AI Is Making Data Cost Too Much

You may recall that I wrote a piece almost six years ago comparing big data to nuclear power. Part of the purpose of that piece was to knock the wind out of the “data is oil” comparisons that were so popular. Today’s landscape is totally different now thanks to the shifts that the IT industry has undergone in the past few years. I now believe that AI is going to cause a massive amount of wealth transfer away from the AI companies and cause startup economics to shift.

Can AI Really Work for Enterprises?

In this episode of Packet Pushers, Greg Ferro and Brad Casemore debate a lot of topics around the future of networking. One of the things that Brad brought up that Greg pointed out is that data being used for AI algorithm training is being stored in the cloud. That massive amount of data is sitting there waiting to be used between training runs and it’s costing some AI startups a fortune in cloud costs.

AI algorithms need to be trained to be useful. When someone uses ChatGPT to write a term paper or ask nonsensical questions you’re using the output of the GPT training run. Continue reading

How Data Center Infrastructures Must Change to Support AI

5 use cases for automating your infrastructure with Ansible Automation Platform

Infrastructure automation is an area where systems administrators and  IT operations teams can see some of the biggest benefits from automation, including time savings, reducing tedious manual work, and improving the overall health of their systems. In this blog, I've identified the top 5 infrastructure automation use cases for Ansible Automation Platform that you can deploy in your own environment, and I've incorporated new capabilities like Event-Driven Ansible to make managing your infrastructure even easier. 

1. Provisioning Red Hat Enterprise Linux with Ansible Automation Platform

Before you get started with any automation project, we typically recommend using automation analytics to plan and predict the potential cost savings to help prioritize which automation projects will deliver the biggest time and cost savings.  

Then you can use Ansible Automation Platform to create a workflow to build or configure a cloud or datacenter instance for RHEL, while using surveys to gather additional user input to enable further customization to meet any system requirements. You can even introduce an IT service management ticketing option, then review the job success and confirm service availability. 

Watch this video to see it in action: 

2. Managing Configuration and Drift with Ansible Automation Platform

Ongoing Continue reading

Understanding the Role of the Network in Sustainability

Effective Traffic Management with Kubernetes Gateway API Policies

In this article, we will embark on an in-depth journey into Kubernetes Gateway API policies and their pivotal role in managing and controlling traffic within Kubernetes clusters. Gateway API logo With a comprehensive understanding of these policies, how they can be effectively leveraged, and the transformative impact they can have on traffic management strategies, you will be equipped with the knowledge and practical insights needed to harness the full potential of Kubernetes Gateway API policies for optimized traffic management. Benefits of Using Kubernetes Gateway API for Traffic Management Kubernetes Gateway API introduces a paradigm shift in how we manage and control traffic within Kubernetes clusters, offering a range of significant advantages. First and foremost, it simplifies configuration by abstracting away complexities and providing a user-friendly, declarative approach to define routing and traffic policies. Furthermore, its native integration with Kubernetes ensures a seamless fit, leveraging Kubernetes’ orchestration and scalability capabilities. With  the Kubernetes Gateway API, fine-grained control over traffic becomes possible, allowing for precise management with policies applied at various stages, from request routing to response transformations. As applications scale, the Kubernetes Gateway API scales effortlessly, handling high traffic loads and adapting to changing workloads without manual intervention. It incorporates Continue reading

Rapid Progress in BGP Route Origin Validation

In 2022, I was invited to speak about Internet routing security at the DEEP conference in Zadar, Croatia. One of the main messages of the presentation was how slow the progress had been even though we had had all the tools available for at least a decade (RFC 7454 was finally published in 2015, and we started writing it in early 2012).

At about that same time, a small group of network operators started cooperating on improving the security and resilience of global routing, eventually resulting in the MANRS initiative – a great place to get an overview of how many Internet Service Providers care about adopting Internet routing security mechanisms.

Rapid Progress in BGP Route Origin Validation

In 2022, I was invited to speak about Internet routing security at the DEEP conference in Zadar, Croatia. One of the main messages of the presentation was how slow the progress had been even though we had had all the tools available for at least a decade (RFC 7454 was finally published in 2015, and we started writing it in early 2012).

At about that same time, a small group of network operators started cooperating on improving the security and resilience of global routing, eventually resulting in the MANRS initiative – a great place to get an overview of how many Internet Service Providers care about adopting Internet routing security mechanisms.

Container-LSP Implementation in Junos

https://github.com/kashif-nawaz/Container-LSP

Getting Aggressive with Cloud Cybersecurity

Big Blue Can Still Catch The AI Wave If It Hurries

It has been two and a half decades since we have seen a rapidly expanding universe of a new kind of compute that rivals the current generative AI boom. …

The post Big Blue Can Still Catch The AI Wave If It Hurries first appeared on The Next Platform.

Big Blue Can Still Catch The AI Wave If It Hurries was written by Timothy Prickett Morgan at The Next Platform.

