Introducing VMware Secure App IX

Today, we are thrilled to announce VMware Secure App IX, a new offering designed to help cloud IT and Cloud Center of Excellence (CCoE) teams achieve borderless governance and compliance by securely connecting applications in multi-cloud environments and application teams and lines of business (LOB) by accelerating their digital transformation initiatives.

Enterprises are increasingly running applications in the cloud to drive innovation, agility, and growth. As organizations adopt multi-cloud strategies to leverage the strengths of different cloud providers, they face new challenges with ensuring secure and compliant application connectivity across clouds and platforms.

In their drive to innovate and compete, enterprises have embraced multiple cloud environments. Multi-cloud adoption has increased the need for seamless and secure application connectivity across disparate clouds, app workloads, data services, and application architectures.

Needs of Cloud IT & CCoE Teams

Cloud IT and Cloud Center of Excellence (CCoE) teams must address many complex requirements when providing secure connectivity for applications running in the cloud. Let’s look at some of these requirements in more detail.

Any-to-Any Secure Connectivity

Enterprise application modernization is an ongoing process rather than a one-time event. As new technologies emerge and business needs evolve, enterprises must continually update and modernize their Continue reading

Understanding Linux file system types

You may not spend much time contemplating the characteristics of the file systems on your Linux system, but the differences between the various file system types can be both interesting and highly relevant. This article explains commands that you can use to verify your file system types and describes their differences.Commands that report file system types There are a number of Linux commands that will display file system types along with the file system names, mount points and such. Some will also display sizes and available disk space.Using df -Th The df command with the "T" (show file system type) and "h" (use human-friendly sizes) options provides a very useful look at the file systems on a Linux system. Here's an example:To read this article in full, please click here

Understanding Linux file system types

You may not spend much time contemplating the characteristics of the file systems on your Linux system, but the differences between the various file system types can be both interesting and highly relevant. This article explains commands that you can use to verify your file system types and describes their differences.Commands that report file system types There are a number of Linux commands that will display file system types along with the file system names, mount points and such. Some will also display sizes and available disk space.Using df -Th The df command with the "T" (show file system type) and "h" (use human-friendly sizes) options provides a very useful look at the file systems on a Linux system. Here's an example:To read this article in full, please click here

Network Identity Redefined for Zero Trust Enterprises

Network Identity Redefined for Zero Trust Enterprises

The perimeter of networks is changing and collapsing. In a zero trust network, no one and no thing is trusted from inside or outside of the enterprise network without verification or network access control (NAC). However, for years, organizations have been saddled with bolt-on NAC  technologies that deliver cost complexity while failing to be effective. Instead, security-conscious organizations are shifting to a “microperimeter” enterprise that embeds security into the network infrastructure as the proactive way to defend today’s wider attack surface.

Intel seeks momentum two years into Gelsinger’s turnaround effort

When Pat Gelsinger returned to Intel as its CEO in February 2021, he took over a company that had been battered by mismanagement and weakened by competition.Intel had lost significant ground in process-node development to Taiwanese chipmaker TSMC. While TSMC was making transistors at 7nm, Intel was struggling to get 10nm. AMD was besting Intel in both client and server performance and taking more market share with each passing quarter. Nvidia was on its steady march of domination in the GPU market and gaining mindshare as the ultimate AI processing vendor.To read this article in full, please click here

Intel seeks momentum two years into Gelsinger’s turnaround effort

When Pat Gelsinger returned to Intel as its CEO in February 2021, he took over a company that had been battered by mismanagement and weakened by competition.Intel had lost significant ground in process-node development to Taiwanese chipmaker TSMC. While TSMC was making transistors at 7nm, Intel was struggling to get 10nm. AMD was besting Intel in both client and server performance and taking more market share with each passing quarter. Nvidia was on its steady march of domination in the GPU market and gaining mindshare as the ultimate AI processing vendor.To read this article in full, please click here

Use Existing (DMVPN) Device Configurations in netlab

Anne Baretta decided to use netlab to test a proposed DMVPN topology. As netlab doesn’t support DMVPN (and probably never will), he decided to use netlab capabilities to start the lab topology and perform initial configuration, adding DMVPN configuration commands as custom configurations. Here’s how he described the process:

In this case I used netlab as a quick way to get a topology up and running, and then add the DMVPN configuration by hand.

