Calico monthly roundup: September 2023

Welcome to the Calico monthly roundup: September edition! From open source news to live events, we have exciting updates to share—let’s get into it!

 

 

Transforming Container Network Security with Calico Container Firewall

Discover how you can automate security, ensure consistency, and tightly align security with development practices in a microservices environment.

Read blog post

The State of Calico Open Source: Usage & Adoption Report 2023

Get insights into Calico’s adoption across container and Kubernetes environments, in terms of platforms, data planes, and policies.

Read the report.

Open source news

  • Share your Calico Open Source journey and win a $25.00 gift card – Your journey with Calico Open Source matters to us! Share your experience and insight on how you solve problems and build your network security using Calico. Book a meeting to tell us about your journey and where you seek information. As a thank you, we’ll send you a $25.00 gift card!
  • Calico Live – Join the Calico community every Wednesday at 2:00 pm ET for a live discussion about learning how to leverage Calico and Kubernetes for networking and security. We will explore Kubernetes security and policy design, network flow logs and more. Join Continue reading

IBM leans into AI for managed security services

IBM is rolling out AI-based managed services that promise to help network and security operations teams more quickly and effectively respond to enterprise cyber threats.Managed by the IBM Consulting group, the Threat Detection and Response (TDR) Services offering promises 24x7 monitoring, investigation, and automated remediation of security alerts from existing security tools as well as cloud, on-premises, and operational technology systems utilizing the enterprise network. The services can integrate information from more than 15 security event and incident management (SIEM) tools and multiple third-party endpoint and network detection and response packages, for example.To read this article in full, please click here

IBM leans into AI for managed security services

IBM is rolling out AI-based managed services that promise to help network and security operations teams more quickly and effectively respond to enterprise cyber threats.Managed by the IBM Consulting group, the Threat Detection and Response (TDR) Services offering promises 24x7 monitoring, investigation, and automated remediation of security alerts from existing security tools as well as cloud, on-premises, and operational technology systems utilizing the enterprise network. The services can integrate information from more than 15 security event and incident management (SIEM) tools and multiple third-party endpoint and network detection and response packages, for example.To read this article in full, please click here

Virtual networking 101: Bridging the gap to understanding TAP

Virtual networking 101: Bridging the gap to understanding TAP
Virtual networking 101: Bridging the gap to understanding TAP

It's a never-ending effort to improve the performance of our infrastructure. As part of that quest, we wanted to squeeze as much network oomph as possible from our virtual machines. Internally for some projects we use Firecracker, which is a KVM-based virtual machine manager (VMM) that runs light-weight “Micro-VM”s. Each Firecracker instance uses a tap device to communicate with a host system. Not knowing much about tap, I had to up my game, however, it wasn't easy — the documentation is messy and spread across the Internet.

Here are the notes that I wish someone had passed me when I started out on this journey!

A tap device is a virtual network interface that looks like an ethernet network card. Instead of having real wires plugged into it, it exposes a nice handy file descriptor to an application willing to send/receive packets. Historically tap devices were mostly used to implement VPN clients. The machine would route traffic towards a tap interface, and a VPN client application would pick them up and process accordingly. For example this is what our Cloudflare WARP Linux client does. Here's how it looks on my laptop:

$ ip link list
...
18: CloudflareWARP: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP>  Continue reading

Video: What Is Software-Defined Data Center

A few years ago, I was asked to deliver a What Is SDDC presentation that later became a webinar. I forgot about that webinar until I received feedback from one of the viewers a week ago:

If you like to learn from the teachers with the “straight to the point” approach and complement the theory with many “real-life” scenarios, then ipSpace.net is the right place for you.

I haven’t realized people still find that webinar useful, so let’s make it viewable without registration, starting with What Problem Are We Trying to Solve and What Is SDDC.

You need at least free ipSpace.net subscription to watch videos in this webinar.

Video: What Is Software-Defined Data Center

A few years ago, I was asked to deliver a What Is SDDC presentation that later became a webinar. I forgot about that webinar until I received feedback from one of the viewers a week ago:

If you like to learn from the teachers with the “straight to the point” approach and complement the theory with many “real-life” scenarios, then ipSpace.net is the right place for you.

I haven’t realized people still find that webinar useful, so let’s make it viewable without registration, starting with What Problem Are We Trying to Solve and What Is SDDC.

You need at least free ipSpace.net subscription to watch videos in this webinar.

