0

Aryaka rolls out cloud-based web gateway for SASE-focused WAN offering

Long-time WAN provider Aryaka today released a version of its Zero Trust WAN product that incorporates a new Secure Web Gateway and Firewall-as-a-Service as it works toward a SASE-enabled WAN offering.The idea is to provide a much more updated version of WAN to enterprise customers-– where SD-WAN traditionally lived in a box in branch offices, the pandemic and the evolving SASE model prompted a more flexible rethink. Now, Aryaka’s latest model is an entirely cloud-based offering, routing secure traffic to branch offices or remote employees while being able to employ robust security technologies via Aryaka’s own cloud.To read this article in full, please click here

0

Different GPU Horses For Different Datacenter Courses

If the semiconductor business teaches us anything, it is that volumes matter more than architecture. …

Different GPU Horses For Different Datacenter Courses was written by Timothy Prickett Morgan at The Next Platform.

0

Automate Calico Cloud and EKS cluster integration using AWS Control Tower

Productive, scalable, and cost-effective, cloud infrastructure empowers innovation and faster deliverables. It’s a no-brainer why organizations are migrating to the cloud and containerizing their applications. As businesses scale their cloud infrastructure, they cannot be bottlenecked by security concerns. One way to release these bottlenecks and free up resources is by using automation.

What if you could automate the deployment and integration of your container security services with your cluster’s environment?

In a joint blog post with AWS Marketplace, AWS Sr. Cloud Application Architect, Deepak Sihag, joins Tigera’s Technical Marketing Engineer, Joseph Yostos, to walk you through the process of activating, deploying, and configuring Calico Cloud in your AWS Control Tower environment. And of course, how to automate the process of connecting Calico Cloud to your EKS cluster.

Blog highlights

Aside from showing you how you can fully leverage the preconfigured resources of AWS Control Tower, the solution walkthrough also highlights:

• Event-driven automation to connect an EKS cluster with Calico Cloud
• AWS CloudFormation deployment
• Detailed runthrough of prerequisite configurations
• Step-by-step guide on how to automate Calico Cloud and EKS cluster integration using AWS Control Tower
• How to clean up your account to avoid incurring costs

Why read the blog?

As the Continue reading

0

VMware embraces DPUs to stretch the use of CPUs

While it is clearly early in the game, VMware has made a bunch of moves recently to ensure that DPUs and the smartNICs they enable are an equal part of enterprise networking environments of the future.VMware is a leading proponent of using digital processing units to free-up server CPU cycles by offloading networking, security, storage, and other processes in order to rapidly and efficiently supporting edge- and cloud-based workloads.Competitors—and partners in some cases—including Intel, Nvidia, AWS, and AMD, also have plans to more tightly integrate DPU-based devices into in firewalls, gateways, enterprise load balancing, and storage-offload applications.To read this article in full, please click here

0

VMware embraces DPUs to stretch the use of CPUs

While it is clearly early in the game, VMware has made a bunch of moves recently to ensure that DPUs and the smartNICs they enable are an equal part of enterprise networking environments of the future.VMware is a leading proponent of using digital processing units to free-up server CPU cycles by offloading networking, security, storage, and other processes in order to rapidly and efficiently supporting edge- and cloud-based workloads.Competitors—and partners in some cases—including Intel, Nvidia, AWS, and AMD, also have plans to more tightly integrate DPU-based devices into in firewalls, gateways, enterprise load balancing, and storage-offload applications.To read this article in full, please click here

0

Advanced OOBM Tactics Simplify and Reinforce Remote Data Center Access

Modern out-of-band management (OOBM) platforms offer a wealth of new features to aid administrators with zero-touch deployments and robust, failure-resistant remote data center connectivity.

0

Used servers: Bargain or too good to be true?

Enterprise IT teams are always on the lookout for ways to save money or gain operational efficiencies. One approach is to purchase used data center equipment such as servers, rather than investing in brand new systems and paying top dollar.There’s no shortage of resellers who cater to this market. Some equipment resellers specifically target gear from hyperscalers, because the hyperscalers replace their hardware at a fast pace, and the equipment they turnover can be more powerful than what most enterprises use today.Those in the business of selling used equipment say demand for their offerings is high.To read this article in full, please click here

0

Used servers: Bargain or too good to be true?

