ONF Completes Second Wireless Transport SDN Proof of Concept
ONF promotes commercial adoption of SDN.
Inside NFV Performance Techniques
The combination of new network hardware acceleration techniques and SDN is driving a new era of networking.
Operationalizing Micro-segmentation – NSX Securing “Anywhere” – Part III
Welcome to part 3 of the Micro-Segmentation Defined – NSX Securing “Anywhere” blog series. This installment covers how to operationalize NSX Micro-Segmentation. Be sure to check out Part 1 on the definition of micro-segmentation and Part 2 on securing physical workloads with NSX.
This blog covers the following topics:
- Micro-segmentation design patterns
- Determining appropriate security groups and policies
- Deploying micro-segmentation
- Application lifecycle management with vRealize Automation and NSX
- Day 2 operations for micro-segmentation
Micro-segmentation design patterns
Micro-segmentation can be implemented based on various design patterns reflecting specific requirements. The NSX Distributed Firewall (DFW) can be used to provide controlled communication between workloads independent of their network connectivity. These workloads can, for example, all connect to a single VLAN. Distributed logical switches and routers can be leveraged to provide isolation or segmentation between different environments or application tiers, regardless of the underlying physical network, as well as many other benefits. Furthermore, the NSX Edge Service Gateway (ESG) can provide additional functionality such as NAT or load balancing and the NSX Service Insertion framework enables partner services such as L7 firewalling, agent-less anti-virus or IPS/IDS applied to workloads that need additional security controls.
Figure 1: Leveraging the DFW to provide Continue reading
Microservices Gone Wild – Tech Dive Part 3
In this third post in the series about microservices, I’ll finish building my main application so that I can demonstrate a microservices-based application in action, albeit for a very basic set of functions. This post may be a little go-heavy in places, but bear with it and I’ll get to the demo soon enough. It doesn’t really matter what language is being used; I just used go because it’s good practice for me.
Building The Main Application
As a reminder, the main application will need to accept two numbers on the command line then will need to multiply the two numbers and then square that product. The two mathematical functions (multiply and square) are now offered via a REST API, and each one has its own separate Docker container with apache/PHP to service those requests.
I have created hostnames for the two microservice containers (DNS is the only smart way to address a microservice, after all) and they are accessed as:
multiply.userv.myapp:5001square.userv.myapp:5002
The API path is /api/ followed by the name of the function, multiply or square, and the values to feed to the function are supplied as the query string. Most APIs tend Continue reading
Worth Reading: How Facebook makes you miss out on life
The post Worth Reading: How Facebook makes you miss out on life appeared first on 'net work.
A Thirst For Petabyte Scale All-Flash Arrays
Some technology trends get their start among enterprises, some from hyperscalers or HPC organizations. With flash storage, it was small businesses and hyperscalers who, for their own reasons, got the market growing, drawing in engineering talent and venture capital to give us the plethora of options available on the market today. Now, the big customers are ready to take the plunge.
It is no coincidence, then, that Pure Storage has architected systems that scale to multiple petabytes of capacity to meet their needs. Large enterprises with pressing demands for scaling in terms of both performance and capacity need a different …
A Thirst For Petabyte Scale All-Flash Arrays was written by Timothy Prickett Morgan at The Next Platform.
Data Backup Strategy: 7 Considerations
Weigh these factors when building a backup plan for your data center.
EVPN – the basics
A great EVPN overview and detailed walkthrough from a colleague of mine… Nice and clear.
So I decided to take a deep dive into eVPN, I’ll mostly be looking into VLAN-aware bundling, as per RFC 7432 – and mostly because I think this will fit more closely, with the types of deployments most of the customers are used to – good old IRB interfaces and bridge-tables!
As everyone knows, VPLS has been available for many years now and it’s pretty widely deployed, most of the customers I see have some flavour of VPLS configured on their networks and use it to good effect – so why eVPN? what’s the point in introducing a new technology if the current one appears to work fine.
The reality is that multipoint layer-2 VPNs (VPLS) were never quite as polished as layer-3 VPNs, when layer-3 VPNs were first invented they became, and still are the in many cases the “go to” technology for layer-3 connectivity across MPLS networks, and…
View original post 4,444 more words
Data Center Security Requires Paranoia
A whitelist model is a key strategy in today's threat environment.
Evolved Packet Core – Welcome to Long Term Evolution!
As an end user, I am always welcoming the “4G” Signal indicator on my mobile because basically for me this maps to a better Download Speed, good quality VoIP calls (skype, Hangout, Whatsapp, etc) , better Streaming, and HD Videos. This article is all about the “4G” indicator. I am discussing the Evolved Packet Core together with […]
The post Evolved Packet Core – Welcome to Long Term Evolution! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
IS-IS level 1, IS-IS Routing Protocol Levels
What is IS-IS Level 1 ? Why IS-IS level 1 is used ? What are the IS-IS levels ? What is the corresponding Area type in OSPF ? IS-IS Level 1 is also called as IS-IS Level 1 sub domain. IS-IS is a link state routing protocol, similar to OSPF. You can read detail comparison […]
The post IS-IS level 1, IS-IS Routing Protocol Levels appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
Jinja2 and… Powershell? Automation(ish) Microsoft DHCP
Most of us have home labs, right?
I’m in the middle of doing some zero touch provisioning testing, and I had the need to create a bunch of DHCP scopes and reservations, some with scope specific options, and some with client specific options. As often as I’ve had to create a Microsoft DHCP server in the lab and set up some custom scopes, I decided I was going to figure out how to automate this as much as I could with a little effort as possible.
After taking a quick look around for a python library to help me out, python being my weapon of choice, I realized that I was going to have to get into some Powershell scripting. I’ve dabbled before, but I’ve never really take the time to learn much about Powershell control structures ( loops, conditionals, pipes, etc…). I really didn’t want to spend the time getting up to speed on a new language, so I instead decided I was going to use the python skills I had to auto generate the scripts using a little jinja2 and some google-technician skills.
Figuring out the Powershell Syntax
This was the easy part actually, Microsoft has some pretty Continue reading