Tech Bytes: Manage Cloud Risks With Fortinet’s New FortiCNP Offering (Sponsored)

Today on the Tech Bytes podcast we talk about managing cloud risk with sponsor Fortinet. Fortinet recently announced its new FortiCNP product, which collects and correlates security findings, alerts and other data from cloud-native services, analyzes vulnerabilities, looks for misconfigurations, and more.

The post Tech Bytes: Manage Cloud Risks With Fortinet’s New FortiCNP Offering (Sponsored) appeared first on Packet Pushers.

HPE Slingshot Makes The GPUs Do Control Plane Compute

In modern system architecture, there is a lot of shifting pieces of systems software (particularly in the control plane) and often their workloads around between pieces of silicon to get better bang for the buck, to improve the overall security of the system, or both.

HPE Slingshot Makes The GPUs Do Control Plane Compute was written by Timothy Prickett Morgan at The Next Platform.

Using the watch command on Linux

Watch is a command on Linux that will repeatedly run commands for you, and it offers some very useful options. One of its basic options is that you can tell watch how long to wait before running the specified command again. For example, if you run the command watch -n 10 date, the watch command will first clear the screen and run the date command right away. After that, it will run the command every 10 seconds until you stop it by hitting control-C. Note that the first line on the screen will indicate the wait time between iterations (every 10 seconds).$ watch -n 10 date Every 10.0s: date fedora: Fri, Aug 12 16:32:09 EDT 2022 Fri Aug 12 04:10:11 PM EDT 2022 The -n option specifies the number of seconds between commands. The default is 2. You might have to look closely to notice the changes in the output.To read this article in full, please click here

Using the watch command on Linux

Watch is a command on Linux that will repeatedly run commands for you, and it offers some very useful options. One of its basic options is that you can tell watch how long to wait before running the specified command again. For example, if you run the command watch -n 10 date, the watch command will first clear the screen and run the date command right away. After that, it will run the command every 10 seconds until you stop it by hitting control-C. Note that the first line on the screen will indicate the wait time between iterations (every 10 seconds).$ watch -n 10 date Every 10.0s: date fedora: Fri, Aug 12 16:32:09 EDT 2022 Fri Aug 12 04:10:11 PM EDT 2022 The -n option specifies the number of seconds between commands. The default is 2. You might have to look closely to notice the changes in the output.To read this article in full, please click here

Using the watch command on Linux

Watch is a command on Linux that will repeatedly run commands for you, and it offers some very useful options. One of its basic options is that you can tell watch how long to wait before running the specified command again. For example, if you run the command watch -n 10 date, the watch command will first clear the screen and run the date command right away. After that, it will run the command every 10 seconds until you stop it by hitting control-C. Note that the first line on the screen will indicate the wait time between iterations (every 10 seconds).$ watch -n 10 date Every 10.0s: date fedora: Fri, Aug 12 16:32:09 EDT 2022 Fri Aug 12 04:10:11 PM EDT 2022 The -n option specifies the number of seconds between commands. The default is 2. You might have to look closely to notice the changes in the output.To read this article in full, please click here

BGP Peering (2)

I recorded the beginnings of a BGP training series over at Packet Pushers a short while back; they’ve released these onto youtube (so you can find the entire series there). I’m highlighting one of these every couple of weeks ’til I’ve gone through the entire set of recordings. In this recording, I’m talking through some more interesting aspects of BGP peering, including challenges with IPv6 link local nexthops, promiscuous peering, and capabilities.

Learning BGP Module 2 Lesson 2: Peering, Part 2 – Video

VMware NSX Achieves Common Criteria Certification for Network Devices (NDcPP 2.2e)

We are excited to share that as of July 2022, VMware NSX-T version 3.1 has passed Common Criteria certification for Network Devices under Collaborative Protection Profile 2.2e, also known as NDcPP 2.2e. This is one of many testaments to our commitment to providing industry-leading certified solutions for customers from federal departments and agencies, international governments and agencies, and other highly regulated industries and sectors. Along with FIPS, DISA-STIG, ICSA Labs firewall certification, and several other independent evaluations, the NDcPP 2.2e certification validates NSX as a reliable network virtualization platform that satisfies rigorous government security standards.

VMware NSX 3.1 is now listed:

From the NIAP Security Evaluation Summary:

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the VMware NSX-T Data Center 3.1 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5.  The evaluation methodology used by the evaluation team Continue reading

Jumping Off Cliffs

For quite a few years, I’ve had this desktop wallpaper that I really love. I don’t even remember where I got it or where it came from, so I can’t properly attribute it to anyone. I use this wallpaper from time to time when I want to be reminded to challenge myself, to learn new things, and to step outside of what is comfortable in order to explore the as-yet-unknown. Looking at this wallpaper on my desktop a little while ago, I realized that I may have started taking the inspirational phrase on this wallpaper for granted, instead of truly applying it to my life.

