0

Day Two Cloud 139: Azure Bicep Is (Not) ARM

Today's Day Two Cloud podcast gets into Azure Bicep, a language that IT teams can use to deploy Azure resources in a consistent manner. While Bicep is Azure-specific, it can be useful as part of an Infrastructure-as-Code initiative. Guests Ben Weissman and Rob Sewell explore how Bicep works, discuss use cases, compare it to Terraform, and more.

0

IBM service aims to secure multicloud operations

IBM is launching a new service to help customers manage their data encryption keys in a hybrid cloud environment. Unified Key Orchestrator lets customers integrate all security key-management systems into one managed service that's backed by Big Blue’s Hardware Security Module. HSM is IBM’s system that protects against physical or logical attacks and has special hardware to perform cryptographic operations and protect keys.Gartner: IT skills shortage hobbles cloud, edge, automation growth Available from IBM Cloud, Unified Key Orchestrator lets customers maintain visibility and control over who has access to their critical data, while running workloads across hybrid or multicloud cloud environments. In addition, with a single, secure, cloud-based  view of an organization’s crypto keys, enterprises can create and revoke keys for their data across multiple clouds. At the same time, companies no longer need to rely on security experts with specialized knowledge of each individual cloud to handle security operations, according to IBM.To read this article in full, please click here

0

IBM service aims to secure multicloud operations

IBM is launching a new service to help customers manage their data encryption keys in a hybrid cloud environment. Unified Key Orchestrator lets customers integrate all security key-management systems into one managed service that's backed by Big Blue’s Hardware Security Module. HSM is IBM’s system that protects against physical or logical attacks and has special hardware to perform cryptographic operations and protect keys.Gartner: IT skills shortage hobbles cloud, edge, automation growth Available from IBM Cloud, Unified Key Orchestrator lets customers maintain visibility and control over who has access to their critical data, while running workloads across hybrid or multicloud cloud environments. In addition, with a single, secure, cloud-based  view of an organization’s crypto keys, enterprises can create and revoke keys for their data across multiple clouds. At the same time, companies no longer need to rely on security experts with specialized knowledge of each individual cloud to handle security operations, according to IBM.To read this article in full, please click here

0

Understanding Data Center Fabrics 03: Characteristics Of Data Center Fabrics – Video

In the third installment of this 9-video series, Russ White clarifies exactly what a fabric is, complete with drawings, animations, and live illustrations. From there, you’ll be able to determine what is and is not a fabric. In this lesson, Russ also walks through traffic patterns, tiers, and bandwidth between tiers in data center fabrics. […]

The post Understanding Data Center Fabrics 03: Characteristics Of Data Center Fabrics – Video appeared first on Packet Pushers.

0

Let’s Level Set at the Edge

Introduction

Typically when people hear the word edge, everyone gets a little apprehensive of what that means. So Josh, Andy, Martin and Chad got together to collaborate on what that means from their collective experiences across multiple industries. In this blog we will cover what the difference is between the near edge and far edge, as well as give some examples of what we have seen in these environments across multiple industries.

 

Near Edge

Near edge typically refers to distributed deployments of “scaled-down” IT-like services to support business operations outside the core data centers and public cloud providers. This includes anything from retail stores, branch field offices, manufacturing facilities, warehouses and distribution centers that generally have stable connectivity. 

Traditionally, these have been referred to as remote offices or branch offices, with the common acronym ROBO, but there are far more examples of this deployment pattern. Consider the following:

• A point of sale system or back office processing at a retail location.
• A localized authentication/authorization source for badge access to a manufacturing plant.
• A file share located locally to a University’s extension office that’s replicated over an unreliable connection.

These are all examples that fit under our definition of Continue reading

0

10 ways IT can navigate the chip shortage

Exacerbated by the pandemic, the chip shortage neared crisis proportions at the start of the year. Network vendors calculated the impact on their businesses in recent earnings reports: Cisco's current product backlog is at nearly $14 billion, Juniper reported a backlog of $1.8 billion, and Arista said that lead times on sales are 50 to 70 weeks.Then Russia invaded Ukraine, putting even more stress on the global supply chain. Ukraine manufactures 70% of the world's neon gas, which is needed for the industrial lasers used in semiconductor manufacturing, according to research firm TrendForce.To read this article in full, please click here

0

What is NAC and why is it important for network security?

