Introduction to VXLAN

In the previous post, we looked at some of the challenges with L2-based networks. Now let’s start diving into what VXLAN is and what it can provide. First, let’s talk about overlays.

Overlays

Overlays are not new. We have had overlays for many years. The most well known ones are probably GRE and MPLS. In general, overlays are used to create a level of indirection that extends network capabilities. For example, MPLS L3 VPNs provided some of these capabilities to IP networks:

  • Segmentation.
  • Overlapping IPs.
  • Custom topologies.
  • Scaling.
  • Multihoming.

With overlays, intelligence is often pushed to the edge of the network while intermediate devices can be “dumb”. This can reduce costs as not all devices need the advanced features. How does an overlay work? To create the indirection, the original frame or packet needs to be encapsulated. Depending on the type of overlay, the frame or packet could get encapsulated into another frame or packet. The transport between the overlay nodes is called the underlay. This is the network that transports packets between the nodes. For VXLAN, this is a layer 3 network.

Because overlays encapsulate frames or packets, the size of the frame or packet will increase. To compensate Continue reading

Chipping Away

So far, the silicon technology at the heart of this revolution has been truly prodigious. The processes of assembling silicon wafers and the superimposition of tracks and gates hs been the subject of continual refinement, and some 75 years after the invention of the transistor we are now able to cram almost a trillion of them onto a silicon wafer not much biggeer than a fingernail. Have we reached the end of this silicon road, or is there more to come?

Data replication works best when combined with robust backups

Data replication has stood the test of time, providing organizations with a reliable means of safeguarding critical information for decades. Replication creates redundant copies of vital data, ensuring its availability and resiliency in case of disasters or system failures. In this article, I will explore the intricacies of data replication, examining its fundamental components, types, and potential limitations.Data replication starts with the selection of a source volume or filesystem that needs protection. This source volume might be a virtual disk, often referred to as a LUN (logical unit number), sourced from a storage array or volume manager. It may also take the form of a filesystem. Replication can occur either at the block level, a common practice due to its efficiency, or at the filesystem level, although the latter tends to be less favored for its relatively inferior performance.To read this article in full, please click here

Data replication works best when combined with robust backups

Data replication has stood the test of time, providing organizations with a reliable means of safeguarding critical information for decades. Replication creates redundant copies of vital data, ensuring its availability and resiliency in case of disasters or system failures. In this article, I will explore the intricacies of data replication, examining its fundamental components, types, and potential limitations.Data replication starts with the selection of a source volume or filesystem that needs protection. This source volume might be a virtual disk, often referred to as a LUN (logical unit number), sourced from a storage array or volume manager. It may also take the form of a filesystem. Replication can occur either at the block level, a common practice due to its efficiency, or at the filesystem level, although the latter tends to be less favored for its relatively inferior performance.To read this article in full, please click here

Supermicro Sets Its Sights On $20 Billion Business

Only a few years ago, motherboard and system maker Supermicro set a target of breaking through $10 billion in sales, and thanks to the explosion in systems for training and inference for AI applications, it looks like the company is going to bust through that goal in its fiscal 2025 ending next June.

The post Supermicro Sets Its Sights On $20 Billion Business first appeared on The Next Platform.

Supermicro Sets Its Sights On $20 Billion Business was written by Timothy Prickett Morgan at The Next Platform.

The Swedbank Outage shows that Change Controls don’t work

This week I’ve been reading through the recent judgment from the Swedish FSA on the Swedbank outage. If you’re unfamiliar with this story, Swedbank had a major outage in April 2022 that was caused by an unapproved change to their IT systems. It temporarily left nearly a million customers with incorrect balances, many of whom were unable to meet payments. 

After investigation, the regulator found that Swedbank had not followed their change management process and issued a SEK850M (~85M USD) fine. That’s a lot of money to you and me, but probably didn’t impact their bottom line very much. Either way I’m sure the whole episode will have been a big wake up call for the people at the bank whose job it is to ensure adequate risk and change controls. So, what went wrong and how could it have been avoided? 

How did the Swedbank incident happen?

The judgment doesn’t describe the technical details behind the incident, but it does provide glimpses into how they assessed what went wrong:

  • “The deficiencies that were present in Swedbank’s internal control made it possible to make changes to one of the bank’s most central IT systems without following the process Continue reading

Endace Debuts Packet Capture Software For Public Clouds

Endace has announced a new offering that can capture packets inside your public cloud deployments. Called EndaceProbe Cloud, the offering is available for AWS and Azure public clouds. It can also be deployed in VMware-based private clouds. Why capture packets in the cloud? Endace says the top two customer drivers are security and performance monitoring. […]

The post Endace Debuts Packet Capture Software For Public Clouds appeared first on Packet Pushers.

