NetworkingNexus.net

Silent Hosts in EVPN Fabrics

The Dynamic MAC Learning versus EVPN blog post triggered tons of interesting responses describing edge cases and vendor ~~bugs~~ implementation details, including an age-old case of silent hosts described by Nitzan:

Few years ago in EVPN network, I saw drops on the multicast queue (ingress replication goes to that queue). After analyzing it we found that the root cause is vMotion (the hosts in that VLAN are silent) which starts at a very high rate before the source leaf learns the destination MAC.

It turns out that the behavior they experienced was caused by a particularly slow EVPN implementation, so it’s not exactly the case of silent hosts, but let’s dig deeper into what could happen when you do have silent hosts attached to an EVPN fabric.

Cisco wants you to buy now, pay later

Cisco today announced a new finance program that encourages customers to buy products and services now without having to start paying for them till 2024.Specifically the Cisco Capital Business Acceleration Program will let customers purchasing Cisco products before July 29, 2023, and defer all payments until 2024. Payments deferred until 2024 would be based on the total amount financed and contract terms, the vendor stated.Cisco said another flexible payment option is available for its partners to let their customers buy Cisco technology today, and pay later, the vendor said in a statement.The entirety of Cisco’s portfolio is eligible for the program, including hardware, software, and services, as well as select partner services and third-party hardware. In addition the Cisco Refresh portfolio of Cisco certified remanufactured products is also eligible for organizations that want to acquire used gear, the vendor stated.To read this article in full, please click here

Cisco wants you to buy now, pay later

Cisco cements software intentions with API, developer programs

Cisco continues to signal its desire to become a major software player, most recently with its emphasis on API advancements and its commitment to building a bigger development community around that effort.The average enterprise uses 1,935 applications—a 15% increase from five years ago, according to Cisco. And each of these apps is accessible via dozens of APIs from vendors, developers and homegrown sources.“We are conducting 8 billion API calls on a monthly basis. And just to give you an idea of the proliferation of that adoption, at the end of 2018 it was 20 million,” said Anne Gentle, developer experience manager with Cisco.Last year, Cisco announced its API First strategy, which prioritizes API development in all Cisco products to ensure efficient communication among applications, services and systems.To read this article in full, please click here

Data center sustainability becoming the norm, not the exception

The proportion of companies implementing a data center infrastructure sustainability program will rise from about 5% in 2022 all the way to 75% by 2027, as sustainability becomes an increasingly central consideration for cost optimization and risk management, according to new data from Gartner Research.Respondents to a recent global survey of 221 IT leaders conducted by Gartner said that sustainability is already on the march within their organizations, with 42% saying that environmentally friendly choices are helping to drive business growth and provide a differentiator to their competition, and 29% reporting that it’s helping to create strategic value through industry partnerships.To read this article in full, please click here

Data center sustainability becoming the norm, not the exception

AMD Says AI Is The Number One Priority Right Now

When it comes to an economy, you get what we collectively expect. …

AMD Says AI Is The Number One Priority Right Now was written by Timothy Prickett Morgan at The Next Platform.

Community Spotlight series: Calico Open Source user insights from Saurabh Mishra

In this issue of the Calico Community Spotlight series, I’ve asked Saurabh Mishra from Vodafone to share his experience with Kubernetes and Calico Open Source. Let’s take a look at how Saurabh started his Kubernetes journey and the insights he gained from Calico Open Source.

Q: Please tell us a little bit about yourself, including where you currently work and what you do there.

I am working as a DevOps Manager with Vodafone Group. I am responsible for managing Kubernetes and cloud-based environments. I’m particularly interested in all things related to cloud, automation, machine learning, and DevOps.

Q: What orchestrator(s) have you been using?

Kubernetes.

Q: What cloud infrastructure(s) has been a part of your projects?

Amazon Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE).

Q: There are many people who are just getting started with Kubernetes and might have a lot of questions. Could you please talk a little bit about your own journey?

