NSX Real World Use Cases for Pivotal Cloud Foundry

Pivotal cloud foundry is the leading PaaS solution for enterprise customers today, providing a fast way to convert their ideas from conception to production. This is achieved by providing a platform to run their code in any cloud and any language taking care of all the infrastructure stuff for them.

From building the container image, compiling it with the required runtime, deploying it in a highly available mode and connecting it to the required services, PCF allows dev shops to concentrate on developing their code.

While the platform is providing developers with the most simplified experience conceivable, under the hood there are many moving parts that make that happen and plumbing all these parts can be complex. That’s where customers are really enjoying the power of VMware’s SDDC, and the glue between the PaaS and SDDC layers is NSX, it is the enabler that makes it all work.

In this blog post, I detail some of the main uses cases customers has already deployed NSX for PCF on top of vSphere and how PCF and NSX are much better together in the real world.

The use cases customers are deploying with NSX for PCF are varied and ill divide them Continue reading

KRACK proves we need more encryption on the Internet

A serious weakness in Wi-Fi security was made public earlier today. The Key Reinstallation Attack (KRACK) can break Wi-Fi encryption, opening your data up to eavesdropping. This, combined with issues in Linux and Android, make it possible for attackers to change websites you view. This is a serious problem for Wi-Fi Protected Access 2 (WPA2), a protocol used in millions of networks worldwide.

Luckily, the use of Transport Layer Security (TLS) is on the rise. Mozilla’s data shows that over 60% of pages loaded in Firefox use TLS. More and more companies are using encryption for all traffic and removing the ability to connect to unencrypted versions of their sites. When connecting to these sites, KRACK isn’t as big of a deal, because the data is encrypted before it’s sent across Wi-Fi. Even if WPA2 is broken, the data is still secure.

Unfortunately there are still millions of sites that don’t provide this security. Their users are vulnerable to eavesdropping, fake content, malware injection, and more. We need more companies and operators to use TLS and HTTP Strict Transport Security (HSTS) to mitigate the potential impact of KRACK.
Internet traffic exists in layers, which makes it possible to use more Continue reading

KRACK proves we need more encryption on the Internet

A serious weakness in Wi-Fi security was made public earlier today. The Key Reinstallation Attack (KRACK) can break Wi-Fi encryption, opening your data up to eavesdropping. This, combined with issues in Linux and Android, make it possible for attackers to change websites you view. This is a serious problem for Wi-Fi Protected Access 2 (WPA2), a protocol used in millions of networks worldwide.

Luckily, the use of Transport Layer Security (TLS) is on the rise. Mozilla’s data shows that over 60% of pages loaded in Firefox use TLS. More and more companies are using encryption for all traffic and removing the ability to connect to unencrypted versions of their sites. When connecting to these sites, KRACK isn’t as big of a deal, because the data is encrypted before it’s sent across Wi-Fi. Even if WPA2 is broken, the data is still secure.

Unfortunately there are still millions of sites that don’t provide this security. Their users are vulnerable to eavesdropping, fake content, malware injection, and more. We need more companies and operators to use TLS and HTTP Strict Transport Security (HSTS) to mitigate the potential impact of KRACK.

Internet traffic exists in layers, which makes it possible to use more Continue reading

IS-IS Multi Instance: RFC8202

Multi-Instance IS-IS
One of the nice things about IS-IS is the ability to run IPv6 and IPv4 in the same protocol, over a single instance. So long as the two topologies are congruent, deploying v6 as dual stack is very simply. But what if your topologies are not congruent? The figure below illustrates the difference.

In this network, there are two topologies, and each topology has two different set of level 1/level 2 flooding domain boundaries. If topology 1 is running IPv4, and topology 2 is running IPv4, it is difficult to describe such a pair of topologies with “standard” IS-IS. The actual flooding process assumes the flooding domain boundaries are on the same intermediate systems, or that the two topologies are congruent.

One way to solve this problem today is to use IS-IS multi-topology, which allows the IPv6 and IPv4 routing information to be carried in separate TLVs so two different Link State Databases (LSDBs), so each IS can compute a different Shortest Path Tree (SPT), one for IPv4, and another for IPv6. Some engineers might find the concept of multi-topology confusing, and it seems like it might be overkill for other use cases. For instance, perhaps you do Continue reading

Why leave a vendor job….twice?