Three Common Reasons For Analytics And AI Project Failure

ADVERTORIAL: According to the 2023 Dataiku-sponsored IDC InfoBrief — Create More Business Value From Your Organizational Data — “Although [AI] adoption is rapidly expanding, project failure rates remain high.

The post Three Common Reasons For Analytics And AI Project Failure first appeared on The Next Platform.

Three Common Reasons For Analytics And AI Project Failure was written by Martin Courtney at The Next Platform.

Day Two Cloud 207: Making Sense Of SSE, SASE, And SD-WAN

On today's Day Two Cloud we examine the similarities and differences among SSE and SASE, which provide cloud-delivered security; and SD-WAN, which can provide connections to these services. We also discuss the drivers for cloud-delivered security, the role of networking, where and how zero trust can come into play, some of the big players in these spaces, and more.

Day Two Cloud 207: Making Sense Of SSE, SASE, And SD-WAN

On today's Day Two Cloud we examine the similarities and differences among SSE and SASE, which provide cloud-delivered security; and SD-WAN, which can provide connections to these services. We also discuss the drivers for cloud-delivered security, the role of networking, where and how zero trust can come into play, some of the big players in these spaces, and more.

The post Day Two Cloud 207: Making Sense Of SSE, SASE, And SD-WAN appeared first on Packet Pushers.

Introducing Cloudflare’s 2023 phishing threats report

Introducing Cloudflare's 2023 phishing threats report
Introducing Cloudflare's 2023 phishing threats report

After shutting down a ‘phishing-as-a-service’ operation that impacted thousands of victims in 43 countries, INTERPOL recently noted, “Cyberattacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating.” Business email compromise (BEC), a type of malware-less attack that tricks recipients into transferring funds — for example — has cost victims worldwide more than $50 billion, according to the FBI.

It is estimated that 90% of successful cyber attacks start with email phishing, which continues to be very lucrative for attackers. There is not much today that can be done to stop phishing attempts. However, to prevent successful attacks, it is important to understand (and proactively address) evolving phishing trends — including the ways attackers cleverly exploit intended victims’ trust in “known” email senders. To that end, this week Cloudflare published its first Phishing Threats Report.

This report explores key phishing trends and related recommendations, based on email security data from May 2022 to May 2023. During that time, Cloudflare processed approximately 13 billion emails, which included blocking approximately 250 million malicious messages from reaching customers’ inboxes. The report is also informed by a Cloudflare-commissioned survey Continue reading

Free Subscription No Longer Needed to Watch the ipSpace.net Videos

I’m publishing a link to a free ipSpace.net video several times each month, usually with a notice saying you need free subscription to watch the video. I had to put that limitation in place when I was hosting videos on AWS S3 – unlimited streaming could explode my AWS bill.

Recently I moved the video storage to Cloudflare R2. Cloudflare claims they will never charge egress fees, and as long as that’s true (and they don’t start chasing me for generating too much traffic) I see no reason to bother you with registration and login procedures – starting immediately, you can watch the free ipSpace.net videos without an ipSpace.net account.

Free Subscription No Longer Needed to Watch the ipSpace.net Videos

I’m publishing a link to a free ipSpace.net video several times each month, usually with a notice saying you need free subscription to watch the video. I had to put that limitation in place when I was hosting videos on AWS S3 – unlimited streaming could explode my AWS bill.

Recently I moved the video storage to Cloudflare R2. Cloudflare claims they will never charge egress fees, and as long as that’s true (and they don’t start chasing me for generating too much traffic) I see no reason to bother you with registration and login procedures – starting immediately, you can watch the free ipSpace.net videos without an ipSpace.net account.

AWS CLIv2 on OpenBSD

The AWS CLI is a tool set that lets you manage your AWS resources. The CLI comes in two versions which, at the time of this writing, are developed concurrently: version 1 and version 2.

Internally, the AWS CLIv1 and v2 are quite different. Version 2 pulls in AWS libraries--libraries which are used across the AWS SDK ecosystem--rather than reinventing the wheel when it comes to common tasks, such as talking to Amazon S3. Running AWS CLIv2 on your operating system of choice requires building and installing these common AWS libraries.

I contributed changes to s2n-tls, aws-lc, the Python runtime, some build tooling, and various other libraries. As a result, the AWS CLIv2 now builds and runs on OpenBSD.

To make installation simple, I've created an OpenBSD port for CLIv2 and its dependencies. Instructions for installing the port are below.

Read the rest of this post.

1 245 246 247 248 249 3,840