Tech Bytes: How VMware And HPE Greenlake Tackle AI And Multi-Cloud For Customers (Sponsored)

Tech Bytes: How VMware And HPE Greenlake Tackle AI And Multi-Cloud For Customers (Sponsored)

VMware and HPE are partnering on HPE Greenlake for VMware Cloud Foundation. On today's episode we discuss how the HPE and VMware partnership benefits customers’ multi-cloud initiatives and how VMware and HPE Greenlake can help customers take advantage of AI by providing scalable hardware and software infrastructure for training and inference. VMware is our sponsor.

The post Tech Bytes: How VMware And HPE Greenlake Tackle AI And Multi-Cloud For Customers (Sponsored) appeared first on Packet Pushers.

NB454: Is Bad InfoSec Now Securities Fraud?

NB454: Is Bad InfoSec Now Securities Fraud?

On today's Network Break we discuss potential repercussions for security executives after the SEC charges Solar Winds' CISCO with fraud, examine a new SD-LAN offering from Versa Networks that aims to integrate security controls into a campus fabric, and look at a new open-source tool from Cloudflare for scrubbing sensitive authentication tokens from HAR files.

The post NB454: Is Bad InfoSec Now Securities Fraud? appeared first on Packet Pushers.

DCAUTO Exam Experience by Nick Russo

On 17 October 2023, I took and passed the Automating and Programming Cisco Data Center Solutions (DCAUTO) exam on my first attempt. This is the seventh DevNet exam I’ve passed. After the retirement of the Webex and IoT specialty exams, the Collaboration specialty and Expert exams remain the only two I haven’t attempted. Much like my experience with enterprise, service provider, and security automation, I have years of real-life experience automating various data center solutions, primarily by working with Nexus and NDO (formerly MSO). I’ve spoken about the topic on various podcasts and professional training courses many times. Believe it or not, I don’t have as much real-life automation experience with ACI or UCS, which are key data center products for Cisco, so I studied those areas intensely.

It’s worth mentioning that Cisco’s new certification road map introduces small changes at regular intervals to all of their certification exams. This is smart as it leads to less “blueprint shock” every few years, plus gives learners an opportunity to master the newest technologies in an incremental way. Because Cisco updated DCAUTO earlier this year, I took the v1.1 exam. I’m not kidding when I say the exam was Continue reading

Fibre Channel Addressing

Whenever we talk about LAN data-link-layer addressing, most engineers automatically switch to the “must be like Ethernet” mentality, assuming all data-link-layer LAN framing must somehow resemble Ethernet frames.

That makes no sense on point-to-point links. As explained in Early Data-Link Layer Addressing article, you don’t need layer-2 addresses on a point-to-point link between two layer-3 devices. Interestingly, there is one LAN technology (that I’m aware of) that got data link addressing right: Fibre Channel (FC).

Fibre Channel Addressing

Whenever we talk about LAN data-link-layer addressing, most engineers automatically switch to the “must be like Ethernet” mentality, assuming all data-link-layer LAN framing must somehow resemble Ethernet frames.

That makes no sense on point-to-point links. As explained in Early Data-Link Layer Addressing article, you don’t need layer-2 addresses on a point-to-point link between two layer-3 devices. Interestingly, there is one LAN technology (that I’m aware of) that got data link addressing right: Fibre Channel (FC).

Non-interactive SSH password authentication

SSH offers several forms of authentication, such as passwords and public keys. The latter are considered more secure. However, password authentication remains prevalent, particularly with network equipment.¹

A classic solution to avoid typing a password for each connection is sshpass, or its more correct variant passh. Here is a wrapper for Zsh, getting the password from pass, a simple password manager:²

pssh() {
  passh -p <(pass show network/ssh/password | head -1) ssh "$@"
}
compdef pssh=ssh

This approach is a bit brittle as it requires to parse the output of the ssh command to look for a password prompt. Moreover, if no password is required, the password manager is still invoked. Since OpenSSH 8.4, we can use SSH_ASKPASS and SSH_ASKPASS_REQUIRE instead:

ssh() {
  set -o localoptions -o localtraps
  local passname=network/ssh/password
  local helper=$(mktemp)
  trap "command rm -f $helper" EXIT INT
  > $helper <<EOF
#!$SHELL
pass show $passname | head -1
EOF
  chmod u+x $helper
  SSH_ASKPASS=$helper SSH_ASKPASS_REQUIRE=force command ssh "$@"
}

If the password is incorrect, we can display a prompt on the Continue reading

Worth Reading: Confusing Git Terminology

Julia Evans wrote another great article explaining confusing git terminology. Definitely worth reading if you want to move past simple recipes or reminiscing about old days.

Worth Reading: Confusing Git Terminology

Julia Evans wrote another great article explaining confusing git terminology. Definitely worth reading if you want to move past simple recipes or reminiscing about old days.