NetworkingNexus.net

Juniper to buy advanced threat protection security startup Cyphort

Juniper today announced intentions to acquire Cyphort, a Santa Clara-based startup that offers an advanced threat detection, analytics and mitigation platform. Juniper says it will integrate Cyphort’s technology with its Sky Advanced Threat Protection (ATP) product line.+MORE AT NETWORK WORLD: DEEP-DIVE REVIEW: How Cyphort makes advanced threat protection easier than ever +Cyphort’s software platform detects advanced threats, evasion techniques and zero-day vulnerabilities using a combination of behavioral analytics, machine-learning and long-data security analysis, the company says. The platform can work across virtual infrastructure, cloud environments and edge devices. In addition to identifying threats, Cyphort creates real-time timelines of incidents and can integrate with network tools to update security postures.To read this article in full or to leave a comment, please click here

Juniper to buy advanced threat protection security startup Cyphort

The Huge Premium Intel Is Charging For Skylake Xeons

There is no question that Intel has reached its peak in the datacenter when it comes to compute. For years now, it has had very little direct competition and only some indirect competition for the few remaining RISC upstarts and the threat of the newbies with their ARM architectures.

The question now, as we ponder the “Skylake” Xeon SP processors and their “Purley” platform that launched in July, is this: Is Intel at a local maximum, with another peak off in the distance, perhaps after a decline or perhaps after steady growth or a flat spot, or is this the …

The Huge Premium Intel Is Charging For Skylake Xeons was written by Timothy Prickett Morgan at The Next Platform.

IDG Contributor Network: Why smart cities are crucial for autonomous cars

Autonomous cars are changing the way consumer drivers and auto manufacturers alike view transportation, with bold new players like Tesla joining long-standing industry giants like BMW in their quest for a truly independent car. More so than almost anything else, smart cities and their continued development are shaping the way these autonomous cars are designed, manufactured and used around our urban environments.So how exactly are smart cities reshaping the way developers approach building truly autonomous vehicles capable of guiding themselves? What does the future of the smart cities movement hold for autonomous cars, and vice versa? A quick look at these 21st Century innovations shows just how intertwined their fates are.To read this article in full or to leave a comment, please click here

Video: Building Data Center Fabrics with SPB

There are two reasonable ways of building a layer-2 leaf-and-spine fabric: use VXLAN (the direction almost everyone in the industry is taking at the moment), or routing-on-layer-2 technology like TRILL or SPB.

All Of Ethan’s Podcasts And Articles For August 2017

Here’s a catalog of all the media I produced (or helped produce) in August 2017.

Packet Pushers Weekly Podcast

Packet Pushers Priority Queue Podcast

Episode 124: Cloud SBC Security & Analytics With Sonus Networks (Sponsored)

Datanauts Podcast

Packet Pushers Articles

EthanCBanks.com

Beware N1Wireless.com – Bait And Switch

NetIntro Book

In August, I finished my contributions to this book. I ended up with roughly 6 (or 7?) chapters out of 30 or so. That’s a little awkward for me as I would have hoped to have done a more or Continue reading

All Of Ethan’s Podcasts And Articles For August 2017

Here’s a catalog of all the media I produced (or helped produce) in August 2017.

Packet Pushers Weekly Podcast

Packet Pushers Priority Queue Podcast

Episode 124: Cloud SBC Security & Analytics With Sonus Networks (Sponsored)

Datanauts Podcast

Packet Pushers Articles

EthanCBanks.com

Beware N1Wireless.com – Bait And Switch

NetIntro Book

In August, I finished my contributions to this book. I ended up with roughly 6 (or 7?) chapters out of 30 or so. That’s a little awkward for me as I would have hoped to have done a more or Continue reading

One way to help Hurricane Harvey victims

Photo Credit: Texas Military Department (Flickr)

Hurricane Harvey hit Texas last Friday as a Category 4 storm. Although Harvey's category was quickly downgraded, the storm lingered around for days, bringing 50 inches of rain to the greater Houston area.

As someone who was born in Houston, it's hard to see my former city hit with such destruction, and to know that many of my friends and fellow Houstonians are in need of help and assistance. Many families have had their entire house flooded out by the storm. Displaced residents are in a state of stagnation and are seeing their supplies diminishing by the day.

