0

Software-defined perimeter: What it is and how it works

A growing number of organizations are drawing an invisible line around their internet-connected resources in an effort to keep attackers at bay. Called software-defined perimeter (SDP), it is based on the relatively simple idea of throwing a virtual barrier around servers, routers, printers, and other enterprise network components.The goal of SDP is to protect networks behind a flexible, software-based perimeter. "Advantages include stronger security and greater flexibility and consistency," says Ron Howell, principal SD-WAN and SASE architect at IT and business consulting firm Capgemini Americas.To read this article in full, please click here

0

Software-defined perimeter: What it is and how it works

A growing number of organizations are drawing an invisible line around their internet-connected resources in an effort to keep attackers at bay. Called software-defined perimeter (SDP), it is based on the relatively simple idea of throwing a virtual barrier around servers, routers, printers, and other enterprise network components.The goal of SDP is to protect networks behind a flexible, software-based perimeter. "Advantages include stronger security and greater flexibility and consistency," says Ron Howell, principal SD-WAN and SASE architect at IT and business consulting firm Capgemini Americas.To read this article in full, please click here

0

Cisco expands its SD-WAN software for wider reach, better security

Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric.The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco’s Enterprise Cloud & SD-WAN group. “They want to connect these users as reliably and securely as these users would be in an office environment,” he said. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

0

Cisco expands its SD-WAN software for wider reach, better security

Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric.The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco’s Enterprise Cloud & SD-WAN group. “They want to connect these users as reliably and securely as these users would be in an office environment,” he said. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

0

What’s new in Calico Cloud: General availability of new container security features

Summer is almost over but we are bringing the heat back with the official release of Tigera’s new container security features. With this official launch, Calico leads the industry by offering a complete line of solutions across every stage of a cloud-native application CI/CD pipeline. From a new and improved approach to scanning container images for vulnerabilities to strengthening runtime security with improved performance, we’ve significantly improved and enhanced our Image Assurance and Runtime Threat Defense features for this exciting new phase of our Calico Cloud offering. Let’s take a look at the new container security features of this release.

Vulnerability management through Image Assurance

Scanning container images for vulnerabilities is a critical first step in stopping malicious software from being deployed. As business demands grow, development teams are pushed to churn out updates and new features faster. As a result, DevOps teams require assistance to help them quickly identify vulnerabilities in the registries where the container images are pulled from. Calico Cloud is now offering a CLI-based scanner for on-demand scanning, where customers can locally scan for vulnerabilities in their build stage. A lightweight downloadable binary is all it takes to perform these scans and integrate the process into Continue reading

0

VMware to pay $8M fine, settling charges it fudged the timing of backlogged orders

At a time when vendor order backlogs are at an all-time high and scrutiny of them is as well, VMware has agreed to pay an $8 million fine for disingenuous backlog reporting practices in 2019 and 2020.The Securities and Exchange Commission had charged VMware for misleading investors about its order backlog management practices, specifically stating that VMware had  moved revenue into future quarters by delaying product deliveries to customers, concealing the company’s slowing performance relative to its projections, the SEC stated. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

0

Nvidia Hopper GPU slays predecessor in ML benchmarks

Nvidia has released performance data for its forthcoming Hopper generation of GPUs, and the initial benchmarks are tremendous.The metrics are based on MLPerf Inference v2.1, an industry-standard benchmark that analyzes the performance of inferencing tasks using a machine-learning model against new data.Nvidia claims its Hopper-based H100 Tensor Core GPUs delivered up to 4.5x greater performance than its previous A100 Ampere GPUs. (Read more about Hopper: Nvidia unveils a new GPU architecture designed for AI data centers) It’s a remarkable jump in just one generation. For comparison, CPU benchmarks often grow 5% to 10% from one generation to the next. To read this article in full, please click here

0

Nvidia Hopper GPU slays predecessor in ML benchmarks

Nvidia has released performance data for its forthcoming Hopper generation of GPUs, and the initial benchmarks are tremendous.The metrics are based on MLPerf Inference v2.1, an industry-standard benchmark that analyzes the performance of inferencing tasks using a machine-learning model against new data.Nvidia claims its Hopper-based H100 Tensor Core GPUs delivered up to 4.5x greater performance than its previous A100 Ampere GPUs. (Read more about Hopper: Nvidia unveils a new GPU architecture designed for AI data centers) It’s a remarkable jump in just one generation. For comparison, CPU benchmarks often grow 5% to 10% from one generation to the next. To read this article in full, please click here

0

Ethereum Gateway support for Görli + Sepolia Testnets and the Ethereum Merge

Today we are excited to announce support for the Ethereum Merge on the Ethereum network and that our Ethereum gateways now support the Görli and Sepolia test networks (testnets). Sepolia and Görli testnets can be used to test and develop full decentralized applications (dapps) or test upgrades to be deployed on the mainnet Ethereum network. These testnets also use the Ethereum protocol, with the major difference that the Ether transacted on the testnet has no value.

Ethereum is a decentralized blockchain with smart contract functionality which Cloudflare allows you to interact with through an HTTP API. For a quick primer on Ethereum and our gateway, please refer to our previous blog post on the Ethereum Gateway.

As preparation for the merge, the Ethereum Foundation has executed merges on multiple testnets to ensure that the actual mainnet merge will occur with minimal to no disruption. These testnets both successfully upgraded to Proof of Stake and Proof of Authority, respectively. Cloudflare’s Testnet Gateway handled the Görli-Prater merge without issue, ensuring that we will be ready and prepared for the upcoming Ethereum Merge for mainnet. Our testnet gateways are live and ready for use by Cloudflare Ethereum Gateway customers.

