Cloudflare is faster than Zscaler

Every Innovation Week, Cloudflare looks at our network’s performance versus our competitors. In past weeks, we’ve focused on how much faster we are compared to reverse proxies like Akamai, or platforms that sell edge compute that compares to our Supercloud, like Fastly and AWS. For CIO Week, we want to show you how our network stacks up against competitors that offer forward proxy services. These products are part of our Zero Trust platform, which helps secure applications and Internet experiences out to the public Internet, as opposed to our reverse proxy which protects your websites from outside users.

We’ve run a series of tests comparing our Zero Trust services with Zscaler. We’ve compared our ZT Application protection product Cloudflare Access against Zscaler Private Access (ZPA). We’ve compared our Secure Web Gateway, Cloudflare Gateway, against Zscaler Internet Access (ZIA), and finally our Remote Browser Isolation product, Cloudflare Browser Isolation, against Zscaler Cloud Browser Isolation. We’ve found that Cloudflare Gateway is 58% faster than ZIA in our tests, Cloudflare Access is 38% faster than ZPA worldwide, and Cloudflare Browser Isolation is 45% faster than Zscaler Cloud Browser Isolation worldwide. For each of these tests, we used 95th percentile Time to First Byte Continue reading

Introducing Digital Experience Monitoring

This post is also available in 简体中文, 日本語, Français and Español.

Today, organizations of all shapes and sizes lack visibility and insight into the digital experiences of their end-users. This often leaves IT and network administrators feeling vulnerable to issues beyond their control which hinder productivity across their organization. When issues inevitably arise, teams are left with a finger-pointing exercise. They’re unsure if the root cause lies within the first, middle or last mile and are forced to file a ticket for the respective owners of each. Ideally, each team sprints into investigation to find the needle in the haystack. However, once each side has exhausted all resources, they once again finger point upstream. To help solve this problem, we’re building a new product, Digital Experience Monitoring, which will enable administrators to pinpoint and resolve issues impacting end-user connectivity and performance.

To get started, sign up to receive early access. If you’re interested in learning more about how it works and what else we will be launching in the near future, keep scrolling.

Our vision

Over the last year, we’ve received an overwhelming amount of feedback that users want to see the intelligence that Cloudflare possesses from our Continue reading

Weave your own global, private, virtual Zero Trust network on Cloudflare with WARP-to-WARP

Millions of users rely on Cloudflare WARP to connect to the Internet through Cloudflare’s network. Individuals download the mobile or desktop application and rely on the Wireguard-based tunnel to make their browser faster and more private. Thousands of enterprises trust Cloudflare WARP to connect employees to our Secure Web Gateway and other Zero Trust services as they navigate the Internet.

We’ve heard from both groups of users that they also want to connect to other devices running WARP. Teams can build a private network on Cloudflare’s network today by connecting WARP on one side to a Cloudflare Tunnel, GRE tunnels, or IPSec tunnels on the other end. However, what if both devices already run WARP?

Starting today, we’re excited to make it even easier to build a network on Cloudflare with the launch of WARP-to-WARP connectivity. With a single click, any device running WARP in your organization can reach any other device running WARP. Developers can connect to a teammate's machine to test a web server. Administrators can reach employee devices to troubleshoot issues. The feature works with our existing private network on-ramps, like the tunnel options listed above. All with Zero Trust rules built in.

To Continue reading

Tier 1 Carriers Performance Report: December, 2022

The report offers specific insights into the performance of major Internet Carriers for the month of December, 2022.

The post Tier 1 Carriers Performance Report: December, 2022 appeared first on Noction.

Work from home is here to stay, so how should IT adjust?

The pandemic has changed how we work, probably forever. Most employees with jobs that can be done effectively from home have no intention of returning full time to the office. They find that their work-life balance is much more balanced without the long commutes and constant interruptions that accompany office work.According to a McKinsey/Ipsos survey, 58 percent of American workers had the opportunity to work from home at least one day a week in 2022, while 38 percent were not generally required to be in the office at all.To read this article in full, please click here

Work from home is here to stay, so how should IT adjust?

The pandemic has changed how we work, probably forever. Most employees with jobs that can be done effectively from home have no intention of returning full time to the office. They find that their work-life balance is much more balanced without the long commutes and constant interruptions that accompany office work.According to a McKinsey/Ipsos survey, 58 percent of American workers had the opportunity to work from home at least one day a week in 2022, while 38 percent were not generally required to be in the office at all.To read this article in full, please click here

netlab Release 1.4.2: Juniper vMX and Junos Features

One of the last things I did before going on the Christmas break was to push out netlab release 1.4.2. Its highlights include:

• Juniper vMX by Stefano Sasso
• BFD, VRF, MPLS, SR-MPLS, and MPLS/VPN on Junos (also by Stefano)
• Full VLAN support on vMX and routed VLAN interfaces on vSRX (yet again, Stefano’s contribution)
• VyOS containerlab support by Oleg A. Arkhangelsky
• CSR 1000v VLAN and VXLAN support

Upgrading is as easy as ever: execute pip3 install --upgrade networklab.