Enterprise IT teams are always on the lookout for ways to save money or gain operational efficiencies. One approach is to purchase used data center equipment such as servers, rather than investing in brand new systems and paying top dollar.There’s no shortage of resellers who cater to this market. Some equipment resellers specifically target gear from hyperscalers, because the hyperscalers replace their hardware at a fast pace, and the equipment they turnover can be more powerful than what most enterprises use today.Those in the business of selling used equipment say demand for their offerings is high.To read this article in full, please click here

0

Repost: What’s Wrong with Network Automation

Responding to my Infrastructure as Code Sounds Scary blog post, Deepak Arora posted an interesting (and unfortunately way too accurate) list of challenges you might encounter when trying to introduce network automation in an enterprise environment.

He graciously allowed me to repost his thoughts on my blog.

---

Why don’t we agree on that :

0

Repost: What’s Wrong with Network Automation

Responding to my Infrastructure as Code Sounds Scary blog post, Deepak Arora posted an interesting (and unfortunately way too accurate) list of challenges you might encounter when trying to introduce network automation in an enterprise environment.

He graciously allowed me to repost his thoughts on my blog.

---

Why don’t we agree on that :

0

The 10 most powerful companies in enterprise networking 2022

Networking vendors have a lot on their plate. They need to innovate in areas like automation, AIOps, Zero Trust Network Access (ZTNA), secure access service edge (SASE), visibility, and multi-cloud management.They must respond to customer preferences for subscription models and network as-a-service (NaaS) offerings. In a recent survey, IDC reported that 61% of organizations worldwide were interested in shifting to consumption-based models for IT investments rather than capital intensive purchases.To read this article in full, please click here

0

The Steady Hand Guiding AMD’s “Prudently Expanding” Datacenter Business

The old AMD – the one before Lisa Su took over – was often brilliant with its instruction set architecture and CPU designs, but sometimes perplexingly careless with its design choices and chip roadmaps. …

The Steady Hand Guiding AMD’s “Prudently Expanding” Datacenter Business was written by Timothy Prickett Morgan at The Next Platform.

0

What we served up for the last Birthday Week before we’re a teenager

Almost a teen. With Cloudflare’s 12th birthday last Tuesday, we’re officially into our thirteenth year. And what a birthday we had!

36 announcements ranging from SIM cards to post quantum encryption via hardware keys and so much more. Here’s a review of everything we announced this week.

Monday

What	In a sentence…
The First Zero Trust SIM	We’re bringing Zero Trust security controls to the humble SIM card, rethinking how mobile device security is done, with the Cloudflare SIM: the world’s first Zero Trust SIM.
Securing the Internet of Things	We’ve been defending customers from Internet of Things botnets for years now, and it’s time to turn the tides: we’re bringing the same security behind our Zero Trust platform to IoT.
Bringing Zero Trust to mobile network operators	Helping bring the power of Cloudflare’s Zero Trust platform to mobile operators and their subscribers.

Tuesday

What	In a sentence…
Workers Launchpad	Leading venture capital firms to provide up to $1.25 BILLION to back startups built on Cloudflare Workers.
Startup Plan v2.0	Increasing the scope, eligibility and products we include under our Startup Plan, enabling more developers and startups to build the next big thing on top of Cloudflare.
workerd: Continue reading

0

Network Break 401: Google Teases Multi-Gig Home Broadband; New USB Cables Use Slightly Less Plastic

Today's Network Break covers three Google stories including Google Fiber's ambitions for multi-gig Internet and the killing of Stadia. We also discuss a rise in firewall sales, using plant-based materials in USB cables, and more IT news.

0

Network Break 401: Google Teases Multi-Gig Home Broadband; New USB Cables Use Slightly Less Plastic

Today's Network Break covers three Google stories including Google Fiber's ambitions for multi-gig Internet and the killing of Stadia. We also discuss a rise in firewall sales, using plant-based materials in USB cables, and more IT news.

The post Network Break 401: Google Teases Multi-Gig Home Broadband; New USB Cables Use Slightly Less Plastic appeared first on Packet Pushers.

0

Offensive Security & Threat Hunting: The Best Defense is a Good Offense

Offensive security is the future of cybersecurity as the proactive mindset enables threat hunters to be more efficient in detecting vulnerabilities.

