Fortinet FortiGate-VMX and NSX use cases

NSX is an extensible platform; other vendors security solutions can be added to it by means of the Northbound REST API, and two private APIs: NETX for network introspection, and EPSEC for guest introspection.

Fortinet’s FortiGate-VMX solution uses the NSX NETX API to provide advanced layer 4-7 services via service insertion, also called service chaining.  This enables the additional inspection of VM traffic prior to that traffic reaching the vSwitch.  This enhances micro-segmentation where there is need for greater application recognition, anti-malware, and other Next Generation Firewall features.  The scale-out nature of NSX is maintained as NSX handles the instantiation of FortiGate service VMs on the hosts within the deployed cluster retaining its operational advantages, if the cluster grows additional FortiGate-VMX service machines will be created as needed.

One of the primary advantages to FortiGate-VMX is the availability of VDOMs for multi-tenancy in a service provider or enterprise environment – this enables segmenting traffic by organization, business group, or other construct in addition to application.  The segregation includes the administration, VDOMs are managed independently of one another, this can also be used to split the different security functions such as anti-virus, IPS, and application control into isolated units or only Continue reading

VMware AppDefense & CB Defense Demo

As you may have heard, VMware and Carbon Black have come together to deliver best-in-class security architected for today’s data centers.

In this demo, you’ll see an example of how CB Defense and VMware AppDefense combine to enforce known good application behavior and detect threats using industry leading detection and response technology.

For this demo, we’ll show how an advanced security breach can come in under the guise of an innocuous application (Powershell) and often go undetected.  We’ll walk through the steps that security teams can now take to respond and address the attack all in one application.

The post VMware AppDefense & CB Defense Demo appeared first on Network Virtualization.

Its time for Network Field Day 17

My privilege to review whats coming up 24th Jan

Twistlock Ties Container and Serverless Security Into a Single Platform

Company notes complexity remains the enemy of security.

Microsoft Buys Hybrid Cloud Storage Firm Avere Systems

Avere will continue to support AWS and Google after the deal closes.

Zayo Enters SD-WAN Market With Flexible Offering

The service provider boasts 126,000 miles of global fiber.

Verizon Picks Samsung 5G Gear for its First U.S. Market

 As Verizon picks 5G vendors, T-Mobile begins trials.

BrandPost: Deciphering the SD-WAN buzz and predictions

We were excited to participate in the November MEF 17 conference in Orlando, one of the industry’s most informative service provider events of the year. There is a lot of buzz and interest in managed SD-WAN services. It was a key focus area of MEF’s new SD-WAN initiatives and for this year’s conference agenda.Silver Peak Founder and CEO David Hughes delivered a CEO perspective: “SD-WAN From Software-Defined to Self-Driving.” David presented a vision for how SD-WAN technologies that leverage AI and automation can further accelerate the development of managed, customized SD-WAN services. David’s presentation also explored the future of SD-WAN and its impact on the broader software defined networking space.To read this article in full, please click here

History of Networking: Voice over IP Part 2

The End of Larry Vs. Amazon? AWS Looking to Dump Oracle, Report Says

Salesforce also wants to say “Sayonara” to Oracle software.

SDN with Big Data Analytics for an Intelligent Network

Software, cloud computing and IOT are rapidly transforming networks in a way, and at a rate, never seen before. With software-as-a-service (SaaS) models, enterprises are moving more and more of their critical applications and data to public and hybrid clouds. Enterprise traffic, that never left the corporate network, is now shifting to the Internet, reaching out to different data centers across the globe. Streaming Video (Netflix, Youtube, Hulu, Amazon) accounts for an absurdly high percentage of traffic in the Internet and content providers have built out vast content distribution networks (CDNs) that overlay the Internet backbone. Higher resolutions (HD and UHD) will increase the traffic further, and by some accounts, will be over 80% of the total network traffic by 2020. More and more businesses are being created that reach their customers exclusively over the Internet (Spotify, Amazon, Safari, Zomato, etc). Real-time voice and video communications are moving to cloud-based delivery and network operators are challenged to deliver these services without impacting user quality of experience. And if this was’nt enough, with the advances being made in IOT, we have more devices than ever, lively communicating and chatting in real time over the Internet.

Security becomes a prime concern as Continue reading

SDN with Big Data Analytics for an Intelligent Network

Software, cloud computing and IOT are rapidly transforming networks in a way, and at a rate, never seen before. With software-as-a-service (SaaS) models, enterprises are moving more and more of their critical applications and data to public and hybrid clouds. Enterprise traffic, that never left the corporate network, is now shifting to the Internet, reaching out to different data centers across the globe. Streaming Video (Netflix, Youtube, Hulu, Amazon) accounts for an absurdly high percentage of traffic in the Internet and content providers have built out vast content distribution networks (CDNs) that overlay the Internet backbone. Higher resolutions (HD and UHD) will increase the traffic further, and by some accounts, will be over 80% of the total network traffic by 2020. More and more businesses are being created that reach their customers exclusively over the Internet (Spotify, Amazon, Safari, Zomato, etc). Real-time voice and video communications are moving to cloud-based delivery and network operators are challenged to deliver these services without impacting user quality of experience. And if this was’nt enough, with the advances being made in IOT, we have more devices than ever, lively communicating and chatting in real time over the Internet.