Over the past few months I’ve been working hard on my new start-up company PeakFactory, it’s going really well, but for this post I want to focus on the reason why I chose to leave the companies I used to work for. I thought this was relevant, as many people have asked me why, but also in general there is a lot of discussion how to advance your career in different directions.

Why leave a comfortable and good job at all?

Back in 2013 I was working in a very good position, where I had a lot of freedom in choosing the customers I’d like to work on and was involved in all technical aspects of a project (pre-sales, proof of concepts, implementation and support). Still I had this feeling that I wanted to explore more an different areas for a wider audience. Which is why I decided to start working for a networking vendor. My main reason for choosing a vendor is that I could leverage my experience in the technology and apply it for a wider audience (maybe even worldwide)

Why work for Cisco and Juniper?

In early 2014 I got in touch with Cisco and I left Continue reading

NetDevOps: what does it even mean?

Move over “selfie” — “NetDevOps” is the hottest buzzword that everybody is talking about! It’s so popular that the term even has its own hashtag on Twitter. But when you take the word out of social media, does anyone really know what it means? Or how this perfect portmanteau can revolutionize your data center? Let’s take a moment to discuss what NetDevOps really is all about. In this post, we’ll go over the definition, the best practices, and the tech that best incorporates NetDevOps. Now, when you see #NetDevOps appear on your feed, you can tweet it out with confidence.

What does it all mean?

If you understand the basic principles of DevOps, then congratulations! You’re two-thirds of the way to grasping the concept of NetDevOps. For the uninitiated, DevOps embraces the ideology of interoperability and communication between the development and operations teams in order to break down silos and create better products. The movement also encourages automation and monitoring in order to increase efficiency and reduce error.

DevOps is certainly a great movement, but like the VCR and the DVD player, something new came along and improved upon it. This is where NetDevOps comes in. So, what exactly is Continue reading

IBM Preps Power9 For AI And HPC Launch, Forges Big NUMA Iron

After a long, long wait and years of anticipation, it looks like IBM is finally getting ready to ship commercial versions of its Power9 chips, and as expected, its first salvo of processors aimed at the datacenter will be aimed at HPC, data analytics, and machine learning workloads.

We are also catching wind about IBM’s Power9-based scale-up NUMA machines, which will debut sometime next year and take on big iron systems based on Intel Xeon SP, Oracle Sparc M8, and Fujitsu Sparc64-XII processors as well as give some competition to IBM’s own System z14 mainframes.

The US Department

IBM Preps Power9 For AI And HPC Launch, Forges Big NUMA Iron was written by Timothy Prickett Morgan at The Next Platform.

ButterCMS Architecture: a Mission-Critical API Serving Millions of Requests per Month

This is a guest post by Jake Lumetta, co-founder and CEO of ButterCMS.

ButterCMS lets developers add a content management system to any website in minutes. Our business requires us to deliver near-100% uptime for our API, but after multiple outages that nearly crippled our business, we became obsessed with eliminating single points of failure. In this post, I’ll discuss how we use Fastly’s edge cloud platform and other strategies to make sure we keep our customers’ websites up and running.

At its core, ButterCMS offers:

ButterCMS Tech Stack

REVIEW: Turbonomic, VMware virtualization management tools

Virtualization management tools are becoming a must-have for enterprises that are grappling with increasingly dynamic infrastructure environments. Virtualization management tools allow for proactive capacity planning, which increases performance efficiency, keeps costs in check and avoids disruption.To read this article in full or to leave a comment, please click here(Insider Story)

REVIEW: Turbonomic, VMware virtualization management tools

Virtualization management tools are becoming a must-have for enterprises that are grappling with increasingly dynamic infrastructure environments. Virtualization management tools allow for proactive capacity planning, which increases performance efficiency, keeps costs in check and avoids disruption.To read this article in full or to leave a comment, please click here(Insider Story)

1 1,864 1,865 1,866 1,867 1,868 3,841