New to netlab? Start with the Getting Started document and the installation guide.

netlab Release 1.4.2: Juniper vMX and Junos Features

One of the last things I did before going on the Christmas break was to push out netlab release 1.4.2. Its highlights include:

• Juniper vMX by Stefano Sasso
• BFD, VRF, MPLS, SR-MPLS, and MPLS/VPN on Junos (also by Stefano)
• Full VLAN support on vMX and routed VLAN interfaces on vSRX (yet again, Stefano’s contribution)
• VyOS containerlab support by Oleg A. Arkhangelsky
• CSR 1000v VLAN and VXLAN support

Upgrading is as easy as ever: execute pip3 install --upgrade networklab.

New to netlab? Start with the Getting Started document and the installation guide.

Automation 20. GNMI to Spreadsheet via Pandas or Intro to Data Analysis in Network Automation

Dear friend,

We all like spreadsheets, as this is an easy and intuitive way of representing data for us, humans. The possibility to analyze data with spreadsheets are endless, starting from simple aggregation till complicated pivots are endless. Even the people who say that they don’t like spreadsheets, use them so often. Network automation, for sure, is not an exclusion here.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Are Spreadsheets Valid In Automation Era?

They absolutely are. We haven’t seen so far any non-IT person, or even IT high-profile engineer or manager, which won’t like spreadsheets. To put it simple, spreadsheets can be an easy way to represent data collected from network devices; likewise, it can be a good way to provide some input, either as inventory or as configuration details for your network automation intent. So the questions becomes, provided you can read data from your spreadsheet in a programmatic way, what would you do with it?

The good news is that Continue reading

Welcome to CIO Week 2023

When you are the Chief Information Officer (CIO), your systems need to just work. A quiet day when users go about their job without interruption is a celebration. When they do notice, something has probably fallen apart.

We understand. CIOs own some of an organization's most mission-critical challenges. Your security counterparts expect safety to be robust while your users want it to be unintrusive. Your sales team continues to open offices in new locations while those new hires need rapid connectivity to your applications. You own a budget that never seems to grow fast enough to match price increases from point solution vendors. On top of that, CIOs must support their organizations' shifts to new remote and hybrid work models, which means modernizing applications and infrastructure faster than ever before.

Today marks the start of CIO Week, our celebration of the work that you and your teams accomplish every day. We’ve assembled this week to showcase features, stories, and tools that you can use to continue to deliver on your mission while also improving the experience of your users and administrators. We’ve even included announcements to help on the budget front.

We’re doing this because we’ve been in the Continue reading

Azure Host-Based Networking: VFP and AccelNet Introduction

Software-Defined Networking (SDN) is an architecture where the network’s control plane is decoupled from the data plane to centralized controllers. These intelligent, programmable controllers manage network components as a single system, having a global view of the whole network. Microsoft’s Azure uses a host-based SDN solution, where network virtualization and most of its services (Firewalls, Load balancers, Gateways) run as software on the host. The physical switching infrastructure, in turn, offers a resilient, high-speed underlay transport network between hosts.

Figure 1-1 shows an overview of Azure’s SDN architecture. Virtual Filtering Platform (VFP) is Microsoft’s cloud-scale software switch operating as a virtual forwarding extension within a Hyper-V basic vSwitch. The forwarding logic of the VFP uses a layered policy model based on policy rules on Match-Action Table (MAT). VFP works on a data plane, while complex control plane operations are handed over to centralized control systems. VFP layers, such as VNET, NAT, ACL, and Metering, have dedicated controllers that programs policy rules to MAT using southbound APIs.

Software switches switching processes are CPU intensive. To reduce the burden of CPU cycles, VFP offloads data forwarding logic to hardware NIC after processing the first packet of the flow and creating the flow Continue reading

BrandPost: Got Network Downtime? Here’s How to Proactively Reduce It

The hybrid workforce will continue for the foreseeable future, according to the Foundry 2022 Future of Work study. And the trend is affecting hiring and retention, with 62% of IT leaders saying their organizations are guaranteeing flexible work options to stay competitive in the marketplace.Just as important: The technology and systems these employees use must be reliable and secure. Poor connectivity or network downtime not only frustrates users but also eats into productivity.And yet both hybrid and on-site workers are experiencing a high volume of network interruptions, according to a Juniper Networks survey. For example:To read this article in full, please click here

Weekend Reads 010623

Undersea cables between the U. S. and Cuba have long been intertwined with politics.

People like to tout NISTâ€s SP 800-207 [Zero Trust Architecture] as the hot new thing, but the fact is, zero trust network models have been around for over a decade.

As Russian ground troops prepared to enter Ukraine in February 2021, Ukrainian governmental departments, online media organizations, financial firms, and hosting providers were slammed with a surge of distributed denial-of-service (DDoS) attacks.

Prosecutors said the five IT officials of the public administration department had failed to check the security of the system and update it with the most recent antivirus software.

