0

Calico monthly roundup: October 2023

Welcome to the Calico monthly roundup: October edition! From open source news to live events, we have exciting updates to share—let’s get into it!

 

Join us at KubeCon + CloudNativeCon North America 2023 We’re gearing up for KubeCon + CloudNativeCon 2023 in Chicago. Join us at booth #G13 for exciting Kubernetes security updates and pick up some cool new Calico swag! See what we’ve got planned.

Customer case study: eHealth Calico provides visibility and zero-trust security controls for eHealth on Amazon EKS. Read our new case study to find out how. Read case study.

Evaluating container firewalls for Kubernetes network security Learn why a traditional firewall architecture doesn’t work for modern cloud-native applications and results in a huge resource drain in a production environment. Read blog post

The State of Calico Open Source: Usage & Adoption Report 2023 Get insights into Calico’s adoption across container and Kubernetes environments, in terms of platforms, data planes, and policies. Read the report.

Open source news

• Read stories of Calico Open Source in action from our Calico Big Cats
  • Demystifying Calico Open Source: Empowering Your Network Security
  • Securing what others have overlooked with Calico
• Share your Calico Open Source journey and win Continue reading

0

HN708: The Future Of Networking With Brad Casemore – Part 1

The Future of Networking series continues with Brad Casemore, who survived multiple decades in the technology sector, including sixteen years as an analyst for IDC. He’s been a longtime observer of networking markets, technologies, and trends. Recently retired from the analyst business, we’ve invited Brad onto the show as a kind of exit interview to... Read more »

0

HN708: The Future Of Networking With Brad Casemore – Part 1

The Future of Networking series continues with Brad Casemore, who survived multiple decades in the technology sector, including sixteen years as an analyst for IDC. He's been a longtime observer of networking markets, technologies, and trends. We talk about the interest in AI and try to separate the hype from the reality, multi-cloud networking, and more.

The post HN708: The Future Of Networking With Brad Casemore – Part 1 appeared first on Packet Pushers.

0

How IIoT Networks Use SD-WAN: Navigating the Right Path for Sensors

Industrial Internet of Things sensors can use SD-WAN to securely transmit data to improve central management, optimize supply chains, and achieve more robust access control.

0

Enhancing Kubernetes Networking with the Gateway API

Kubernetes, the stalwart of container orchestration, has ushered in a new era of application deployment and management. But as the Kubernetes ecosystem evolves, networking  within these clusters has posed persistent challenges. Enter the Gateway API, a transformative solution poised to redefine Kubernetes networking as we know it. At its core, the Gateway API represents a paradigm shift in Kubernetes networking. It offers a standardized approach to configuring and managing network routing, traffic shaping, and security policies within Kubernetes clusters. This standardization brings with it a host of compelling advantages. Firstly, it simplifies the intricate world of networking. By providing a declarative and consistent method to define routing rules, it liberates developers and operators from the complexities of network intricacies. This shift allows them to channel their energies toward refining application logic. The Gateway API doesn’t stop there; it brings scalability to the forefront. Traditional Kubernetes networking solutions, like Ingress controllers, often falter under the weight of burgeoning workloads. In contrast, the Gateway API is engineered to gracefully handle high loads, promising superior performance for modern, dynamic applications. NGINX, now a part of F5, is the company behind the popular open source project, NGINX. NGINX offers a suite of technologies Continue reading

0

Video: Hacking BGP for Fun and Profit

At least some people learn from others’ mistakes: using the concepts proven by some well-publicized BGP leaks, malicious actors quickly figured out how to hijack BGP prefixes for fun and profit.

Fortunately, those shenanigans wouldn’t spread as far today as they did in the past – according to RoVista, most of the largest networks block the prefixes Route Origin Validation (ROV) marks as invalid.

Notes:

• ROV cannot stop all the hijacks, but it can identify more-specific-prefixes hijacks (assuming the origin AS did their job right).
• You’ll find more Network Security Fallacies videos in the How Networks Really Work webinar.

0

Video: Hacking BGP for Fun and Profit

At least some people learn from others’ mistakes: using the concepts proven by some well-publicized BGP leaks, malicious actors quickly figured out how to hijack BGP prefixes for fun and profit.

Fortunately, those shenanigans wouldn’t spread as far today as they did in the past – according to RoVista, most of the largest networks block the prefixes Route Origin Validation (ROV) marks as invalid.

Notes:

• ROV cannot stop all the hijacks, but it can identify more-specific-prefixes hijacks (assuming the origin AS did their job right).
• You’ll find more Network Security Fallacies videos in the How Networks Really Work webinar.

0

Unlocking IT Success: Navigating Talent Shortages with Integrated Solutions

Integrated solutions help overcome IT talent shortages, streamline IT operations, reduce costs, and empower existing talent.

0

KU039: Prepping For KubeCon North America 2023

The KubeCon excitement is catching as Michael Levan gets ready to attend for the first time. Grab a rundown of what to expect at the North American event this year as he and Kristina Devochko review sessions and provide advice on how to tackle the massive amount of content that’s on the schedule. A strong... Read more »

0

KU039: Prepping For KubeCon North America 2023

Grab a rundown of what to expect at KubeCon NA this year as Kubernetes Unpacked co-host Michael Levan prepares to hit the conference floor.

The post KU039: Prepping For KubeCon North America 2023 appeared first on Packet Pushers.

