Nvidia Takes More Control Of Its GPU Compute Platform

Nvidia got a little taste of hardware, and the company’s top brass have decided that they like having a lot of iron in their financial diet. …

Nvidia Takes More Control Of Its GPU Compute Platform was written by Timothy Prickett Morgan at .

Episode 28 – For the Love of NAT

When it comes to NAT, network engineers love it, they hate it, or the love to hate it. In this episode, Tom Hollingsworth and Nick Buraglio join us to talk about NAT, why it exists, and its continued role in networking.

We would like to thank Core BTS for sponsoring this episode of Network Collective. Core BTS focuses on partnering with your company to deliver technical solutions that enhance and drive your business. If you’re looking for a partner to help your technology teams take the next step, you can reach out to Core BTS by emailing them here.

Nick Buraglio

Guest

Tom Hollingsworth

Guest

Jordan Martin

Co-Host

Eyvonne Sharp

Co-Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post Episode 28 – For the Love of NAT appeared first on Network Collective.

Blockchain, service-centric networking key to IoT success

Connecting and securing the Internet of Things (IoT) should be achieved with a combination of service-centric networking (SCN) along with blockchain, researchers say. `A multi-university, multiple-discipline group led by Zhongxing Ming, a visiting scholar at Princeton University, say IoT’s adoption will face an uphill battle due in part to bottlenecks between potentially billions of devices, along with the mobile nature of much of it.The scientists, who call their IoT architecture Blockcloud, presented their ideas at GENESIS C.A.T., an innovation-in-blockchain technology event recently in Tokyo.To read this article in full, please click here

Don’t Miss Keith Bogart’s Live Webinar! Deciphering Spanning-Tree Technologies

Tune in Tomorrow, May 31st, at 10 am PDT/ 1 pm EDT for a FREE live webinar with expert instructor Keith Bogart (CCIE #4923).

About This Webinar:

Understanding the logic of 802.1d and how it builds a loop-free “tree” is critical to passing any Cisco certification exam. Presented by INE instructor Keith Bogart (CCIE #4923), this session will take you through that logic so that, given any bridged/switched layer-2 network, you can predict what tree will be formed. Ask questions live with an experienced industry expert!

Business-Driven Network Transformation

Understand business requirements before jumping into a network design in order to ensure they're aligned, networking expert says.

Typical EVPN BGP Routing Designs

As discussed in a previous blog post, IETF designed EVPN to be next-generation BGP-based VPN technology providing scalable layer-2 and layer-3 VPN functionality. EVPN was initially designed to be used with MPLS data plane and was later extended to use numerous data plane encapsulations, VXLAN being the most common one.

Design Requirements

Like any other BGP-based solution, EVPN uses BGP to transport endpoint reachability information (customer MAC and IP addresses and prefixes, flooding trees, and multi-attached segments), and relies on an underlying routing protocol to provide BGP next-hop reachability information.

Towards a design philosophy for interoperable blockchain systems

Towards a design philosophy for interoperable blockchain systems Hardjono et al., arXiv 2018

Once upon a time there were networks and inter-networking, which let carefully managed groups of computers talk to each other. Then with a capital “I” came the Internet, with design principles that ultimately enabled devices all over the world to interoperate. Like many other people, I have often thought about the parallels between networks and blockchains, between the Internet, and something we might call ‘the Blockchain’ (capital ‘B’). In today’s paper choice, Hardjono et al. explore this relationship, seeing what we can learn from the design principles of the Internet, and what it might take to create an interoperable blockchain infrastructure. Some of these lessons are embodied in the MIT Tradecoin project.

We argue that if blockchain technology seeks to be a fundamental component of the future global distributed network of commerce and value, then its architecture must also satisfy the same fundamental goals of the Internet architecture.

The design philosophy of the Internet

This section of the paper is a précis of ‘The design philosophy of the DARPA Internet protocols’ from SIGCOMM 1988. The top three fundamental goals for the Internet as conceived Continue reading

Nvidia aims to unify AI, HPC computing in HGX-2 server platform

Nvidia is refining its pitch for data-center performance and efficiency with a new server platform, the HGX-2, designed to harness the power of 16 Tesla V100 Tensor Core GPUs to satisfy requirements for both AI and high-performance computing (HPC) workloads.Data-center server makers Lenovo, Supermicro, Wiwynn and QCT said they would ship HGX-2 systems by the end of the year. Some of the biggest customers for HGX-2 systems are likely to be hyperscale providers, so it's no surprise that Foxconn, Inventec, Quanta and Wistron are also expected to manufacture servers that use the new platform for cloud data centers. The HGX-2 is built using two GPU baseboards that link the Tesla GPUs via NVSwitch interconnect fabric. The HGX-2 baseboards handle 8 processors each, for a total of 16 GPUs. The HGX-1, announced a year ago, handled only 8 GPUs.To read this article in full, please click here

Nvidia aims to unify AI, HPC computing in HGX-2 server platform

Mellanox Brings Hyperscaler Capabilities to the Masses With Private Cloud Framework

The 25G Ethernet network infrastructure integrates with cloud and hyperconverged infrastructure software stacks from vendors including VMware, Nutanix, Red Hat, and Microsoft.

Windows Updates and Ansible

Welcome to the fourth installment of our Windows-centric Getting Started Series!

One of the duties of most IT departments is keeping systems up to date. In this post we’re taking a quick look at using Ansible to manage updates on your Windows nodes. Starting with a small example of six Windows machines, we’ll show an example of a play against those hosts. We’ll share the full example at the end.

Updates, Updates, Updates...

Managing Windows updates is something that can be understood and customized quickly with Ansible. Below is a small-scale example of running updates on hosts with some flexibility in what gets updated in the process. The example here is assuming a domain exists and the hosts are being passed domain credentials. If you’re looking to test this example, be sure to read Bianca’s earlier Getting Started post on connecting to a Windows host.

Because this example is running against exclusively Windows machines, the information needed to connect can be included in the inventory file:

[all:vars]
ansible_connection: winrm
ansible_user: administrator
ansible_password: This-Should-Be-a-Password!

For Example

The example hosts include three groups of servers, two in each group. There are terminal servers, application servers, and directory servers. For the purposes of Continue reading

BrandPost: The Next SDN Leap: Automation and Intent-Driven Networking

Without an agile, flexible, and secure network infrastructure, organizations are in danger of falling behind competitors. That’s why many organizations are seeking to transform their businesses with cloud computing and hybrid cloud environments that are more adaptive and flexible. Software-defined networks (SDN) and network functions virtualization (NFV) can ease that path, but it requires automation along with intelligence that understands and can even predict what users and organizations want and need to do.Digital transformation has quickly moved beyond hype to become one of the top business imperatives. “Digital transformation is forcing companies to be agile and move with speed, and the network needs to be equally agile and fast,” writes industry analyst Zeus Kerravala. “The separation of control and data planes enables control to be abstracted away from the device and centralized so a network administrator can issue a change that is propagated instantly across the entire network.”To read this article in full, please click here

Cultural Challenges Pose Roadblocks for Operator Digital Transformation

Unless the TM Forum spends more time on the cultural challenges, most operators will continue to struggle to make meaningful strides toward the holy grail of becoming bona fide Digital Service Providers.

« Previous 1 … 1,545 1,546 1,547 1,548 1,549 … 3,796 Next »