Network Access Control (NAC) is a cybersecurity technique that prevents unauthorized users and devices from entering private networks and accessing sensitive resources. Also known as Network Admission Control, NAC first gained a foothold in the enterprise in the mid-to-late 2000s as a way to manage endpoints through basic scan-and-block techniques.As knowledge workers became increasingly mobile, and as BYOD initiatives spread across organizations, NAC solutions evolved to not only authenticate users, but also to manage endpoints and enforce policies.How NAC works NAC tools detect all devices on the network and provide visibility into those devices. NAC software prevents unauthorized users from entering the network and enforces policies on endpoints to ensure devices comply with network security policies. NAC solutions will, for instance, make sure that the endpoint has up-to-date antivirus and anti-malware protections.To read this article in full, please click here

0

Best backup for 7 major databases

There are many options for backing up databases, and what’s best varies from database to database and how it’s delivered. Here are recommendations for seven of them, with a glimpse at how the options were chosen to help inform your decision making.Oracle Oracle has many options for backup, but the official answer for backing Oracle would be Recovery Manager, or RMAN, which is also the name of the actual command that invokes it. Among many options, RMAN supports an image option that can merge older incremental backups into full backups, which would give you multiple recovery points without having to make multiple full backups. That’s an efficient dump and sweep option, but challenge is you need enough disk space to store a full backup and a series of incrementals. If you’re short on disk space, you can also use the SQL command alter database begin backup before you back up and alter database end backup when you’re done. This will allow you to use whatever backup method you choose. Oracle on Windows also integrates with Volume Shadow Copy Services (VSS), allowing you to perform hot backups without having to script at all. The RMAN image option with a Continue reading

0

10 ways IT can navigate the chip shortage

Exacerbated by the pandemic, the chip shortage neared crisis proportions at the start of the year. Network vendors calculated the impact on their businesses in recent earnings reports: Cisco's current product backlog is at nearly $14 billion, Juniper reported a backlog of $1.8 billion, and Arista said that lead times on sales are 50 to 70 weeks.Then Russia invaded Ukraine, putting even more stress on the global supply chain. Ukraine manufactures 70% of the world's neon gas, which is needed for the industrial lasers used in semiconductor manufacturing, according to research firm TrendForce.To read this article in full, please click here

0

What is NAC and why is it important for network security?

Network Access Control (NAC) is a cybersecurity technique that prevents unauthorized users and devices from entering private networks and accessing sensitive resources. Also known as Network Admission Control, NAC first gained a foothold in the enterprise in the mid-to-late 2000s as a way to manage endpoints through basic scan-and-block techniques.As knowledge workers became increasingly mobile, and as BYOD initiatives spread across organizations, NAC solutions evolved to not only authenticate users, but also to manage endpoints and enforce policies.How NAC works NAC tools detect all devices on the network and provide visibility into those devices. NAC software prevents unauthorized users from entering the network and enforces policies on endpoints to ensure devices comply with network security policies. NAC solutions will, for instance, make sure that the endpoint has up-to-date antivirus and anti-malware protections.To read this article in full, please click here

0

BGP Labeled Unicast on Cisco IOS

While researching the BGP RFCs for the Three Dimensions of BGP Address Family Nerd Knobs, I figured out that the BGP Labeled Unicast (BGP-LU, advertising MPLS labels together with BGP prefixes) uses a different address family. So far so good.

Now for the intricate bit: a BGP router might negotiate IPv4 and IPv4-LU address families with a neighbor. Does that mean that it’s advertising every IPv4 prefix twice, once without a label, and once with a label? Should that be the case, how are those prefixes originated and how are they stored in the BGP table?

As always, the correct answer is “it depends”, this time on the network operating system implementation. This blog post describes Cisco IOS behavior, a follow-up one will focus on Arista EOS.

0

BGP Labeled Unicast on Cisco IOS

While researching the BGP RFCs for the Three Dimensions of BGP Address Family Nerd Knobs, I figured out that the BGP Labeled Unicast (BGP-LU, advertising MPLS labels together with BGP prefixes) uses a different address family. So far so good.

Now for the intricate bit: a BGP router might negotiate IPv4 and IPv4-LU address families with a neighbor. Does that mean that it’s advertising every IPv4 prefix twice, once without a label, and once with a label? Should that be the case, how are those prefixes originated and how are they stored in the BGP table?

As always, the correct answer is “it depends”, this time on the network operating system implementation. This blog post describes Cisco IOS behavior, a follow-up one will focus on Arista EOS.