0

Hedge 201: Roundtable

It’s time to gather round the hedge and discuss whatever Eyvonne, Tom, and Russ find interesting! In this episode we discuss business logic vulnerabilities, and how we often forget to think outside the box to understand the attack surfaces that matter. We also discuss upcoming network speed increases like Wi-Fi 7 and 800G Ethernet. Do we really need these speeds, or are we just getting caught up in a hype cycle?

download

0

2024 network plans dogged by uncertainty, diverging strategies

It’s barely fall of 2023, but it’s already clear that CIOs aren’t particularly positive about their network plans for 2024. Of 83 I have input from, in fact, 59 say they expect “significant issues” in their network planning for next year, and 71 say that they’ll be “under more pressure” in 2024 than they were this year. Sure, CIOs have a high-pressure job, but their expectations for 2024 are worse than for any year in the past 20 years, other than during Covid. Nobody is saying it’s a “the sky is falling” crisis like the proverbial Chicken Little, but some might be hunching their shoulders just a little.It seems that in 2023, all the certainties CIOs had identified in their network planning up to now are being called into question. That isn’t limited to networking, either. In fact, 82 of 83 said their cloud spending is under review, and 78 said that their data center and software plans are also in flux. In fact, CIOs said their network pressures are due more to new issues relating to the cloud, the data center, and software overall than to any network-specific challenges. Given all of this, it’s probably not surprising Continue reading

0

Survey: Observability tools can create more resilient, secure networks

IT leaders are investing in observability technologies that can help them gain greater visibility beyond internal networks and build more resilient environments, according to recent research from Splunk.Splunk, which Cisco announced it would acquire for $28 billion, surveyed 1,750 observability practitioners to gauge investment and deployment of observability products as well as commitment to observability projects within their IT environments. According to the vendor’s State of Observability 2023 report, 87% of respondents now employ specialists who work exclusively on observability projects.To read this article in full, please click here

0

How to determine RTOs and RPOs for backup and recovery

When evaluating the design of your backup systems or developing a design of a new backup and recovery system, there are arguably only two metrics that matter: how fast you can recover, and how much data you will lose when you recover. If you build your design around the agreed-upon numbers for these two metrics, and then repeatedly test that you are able to meet those metrics in a recovery, you’ll be in good shape.The problem is that few people know what these metrics are for their organization. This isn’t a matter of ignorance, though. They don’t know what they are because no one ever created the metrics in the first place. And if you don’t have agreed upon metrics (also known as service levels), every recovery will be a failure because it will be judged against the unrealistic metrics in everyone’s heads. With the exception of those who are intimately familiar with the backup and disaster recovery system, most people have no idea how long recoveries actually take.To read this article in full, please click here

0

How to determine RTOs and RPOs for backup and recovery

When evaluating the design of your backup systems or developing a design of a new backup and recovery system, there are arguably only two metrics that matter: how fast you can recover, and how much data you will lose when you recover. If you build your design around the agreed-upon numbers for these two metrics, and then repeatedly test that you are able to meet those metrics in a recovery, you’ll be in good shape.The problem is that few people know what these metrics are for their organization. This isn’t a matter of ignorance, though. They don’t know what they are because no one ever created the metrics in the first place. And if you don’t have agreed upon metrics (also known as service levels), every recovery will be a failure because it will be judged against the unrealistic metrics in everyone’s heads. With the exception of those who are intimately familiar with the backup and disaster recovery system, most people have no idea how long recoveries actually take.To read this article in full, please click here

0

UK to house three new supercomputers by 2025

The UK government has revealed technical and funding details for what will be one of the world’s fastest AI supercomputers, to be housed at the University of Bristol — and one of three new supercomputers slated to go online in the country over the next few years.Dubbed Isambard-AI, the new machine, first announced in September, will be built with HPE’s Cray EX supercomputers and powered by 5,448 NVIDIA GH200 Grace Hopper Superchips. The chips, which were launched by Nivida earlier this year, provide three times as much memory as the chipmaker’s current edge AI GPU, the H100, and 21 exaflops of AI performance.  To read this article in full, please click here

0

UK to house three new supercomputers by 2025

The UK government has revealed technical and funding details for what will be one of the world’s fastest AI supercomputers, to be housed at the University of Bristol — and one of three new supercomputers slated to go online in the country over the next few years.Dubbed Isambard-AI, the new machine, first announced in September, will be built with HPE’s Cray EX supercomputers and powered by 5,448 NVIDIA GH200 Grace Hopper Superchips. The chips, which were launched by Nivida earlier this year, provide three times as much memory as the chipmaker’s current edge AI GPU, the H100, and 21 exaflops of AI performance.  To read this article in full, please click here

0

How to calculate factorials in Linux

In this video transcript, Sandra Henry-Stocker discusses how to calculate factorials on a Linux system. She explains that factorials are the multiplication of numbers starting with a specified number and decreasing incrementally until reaching 1. To calculate factorials on Linux, you can use commands like "seq" and "bc." The "seq" command is used to generate a list of sequential numbers, and the "bc" command is used to perform the factorial calculations.

0

IPB138: Making Sense Of DHCPv6 Prefix Delegation (DHCPv6-PD)

DHCPv6 Prefix Delegation (DHCPv6-PD) is an IETF RFC that lets one router delegate a long-lived prefix, using DHCP, to a requesting router. What’s the need for this? As the RFC notes, some applications expect stable addresses. It also notes: It is appropriate for situations in which the delegating router does not have knowledge about the... Read more »

0

IPv6 Buzz 138: Making Sense Of DHCPv6 Prefix Delegation (DHCPv6-PD)

DHCPv6 Prefix Delegation (DHCPv6-PD) is an IETF RFC that lets a router delegate a long-lived prefix, using DHCP, to a requesting router. The hosts discuss how this is used today both by service providers and in the enterprise, and potential impacts on address allocation and planning.

The post IPv6 Buzz 138: Making Sense Of DHCPv6 Prefix Delegation (DHCPv6-PD) appeared first on Packet Pushers.