Identifying content gaps in our documentation

Identifying content gaps in our documentation
Identifying content gaps in our documentation

If you’ve tuned into this blog for long enough, you’ll notice that we’re pretty big on using and stress-testing our own products (“dogfooding”) at Cloudflare.

That applies to our security team, product teams, and – as my colleague Kristian just blogged about – even our documentation team. We’re incredibly excited to be on the Pages platform, both because of the performance and workflow improvements and the opportunity to help the platform develop.

What you probably haven’t heard about is how our docs team uses dogfooding – and data – to improve our documentation.

Dogfooding for docs

As a technical writer, it’s pretty common to do the thing you’re documenting. After all, it’s really hard to write step-by-step instructions if you haven’t been through those steps. It’s also a great opportunity to provide feedback to our product teams.

What’s not as common for a writer, however, is actually using the thing you’re documenting. And it’s totally understandable why. You’re already accountable to your deadlines and product managers, so you might not have the time. You might not have the technical background. And then there’s the whole problem of a real-world use case. If you’re really dedicated, you can set Continue reading

Repost: Buffers, Congestion, Jitter, and Shapers

Béla Várkonyi left a great comment on a blog post discussing (among other things) whether we need large buffers on spine switches. I don’t know how many people read the comments; this one is too valuable to be lost somewhere below the fold

You might want to add another consideration. If you have a lot of traffic aggregation even when the ingress and egress port are roughly at the same speed or when the egress port has more capacity, you could still have congestion. Then you have two strategies, buffer and suffer jitter and delay, or drop and hope that the upper layers will detect it and reduce the sending by shaping.

Read more …

Repost: Buffers, Congestion, Jitter, and Shapers

Béla Várkonyi left a great comment on a blog post discussing (among other things) whether we need large buffers on spine switches. I don’t know how many people read the comments; this one is too valuable to be lost somewhere below the fold

You might want to add another consideration. If you have a lot of traffic aggregation even when the ingress and egress port are roughly at the same speed or when the egress port has more capacity, you could still have congestion. Then you have two strategies, buffer and suffer jitter and delay, or drop and hope that the upper layers will detect it and reduce the sending by shaping.

Read more …

Automation 14. Deep dive into Building CI/CD for Network Automation and Software Development with GitHub Actions

Hello my friend,

We planned to write this blogpost for a few weeks if not months, but due to various reasons it was delayed. We are delighted to finally post it, so that you can get some useful ideas how you can build your own CI/CD pipeline with GitHub, probably the most popular platform for collaborative software development.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Regards

A lot of lessons about building the CI/CD pipelines and importance of unit testing and linting checks I learned from a colleague of mine, Leigh Anderson, whom I’m very grateful for that.

CI/CD Overview

CI/CD is an approach, which is very often used in software development, and discussed outside of that area. It stands for:

  • CI (Continuous Integration) is a process, where the created software (for sake of simplicity, any piece of code) is getting ready to be deployed.
  • CD (Continuous Deployment) is a process, where the software, which is ready for deployment, is actually deployed Continue reading

Controversial Reads 062522


Research by Citrix shows business leaders don’t entirely trust their employees when it comes to hybrid work.


The best result for big tech is if laws are absent or useless. The latest survey of big tech lobbying in the US reveals a flotilla of nearly 500 salespeople/lawyers touring the US state legislatures, trying to either draw up tech friendly legislation to insert into privacy bills, water then down through persuasion, or just keep them off the books.


Last month, the 11th Circuit Court of Appeals held that several parts of Florida’s social media law, S.B. 7072, were likely unconstitutional.


So when Facebook points out that Apple is using switching costs to take its users hostage, they know what they’re talking about.


Eliza became a phenomenon. Engineers got into Abbott and Costello–worthy accidental arguments with it when they thought they’d connected to a real co-worker.


Over the past few years, data brokers and federal military, intelligence, and law enforcement agencies have formed a vast, secretive partnership to surveil the movements of millions of people.


The positive and negative real-world impacts of blockchain applications both direct and indirect are critical. Whether this increasingly institutionalized sector will spark a real revolution or Continue reading

Optics Are More Important Than Your Switches At 400G

This post originally appeared on the Packet Pushers’ Ignition site on January 9, 2020.   This slide from the Cisco Live BRKOPT-2006 presentation on “Preparing for 400 GbE” jumped out at me. I recommend you download the whole presentation and keep it for future reference. It’s an excellent resource with lots of useful information. Optics […]

The post Optics Are More Important Than Your Switches At 400G appeared first on Packet Pushers.

