The Many Types of VPN
I'm not sure this is all of them ?
I'm not sure this is all of them ?
For HPE, The Cloud Is A Private And A Public Matter
Three years ago, Hewlett Packard Enterprise was the first major hardware and software infrastructure vendor to announce plans to make its entire portfolio available as a service, setting 2022 as the deadline for making that happen. …
For HPE, The Cloud Is A Private And A Public Matter was written by Jeffrey Burt at The Next Platform.
Fortinet Rolls Out Cloud-Native Firewall at AWS Re:Invent
In almost every aspect of infrastructure, AWS offers a "basic" product, but partners provide more advanced capabilities. That's the case with this new firewall service.CXL from promise to reality with real silicon on customer platforms
Sponsored Post: We all know that inferencing and training AI models needs a lot of CPU muscle, but we don’t necessarily appreciate how important other components are in supporting AI and ML applications. …
CXL from promise to reality with real silicon on customer platforms was written by Martin Courtney at The Next Platform.
Why Would You Need an Overlay Network?
I got this question from one of ipSpace.net subscribers:
My VP is not a fan of overlays and is determined to move away from our legacy implementation of OTV, VXLAN, and EVPN1. We own and manage our optical network across all sites; however, it’s hard for me to picture a network design without overlays. He keeps asking why we need overlays when we own the optical network.
There are several reasons (apart from RFC 1925 Rule 6a) why you might want to add another layer of abstraction (that’s what overlay networks are in a nutshell) to your network.
Why Would You Need an Overlay Network?
I got this question from one of ipSpace.net subscribers:
My VP is not a fan of overlays and is determined to move away from our legacy implementation of OTV, VXLAN, and EVPN1. We own and manage our optical network across all sites; however, it’s hard for me to picture a network design without overlays. He keeps asking why we need overlays when we own the optical network.
There are several reasons (apart from RFC 1925 Rule 6a) why you might want to add another layer of abstraction (that’s what overlay networks are in a nutshell) to your network.
Can Anyone Make Money From Modern Storage?
In the past three decades, there has been no shortage of companies with interesting ideas to solve very specific data storage and retrieval problems associated with high performance computing in some form or another. …
Can Anyone Make Money From Modern Storage? was written by Timothy Prickett Morgan at The Next Platform.
Network Automation with CUE – Working with YANG-based APIs
In the previous post, I mentioned that CUE can help you work with both “industry-standard” semi-structured APIs and fully structured APIs where data is modelled using OpenAPI or JSON schema. However, there was an elephant in the room that I conveniently ignored but without which no conversation about network automation would be complete. With this post, I plan to rectify my previous omission and explain how you can use CUE to work with YANG-based APIs. More specifically, I’ll focus on OpenConfig and gNMI and show how CUE can be used to write YANG-based configuration data, validate it and send it to a remote device.
Automating YANG-based APIs with CUE
Working with YANG-based APIs is not much different from what I’ve described in the two previous blog posts [1] and [2]. We’re still dealing with structured data that gets assembled based on the rules defined in a set of YANG models and sent over the wire using one of the supported protocols (Netconf, Restconf or gNMI). One of the biggest differences, though, is that data generation gets done in one of the general-purpose programming languages (e.g. Python, Go), since doing it in Ansible is not feasible due to the Continue reading
How Modern, Open Technologies Can Boost Recruiting and Retention
From languages to tools to culture and methodologies, adopting and using open technologies – of the sort exemplified in many DevOps toolchains, for example – will have a compounding positive impact on tech talent in your organization.New! Free self-paced workshops for containers and Kubernetes
There’s no better way to learn something than to get hands-on. Tigera is excited to present its brand new (and completely free!) self-paced workshops for containers and Kubernetes. Each workshop comes with your own provisioned sample application (Hipstershop) and Calico Cloud lab environment for a limited time.
The first self-paced workshop we’ve launched is on compliance for containers and Kubernetes. Let’s take a closer look at why you should enroll in our compliance workshop and what you’ll gain.
Why get hands-on with achieving compliance?
From the Payment Card Industry Data Security Standard (PCI DSS) to the Health Insurance Portability and Accountability Act (HIPAA) to the General Data Protection Regulation (GDPR), most industries must meet certain compliance requirements when it comes to handling personal data. This could mean implementing resource access control, isolating workloads with sensitive data, or enforcing more advanced security controls such as logging all customer confidential data transactions. No matter what sort of controls you need to implement, the compliance auditor will require proof of compliance, such as what security controls are currently in place, whether control changes can be detected, and if compliance can be verified on demand. The ephemeral nature of Kubernetes can make it Continue reading
Project signing and verification
Project signing is a new feature developed for Red Hat Ansible Automation Platform that came out in the latest 2.3 release. It enables users to sign project-based content (think playbooks, workflows, inventories, etc.) and verify whether or not that content has remained secure. It also features a new CLI tool, ansible-sign. This blog post will explain how it works, illustrate how to implement it, and highlight a few scenarios.
Why we need signing capabilities
Organizations need to make sure their automation is tested and performing the intended tasks. However, what if someone deploys untested automation, or worse yet, someone intentionally tries to automate something nefarious? It might not even be intentional, but can simply be an organization using a community collection whose author removes a feature that they were using.
When organizations start adopting automation at the enterprise level, there may be hundreds to thousands of tasks being performed every hour across thousands of infrastructure nodes. How do you make sure the automation content that is being executed can be trusted? How do you know your automation is doing what you think it is? Is your organization pulling content from various sources outside of Continue reading