Your decommissioned routers could be a security disaster

Here's bad news: It's easy to buy used enterprise routers that haven’t been decommissioned properly and that still contain data about the organizations they were once connected to, including IPsec credentials, application lists, and cryptographic keys.“This leaves critical and sensitive configuration data from the original owner or operatoraccessible to the purchaser and open to abuse,” according to a white paper by Cameron Camp, security researcher, and Tony Anscombe, chief security evangelist, for security firm Eset (See: Discarded, not destroyed: Old routers reveal corporate secrets).To read this article in full, please click here

Your decommissioned routers could be a security disaster

Here's bad news: It's easy to buy used enterprise routers that haven’t been decommissioned properly and that still contain data about the organizations they were once connected to, including IPsec credentials, application lists, and cryptographic keys.“This leaves critical and sensitive configuration data from the original owner or operatoraccessible to the purchaser and open to abuse,” according to a white paper by Cameron Camp, security researcher, and Tony Anscombe, chief security evangelist, for security firm Eset (See: Discarded, not destroyed: Old routers reveal corporate secrets).To read this article in full, please click here

Keeping Large Language Models From Running Off The Rails

The heady, exciting days of ChatGPT and other generative AI and large-language models (LLMs) is beginning to give way to the understanding that enterprises will need to get a tight grasp on how these models are being used in their operations or they will risk privacy, security, legal, and other problems down the road.

Keeping Large Language Models From Running Off The Rails was written by Jeffrey Burt at The Next Platform.

Calico’s 3.26.0 update unlocks high density vertical scaling in Kubernetes

Kubernetes is a highly popular and widely used container orchestration platform designed to deploy and manage containerized applications at a scale, with strong horizontal scaling capabilities that can support up to 5,000 nodes; the only limit in adding nodes to your cluster is your budget. However, its vertical scaling is restricted by its default configurations, with a cap of 110 pods per node. To maximize the use of hardware resources and minimize the need for costly horizontal scaling, users can adjust the kubelet maximum pod configuration to increase this limit allowing more pods to run concurrently on a single node.

To avoid network performance issues and achieve efficient horizontal scaling in a Kubernetes cluster that is tasked to run a large number of pods, high-speed links and switches are essential. A reliable and flexible Software Defined Networking (SDN) solution, such as Calico, is also important for managing network traffic efficiently. Calico has been tested and proven by numerous companies for horizontal scaling, but in this post, we will discuss recent improvements made to help vertical scaling of containerized applications to just work.

For example, the following chart illustrates the efficiency achieved with the improvements of vertical scaling in Calico 3. Continue reading

Day Two Cloud 192: OpenTelemetry – Getting From Visibility To Observability With Ben Hall

OpenTelemetry is an open-source project that brings together tools, SDKs, and APIs for collecting telemetry--that is, logs, metrics, and traces---in a standardized way. The goal of the project is to help developers and operators instrument highly distributed applications and services to understand dependencies, monitor performance, and quickly troubleshoot problems. On today's Day Two Cloud podcast we explore OpenTelemetry and how it works. We also discuss the difference between visibility and observability, and why this matters. Our guest is Ben Hall.

Day Two Cloud 192: OpenTelemetry – Getting From Visibility To Observability With Ben Hall

OpenTelemetry is an open-source project that brings together tools, SDKs, and APIs for collecting telemetry--that is, logs, metrics, and traces---in a standardized way. The goal of the project is to help developers and operators instrument highly distributed applications and services to understand dependencies, monitor performance, and quickly troubleshoot problems. On today's Day Two Cloud podcast we explore OpenTelemetry and how it works. We also discuss the difference between visibility and observability, and why this matters. Our guest is Ben Hall.

The post Day Two Cloud 192: OpenTelemetry – Getting From Visibility To Observability With Ben Hall appeared first on Packet Pushers.

Announcing the Rafay Certification program

Today I’m extremely happy to announce the launch of the Rafay Certification program – the industry’s first and only multi-cloud Kubernetes operations certification. This is a unique program for platform teams, infrastructure engineers, SREs, and application developers to develop competencies in application modernization using Kubernetes. Let’s face it. Kubernetes is difficult! Enterprises are finding it … Continue reading Announcing the Rafay Certification program

Is Dynamic MAC Learning Better Than EVPN?

One of my readers worried about the control-plane-induced MAC learning lag in EVPN-based networks:

In all discussions about the advantages/disadvantages of VXLAN/EVPN, I can’t find any regarding the lag in learning new macs when you use the control plane for mac learning.

