VMware Achieves Industry-First AAA Rating for Network Detection & Response from SE Labs
In the first public test of is kind for Network Detection and Response, SE Labs awards the industry’s first NDR AAA rating to VMware NSX Network Detection and Response (NDR). The modern cyber battlefield is everywhere, and every attacker has to traverse multiple networks and in most cases many firewalls to achieve their goals. Internal to networks they look to move freely within the environment discovering valuable information they wish to exfiltrate. As attackers have continually innovated so must the industry and our testing. As a leader in the security industry, VMWare has gone through the industry’s first Network Detection and Response (NDR) test and received a AAA rating. It is well-known that attackers continually evolve and chain together an ever increasingly complex chain of events. These techniques, tactics and procedures occur across networks and often traverse and bypass traditional security tools like firewalls and antivirus. As our understanding of attacker’s behaviors evolve, so must our engineering and testing.
VMware customers can be assured that their data is better protected in this new arena as they continue to modernize their application and network infrastructure as part of their digital transformation initiatives.
According to the results from SE Labs, VMware NSX Continue reading
What’s new in Ansible Automation Platform 2: automation controller
Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. We are excited to announce that the Ansible Automation Platform 2 release includes automation controller 4.0, the improved and renamed Red Hat Ansible Tower.
Automation controller continues to provide a standardized way to define, operate and delegate automation across the enterprise. It also introduces new, exciting technologies and an enhanced architecture that enables automation teams to scale and deliver automation rapidly to meet ever-growing business demand.
Why was Ansible Tower renamed to automation controller?
As Ansible Automation Platform 2 continues to evolve, certain functionality has been decoupled (and will continue to be decoupled in 2.1) from what was formerly known as Ansible Tower. The naming change better reflects these enhancements and the overall position within the Ansible Automation Platform suite.
Who uses automation controller?
All automation team members interact with or rely on automation controller, either directly or indirectly.
- Automation creators develop Ansible Playbooks, roles and modules.
- Automation architects elevate automation across teams to align with IT processes and streamline adoption.
- Automation operators verify that the automation platform and framework are operational.
These roles are not necessarily dedicated to Continue reading
Measuring Hyper-Threading and Turbo Boost
We often put together experiments that measure hardware performance to improve our understanding and provide insights to our hardware partners. We recently wanted to know more about Hyper-Threading and Turbo Boost. The last time we assessed these two technologies was when we were still deploying the Intel Xeons (Skylake/Purley), but beginning with our Gen X servers we switched over to the AMD EPYC (Zen 2/Rome). This blog is about our latest attempt at quantifying the performance impact of Hyper-Threading and Turbo Boost on our AMD-based servers running our software stack.
Intel briefly introduced Hyper-Threading with NetBurst (Northwood) back in 2002, then reintroduced Hyper-Threading six years later with Nehalem along with Turbo Boost. AMD presented their own implementation of these technologies with Zen in 2017, but AMD’s version of Turbo Boost actually dates back to AMD K10 (Thuban), in 2010, when it used to be called Turbo Core. Since Zen, Hyper-Threading and Turbo Boost are known as simultaneous multithreading (SMT) and Core Performance Boost (CPB), respectively. The underlying implementation of Hyper-Threading and Turbo Boost differs between the two vendors, but the high-level concept remains the same.
Hyper-Threading or simultaneous multithreading creates a second hardware thread within a processor’s core, also known Continue reading
Graceful Restart and Other Control Plane Protocols
In the Graceful Restart 101 blog post, I promised to discuss the ugly parts of this concept in a follow-up post. It turns out we’ll need more than one; today, we’ll focus on other control plane protocols in an access network scenario.
Imagine an access router with multiple uplinks serving a bunch of non-redundantly-connected customers:
Non-redundant access network
Graceful Restart and Other Control Plane Protocols
In the Graceful Restart 101 blog post, I promised to discuss the ugly parts of this concept in a follow-up post. It turns out we’ll need more than one; today, we’ll focus on other control plane protocols in an access network scenario.
Imagine an access router with multiple uplinks serving a bunch of non-redundantly-connected customers:
Non-redundant access network
Wi-Fi 5 Vs. Wi-Fi 6
Wi-Fi 6 also known as 802.11ax is the latest generation of 802.11 WiFi standard and the successor of Wi-Fi 5 aka 802.11ac. Wi-Fi 6 increases user throughput by more efficient spectrum usage, provides larger signal coverage and reduces the power consumption. In the following section, we will discuss the significant improvements of Wi-Fi 6 over […]Continue reading...
Open Intelligence Gathering: Light and Dark
A few weeks ago, I asked my manager, Chris Bareford, if he would approve the purchase of a licence to use the https://www.shodan.io open intelligence platform. I was both vague and detailed enough to justify the purchase, something about gathering threat intelligence as far as I can recall. My request was approved, and I am now in possession of the Shodan freelancer API entitlement. This is useful to me in automating certain intelligence and discovery tasks.