Worth Reading: Smart Highways or Smart Cars?

I stumbled upon an interesting article in one of my RSS feeds: should we build smart highways or smart cars?

The article eloquently explains how ridiculous and expensive it would be to put the smarts in the infrastructure, and why most everyone is focused on building smart cars. The same concepts should be applied to networking, but of course the networking vendors furiously disagree – the network should be as complex, irreplaceable, and expensive as possible. I collected a few examples seven years ago, and nothing changed in the meantime.

Worth Reading: Smart Highways or Smart Cars?

I stumbled upon an interesting article in one of my RSS feeds: should be build smart highways or smart cars?

The article eloquently explains how ridiculous and expensive it would be to put the smarts in the infrastructure, and why most everyone is focused on building smart cars. The same concepts should be applied to networking, but of course the networking vendors furiously disagree – the network should be as complex, irreplaceable, and expensive as possible. I collected a few examples seven years ago, and nothing changed in the meantime.

Six Coaching Principles That Took Me Years to Learn

This post is overdue. Perhaps by a few years. Finally, earlier this week, I saw a few posts on Reddit that made me thumb through stacks of papers to find my initial draft. What comes here, at its finest, is merely personal experience. I would call the lesson “established rules” if I had enough scientific […]

The post Six Coaching Principles That Took Me Years to Learn appeared first on Packet Pushers.

AMD Needs To Complete The Datacenter Set With Switching

In the past several decades, data processing and storage systems could be architected from best of breed components, and the market could – and did – sustain multiple suppliers of competing technologies in each of the categories of compute, networking, and storage.

AMD Needs To Complete The Datacenter Set With Switching was written by Timothy Prickett Morgan at The Next Platform.

Cisco announces plan to exit Russia and Belarus

Cisco has announced plans to formally exit Russia, winding down its business operations in Russia and Belarus in response to the invasion of Ukraine earlier this year.The networking company first made a statement on March 3, declaring that it would be halting all business operations in Russia and Belarus "for the foreseeable future." On Thursday the company released another statement, noting that it had continued to "closely monitor" the war in Ukraine and as a result, a decision had been made to "begin an orderly wind-down of our business in Russia and Belarus."To read this article in full, please click here

Weekend Reads 062422


The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom .NET-based backdoor in recent campaigns directed against the Middle East.


A service level agreement (SLA) is a contract between a cloud provider and a user. The SLA describes the provider’s minimum level of service, specified by performance metrics, and the compensation due to the user should the provider fail to deliver this service.


Grooming techniques used in various frauds are getting more common and more elaborate. Fraudsters are coming up with narratives that involve complicated lies and may have different stages, depending on the type of fraud.


For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear.


Introduced last fall, GDC enables customers to deploy managed servers and software in private datacenters and at communication service provider or on the edge.


In recent years, the price per address for small blocks (/17 and smaller) has been greater than the price per address of large blocks (/16 and larger).


Domain Name System (DNS) abuse is one of the most important ongoing discussions in the community. Many Continue reading

Heavy Networking 636: Mindfulness And IT Leadership

Today on Heavy Networking we’re talking about mindfulness in the workplace. Mindfulness, which is about being aware of your senses and feelings in the moment, could be a useful tool to help you navigate the high-stress, high-stakes IT profession. Our guest is Jennifer “JJ” Minella. She’s an IT practitioner, network architect, author, and the founder and principal advisor of Viszen Security.

Heavy Networking 636: Mindfulness And IT Leadership

Today on Heavy Networking we’re talking about mindfulness in the workplace. Mindfulness, which is about being aware of your senses and feelings in the moment, could be a useful tool to help you navigate the high-stress, high-stakes IT profession. Our guest is Jennifer “JJ” Minella. She’s an IT practitioner, network architect, author, and the founder and principal advisor of Viszen Security.

The post Heavy Networking 636: Mindfulness And IT Leadership appeared first on Packet Pushers.

The Silver Lining of Cisco Live

Cisco Live 2022 Attendees by the big sign

Cisco Live was last week and it was an event full of both relief and worry. Having not seen any of my friends and colleagues during the Geek Summer Camp for since 2019 I was excitedly anticipating how things would go this year. While I was thrilled to see everyone in real life again there were also challenges that presented themselves by the end of the event that we need to discuss as well.