0

Monday Mobility Quick Thoughts

I’m getting ready for Mobility Field Day 8 later this week and there’s been a lot of effort making sure we’re ready to go. That means I’ve spent lots of time thinking about event planning instead of writing. So I wanted to share some quick thoughts with you ahead of this week as well as WLPC Europe next week.

• I remain convinced than half of the objections that are raised by oversight organizations when it comes to adopting new technology come from the fact they got caught flat-footed and weren’t ready for it to be popular. Whether it’s the Wi-Fi 6E safety issue or the report earlier this year from the FAA about 5G and airports it just seems like organizations spend less time doing actual investigation and more time writing press releases about how they are ready to figure it all out yet.
• I also remain cautiously optimistic that the new Apple devices rumored to be coming out later this year, namely the iPad Pro and MacBook Pro with M2 chips, will have Wi-Fi 6E support. Yes, the iPhone didn’t. It’s also a smaller device with less room to add new hardware. The iPad and MacBook have historically gotten Continue reading

0

Defending against future threats: Cloudflare goes post-quantum

There is an expiration date on the cryptography we use every day. It’s not easy to read, but somewhere between 15 or 40 years, a sufficiently powerful quantum computer is expected to be built that will be able to decrypt essentially any encrypted data on the Internet today.

Luckily, there is a solution: post-quantum (PQ) cryptography has been designed to be secure against the threat of quantum computers. Just three months ago, in July 2022, after a six-year worldwide competition, the US National Institute of Standards and Technology (NIST), known for AES and SHA2, announced which post-quantum cryptography they will standardize. NIST plans to publish the final standards in 2024, but we want to help drive early adoption of post-quantum cryptography.

Starting today, as a beta service, all websites and APIs served through Cloudflare support post-quantum hybrid key agreement. This is on by default¹; no need for an opt-in. This means that if your browser/app supports it, the connection to our network is also secure against any future quantum computer.

We offer this post-quantum cryptography free of charge: we believe that post-quantum security should be the new baseline for the Internet.

Deploying post-quantum cryptography seems like a Continue reading

0

Using Ansible and Packer, From Provisioning to Orchestration

Red Hat Ansible Automation Platform can help you orchestrate, operationalize and govern your hybrid cloud deployments.  In my last public cloud blog, I talked about Two Simple Ways Automation Can Save You Money on Your AWS Bill and similarly to Ashton’s blog Bringing Order to the Cloud: Day 2 Operations in AWS with Ansible, we both wanted to look outside the common public cloud use-case of provisioning and deprovisioning resources and instead look at automating common operational tasks.  For this blog post I want to cover how the Technical Marketing team for Ansible orchestrates a pipeline for demos and workshops with Ansible and how we integrate that with custom AMIs (Amazon Machine Images) created with Packer.  Packer is an open source tool that allows IT operators to standardize and automate the process of building system images.

For some of our self-paced interactive hands-on labs on Ansible.com, we can quickly spin up images in seconds.  In an example automation pipeline we will:

1. Provision a virtual instance.
2. Use Ansible Automation Platform to install an application; in my case, I am literally installing our product Ansible Automation Platform (is that too meta?).
3. After the application Continue reading

0

Automatic (secure) transmission: taking the pain out of origin connection security

In 2014, Cloudflare set out to encrypt the Internet by introducing Universal SSL. It made getting an SSL/TLS certificate free and easy at a time when doing so was neither free, nor easy. Overnight millions of websites had a secure connection between the user’s browser and Cloudflare.

But getting the connection encrypted from Cloudflare to the customer’s origin server was more complex. Since Cloudflare and all browsers supported SSL/TLS, the connection between the browser and Cloudflare could be instantly secured. But back in 2014 configuring an origin server with an SSL/TLS certificate was complex, expensive, and sometimes not even possible.

And so we relied on users to configure the best security level for their origin server. Later we added a service that detects and recommends the highest level of security for the connection between Cloudflare and the origin server. We also introduced free origin server certificates for customers who didn’t want to get a certificate elsewhere.

Today, we’re going even further. Cloudflare will shortly find the most secure connection possible to our customers’ origin servers and use it, automatically. Doing this correctly, at scale, while not breaking a customer’s service is very complicated. This blog post explains how we are Continue reading