Juniper Networks to lay off 440 workers as part of $59M restructuring plan

Juniper Networks today said it is laying off 440 workers amidst a $59 million restructuring plan.The restructuring strategy is the result of a review of the company’s business objectives, and it is intended to focus on realigning resources and investments in long-term growth opportunities, the networking vendor wrote in an SEC 8K filing.“The company believes the plan will further allow it to continue to prudently manage operating expenses in order to deliver improved operating margin,” Juniper wrote. “Total costs currently estimated to be incurred in connection with the Plan are approximately $59 million, of which approximately $48 million are expected to result in cash expenditures.”To read this article in full, please click here

Juniper Networks to lay off 440 workers as part of $59M restructuring plan

Juniper Networks today said it is laying off 440 workers amidst a $59 million restructuring plan.The restructuring strategy is the result of a review of the company’s business objectives, and it is intended to focus on realigning resources and investments in long-term growth opportunities, the networking vendor wrote in an SEC 8K filing.“The company believes the plan will further allow it to continue to prudently manage operating expenses in order to deliver improved operating margin,” Juniper wrote. “Total costs currently estimated to be incurred in connection with the Plan are approximately $59 million, of which approximately $48 million are expected to result in cash expenditures.”To read this article in full, please click here

Hedge 197: Old Engineering Books (1)

It’s time for the October Roundtable! This month Eyvonne, Tom, and Russ are reading quotes from an engineering book published in 1911 and reacting to them. How much has engineering changed? How much has engineering stayed the same? How well can advice from a hundred years ago apply to modern engineering problems and life? It turns out that, in spite of their faults, there is a lot of great wisdom in these old books.

download

Breaking Linux files into pieces with the split command

Linux systems provide a very easy-to-use command for breaking files into pieces. This is something that you might need to do prior to uploading your files to some storage site that limits file sizes or emailing them as attachments. To split a file into pieces, you simply use the split command.$ split bigfile By default, the split command uses a very simple naming scheme. The file chunks will be named xaa, xab, xac, etc., and, presumably, if you break up a file that is sufficiently large, you might even get chunks named xza and xzz.Unless you ask, the command runs without giving you any feedback. You can, however, use the --verbose option if you would like to see the file chunks as they are being created.To read this article in full, please click here

Breaking Linux files into pieces with the split command

Linux systems provide a very easy-to-use command for breaking files into pieces. This is something that you might need to do prior to uploading your files to some storage site that limits file sizes or emailing them as attachments. To split a file into pieces, you simply use the split command.$ split bigfile By default, the split command uses a very simple naming scheme. The file chunks will be named xaa, xab, xac, etc., and, presumably, if you break up a file that is sufficiently large, you might even get chunks named xza and xzz.Unless you ask, the command runs without giving you any feedback. You can, however, use the --verbose option if you would like to see the file chunks as they are being created.To read this article in full, please click here

Kubernetes Unpacked 036: What The Heck Is Ingress?

There are a lot of moving parts to Kubernetes. In today's Kubernetes Unpacked, we get into Ingress with guest Whitney Lee. Whitney breaks down her thoughts on Ingress, how she learned it, and how you can gain more knowledge around Ingress and the open-source CNCF projects around Ingress.

The post Kubernetes Unpacked 036: What The Heck Is Ingress? appeared first on Packet Pushers.

What is DNS and how does it work?

The Domain Name System (DNS) is one of the foundations of the internet, working in the background to match the names of web sites that people type into a search box with the corresponding IP address, a long string of numbers that no one could be expected to remember.It's still possible for someone to type an IP address into a browser to reach a website, but most people want an internet address to consist of easy-to-remember words, called domain names. (For example, Network World.)To read this article in full, please click here

Many ways to use the echo command on Linux

The echo command (a bash built-in) is one of the very basic commands on Linux. As with ls and pwd, you can't sit on the command line very long without using it. At the same time, echo has quite a few uses that many of us never take advantage of. So, this post looks into the many ways you can use this command.What is the echo command on Linux? Basically, echo is a command that will display any text that you ask it to display. However, when you type “echo hello”, the echo command isn't only spitting out those five letters, it's actually sending out six characters – the last one being a linefeed. Let's look at a couple of commands that make this obvious.To read this article in full, please click here

Details Emerge On Europe’s First Exascale Supercomputer

Some details are emerging on Europe’s first exascale system, codenamed “Jupiter” and to be installed at the Jülich Supercomputing Center in Germany in 2024.

The post Details Emerge On Europe’s First Exascale Supercomputer first appeared on The Next Platform.

Details Emerge On Europe’s First Exascale Supercomputer was written by Timothy Prickett Morgan at The Next Platform.

Generative AI set to reshape SD-WAN market

There are baseline security and connectivity requirements for any SD-WAN service, and then there are optional, emerging product capabilities that indicate how the market is maturing and customer requirements are expanding. AI networking support – such as for proactive remediation and incident management – is one of those optional capabilities, according to Gartner, which just released its latest analysis of the SD-WAN vendor landscape.There’s a trend toward AI capabilities that enable networking decisions to be made with little or no human intervention. These capabilities can help enterprises to streamline network design, configuration and ongoing management as well as increase agility and improve performance, according to Gartner. The research firm predicts that by 2026, generative AI technology embedded in SD-WAN offerings will be used for 20% of initial network configuration, up from near zero in 2023.To read this article in full, please click here

1 174 175 176 177 178 3,798