I could spend volumes detailing every little thing that went on but no one really wants to read that kind of discussion. I’ll just summarize some the stuff that I liked, some of it that I didn’t, and some bigger things that everyone needs to think about.

What Worked for Me

I was happy to once more be a part of the CCIE Advisory Council. We have been meeting via Webex for the entire pandemic but there’s just something about being in a room together that fosters conversation and sharing. The ideas that we discussed are going to have a positive impact on the program as we look at what the future of certifications will be. There’s a Continue reading

Technology Short Take 156

Welcome to Technology Short Take #156! It’s been about a month since the last Technology Short Take, and in that time I’ve been gathering links that I wanted to share with my readers. (I still have quite the backlog of links to read!) Hopefully something I share here will prove useful to someone. Enjoy the links below, and enjoy your weekend!

Networking

  • I’d never heard of Pipy before seeing it in this article, but it look like it could be quite useful for a number of use cases.
  • William Morgan, one of the creators of Linkerd, has a lengthy treatise on eBPF, sidecars, and the future of the service mesh. As a (relative) layperson—meaning I’m not an eBPF expert—I don’t know if I should believe the eBPF cheerleaders (some of whom I know personally and are familiar with their technical expertise) or folks like William who have clearly “been there, done that” with service mesh. I certainly think there’s a place for eBPF in service meshes, but I’m not yet on board with sidecar-less service meshes (or per-node proxy models).

Security

  • BPFDoor, as it is known, is a passive backdoor that allows threat actors to remotely connect Continue reading

Put In The Work

Would you like to stand out from your peers? Would you like to impress the people you work for, or perhaps the people you’d like to work for? Put in the work. Putting in the work to achieve a goal is a form of self-sacrifice. To get the thing you want, you need to give up something else.

The post Put In The Work appeared first on Packet Pushers.

Cloudflare One vs Zscaler Zero Trust Exchange: who is most feature complete? It’s not who you might expect

Cloudflare One vs Zscaler Zero Trust Exchange: who is most feature complete? It’s not who you might expect
Cloudflare One vs Zscaler Zero Trust Exchange: who is most feature complete? It’s not who you might expect

Zscaler has been building out its security offerings for 15 years. Cloudflare is 13 years old, and we have been delivering Zero Trust for the last four. This sounds like we are a late starter — but in this post, we’re going to show that on total Zero Trust, SSE, SASE and beyond, Cloudflare One functionality surpasses that of Zscaler Zero Trust Exchange.

Functional Criteria Group Cloudflare Zscaler
Internet-native network platform 100% (5 of 5) 20% (1 of 5)
Cloud-native service platform 100% (4 of 4) 25% (1 of 4)
Services to adopt SASE 83% (5 of 6) 66% (4 of 6)
Services to extend ZT, SSE, SASE and beyond 66% (8 of 12) 58% (7 of 12)
Network on-ramps 90% (9 of 10) 50% (5 of 10)

This may come as a surprise to many folks. When we’ve shared this with customers, the question we’ve often received is: How? How has Cloudflare been able to build out a competitive offering so quickly?

Having built out Continue reading

How Cloudflare Security does Zero Trust

How Cloudflare Security does Zero Trust
How Cloudflare Security does Zero Trust

Throughout Cloudflare One week, we provided playbooks on how to replace your legacy appliances with Zero Trust services. Using our own products is part of our team’s culture, and we want to share our experiences when we implemented Zero Trust.

Our journey was similar to many of our customers. Not only did we want better security solutions, but the tools we were using made our work more difficult than it needed to be. This started with just a search for an alternative to remotely connecting on a clunky VPN, but soon we were deploying Zero Trust solutions to protect our employees’ web browsing and email. Next, we are looking forward to upgrading our SaaS security with our new CASB product.

We know that getting started with Zero Trust can seem daunting, so we hope that you can learn from our own journey and see how it benefited us.

Replacing a VPN: launching Cloudflare Access

Back in 2015, all of Cloudflare’s internally-hosted applications were reached via a hardware-based VPN. On-call engineers would fire up a client on their laptop, connect to the VPN, and log on to Grafana. This process was frustrating and slow.

Many of the products we build are Continue reading

1 446 447 448 449 450 3,807