Optimizing TLS over TCP to reduce latency

The layered nature of the Internet (HTTP on top of some reliable transport (e.g. TCP), TCP on top of some datagram layer (e.g. IP), IP on top of some link (e.g. Ethernet)) has been very important in its development. Different link layers have come and gone over time (any readers still using 802.5?) and this flexibility also means that a connection from your web browser might traverse your home network over WiFi, then down a DSL line, across fiber and finally be delivered over Ethernet to the web server. Each layer is blissfully unaware of the implementation of the layer below it.

But there are some disadvantages to this model. In the case of TLS (the most common standard used for sending encrypted data across in the Internet and the protocol your browser uses with visiting an https:// web site) the layering of TLS on top of TCP can cause delays to the delivery of a web page.

That’s because TLS divides the data being transmitted into records of a fixed (maximum) size and then hands those records to TCP for transmission. TCP promptly divides those records up into segments which are then transmitted. Ultimately, Continue reading

Establishing a confidential Service Boundary with Avaya’s SDN Fx

Cover

 

Security is a global requirement. It is also global in the fashion in which it needs to be addressed. But the truth is, regardless of the vertical, the basic components of a security infrastructure do not change. There are firewalls, intrusion detection systems, encryption, networking policies and session border controllers for real time communications. These components also plug together in rather standard fashions or service chains that look largely the same regardless of the vertical or vendor in question. Yes, there are some differences but by and large these modifications are minor.

So the questions begs, why is security so difficult? As it turns out, it is not really the complexities of the technology components themselves, although they certainly have that. It turns out that the real challenge is deciding exactly what to protect and here each vertical will be drastically different. Fortunately, the methods for identifying confidential data or critical control systems are also rather consistent even though the data and applications being protected may vary greatly.

In order for micro-segmentation as a security strategy to succeed, you have to know where the data you need to protect resides. You also need to know how it flows through Continue reading

Gain Deep Insight Into Your NSX Network While Simplifying Management and Operations

We’re excited to announce that VMware NSX, version 6.2.3, is now available for all customers with active support. As we evolve the NSX platform, we continue to place a high degree of emphasis on helping customers operationalize NSX, speed-up deployment, and integrate with more systems from our NSX ecosystem partners. This latest release introduces enhanced network monitoring and troubleshooting tools with expanded hardware partner integration.

Some of the top highlights include:

Native Visibility and Reporting

Resolve problems faster, visualize event trends, trigger alerts, and more, all in real-time with VMware vRealize Log Insight for NSX, now included with NSX Standard, Advanced and Enterprise licenses. This new capability introduces:

  • Centralized big data log management built for NSX
  • Monitoring and dashboards for network virtualization and security

To learn more about vRealize Log Insight for NSX refer to the FAQ or visit the Log Insight product page here.

Improvements to NSX Management and Operations

Reduce Mean Time to Recovery with improved troubleshooting and operational capabilities.  Key enhancements include:

  • Dashboards for health status of components and built-in monitoring of all critical systems communication channels
  • Simplified filtering of firewall rules
  • Enhancements to central CLI
  • New partner services to enable packet capture and Continue reading

IDG Contributor Network: Ecommerce needs to up its game, says UPS

Retailers have to invest in digital tools such as inventory transparency if they want to retain customers, says shipper UPS in its new report on online shopping.If they don’t, fickle “shoppers will likely go elsewhere to more efficiently meet their needs,” the company says.UPS found that most online shoppers (58 percent) want to see a retailer’s inventory online while they are shopping, and 20 percent will check inventory status at alternate locations or on a retailer’s website when in the store.To read this article in full or to leave a comment, please click here

DevOps: The Real Impact On IT Pros

In this episode of Network Matters with Ethan Banks, learn why the topic of DevOps has become so pervasive in IT media. Ethan explains what DevOps really means for most IT organizations, and how Infrastructure professionals can use concepts from DevOps to improve their own efficiency.

Leaving Fixed Function Switches Behind For Universal Leafs

There are two competing trends in platform designs that architects always have to contend with. They can build a platform that performs a specific function and does it well, or create a more generic platform that sacrifices some efficiency but does a lot of jobs well. Sometimes you try to shoot the gap between these two poles.

That is precisely what Arista Networks, the networking upstart that has serial entrepreneur Andy Bechtolsheim as its chief development officer, is doing with a new line of what it is calling “universal leaf” switches. The leaf switches (does one say “leafs” or “leaves”

Leaving Fixed Function Switches Behind For Universal Leafs was written by Timothy Prickett Morgan at The Next Platform.

XML is toast, long live JSON

If you haven't heard much about XML lately, you're not the only one. XML has been rapidly falling out of favor with developers and has been replaced with a more flexible and faster format.XML, the Extensible Markup Language, rose from the SGML format in the 1990s. It reached the 1.0 spec in 1997 and grew from there. The primary appeal of XML is that it was ideal for transferring data between other formats. It required far fewer filters for data conversion to share data between different applications that might have their own proprietary format. That's one reason why with Office 2007, Microsoft shifted its Word and Excel file formats to XML-based format. Conversion to other formats was made much easier thanks to XML.To read this article in full or to leave a comment, please click here

The PC Hardware Nerd Quiz

Separating the true nerds from the wannabesYou can tell from five feet away if a screw is used to install a power supply or an optical drive. You can recite how much cache was in a Northwood Pentium 4. If you’re that kind of nerd, you won't have any problem with our PC Nerd Quiz. Or will you? We’ve assembled a mix of challenging questions designed to separate the true nerds from the wannabes. Let's see how you do. Ready? First question... To read this article in full or to leave a comment, please click here

SDN as an Abstraction Layer

During the Introduction to SDN webinar I covered numerous potential definitions:

I find all of these definitions too narrow or even misleading. However, the “SDN is a layer of abstraction” one is not too bad (see also RFC 1925 section 2.6a).