What exactly is the edge? What makes something an edge appliance? These are trickier questions than you might think, and depending on who you ask — and honestly, what theyâ€re trying to sell you — the answers can vary wildly.

Youâ€ve likely been hearing about the World Wide Web Consortiumâ€s (W3C) Web Authentication (WebAuthn) and considering whether youâ€re ready to implement it in your environment.

In this episode of PING, Luuk Hendricks and Willem Toorop from NLNet Labs discuss applying Express Data Path (XDP) to the DNS protocol.

A recent Continue reading

BrandPost: IT Leaders Have a Green Opportunity to Support Sustainability

There are multiple benefits to gain from investing resources into sustainability and environmental, social, and governance (ESG) efforts — including operational efficiencies, swift compliance with regulations, employee and customer satisfaction, as well as the criticality of addressing climate change.IT leaders have a significant role to play here. Estimates project that by 2040, IT operations will produce 14% of the world’s carbon-dioxide emissions — up from 4% today.There is an opportunity to reduce these emissions, support sustainable business growth, and achieve other advantages by addressing IT systems and processes. And it should start with the network architecture.To read this article in full, please click here

Problem Replication or Why Do We Need to Break It Again?

There was a tweet the other day that posited that we don’t “need” to replicate problems to solve them. Ultimately the reason for the tweet was that a helpdesk refused to troubleshoot the problem until they could replicate the issue and the tweeter thought that wasn’t right. It made me start thinking about why troubleshooters are so bent on trying to make something happen again before we actually start trying to fix an issue.

The Definition of Insanity

Everyone by now has heard that the definition of insanity is doing the same thing over and over again and expecting a different result. While funny and a bit oversimplified the reality of troubleshooting is that you are trying to make it do something different with the same inputs. Because if you can make it do the same thing over and over again you’re closer to the root cause of the issue.

Root cause is the key to problem solving. If you don’t fix what’s actually wrong you are only dealing with symptoms and not issues. However, you can’t know what’s actually wrong until you can make it happen more than once. That’s because you have to narrow the actual issue down Continue reading

Former VMware exec Gillis resurfaces to run Cisco security business (again)

Industry veteran Tom Gillis, who left VMware in December, has returned to Cisco in a new but familiar role: senior vice president and general manager of Cisco’s Security Business Group. From 2007 to 2011, Gillis was vice president and general manager of Cisco’s then-called Security Technology Group, which focused on developing network, content and identity management products.After that, Gillis founded cloud computing firm Bracket Computing, which was acquired by VMware in May 2018.Gillis ran VMware's $2 billion networking and security business from that point until this past December, and he was responsible for a number of its core products, including VMware's NSX networking and network/edge software products. To read this article in full, please click here

Former VMware exec Gillis resurfaces to run Cisco security business (again)

Industry veteran Tom Gillis, who left VMware in December, has returned to Cisco in a new but familiar role: senior vice president and general manager of Cisco’s Security Business Group. From 2007 to 2011, Gillis was vice president and general manager of Cisco’s then-called Security Technology Group, which focused on developing network, content and identity management products.After that, Gillis founded cloud computing firm Bracket Computing, which was acquired by VMware in May 2018.Gillis ran VMware's $2 billion networking and security business from that point until this past December, and he was responsible for a number of its core products, including VMware's NSX networking and network/edge software products. To read this article in full, please click here

The Right Stuff for Really Remote Edge Computing

Suppose you operate popup clinics in rural villages and remote locations where there is no internet. You need to capture and share data across the clinic to provide vital healthcare, but if the apps you use require an internet connection to work, they can’t operate in these areas. Or perhaps you’re an oil and gas operator that needs to analyze critical warning data from a pressure sensor on a platform in the North Sea. If the data needs to be processed in cloud data centers, it has to travel incredible distances — at great expense — over unreliable networks. This incurs high degrees of latency, or network slowness, so by the time a result is sent back to the platform, it could be too late to take any action. These kinds of use cases represent a growing class of apps that require 100% uptime and real-time speed, guaranteed — regardless of where they are operating in the world. A fundamental challenge in meeting these requirements remains the network — there are still huge swaths of the globe with little or no internet — meaning apps that depend on connectivity cannot operate in those areas. Emerging advances in network technology are Continue reading

Cloud providers should unify virtual networking and SD-WAN

I’ve predicted that virtual networks will be hot in 2023, but that begs the question of what exactly a “virtual network” is. One definition says, “not physically existing as such but made by software to appear to do so”, and that surely makes you wonder how businesses would be willing to commit to such a thing. Truth is, they already have, but I think it’s time to look closely at the concept of virtual networks, and to categorize what exactly is going on there. Why look at something that isn’t real and only appears to be?  We’ll see.I could offer a lot of discussions on the early days of virtual network evolution here, but they’re probably as useless as a debate on where your lap goes when you stand up, an example of worthless effort I recall from a childhood book. Instead, let’s look at virtual networks from two directions—the user and the application—and see how those two directions are shaping virtual network technology, increasing its importance, and converging on a new network model overall.To read this article in full, please click here

Tangoe Simplifies and De-risks Mobile Device Management