Read more …

Use Existing Device Configurations in netlab

Anne Baretta decided to use netlab to test a proposed DMVPN topology. As netlab doesn’t support DMVPN (and probably never will), he decided to use netlab capabilities to start the lab topology and perform initial configuration, adding DMVPN configuration commands as custom configurations. Here’s how he described the process:

In this case I used netlab as a quick way to get a topology up and running, and then add the DMVPN configuration by hand.

Read more …

Linking statically, and glibc breaking userspace for fun

glibc is annoyingly eager to break userspace. You can’t just build something that only depends on libc and expect it to work on all linux systems of that architecture.

I don’t know why Linus Torvalds keeps insisting “we do not break userspace” as a policy for the kernel when libc seems to make that exact thing a hobby. And either way the userspace programs break.

Compiling static (including libc) is frowed upon, and has even had known breakages left unaddressed.

E.g. setlocale() had a strange bug where for new threads you had to first set the locale to the wrong locale, and then call it again to set it to the right one. Otherwise the new thread would be in a weird state where the local is wrong, but it thought it’s right, so won’t allow you to change it to what it thought it already was.

I can’t find the bug now (I ran into this around 2004-2005), but the official response was basically “well don’t compile statically, then”.

And DNS can be broken with static glibc. “a statically linked glibc can’t use NSS (Name Service Switch) modules from a different glibc version, so if you statically link Continue reading

Counting current live readers

Once upon a time it was popular to put a counter on your web page, to show how many people had visited the site before you. I thought it be more fun, and less bragging about how long the page has existed, if it just showed who’s reading it now.

As I mentioned in a previous post, I’m learning Rust. My teaching project has been to make this web widget that shows the current number of browsers that that have the page open.

You see this counter here on the blog in the top right.

The idea is pretty simple. Have some javascript open a websocket to a server, and stream down messages with the current count, as it changes. When a client connects or disconnects, inform all other clients of the new total.

This does mean that it needs to keep one TCP connection open per client, which may be too costly for some sites. Especially since I’m putting it behind an nginx, so the machine needs to keep 3x the state.

I’m not logging anything to disk, nor sharing anything between the clients except for the current count. It’s just an amusing publicly visible presence counter.

Actually, because Continue reading

Controversial Reads 042223


Tech companies are embedding these deeply flawed models into all sorts of products, from programs that generate code to virtual assistants that sift through our emails and calendars.


On the morning of October 14, 2020, I caught a firsthand glimpse of what it’s like for a traditional media outlet to go up against the vast agglomeration of economic and digital power known as Big Tech—and to do so without the benefit of what economist John Kenneth Galbraith defined as countervailing power.


Former Google CEO Eric Schmidt said that artificial intelligence could hurt American politics and needs to be reined in.


The National Assembly’s decision to greenlight the bill followed months of debate about one section in particular — Article 7 — which permits the use of AI-assisted video surveillance technology by law enforcement during and up to six months after the Games.


Calling a business, civic organization, or even school a family may be well-intended but comes with unintended consequences that do an injustice to the necessary commitments that should be made to our actual families.


If normal means mass layoffs, empty office buildings, confusing return-to-office policies, AI panic, and the whiplash-y feeling that just when employees were Continue reading

Weekend Reads 042123

A new report from analyst firm Omdia suggests operators’ best chance of growth in the consumer market comes from partnering with Big Tech.


In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year.


When folks ask me for an estimate of the cost of building aerial fiber, I always say that the cost is dependent upon the amount of required make-ready needed. Make-ready is well-named – it’s any work that must be done on poles to be ready to string the new fiber.


On 10 February 2023, Reddit announced it suffered a security incident where a phishing campaign led an employee to a website that imitated the network’s intranet gateway.


This video looks at various Kubernetes vulnerabilities and their severity scores to help you understand how to evaluate CVEs so you can prioritize remediation. It also shows different options and sources of CVEs.


It is almost 25 years since the Internet was privatized by the U.S. government. ICANN was formed by Esther Dyson and Jon Postel as a California-based non-profit with the responsibility to administer the Internet.


The series glamourized Continue reading

1 252 253 254 255 256 3,783