Cisco’s Cloud Team Contends With Old-School Cisco Sales Team
Compton’s job will be to orchestrate across a hodge podge of clouds and internal business units. And he’ll need to inspire the sales force to sell cloud technology, too.
French Hosting Provider Fends Off DDoS Attacks With NetScout vAPS
As a hosting provider, Jaguar Networks has a higher risk of DDoS attacks because it aggregates its customers' risks in a shared infrastructure.
New Features of Docker Enterprise Edition 2.0 – Top 12 Questions from the Docker Virtual Event
In the recent Docker Virtual Event, Unveiling Docker Enterprise Edition 2.0, we demonstrated some of the key new capabilities of the Docker Enterprise Edition – the enterprise-ready container platform that enables IT leaders to choose how to cost-effectively build and manage their entire application portfolio at their own pace, without fear of architecture and infrastructure lock-in. Designed to address enterprise customers’ needs, these net-new features extend across both Swarm and Kubernetes (Part 1 of this blog) and across Windows and Linux applications (Part 2 of this blog).
In this blog post, we’ll go over some of the most common questions about these new features as well as some of the common questions that were asked about how Docker Enterprise Edition is packaged and deployed.
If you missed the live event, don’t worry! You can still catch the recording on-demand here.
Docker Enterprise Edition 2.0 Features
Q: Can I connect my corporate directory to permissions inside Docker Enterprise Edition?
A: Yes! You can integrate your corporate LDAP or Active Directory to Docker Enterprise Edition. Permissions can be mapped to one of the 5 built-in roles or administrators can create very granular and flexible Continue reading
Extending the Power of NSX to Bare-metal Workloads
Authors – Sridhar Subramanian and Geoff Wilmington
VMware NSX Data Center was built with the goal of consistent networking and security services independent of changing application frameworks or physical infrastructure. In the last couple of years, NSX Data Center has focused on delivering network and security abstractions for applications on any compute platform. In our journey, we have handled VM’s, containers, cloud, and now we are also looking to help our customers with scenarios where they need a unified experience for bare-metal workloads. The goal being to maintain a consistent security experience regardless of location or platform the workload is running on.
This experience means being able to take any workload, add it to an NSX Data Center Security Group and through the NSX Data Center Distributed Firewall have a consistent policy applied regardless of location and workload type. This consistent approach leverages the NSX DFW capabilities with stateful firewalling for the workloads. This is accomplished outside of using native OS capabilities like IP Tables or Windows Firewall so security admins only need to understand how to apply security through NSX DFW, and not have to understand the myriad of native OS approaches and complexity. By centralizing Continue reading
To Tackle the VPNFilter Botnet, It’s Going to Take Help from You and Me
If you’ve been reading the news lately, you might have seen headlines like “FBI to America: Reboot Your Routers, Right Now” or “F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware”. These headlines can be pretty alarming, and you may find yourself thinking, “things must be pretty bad if the FBI is putting out such an urgent warning.”
Cyber threats are not uncommon, but the good news is that the security community is working around the clock to tackle these threats as early and quickly as possible. Most of the time we do not see all this hard work, nor are we often asked to play a large part in taking down a botnet. But this time, by rebooting our routers, we can help the law enforcement and information security communities to identify infected routers so they can be cleaned up, moving us closer to a permanent fix for a particular kind of malware – VPNFilter.
Here is what happened …
From Discovery to Takedown
On 23 May, 2018, researchers at Cisco’s Talos publicly shared their findings about a large botnet of infected networking devices (home routers) they called “VPNFilter” because of concerns that the Continue reading
Connecting the Unconnected: The Land of Zero Connect
As we move to a more digitally-connected world, the need for Internet access has never been greater. In many parts of the world, the Internet has firmly established itself as a core part of everyday life – and this holds true for everyone from kids to adults to senior citizens. Yet, there remain communities and places around the world that are still offline. In some instances, these are probably the hardest locations to connect. And there are many reasons for this – geography and terrain could be one reason, commercial viability of service provision is another, as is affordability – the capacity of the community to pay for devices and Internet connectivity.
