Next-Generation Network Engineering Skills

There’s no question that the networking industry is undergoing significant changes. Sparked in part by software-defined networking (SDN), this sea change now includes an expanded focus on application programming interfaces (APIs), automation frameworks and toolkits, and improved manageability. As the industry undergoes this change, though, networking engineers must also undergo a change.

To help address this change, I’m very excited to announce a new book project targeting “next-generation network engineering skills.” I’ve joined forces with two folks that I really admire—Jason Edelman and Matt Oswalt—to write a new book focusing on the skills we believe are essential for the next-generation network engineer:

New book cover

The Early Access edition of the book is available now. If you’re familiar with O’Reilly’s Early Access program, you know that this is an incomplete version right now, but you’ll get regular updates and the final version of the book once it is complete. Plus, you get to provide feedback to us (the authors) while we write, which in turn helps improve the book. (And we greatly desire your feedback!)

So what’s in this book? Here’s a quick look at some of the topics we’re tackling:

The Network Automation Book

From OpenFlow to Software Defined Networking (SDN), there has been a lot of hype, 100s of millions of dollars in venture funding, and billions in exits within the network industry over the past 5+ years. The one thing we know for certain about the industry in all of this is that change is here, and more is coming, which is exactly the reason for this post!

Ironically, I also started this blog 5+ years ago. In the beginning, this blog was a lot of speculation around OpenFlow and the future of Software Defined Networking (SDN). Nowadays, it’s rare to hear me mention SDN at all, and the focus is much more practical on tools and technology that can help solve real problems. For those that have been reading for a while, you probably saw this shift in addition to the career shift I made 18+ months ago. These shifts go hand in hand with a new project I’ve been working on.

It’s with great pleasure that I’m finally able to announce a project that started several months ago that falls in-line with exactly the same topics you read about frequently on this blog.

What is the Project?

It’s a book! Continue reading

Training the Next-Generation Network Engineer

The networking industry is at a crossroads. In the past few years, we’ve seen a flurry of activity in the world of software-defined networking (SDN), but this has mostly just resulted in a bunch of new products. I don’t feel that this has done nearly enough to improve network operations. In fact, this has in many ways resulted in more complexity.

What we desperately need more than shiny new products (hardware or software) is a better understanding of simple tools and open source software. We need to be willing to take more direct control over our infrastructure, instead of relying on a vendor and their support contracts to solve all our problems. While vendors should still serve a critical role in operating a network, I feel strongly that now more than ever, end-users have the power to really own their own management layer, and the roadmap for how their organizations offer network services to the teams that run (and in some cases develop) applications for the business.

To that end, I’ve been spending the past six months or so ramping up my own personal efforts at helping the network community as a whole to start this journey. These simple contributions Continue reading

OED Tools: 1Password

The problem Security today is a main concern for every computer user. One of the first problem is how to manage password. I see many creative solutions around: post-it or paper only, use of the same password for all services, a spreadsheet inside an encrypted zip file… none of them appear safe or efficient. The […]

How to Talk to Your Parents About Encryption

It’s December 25th, which means most of you are probably at home visiting with family. I asked a few of the security engineers here at CloudFlare how they explain their jobs when they’re home for the holidays, and most of them responded with something along the lines of, "Oh, I stopped trying to do that a long time ago." Apparently, working in the cryptography field doesn’t exactly make it easy to talk about work with your parents.

After chatting with our crypto experts some more, we figured out a decent way to explain the general idea of encryption and why it’s a critical part of the Internet. While this post may not explain exactly what security engineers do on a day-to-day basis, hopefully it will help you at least tell your parents why you have a job in the first place.

Banks and Their Big Fancy Buildings

To explain encryption to your parents, I’d start by asking them why they trust their bank. Let’s say they have some cash to deposit. They drive to their bank’s local branch, walk through a big fancy lobby, wait in line for a teller, and hand them their money. It may seem like Continue reading

DMVPN point-to-point GRE and mGRE

DMVPN spokes can use either point-to-point GRE tunnels or multipoint GRE tunnel interface. Recently, I received a question regarding DMVPN. In fact, the Reader asked me two questions: When is GRE used in network design? When is mGRE used in network design? Answering the aforementioned questions are the basics that you must know if you […]

The post DMVPN point-to-point GRE and mGRE appeared first on Network Design and Architecture.

Zdrasti, Sofia! CloudFlare’s 73rd Data Center Now Live

Sofia

Only days after the launch of our Hamburg data center, CloudFlare is excited to announce yet another European data center - this time in Sofia, Bulgaria. With over 1.2 million people, Sofia is a city with rich history tracing back over 7,000 years.

We were fascinated to note the coincidence that even as 1 in 73 of CloudFlare team members is Bulgarian, now 1 in 73 of CloudFlare data centers is in Bulgaria!

Localizing European traffic

European countries

Sofia expands the CloudFlare global network to span 20 European data centers - joining Amsterdam, Frankfurt, Paris, London, Vienna, Prague, Stockholm, Warsaw, Madrid, Milan, Dusseldorf, Marseille, Bucharest, Dublin, Manchester, Zurich, Copenhagen, Berlin and Hamburg.

Each time we launch a new data center, we improve the performance of millions of websites, expand the surface area available to fight attacks, and provide an additional point of redundancy to support our existing data centers.

Until today, many Bulgarian networks were served out of Frankfurt, over 1,000 miles away, based on their interconnection there with our tier one providers. Our newest deployment eliminates that distance, and improves the web Continue reading

Hyatt Hotels says payment-processing systems hit by malware

Hyatt Hotels has asked customers to review their payment card account statements closely, after it detected malware on the computers that run its payment-processing systems at locations it manages.The hotel chain did not provide more details on the breach, including the number of customers that might have been affected, but it appears from the alert to customers that hackers may have obtained critical credit card information.Hyatt is the latest in a number of companies in the hospitality industry, including Hilton Worldwide, Mandarin Oriental and Starwood Hotels & Resorts Worldwide that were affected by hacker attacks. A number of retailers like Target also had their point-of-sale systems targeted.To read this article in full or to leave a comment, please click here

Running Ansible Through an SSH Bastion Host

This post will expand on some previous posts—one showing you how to set up and use an SSH bastion host and a second describing one use case for an SSH bastion host—to show how the popular configuration management tool Ansible can be used through an SSH bastion host.

The configuration/setup required to run Ansible through an SSH bastion host is actually reasonably straightforward, but I saw a lot of incomplete articles out there as I was working through this myself. My hope is to supplement the existing articles, as well as the Ansible documenation, to make this sort of configuration easier for others to embrace and understand.

Prerequisites

There are two key concepts involved here that you’ll want to be sure you understand before you proceed:

  1. You’ll want to make sure you’re comfortable with using an SSH bastion host. If you don’t understand how this works or how to set it up, I recommend you spend some time on this topic first, as it’s crucial to how Ansible will behave/function. This article by Grant Taylor has some good information.
  2. Spend some time making sure you know how to use SSH multiplexing. This is useful for Ansible in general, but Continue reading
1 3,164 3,165 3,166 3,167 3,168 3,804