The Hurricane Relief app will allow visitors to your site to donate to one of the charities helping those impacted in Houston:

The Hurricane Relief App takes two clicks to install and requires no code change. The charities listed are recommended by NPR.

Install Now

If you wanted to add your own custom list of charities for disaster relief or other causes, feel free to fork the source of this app and make your own.

IDG Contributor Network: SD-WAN Simplified!

This blog post is going a bit outside my usual “make sense to the C-Level” slant. I wanted to get in the weeds about reviewing SD-WAN products. We all know that’s where the fun really is!I have been doing a bit of evaluation on SD-WAN products and their configurations from the network engineer’s perspective. I have looked at numerous vendors’ products, poured over install guides, and dusted off the CLI.Everyone who knows me can tell you I am a Cisco fanatic. Hands down, I would rather implement a Cisco technology rather than any other vendor by a 1000:1 ratio. I have spent a majority of my career as a network engineer, and the best network devices to configure and troubleshoot have been Cisco.To read this article in full or to leave a comment, please click here

IDG Contributor Network: SD-WAN Simplified!

SD-WAN Simplified!

Juniper Networks Acquires Security Firm Cyphort

Cyphort’s CEO is a Juniper alum.

What’s New in Docker Enterprise Edition Webinar Recap

The latest release of Docker Enterprise Edition (EE) allows organizations to modernize Windows, Linux, and Linux-on-mainframe applications—all with minimal disruption. The release also allows organizations to run containers at scale with advanced capabilities around secure multi-tenancy and policy-based automation.

In last week’s webinar, we walked through the key new features of this release and saw a demo of Docker EE in action. If you missed the webinar, you can watch it here:

Here are the top questions from the webinar:

Q: Can you provide more information about Windows support? Which version of Windows? Is this only available with Docker Enterprise Edition?

A: You can run Windows Docker containers either with Docker Community Edition for Windows (PC) which supports Windows 10 or Docker Enterprise Edition for Windows Server 2016 (including Nano Server). Docker EE Basic is included with the Windows Server 2016 license, and you also have the option to upgrade to EE Standard or EE Advanced for Windows Server 2016 to get complete lifecycle management capabilities, Docker Trusted Registry, and advanced security features like image signing and scanning.

Q: Is it possible to deploy the Windows containers on top of a native Linux host?

A: As a form of packaging Continue reading

Using FQDN for DMVPN hubs

I've done some testing with specifying DMVPN hubs (NHRP servers, really) using their DNS name, rather than IP address.

This matters to me because of some goofy environments where spoke routers can't predict what network they'll be on (possibly something other than internet), and where I can't leverage multiple hubs per tunnel due to a control plane scaling issue.

The DNS-based configuration includes the following:

 interface Tunnel1  
  ip nhrp nhs dynamic nbma dmvpn-pool.fragmentationneeded.net

There's no longer a requirement for any ip nhrp map or ip nhrp nhs x.x.x.x configuration when using this new capability.

My testing included some tunnels with very short ISAKMP and IPSec re-key intervals. I found that the routers performed the DNS resolution just once. They didn't go back to DNS again for as long as the hub was reachable.

Spoke routers which failed to establish a secure connection for whatever reason would re-resolve the hub address each time the DNS response expired its TTL. But once they succeeded in connecting, I observed no further DNS traffic for as long as the tunnel survived.

The record I published (dmvpn-pool.fragmentationneeded.net above) includes multiple A records. The DNS server randomizes the record Continue reading

NASA Supercomputing Strategy Takes the Road Less Traveled

For a large institution playing at the leadership-class supercomputing level, NASA tends to do things a little differently than its national lab and academic peers.

One of the most striking differences between how the space agency views its supercomputing future can be found at the facilities level. Instead of building massive brick and mortar datacenters within a new or existing complex, NASA has taken the modular route, beginning with its Electra supercomputer and in the near future, with a 30 Megawatt-capable new modular installation that can house about a million compute cores.

“What we found is that the modular approach …

NASA Supercomputing Strategy Takes the Road Less Traveled was written by Nicole Hemsoth at The Next Platform.