BrandPost: Do your campus core switches deserve more?

By: Sue Gillespie, Senior Product Marketing Manager, HPE Aruba Networking.Creating a secure, high-performance, always-on network that’s designed for operational efficiency and growth begins with a modern infrastructure—and depends on campus core switches to be the beating heart of enterprise connectivity. Because of this key role, campus core switch capabilities directly impact user and device experience, network security, and IT operational efficiency.What is a campus core switch?These are typically Ethernet switches that manage traffic coming to and from aggregation switches, the wide area network (WAN), and the internet via router or gateway. Network architectures often deploy either 2-tier collapsed core approaches with a single switch playing the role of both core switch and aggregation (distribution) switch or a 3-tier approach with separate core and aggregation switches.  Here’s an example of a 3-tier network from our ESP Campus Design Validated Solution Guide:To read this article in full, please click here

Day Two Cloud 199: Platform Engineering With Suzanne Daniels

Welcome to this episode of Day Two Cloud! Today, we'll be diving into the world of platform engineering and internal developer portals. Our special guest, Suzanne Daniels, Developer Relations Lead at Port, will be sharing her insights on how platform engineering can take your DevOps journey to the next level. With platform engineering, you can treat technology as a product and developers as customers, resulting in a more efficient and effective workflow.

Day Two Cloud 199: Platform Engineering With Suzanne Daniels

Welcome to this episode of Day Two Cloud! Today, we'll be diving into the world of platform engineering and internal developer portals. Our special guest, Suzanne Daniels, Developer Relations Lead at Port, will be sharing her insights on how platform engineering can take your DevOps journey to the next level. With platform engineering, you can treat technology as a product and developers as customers, resulting in a more efficient and effective workflow.

The post Day Two Cloud 199: Platform Engineering With Suzanne Daniels appeared first on Packet Pushers.

Technical Blog: What you can’t do with Kubernetes network policies (unless you use Calico): TLS Encryption

Kubernetes documentation clearly defines what use cases you can achieve using Kubernetes network policies and what you can’t. You are probably familiar with the scope of network policies and how to use them to secure your workload from undesirable connections. Although it is possible to cover the basics with Kubernetes native network policies, there is a list of use cases that you cannot implement by just using these policies. You can refer to the Kubernetes documentation to review the list of “What you can’t do with network policies (at least, not yet)”.

Here are some of the use cases that you cannot implement using only the native Kubernetes network policy API (transcribed from the Kubernetes documentation):

  • Forcing internal cluster traffic to go through a common gateway.
  • Anything TLS related.
  • Node specific policies.
  • Creation or management of “Policy requests” that are fulfilled by a third party.
  • Default policies which are applied to all namespaces or pods.
  • Advanced policy querying and reachability tooling.
  • The ability to log network security events.
  • The ability to explicitly deny policies.
  • The ability to prevent loopback or incoming host traffic (Pods cannot currently block localhost access, nor do they have the ability to block access Continue reading

Using AI for Attack Attribution

While I was hanging out at Cisco Live last week, I had a fun conversation with someone about the use of AI in security. We’ve seen a lot of companies jump in to add AI-enabled services to their platforms and offerings. I’m not going to spend time debating the merits of it or trying to argue for AI versus machine learning (ML). What I do want to talk about is something that I feel might be a little overlooked when it comes to using AI in security research.

Whodunnit?

After a big breach notification or a report that something has been exposed there are two separate races that start. The most visible is the one to patch the exploit and contain the damage. Figure out what’s broken and fix it so there’s no more threat of attack. The other race involves figuring out who is responsible for causing the issue.

Attribution is something that security researchers value highly in the post-mortem of an attack. If the attack is the first of its kind the researchers want to know who caused it. They want to see if the attackers are someone new on the scene that have developed new tools and Continue reading

Red Hat Launches OpenStack Platform 17.1 with Enhanced Security

VANCOUVER — At OpenStack Platform 17.1. This release is the product of the company’s ongoing commitment to support telecoms as they build their next-generation 5G network infrastructures. In addition to bridging existing 4G technologies with emerging 5G networks, the platform enables advanced use cases like Red Hat OpenShift, the company’s

Heavy Networking 685: Opengear With Zero Trust Approach in the Out of Band (sponsored)

Remote operation of infrastructure has renewed importance in the era of remote working. Opengear offers secure, zero trust and segmented methods to reach serial & LAN ports plus GUI interfaces. You can add observability agents like Thousand Eyes into containers so that your worst day becomes just another day.

The post Heavy Networking 685: Opengear With Zero Trust Approach in the Out of Band (sponsored) appeared first on Packet Pushers.

AWS customers struggle for hours after a major outage

Amazon Web Services (AWS) on Tuesday said its North Virginia (US-East-1) region faced disruption in services for nearly four hours, affecting thousands of customers.“Between 11:49 AM PDT and 3:37 PM PDT, we experienced increased error rates and latencies for multiple AWS Services in the US-EAST-1 region,” AWS wrote on its health status page, adding that at least 104 of its services were affected during the outage.AWS services that were malfunctioning during these four hours included the likes of AWS Management Console, Amazon SageMaker, AWS Glue, Amazon Connect, AWS Fargate, and Amazon GuardDuty.To read this article in full, please click here

EIGRP Stub Routers

Years ago I wrote an article describing how EIGRP stub routers work and how you should use them in redundant remote sites to make sure link- or node failures don’t result in partial connectivity. That article is now available on ipSpace.net; I hope at least someone will find it useful. I know it’s about ancient technology, but then people are still running COBOL on mainframes.

EIGRP Stub Routers

Years ago I wrote an article describing how EIGRP stub routers work and how you should use them in redundant remote sites to make sure link- or node failures don’t result in partial connectivity. That article is now available on ipSpace.net; I hope at least someone will find it useful. I know it’s about ancient technology, but then people are still running COBOL on mainframes.

The Third Time Charm Of AMD’s Instinct GPU

The great thing about the Cambrian explosion in compute that has been forced by the end of Dennard scaling of clock frequencies and Moore’s Law lowering in the cost of transistors is not only that we are getting an increasing diversity of highly tuned compute engines and broadening SKU stacks across those engines, but also that we are getting many different interpretations of the CPU, GPU, DPU, and FPGA themes.

The Third Time Charm Of AMD’s Instinct GPU was written by Timothy Prickett Morgan at The Next Platform.

Sharing, compressing and password-protecting files on Linux

Keeping your files private from anyone but those with superuser (root) access is easy on Linux. File permissions provide everything you need. By default, you'll have a username and primary group assigned to your account, and you can use the chmod (change mode) command to control what anyone else can view or change.(If permissions like "750" and "rwxr-x---" don't ring any bells for you, check out these posts for insights into how file permissions work on Linux: A deeper dive into Linux permissions and Unix: beyond group and everyone else)To read this article in full, please click here

1 227 228 229 230 231 3,789