Security becomes a prime concern as Continue reading

Worth Reading: The Smart Home Battle Front

Data Protection is the Killer App for the Hybrid Cloud

Data protection is one of the first applications most IT organizations will deploy across a hybrid cloud.

IDG Contributor Network: Is it time for a network tax cut?

It is truly remarkable to what extent corporate and personal behavior is dictated by tax policy. Much of the discussion in our nation’s capital in regard to tax reform has been about competitiveness as a rational to lower corporate tax rates. It appears as though the United States charges a 20 percent higher tax rate than much of the rest of the world, forcing corporations to shift some operations and assets into lower tax rate jurisdictions. It’s safe to say that tax policy impacts behavior in measurable ways.Just yesterday I was speaking with a communications service provider analyst. We discussed the overhead of SD-WAN tunnels. I showed the math of how it can tax various protocols. The tax for various protocols was:To read this article in full, please click here

IDG Contributor Network: Is it time for a network tax cut?

It is truly remarkable to what extent corporate and personal behavior is dictated by tax policy. Much of the discussion in our nation’s capital in regard to tax reform has been about competitiveness as a rational to lower corporate tax rates. It appears as though the United States charges a 20 percent higher tax rate than much of the rest of the world, forcing corporations to shift some operations and assets into lower tax rate jurisdictions. It’s safe to say that tax policy impacts behavior in measurable ways.Just yesterday I was speaking with a communications service provider analyst. We discussed the overhead of SD-WAN tunnels. I showed the math of how it can tax various protocols. The tax for various protocols was:To read this article in full, please click here

History Of Networking – Alistair Woodman – VoIP Continued

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Alistair Woodman – VoIP Continued appeared first on Network Collective.

IDG Contributor Network: 7 IoT trends that will define 2018

As global markets hurtle towards a 2018 that’s shaping up to possibly be one of the most innovative years on record, eager onlookers who are tapped into the tech-scene’s pulse are wondering what the next trends will be that drive the IoT forward. After a crazy 2017 that saw the IoT become a household name throughout the world, some are wondering what 2018 could possibly have in store that could still surprise us, but you’d be surprised at what’s yet to come.Brush up on 7 of the leading IoT trends that will come to define 2018 and reshape the world as we know it, and you’ll be setting yourself down the path of success well before the new year even begins.To read this article in full, please click here

OVN and Red Hat Virtualization: Installing OVN

Hi folks, in the last article I provided an overview and introduction to OVN. This time around, I’ll provide a walkthrough on how to actually install it in your RHV environment. My colleague Tony created an Ansible playbook to automate the installation, and I’ll share the link to that at the end. Let’s get started.

Necessary Channels and Subscriptions

One of the first thing that Tony covers in the demo is that he used the standard channels for both RHV-M (engine) and Hosts (hypervisors) – nothing special is needed from a subscription standpoint as all of the packages are now included in RHV 4.1. Using the `ovs-vsctl show` command, we see that even though the openvswitch package is pulled in as part of the host install, nothing is configured by default.

Automate the Installation with Ansible

Next, we see Tony’s Ansible playbook. It covers 2 plays, one for the engine (RHV-M) and one for the hosts. Not only does it install the packages, but it configures firewalld. Specifically, the playbook does the following:

On the Engine:

It installs “ovirt-provider-ovn” package then it starts/restarts multiple services, north and southbound connections are set.

On the Hosts:

It installs the “ovirt-provider-ovn-driver” package. Continue reading

IDG Contributor Network: 3 ways networking will change for the better in 2018

As I discussed in "Why web-scale is the future," over the past year, we’ve seen more organizations embrace it as the “go-to” model for flexible, resilient and on-demand infrastructure. Gartner predicts that by 2020, 40% of global enterprise CIOs will have initiated a corporate web-scale IT initiative.As web-scale principles continue their rise within large enterprises, the role the network plays for the business, as well as the day-to-day working lives of network engineers, will change in some pretty significant ways in the year ahead.1. Networks will help fuel digital transformation rather than slow it down 40 percent of CEOs rank digital transformation as their top imperative, according to a recent Economist Intelligence Unit survey. More than ever, digital transformation is crucial to business success; in 2018, spending on the software, hardware and services that enable digital transformation will reach nearly $1.3 trillion, predicts analyst firm IDC. This figure “represents a 16.8 percent jump compared to the $1.1 trillion spent this year,” according to Datamation.To read this article in full, please click here