Viptela Cloud onRamp optimizes cloud access

Over the past few years, SD-WANs have become the Kardashians of the tech industry. That is, it’s hard to go anywhere or talk to anyone without the topic of SD-WANs coming up. Unlike the Kardashians, SD-WANs deserve this level of attention, since the technology is useful by lowering the cost of running a WAN and improves application performance. However, for all the hype and chatter about the topic, its primary focus has been to improve connectivity to branch offices.It’s been well documented on this site and others that the cloud is not only mainstream but also the preferred strategy for many organizations, so a WAN must not only address connectivity to branch offices but also cloud services.To read this article in full or to leave a comment, please click here

Quantum fiber network to launch in August

The most secure form of network ever created has been successfully real-world-tested in China, said a publication there yesterday.Quantum entanglement—the tech that drives quantum networks—is a part of quantum-key distribution (QKD). Roughly, it gains its supposedly unhackable nature because the subatomic particles that make up the data impact each other all at the same time, regardless of where they are in the transmission.That means that because all of the cryptographic keys are intertwined, it’s possible to see at any time if bits have been corrupted. That includes being stolen or erased. Any disruption becomes transparent and throws an error. One can’t hack the system, experts say.To read this article in full or to leave a comment, please click here

Quantum fiber network to launch in August

The most secure form of network ever created has been successfully real-world-tested in China, said a publication there yesterday.Quantum entanglement—the tech that drives quantum networks—is a part of quantum-key distribution (QKD). Roughly, it gains its supposedly unhackable nature because the subatomic particles that make up the data impact each other all at the same time, regardless of where they are in the transmission.That means that because all of the cryptographic keys are intertwined, it’s possible to see at any time if bits have been corrupted. That includes being stolen or erased. Any disruption becomes transparent and throws an error. One can’t hack the system, experts say.To read this article in full or to leave a comment, please click here

The Heart Of AMD’s Epyc Comeback Is Infinity Fabric

At AMD’s Epyc launch few weeks ago, Lisa Su, Mark Papermaster, and the rest of the AMD Epyc team hammered home that AMD designed its new Zen processor core for servers first. This server-first approach has implications for performance, performance per watt, and cost perspectives in both datacenter and consumer markets.

AMD designed Epyc as a modular architecture around its “Zeppelin” processor die with its eight “Zen” architecture cores. To allow multi-die scalability, AMD first reworked its HyperTransport socket-to-socket system I/O architecture for use on a chip, across a multi-chip module (MCM), and for inter-socket connectivity. AMD has named this

The Heart Of AMD’s Epyc Comeback Is Infinity Fabric was written by Timothy Prickett Morgan at The Next Platform.

Getting started with Cloudflare Apps

We recently launched our new Cloudflare Apps platform, and love to see the community it is building. In an effort to help people who run web services such as websites, APIs and more, we would like to help make your web services faster, safer and more reliable using our new Apps Platform by leveraging our 115 points of presence around the world. (Skip ahead to the fun part if you already know how Cloudflare Apps works)

How Cloudflare apps work

Here is a quick diagram of how Cloudflare apps work:

The “Origin” is the server that is providing your services, such as your website or API. The “Edge” represents a point of presence that is closest to your visitors. Cloudflare uses a routing method known as Anycast to ensure the end user, pictured on the far right, is routed through the best network path to our points of presence closest to them around the world.

Historically, to make changes or additions to your site at the edge changes to a site, you needed to be a Cloudflare employee. Now with apps, anyone can quickly make changes to the pages rendered to their users via Javascript and CSS. Today, you Continue reading

Securing The HPC Infrastructure

In the world of high performance computing (HPC), the most popular buzzwords include speed, performance, durability, and scalability. Security is one aspect of HPC that is not often discussed, or else seems to be relatively low on the list of priorities when organizations begin building out their infrastructures to support a demanding new applications, whether for oil and gas exploration, machine learning, simulations, or visualization of complex datasets.

While IT security is paramount for businesses in the digital age, HPC systems typically do not encounter the same risks as public-facing infrastructures – in the same way as a web server

Securing The HPC Infrastructure was written by Timothy Prickett Morgan at The Next Platform.