In this blog, Continue reading

0

Ansible vs. Terraform Demystified

 

Ansible and Terraform are two very powerful but unique open source IT tools that are often compared in competitive discussions.  We often see comparisons of the two tools - but many times, these comparisons are done purely from a “spec sheet” comparison. This type of comparison, while an interesting read, doesn’t take into account using the products at scale or if the comparison is realistic as a binary all-or-nothing approach. We at Red Hat have been helping enterprises for over 20 years and have a good idea how most IT administrators are using these two tools in production. Although both tools can generally do most things, we typically see that they are each leveraged by means of their biggest strengths as opposed to having to choose one or the other.

Spoiler:  The two tools are better together and can work in harmony to create a better experience for developers and operations teams.

Both Ansible and Terraform are open source tools with huge user bases, which often leads to cult followings because of the classical “hammer” approach.  That is, if my only tool is a hammer, every problem will start resembling a nail. This ends up trying to solve new Continue reading

0

Infrastructure-as-Code Sounds Scary

One of my readers preparing for public cloud deployment sent me an interesting observation:

I pushed to use infrastructure-as-code as we move to Azure, but I’m receiving a lot of pushback due to most of the involved parties not having any experience with code. Management is scared to use any kind of “homegrown” tools that only a few would understand. I feel like I’m stuck deploying and managing the environment manually.

It looks like a bad case of suboptimal terminology for this particular audience. For whatever reason, some infrastructure engineers prefer to stay as far away from programming as possible¹, and infrastructure-as-code sounds like programming to them.

0

Infrastructure-as-Code Sounds Scary

One of my readers preparing for public cloud deployment sent me an interesting observation:

I pushed to use infrastructure-as-code as we move to Azure, but I’m receiving a lot of pushback due to most of the involved parties not having any experience with code. Management is scared to use any kind of “homegrown” tools that only a few would understand. I feel like I’m stuck deploying and managing the environment manually.

It looks like a bad case of suboptimal terminology for this particular audience. For whatever reason, some infrastructure engineers prefer to stay as far away from programming as possible¹, and infrastructure-as-code sounds like programming to them.

0

How IT Leaders Can Be Proactive in the Face of Change

Expect the unexpected, and prepare for it by having a stronger, more secure network, say IT leaders still adjusting to a new workplace.

0

Practical OpenStack #006. What is the step-by-step deployment plan

Hello my friend,

Once we are sorted with the theoretical part of how we are to deploy OpenStack, we are moving to a practical bit. Today we are going to explain the steps we are going to take in order to deploy OpenStack, the supporting storage and how they are to be integrated.

Don’t Forget to Learn How to Automate All the Things

Video to the Topic

Need Help? Contract Us

If you need a trusted and experienced partner to automate your network and IT infrastructure, get in touch with us.

P.S.

If you have further questions or you need help with your networks, we are happy to assist you, just send us a message. Also don’t forget to share the article on your social media, if you like it.

BR,

Anton Karneliuk

0

On the Web: Privacy and Logging

In the last post on this topic, I concluded that IP addresses are protected information—operators should handle users’ IP addresses according to privacy best practices. But I also concluded that because IP addresses used for forwarding.

0

AWS, Harvard collaborate to advance quantum networking

Amazon Web Services is teaming with Harvard University to further quantum-networking research and development.Specifically the AWS Center for Quantum Networking (CQN) and Harvard Quantum Initiative (HQI) will team to cultivate projects to develop quantum memory, integrated photonics, and quantum applications that could help underpin future quantum networks and a quantum internet. The collaboration includes funding from AWS to upgrade the quantum-fabrication capabilities of Harvard's Center for Nanoscale Systems, which works on nanofabrication, materials characterization, soft lithography, and imaging, and that also receives funding from the National Science Foundation.To read this article in full, please click here

0

Why Aren’t There Software-Defined NUMA Servers Everywhere?

For decades, we have been using software to chop up servers with virtualization hypervisors to run many small workloads on a relatively big piece of iron. …

Why Aren’t There Software-Defined NUMA Servers Everywhere? was written by Timothy Prickett Morgan at The Next Platform.

0

Linux Bonding, LLDP, and MAC Flapping

Sometimes a painfully troublesome networking problem can have a complicated and brain-twisting root cause, one which you dread having to explain to peers and managers. However, sometimes the root cause is dead simple and makes you feel silly for how long it took you to find it. Today, I had one of the latter and […]

The post Linux Bonding, LLDP, and MAC Flapping appeared first on Packet Pushers.

0

Network Break 398: New Broadcom Trident Chip Supports Threat Analysis; Startup Challenges SD-WAN, MPLS

Today's Network Break podcast examines a new Broadcom switch ASIC that can support threat analysis, a startup that's challenging the SD-WAN and MPLS markets, Apple's new partner for an emergency SMS service that uses satellites, a great quarter for data center switch revenue, and more IT news.

0

Network Break 398: New Broadcom Trident Chip Supports Threat Analysis; Startup Challenges SD-WAN, MPLS

Today's Network Break podcast examines a new Broadcom switch ASIC that can support threat analysis, a startup that's challenging the SD-WAN and MPLS markets, Apple's new partner for an emergency SMS service that uses satellites, a great quarter for data center switch revenue, and more IT news.

The post Network Break 398: New Broadcom Trident Chip Supports Threat Analysis; Startup Challenges SD-WAN, MPLS appeared first on Packet Pushers.