Watch the video

Twitter locks some accounts after passwords exposed

Twitter said it had locked down and called for a password reset of some accounts after an unconfirmed claim of a leak of nearly 33 million usernames and passwords to the social network.The company said the information was not obtained from a hack of its servers, and speculated that the information may have been gathered from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both.“In each of the recent password disclosures, we cross-checked the data with our records. As a result, a number of Twitter accounts were identified for extra protection. Accounts with direct password exposure were locked and require a password reset by the account owner,” Twitter’s Trust & Information Security Officer, Michael Coates said in a blog post on Friday. To read this article in full or to leave a comment, please click here

Twitter locks some accounts after passwords exposed

Twitter said it had locked down and called for a password reset of some accounts after an unconfirmed claim of a leak of nearly 33 million usernames and passwords to the social network.The company said the information was not obtained from a hack of its servers, and speculated that the information may have been gathered from other recent breaches, malware on victim machines that are stealing passwords for all sites, or a combination of both.“In each of the recent password disclosures, we cross-checked the data with our records. As a result, a number of Twitter accounts were identified for extra protection. Accounts with direct password exposure were locked and require a password reset by the account owner,” Twitter’s Trust & Information Security Officer, Michael Coates said in a blog post on Friday. To read this article in full or to leave a comment, please click here

New Mozilla fund will pay for security audits of open-source code

A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of critical security bugs like Heartbleed and Shellshock in key pieces of the software.Mozilla has set up a US$500,000 initial fund that will be used for paying professional security firms to audit project code. The foundation will also work with the people maintaining the project to support and implement fixes and manage disclosures, while also paying for the verification of the remediation to ensure that identified bugs have been fixed.The initial fund will cover audits of  some widely-used open source libraries and programs. To read this article in full or to leave a comment, please click here

New Mozilla fund will pay for security audits of open-source code

A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of critical security bugs like Heartbleed and Shellshock in key pieces of the software.Mozilla has set up a US$500,000 initial fund that will be used for paying professional security firms to audit project code. The foundation will also work with the people maintaining the project to support and implement fixes and manage disclosures, while also paying for the verification of the remediation to ensure that identified bugs have been fixed.The initial fund will cover audits of  some widely-used open source libraries and programs. To read this article in full or to leave a comment, please click here

Perth, Australia: 80th Data Center

alt CloudFlare is excited to announce the launch of our newest data center in Perth, Australia. This expands the breadth of our global network to span 80 unique cities across 41 countries, and is our fourth data center in the Oceania region, joining existing data centers in Sydney, Melbourne and Auckland.

Western Australia

Perth is in a fascinating location. Home to sunny beaches and the highest number of self-made millionaires in the world, it is actually geographically closer to Singapore than to Sydney (though closer to Sydney in a “networking” sense, as determined by BGP routing).

Visitors to millions of websites across Western Australia served locally can now experience a faster and safer Internet - and ISPs can reach us at the Western Australia Internet Exchange (WA-IX), one of 119 internet exchanges that we openly peer at.

alt

Latency in milliseconds from end user (Perth) to CloudFlare. Source: Cedexis


Missing letters?


Helping build CloudFlare’s network provides our team members with the opportunity to not just speed up the Internet, but also improve our sense of geography. Visitors to our offices in San Francisco, London and Singapore can get a sneak peek at our fast-changing map (with live and upcoming dots). Perth Continue reading

Woman uses ‘Hey Siri’ feature to call an ambulance and help save her child’s life

When Apple released the iPhone 6s, it included a great new Siri feature which enables users to activate the intelligent assistant via voice. Dubbed 'Hey Siri', the feature is particularly convenient because the iPhone 6s' M9 motion coprocessor is 'always listening' and thereby lets users use 'Hey Siri' even when the device isn't connected to a power source.Recently, Stacey Gleeson of Australia used the 'Hey Siri' feature to successfully call an ambulance while she was tending to her daughter Giana who had stopped breathing."I picked her up and sat down with her on the floor,” Gleeson said in an interview. “And as I checked her airways, I looked over and remembered my phone.”To read this article in full or to leave a comment, please click here

Highly Rated, Dramatically Discounted Adapters – Deal Alert

Logitech Bluetooth Audio Adapter for Bluetooth StreamingTake just about any traditional set of speakers and make them Bluetooth enabled for streaming audio wirelessly from your favorite device. Currently discounted 30% to $28.HDMI Female to Female High Speed Gold Plated AdapterThis straightforward adapter couples two HDMI cables together for extended length. Currently discounted 46% to $6 for a pack of two.To read this article in full or to leave a comment, please click here

1 2,928 2,929 2,930 2,931 2,932 3,867