Worth Reading: Cutting through the segment routing hype

Segment Routing (SR) is a new traffic-engineering technology being developed by the IETF’s SPRING Working Group. Two forwarding plane encapsulations are being defined for SR: Multiprotocol Label Switching (MPLS) and IPv6 with a Segment Routing Extension Header. This article provides some historical context by describing the MPLS forwarding plane and control plane protocols, explains how Segment Routing works, introduces the MPLS-SR forwarding plane, and shows how the SR control plane is used. Finally, the article compares SR with legacy MPLS systems, and identifies its unique merits. —The IETF Journal

The post Worth Reading: Cutting through the segment routing hype appeared first on rule 11 reader.

On the ‘web: Is it really simpler?

Simplification is the metabuzzword overlaying the networking world today. For instance, Software Defined Wide Area Networks (SD-WANs), which propose to reduce the complexity of the enterprise wide area network, particularly the network connecting to the many thousands of remote sites many enterprises operate, by replacing MPLS and private line services purchased from service providers, with services that operate over the top of “plain jane Internet” connectivity. A second area where network operators are simplifying is by purchasing pre-integrated stacks of compute, storage, and networking, in a single rack, and controlled through a single GUI—a form of hyperconvergence. A third area is in the large amounts of interest in deploying Software Defined Networks (SDNs), which are being promoted based on the simplifications possible from removing “complex” distributed control planes from the network. There are three questions network engineers should ask in response to the simplification metabuzzword, however. —Tech Target

The post On the ‘web: Is it really simpler? appeared first on rule 11 reader.

BrandPost: Why An Intelligent WAN Edge Solution Is Key To Branch Office Success

The concept of the “thin branch” enabled by simplifying infrastructure has been around for as long as there have been branch offices. Branch offices are typically a microcosm of the company headquarters, but without the necessary IT staff to run them. It’s common to find a myriad of network and security equipment in a branch including a router, firewall, WAN optimizer, VPN concentrators, along with almost anything else you can think of. This, of course, results in an operational nightmare as network administrators must deal with multiple devices in dozens, hundreds or even thousands of branch locations. In small networks it can be extremely challenging to track all the different hardware components and related software versions across the various locations. In large networks, this task is impossible as the number of possible combinations of hardware and software grows exponentially in relation to the number of locations.To read this article in full or to leave a comment, please click here

Worth Reading: ISPs simplifying customer IPv6 addressing

One of the main issues for an ISP planning to deliver IPv6 services is to decide how to address the customers. In a generic way, we could say that the first thing to do for any IPv6 deployment is the complete network addressing plan, even before obtaining your addressing space from your Regional Internet Registry (RIR), so you get it right from the very beginning. In the case of corporate customers, generally nobody doubts that they should receive a /48 IPv6 GUA (Global Unicast Address) at every end-site, and of course, those prefixes should be persistent (often called static) to each customer. —APNIC

The post Worth Reading: ISPs simplifying customer IPv6 addressing appeared first on rule 11 reader.

Arista eAPI

The sFlow and eAPI features of EOS (Extensible Operating System) are standard across the full range of Arista Networks switches. This article demonstrates how the real-time visibility provided by sFlow telemetry can be combined with the programmatic control of eAPI to automatically adapt the network to changing traffic conditions.

In the diagram, the sFlow-RT analytics engine receives streaming sFlow telemetry, provides real-time network-wide visibility, and automatically applies controls using eAPI to optimize forwarding, block denial of service attacks, or capture suspicious traffic.

Arista eAPI 101 describes the JSON RPC interface for programmatic control of Arista switches. The following eapi.js script shows how eAPI requests can be made using sFlow-RT's JavaScript API:
function runCmds(proto, agent, usr, pwd, cmds) {
  var req = {
    jsonrpc:'2.0',id:'sflowrt',method:'runCmds',
    params:{version:1,cmds:cmds,format:'json'}
  };
  var url = (proto || 'http')+'://'+agent+'/command-api';
  var resp = http(url,'post','application/json',JSON.stringify(req),usr,pwd);
  if(!resp) throw "no response";
  resp = JSON.parse(resp);
  if(resp.error) throw resp.error.message;
  return resp.result; 
}
The following test.js script demonstrates the eAPI functionality with a basic show request: 
include('eapi.js');
var result = runCmds('http','10.0.0.90','admin','arista',['show hostname']);
logInfo(JSON.stringify(result));
Starting sFlow-RT: 
env "RTPROP=-Dscript.file=test.js" ./start.sh
Running the script generates the following output:
2017-07-10T14:00:06-0700  Continue reading
1 1,978 1,979 1,980 1,981 1,982 3,834