Kubernetes is a fully open-source project. It’s purposely designed this way so it can work with other open-source tools to create continuous improvements and innovations. In our team, we are using Kubernetes in non-production and production environments to run and manage critical Continue reading

Take Ansible validated content to the next level with Event-Driven Ansible

Validated content with event-driven ansible twitter (1)

Cloud computing has become an essential factor in IT transformation and business innovation. The highly dynamic nature of cloud environments, where new resources are constantly being added and removed, poses new challenges. One of the main challenges organizations face is the lack of visibility into the cloud environment. As cloud computing continues to grow in complexity, it can be challenging to keep track of all the different resources and applications that make up the infrastructure. This lack of visibility can make it difficult to maintain security policies and configurations, making the infrastructure vulnerable to attacks.

In this context, another challenge is the need to maintain compliance with industry regulations and standards. Depending on the industry and location, there may be specific regulations that organizations must comply with when storing and processing sensitive data in the cloud. Ensuring compliance can be a time-consuming and costly process.

Without automation and proactive monitoring, cloud environments are difficult and complex to manage. In this context, Ansible offers a plethora of tools, such as Ansible validated content and Event-Driven Ansible, that can help you to successfully mitigate security threats while also streamlining your operations and reducing costs.

In this blog post, we will show you Continue reading

AWS secures access to cloud apps without using VPNs

Amazon Web Services has launched a service that secures user access to its cloud applications without requiring a VPN.AWS Verified Access, which the company previewed last November, validates every application request using Zero Trust principles before granting access to applications. Since AWS previewed the networking service, it has added two new features: AWS Web Application Firewall (WAF) and the ability to pass signed identity context to customers’ application endpoints.To read this article in full, please click here

AWS secures access to cloud apps without using VPNs

Cloudflare is faster than Netskope and Zscaler across LATAM

This post is also available in Español and Português.

Last CIO Week, we showed you how our network stacks up against competitors across several countries. We demonstrated with our tests that Cloudflare Access is 38% faster than ZScaler (ZPA) worldwide.

Today we wanted to focus on LATAM and show how our network performed against Zscaler and Netskope in Argentina, Brazil, Chile, Colombia, Costa Rica, Ecuador, Mexico, Peru, Uruguay and Venezuela.

With 47 data centers across Latin America and Caribbean, Cloudflare has the largest number of SASE Points of Presence across all vendors, meaning we can offer our Zero Trust services closer to the end user and reduce unwanted latency.

We’ve run a series of tests comparing our Zero Trust Network Access product against Zscaler and Netskope’s comparable products.

For each of these tests, we used 95th percentile Time to First Byte and Response tests, which measure the time it takes for a user to make a request, and get the start of the response (Time to First Byte), and the end of the response (Response). These tests were designed with the goal of trying to measure performance from an end-user perspective.

In this blog we’re going to talk about Continue reading

How to handle IT vendors’ worst bad habits

Most enterprises have what they describe as a cordial relationship with their network vendors, but roughly a third say their relationship is guarded, and more than a few say it’s suspicious. That’s a pretty broad range of views, but every enterprise I’ve chatted with says there are things they don’t want their vendors to do, and don’t like it if the vendors do them. Most also say they take steps to prevent these things, and the steps they recommend are really interesting.Vendors shouldn’t finger-point The top don’t-do for vendors by far is finger-pointing, meaning trying to deflect responsibility for an issue by blaming someone else. I remember well a meeting where the CIO of a healthcare company sprained his shoulder when he threw a ten-pound, bound listing of problem proofs at a network vendor VP who didn’t want to admit responsibility. (He him square in the chest, by the way.) This is surely an extreme reaction, but every single enterprise in the over-200 I’ve talked to about this in the last year said that their network vendors had evaded a problem or obstructed problem determination at least once.To read this article in full, please click here