In 2010, the Internet Society Asia-Pacific Bureau launched the award-winning Wireless for Communities Programme. This was a pioneering effort that placed the local community front and centre, with its catchphrase – “for the community, with the community, by the community”.
The focus of the programme is to provide Internet access and connectivity to underserved and unserved rural areas in a holistic manner that leads to socioeconomic empowerment. A key component involves developing communities’ capacity to build and operate the wireless network, and at the same time, empowering them Continue reading
Nvidia Takes More Control Of Its GPU Compute Platform
Nvidia got a little taste of hardware, and the company’s top brass have decided that they like having a lot of iron in their financial diet. …
Nvidia Takes More Control Of Its GPU Compute Platform was written by Timothy Prickett Morgan at .
Episode 28 – For the Love of NAT
When it comes to NAT, network engineers love it, they hate it, or the love to hate it. In this episode, Tom Hollingsworth and Nick Buraglio join us to talk about NAT, why it exists, and its continued role in networking.
We would like to thank Core BTS for sponsoring this episode of Network Collective. Core BTS focuses on partnering with your company to deliver technical solutions that enhance and drive your business. If you’re looking for a partner to help your technology teams take the next step, you can reach out to Core BTS by emailing them here.
Nick Buraglio
Guest
Tom Hollingsworth
Guest
Jordan Martin
Co-Host
Eyvonne Sharp
Co-Host
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Episode 28 – For the Love of NAT appeared first on Network Collective.
Don’t Miss Keith Bogart’s Live Webinar! Deciphering Spanning-Tree Technologies
Tune in Tomorrow, May 31st, at 10 am PDT/ 1 pm EDT for a FREE live webinar with expert instructor Keith Bogart (CCIE #4923).
About This Webinar:
Understanding the logic of 802.1d and how it builds a loop-free “tree” is critical to passing any Cisco certification exam. Presented by INE instructor Keith Bogart (CCIE #4923), this session will take you through that logic so that, given any bridged/switched layer-2 network, you can predict what tree will be formed. Ask questions live with an experienced industry expert!
Business-Driven Network Transformation
Understand business requirements before jumping into a network design in order to ensure they're aligned, networking expert says.
Typical EVPN BGP Routing Designs
As discussed in a previous blog post, IETF designed EVPN to be next-generation BGP-based VPN technology providing scalable layer-2 and layer-3 VPN functionality. EVPN was initially designed to be used with MPLS data plane and was later extended to use numerous data plane encapsulations, VXLAN being the most common one.
Design Requirements
Like any other BGP-based solution, EVPN uses BGP to transport endpoint reachability information (customer MAC and IP addresses and prefixes, flooding trees, and multi-attached segments), and relies on an underlying routing protocol to provide BGP next-hop reachability information.
Read more ...Towards a design philosophy for interoperable blockchain systems
Towards a design philosophy for interoperable blockchain systems Hardjono et al., arXiv 2018
Once upon a time there were networks and inter-networking, which let carefully managed groups of computers talk to each other. Then with a capital “I” came the Internet, with design principles that ultimately enabled devices all over the world to interoperate. Like many other people, I have often thought about the parallels between networks and blockchains, between the Internet, and something we might call ‘the Blockchain’ (capital ‘B’). In today’s paper choice, Hardjono et al. explore this relationship, seeing what we can learn from the design principles of the Internet, and what it might take to create an interoperable blockchain infrastructure. Some of these lessons are embodied in the MIT Tradecoin project.
We argue that if blockchain technology seeks to be a fundamental component of the future global distributed network of commerce and value, then its architecture must also satisfy the same fundamental goals of the Internet architecture.
The design philosophy of the Internet
This section of the paper is a précis of ‘The design philosophy of the DARPA Internet protocols’ from SIGCOMM 1988. The top three fundamental goals for the Internet as conceived Continue reading