Here’s the wallpaper I’m talking about:

A person jumping off a cliff, with the text “We have to continually be jumping off cliffs and developing our wings on the way down”

To me, this phrase—illustrated so well by the wallpaper—means taking a leap into the unknown. It means putting yourself into a position where you are forced to grow and adapt in order to survive. It’s going to be scary, and possibly even a bit painful at times. In the end, though, you will emerge different than when you started.

It’s been a while since I did that, at least from a career perspective. Yes, I did change jobs a little over a year ago when I left VMware to Continue reading

Situational Awareness for Network Migrations

At IP Architechs we perform a lot of network migrations and it is no secret network migrations/ maintenance windows can be one of the most nerve-racking things for engineers, managers, and business leaders for a variety of reasons.

For the engineers the uncertainty might be caused by fear of failure, not being able to predict the outcome due to complexity, rushed on preparation to meet a deadline, or a litany of other reasons.

For managers and business leaders it might be more along the lines of; what happens if this goes wrong, how will this effect my bottom line, are there going to be 1000s of trouble tickets come 8/9am when everyone hits the office, and so on.

The Preparation

We’re going to look at this at the perspective of the engineer throughout. The prep work is probably one of the most important pieces of success. This is where you do many things including but not limited to:

  • building and testing the configuration to be implemented
  • making a rollback plan — this might be something as simple as move a cable and shut an interface or a multistep/multi-device plan
  • know the situation surrounding the window

Lets explore understanding the situation Continue reading

Programming The Network With Intel NEX Chief Nick McKeown

It would be very difficult indeed to find a better general manager for Intel’s newly constituted Network and Edge Group networking business than Nick McKeown, and Pat Gelsinger, the chief executive officer charged with turning around Intel’s foundries and its chip design business, is lucky that Intel was on an acquisitive bend in the wake of its rumored failed attempt to buy Mellanox and Nvidia’s successful purchase of Mellanox a few months later.

Programming The Network With Intel NEX Chief Nick McKeown was written by Timothy Prickett Morgan at The Next Platform.

Weekend Reads 081222


The distributed, peer-to-peer (P2P) InterPlanetary File System (IPFS) has become a hotbed of phishing-site storage: Thousands of emails containing phishing URLs utilizing IPFS are showing up in corporate inboxes.


Walmart’s advice to companies trying to control the hefty cost of running workloads on the three largest cloud providers comes down to one word: choice.


With nearly half of all breaches involving external attackers enabled by stolen or fake credentials, security firms are pushing a high-fidelity detection mechanism for such intrusions: canary tokens.


These WISPs might have the 100/20 Mbps capability for some customers close to a tower, but it’s impossible to be able to deliver those speeds to everybody across an entire county.


The World Wide Web Consortium (W3C) has announced that Decentralized Identifiers (DIDs) v1.0 is now an official Web standard.


Intel CEO Pat Gelsinger’s carefully assembled house of cards is collapsing around him. And it’s not really that surprising when you look at the hand he’s been dealt.


The Flash Memory Summit 2022 was held as an in-person event again this week for the first time since 2019, at the Santa Clara Convention Center San Francisco, showcasing the latest developments in memory and storage.


Conflicting business Continue reading

eBPF or Not, Sidecars are the Future of the Service Mesh

William Morgan William is the co-founder and CEO of Buoyant, the creator of the open source service mesh projects Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, where he helped move Twitter from a failing monolithic Ruby on Rails app to a highly distributed, fault-tolerant microservice architecture. He was a software engineer at Powerset, Microsoft, and Adap.tv, a research scientist at MITRE, and holds an MS in computer science from Stanford University. eBPF is a hot topic in the Kubernetes world, and the idea of using it to build a “sidecar-free service mesh” has generated recent buzz. Proponents of this idea claim that eBPF lets them reduce service mesh complexity by removing sidecars. What’s left unsaid is that this model simply replaces sidecar proxies with multitenant per-host proxies — a significant step backward for both security and operability that increases, not decreases, complexity. The sidecar model represents a tremendous advancement for the industry. Sidecars allow the dynamic injection of functionality into the application at runtime, while — critically — retaining all the isolation guarantees achieved by containers. Moving from sidecars back to multitenant, shared proxies loses this critical isolation and results in significant regressions in security Continue reading

AWS (sort of) brings private 5G to market

AWS says its private 5G managed service is now available – however, it currently only supports 4G LTE and doesn’t yet support 5G.With AWS Private 5G, which was previewed last November, customers will be able to specify where they want to build a mobile network and its capacity, and AWS will deliver and maintain the small-cell radio units, servers, 5G-core and RAN software, and SIM cards. The idea is to let enterprises quickly procure, deploy, and scale their own private 5G mobile networks without having to acquire, integrate, and maintain hardware and software from multiple third-party vendors.To read this article in full, please click here

1 455 456 457 458 459 3,841