0

VSCode Settings Per-Language

This is just a quick post to share something that I found which is a really nice quality of life tip for VSCode. In this post, I will show you how to configure per-language settings in VSCode so that for example in Python files you can set to indent with 4 spaces and in Javascript you...continue reading

0

Aruba Seeks To Entice Resellers With Modular ‘Network-In-A-Box’ Approach

Aruba hopes to entice the channel to resell Aruba gear with a new purchasing model. Aruba is packaging network equipment and software into pre-sized bundles designed around outcomes. You want an outdoor WLAN? Select option 1. You want a wired campus? Choose option 2. Based on customer requirements, the reseller buys and installs pre-defined service […]

The post Aruba Seeks To Entice Resellers With Modular ‘Network-In-A-Box’ Approach appeared first on Packet Pushers.

0

HPE’s GreenLake expansion adds NaaS, HPC, storage options

HPE is significantly expanding its GreenLake cloud services platform with 12 new packages that focus on strengthening and simplifying networking, high-performance computing (HPC) and storage environments.The goal of GreenLake and these new offerings is to offer customers greater flexibility in the way they build and manage their infrastructure, whether it's on premises, at the edge, in a colocation facility, or in a public cloud, according to Alan Ni, HPE Aruba senior director of edge marketing.To read this article in full, please click here

0

Nvidia unveils a new GPU architecture designed for AI data centers

While the rest of the computing industry struggles to get to one exaflop of computing, Nvidia is about to blow past everyone with an 18-exaflop supercomputer powered by a new GPU architecture.The H100 GPU, has 80 billion transistors (the previous generation, Ampere, had 54 billion) with nearly 5TB/s of external connectivity and support for PCIe Gen5, as well as High Bandwidth Memory 3 (HBM3), enabling 3TB/s of memory bandwidth, the company says. Due out in the third quarter, it’s the first in a new family of GPUs named Hopper after Admiral Grace Hopper who created COBOL and coined the term computer bug.To read this article in full, please click here

0

Nvidia unveils a new GPU architecture designed for AI data centers

While the rest of the computing industry struggles to get to one exaflop of computing, Nvidia is about to blow past everyone with an 18-exaflop supercomputer powered by a new GPU architecture.The H100 GPU, has 80 billion transistors (the previous generation, Ampere, had 54 billion) with nearly 5TB/s of external connectivity and support for PCIe Gen5, as well as High Bandwidth Memory 3 (HBM3), enabling 3TB/s of memory bandwidth, the company says. Due out in the third quarter, it’s the first in a new family of GPUs named Hopper after Admiral Grace Hopper who created COBOL and coined the term computer bug.To read this article in full, please click here

0

Fast-Track Enterprise Digital Transformation With Managed Prisma SASE

This blog provides an in-depth overview of Palo Alto Networks recently introduced Prisma SASE for MSPs, a scalable multi-tenant cloud management portal solution for managed service providers (MSPs) to fast track enterprise digital transformation with managed SASE services.

The post Fast-Track Enterprise Digital Transformation With Managed Prisma SASE appeared first on Packet Pushers.

0

Red Hat Stacks Up Software To Contain AI On Nvidia Platforms

Nvidia and VMware have forged a tight partnership when it comes to bringing AI to the enterprise, which stands to reason given the prevalence of VMware’s ESXi hypervisor and vSphere management tools across more than 300,000 companies worldwide. …

Red Hat Stacks Up Software To Contain AI On Nvidia Platforms was written by Jeffrey Burt at The Next Platform.

0

Cloudflare’s investigation of the January 2022 Okta compromise

Today, March 22, 2022 at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result. We do not use Okta for customer accounts; customers do not need to take any action unless they themselves use Okta.

Investigation and actions

Our understanding is that during January 2022, hackers outside Okta had access to an Okta support employee’s account and were able to take actions as if they were that employee. In a screenshot shared on social media, a Cloudflare employee’s email address was visible, along with a popup indicating the hacker was posing as an Okta employee and could have initiated a password reset.

We learnt of this incident via Cloudflare’s internal SIRT. SIRT is our Security Incident Response Team and any employee at Cloudflare can alert SIRT to a potential problem. At exactly 03:30 UTC, a Cloudflare employee emailed SIRT with a link to a tweet that had been sent at 03:22 UTC. The tweet indicated that Okta had potentially been breached. Multiple other Cloudflare employees contacted SIRT over the following Continue reading