Certifications that can land you a job as a network-automation engineer

Modern networks require more dynamic changes than traditional networks, and the solution to building these dynamic capabilities is network automation, which means the job of network engineers is changing.Historically, network reconfigurations required manual work that might require network downtime while changes were made. Network automation has the potential to mitigate this downtime by re-routing network traffic or scheduling the downtime for off-peak hours.To meet the challenges of this change, traditionally trained network engineers may benefit from certifications in automation. Engineers need ways to minimize the time-consuming, error-prone manual changes that ever-changing workloads demand.To read this article in full, please click here

Small Site EBGP-Only Design

One of my subscribers found an unusual BGP specimen in the wild:

It was a small site with two core switches and a WAN edge router
The site had VPN concentrators running in virtual machines
The WAN edge router was running BGP across WAN IPsec tunnels
The VPN concentrators were running BGP with core switches.

So far so good, and kudos to whoever realized BGP is the only sane protocol to run between virtual machines and network core. However, the routing in the network core was implemented with EBGP sessions between the three core devices, and my subscriber thought the correct way to do it would be to use IBGP and OSPF.

Small Site EBGP-Only Design

One of my subscribers found an unusual BGP specimen in the wild:

It was a small site with two core switches and a WAN edge router
The site had VPN concentrators running in virtual machines
The WAN edge router was running BGP across WAN IPsec tunnels
The VPN concentrators were running BGP with core switches.

The Skills Gap For Fortran Looms Large In HPC

Back in the dawn of time, which is four decades ago in computer science and which was before technical computing went mainstream with the advent of Unix workstations and their beefy server cousins, the computer science students we knew at college had taught themselves BASIC on either TRS-80s or Commodore VICs and they went to college to learn something useful like COBOL and maybe got a smattering of C and Pascal, or occasionally even RPG, for variety. …

The Skills Gap For Fortran Looms Large In HPC was written by Timothy Prickett Morgan at The Next Platform.

RSAC 2023 interview: Tigera talks cloud-native security on theCUBE

During RSA Conference 2023, Utpal Bhatt sat down with SiliconANGLE & theCUBE host, John Furrier, to talk cloud-native security. Watch the full interview below.

Here’s a sneak peak of what’s inside…

“Cloud-native applications have fundamentally changed how security gets done. There are a lot of challenges that cloud-native applications bring to the table, given their large attack surface. You have attack vectors in your coding, CI/CD pipeline, deployment, and runtime. And I think that’s what organizations are realizing, that hey, this is fundamentally a different kind of architecture and we need to look at it differently.” —Utpal Bhatt, CMO at Tigera

“Cloud-native applications have fundamentally changed how security gets done. And there are a lot of challenges that cloud-native applications bring to the table, which is what organizations are realizing. If you think about organizations moving into the cloud, the majority have traditionally done a lift and shift. But now they’re recognizing that in order to get the economics right, they need to start developing cloud-native technologies, which are highly distributed, ephemeral, and transient. So all your standard security tools just really don’t work in that environment because you have a really large Continue reading

US, EU pressure Malaysia to bar Huawei hardware from 5G network

The US and the EU have put heavy diplomatic pressure on the government of Malaysia, urging it to bar Chinese networking equipment vendor Huawei from its state-owned 5G network, according to the Financial Times.Letters from the US ambassador to the country, Brian McFeeters, and from the head of the EU delegation to Malaysia, Michalis Rokas, warned of potential legal problems and national security issues, if the country succumbs to what the Financial Times described as heavy lobbying by Huawei.“Senior officials in Washington agree with my view that upending the existing model would undermine the competitiveness of new industries, stall 5G growth in Malaysia, and harm Malaysia’s business-friendly image internationally,” wrote McFeeters, according to the Financial Times. “Allowing untrusted suppliers in any part of the network also subjects Malaysia’s infrastructure to national security risks.”To read this article in full, please click here

U.S. Firms Face Daunting Challenges with 3G Network Shutdowns Internationally

Slow speeds, security issues, and a higher cost of doing business exist as countries take different tacks on wireless network evolutions.

« Previous 1 … 254 255 256 257 258 … 3,791 Next »