EVPN is definitely slower than data plane-based dynamic MAC learning (regardless of whether it’s done in hardware or software), but so is MLAG.

Read more …

Is Dynamic MAC Learning Better Than EVPN?

One of my readers worried about the control-plane-induced MAC learning lag in EVPN-based networks:

In all discussions about the advantages/disadvantages of VXLAN/EVPN, I can’t find any regarding the lag in learning new macs when you use the control plane for mac learning.

EVPN is definitely slower than data plane-based dynamic MAC learning (regardless of whether it’s done in hardware or software), but so is MLAG.

Read more …

Tigera Named Winner of the Esteemed Global InfoSec Awards during RSA Conference 2023

The annual Global InfoSec Awards from Cyber Defense Magazine (CDM) have been announced, and we are excited to unveil that Tigera has won the ‘Hot Company: Container Security’ category! This award recognizes the value of the work Tigera does as a security company, and we wouldn’t be where we are without the support of our teams, customers, and community.

“We are honored to be recognized as one of the best in container security by Cyber Defense Magazine. As this is one of the most esteemed awards in cybersecurity, we are so grateful to have been selected amongst a pool of qualified applicants and are eager to continue to innovate and provide better container security for organizations,” said Amit Gupta, Chief Product Officer, Tigera.

Tigera’s transformative approach to container security helps prevent, detect, and mitigate threats in containers and Kubernetes environments across build, deploy and runtime stages. Calico Cloud provides a unique solution that gives users a single container security solution to improve security posture, reduce the attack surface with fine-grained security controls, and provide threat defense from network and host based threats.

Cyber Defense Magazine is the Continue reading

6G is coming sooner than you think, FCC chief Rosenworcel says

US Federal Communications Commission Chairwoman Jessica Rosenworcel believes that the time to start planning for 6G is now, and has outlined several steps that the government agency plans to take in preparation for the new wireless standard.While there’s no general agreement on what technical innovations will be incorporated into 6G, it’s become clear that the goals of the technology are ambitious. Broadcast virtual or augmented reality, high-quality telehealth and more are expected by wireless experts.That, however, will require a great deal of spectrum, and Rosenworcel — speaking at the National Science Foundation last week — said that the FCC is working to identify suitable frequencies for the new standard.To read this article in full, please click here

Broadcom’s new switching chip links GPUs, aims to boost AI networks

Broadcom’s new networking chip, called the Jericho3-AI, is designed to connect supercomputers and features a high-performance fabric for artificial intelligence (AI) environments.Broadcom has three switch families: the high-bandwidth Tomahawk switch platform, which is used primarily within data centers; the lower bandwidth Trident platform, which offers greater programmability and deeper buffers, making it more suited for the edge; and the Jericho line, which sits somewhere between the other two and is best suited for low latency interconnects.Jericho3-AI is targeted at AI and machine-learning backend networks where the switch fabric handles spraying of traffic on all network links and reordering of that traffic before delivering to the endpoints. It also has built-in congestion management capabilities for load balancing and minimizing network congestion. To read this article in full, please click here

Broadcom’s new switching chip links GPUs, aims to boost AI networks

Broadcom’s new networking chip, called the Jericho3-AI, is designed to connect supercomputers and features a high-performance fabric for artificial intelligence (AI) environments.Broadcom has three switch families: the high-bandwidth Tomahawk switch platform, which is used primarily within data centers; the lower bandwidth Trident platform, which offers greater programmability and deeper buffers, making it more suited for the edge; and the Jericho line, which sits somewhere between the other two and is best suited for low latency interconnects.Jericho3-AI is targeted at AI and machine-learning backend networks where the switch fabric handles spraying of traffic on all network links and reordering of that traffic before delivering to the endpoints. It also has built-in congestion management capabilities for load balancing and minimizing network congestion. To read this article in full, please click here

BrandPost: Scaling enterprise multi-fabric SD-WAN deployments

By: Alex Amaya, Senior Technical Marketing Engineer at HPE Aruba Networking.   In today's fast-paced digital world, companies need a robust and flexible network infrastructure to support their rapidly growing and changing business requirements. As a result, many organizations are turning to Software-Defined Wide Area Networks (SD-WAN) technology to address the challenges of traditional WANs. But as companies grow and their SD-WAN deployments expand, it can become difficult to manage and maintain the network effectively.To read this article in full, please click here

1 307 308 309 310 311 3,842