This blog, however, is NOT about the Shodan freelancer API.
Part of my job is to help enable cyber readiness for both my internal colleagues and my customers and prospective customers, and as part of this remit I publish a weekly threat landscape report, which is essentially a collection of things I have found to be interesting (and/or concerning) during the previous week from a cyber-security perspective. One element of this report covers what I would consider to be largely opportunistic attacks (or probes), and so I summarize an anonymized set of the past week’s common vulnerabilities & exposures (CVE) that VMware customers have had. When collating this type of information on a regular basis, what you notice is that, in addition Continue reading
Understanding How Facebook Disappeared from the Internet
“Facebook can't be down, can it?”, we thought, for a second.
Today at 15:51 UTC, we opened an internal incident entitled "Facebook DNS lookup returning SERVFAIL" because we were worried that something was wrong with our DNS resolver 1.1.1.1. But as we were about to post on our public status page we realized something else more serious was going on.
Social media quickly burst into flames, reporting what our engineers rapidly confirmed too. Facebook and its affiliated services WhatsApp and Instagram were, in fact, all down. Their DNS names stopped resolving, and their infrastructure IPs were unreachable. It was as if someone had "pulled the cables" from their data centers all at once and disconnected them from the Internet.
This wasn't a DNS issue itself, but failing DNS was the first symptom we'd seen of a larger Facebook outage.
How's that even possible?
Update from Facebook
Facebook has now published a blog post giving some details of what happened internally. Externally, we saw the BGP and DNS problems outlined in this post but the problem actually began with a configuration change that affected the entire internal backbone. That cascaded into Facebook and other properties disappearing and Continue reading
Automation 1. First impression from pySROS – new Python library for automation of Nokia SR OS devices
Hello my friend,
For quite a while we were silent (literally, the last post was month ago), as we were busy with extremely busy with completion of an important customer engagement. It was successfully completed and we are back on track with writing new interesting and useful (we hope so :-)) materials for you! And today we talk about our favourite topic – automation. To be precise, automation of Nokia SR OS devices with a new Python library called pySROS created by Nokia folks.
2
3
4
5
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.
Why Is That Useful for Me?
If you have ever been in a situation, when there are much more work than hours in a day, then you know how important is to be able to do the job quickly and accurately. It is even better, if such job is done not by yourself, but rather by someone else or something else. This is exactly, where the automation of network and Continue reading
First Look At Oak Ridge’s “Frontier” Exascaler, Contrasted To Argonne’s “Aurora”
The fiscal year of the federal government in the United States ends on September 30, and whether we all knew it or not, the US Department of Energy had a revised goal of beginning the deployment of at least one exascale-class supercomputing system before fiscal 2021 ended and fiscal 2022 began on October 1. …
First Look At Oak Ridge’s “Frontier” Exascaler, Contrasted To Argonne’s “Aurora” was written by Timothy Prickett Morgan at The Next Platform.
Network Break 353: New Juniper Chassis Tops 400G; Akamai Spends Big Money On Microsegmentation
This week's Network Break talks about a new data center chassis from Juniper, why Akamai spent $600 million to buy security company Guardicore, what happened to Zoom's big acquisition of a contact center company, and more tech news.Network Break 353: New Juniper Chassis Tops 400G; Akamai Spends Big Money On Microsegmentation
This week's Network Break talks about a new data center chassis from Juniper, why Akamai spent $600 million to buy security company Guardicore, what happened to Zoom's big acquisition of a contact center company, and more tech news.
The post Network Break 353: New Juniper Chassis Tops 400G; Akamai Spends Big Money On Microsegmentation appeared first on Packet Pushers.
Netflix Boosts Streaming While Reducing Socket Counts
With over 200 million users streaming its video services, the backend CDN servers, storage, and networks at Netflix have to balance performance and efficiency carefully. …
Netflix Boosts Streaming While Reducing Socket Counts was written by Nicole Hemsoth at The Next Platform.
AWS Networking – Part IX: AWS VPC Control-Plane – Mapping Servce
Introduction
This chapter explains the VPC Control-Plane operation when two EC2 instances within the same subnet initiate TCP session between themself. In our example, EC2 instances are launched in two different physical servers. Both instances have an Elastic Network Interface (ENI) card. The left-hand side EC2’s ENI has MAC/IP addresses cafe:0001:0001/10.10.1.11 and the right-hand side EC2’s ENI has MAC/IP addresses beef:0001:0001/10.10.1.22. Each physical server hosting EC2 instances has a Nitro Card for VPC [NC4VPC]. It is responsible for routing, data packets encapsulation/decapsulation, and Traffic limiting. In addition, Security Groups (SGs) are implemented in hardware on the Nitro card for VPC. AWS Control-Plane relies on the Mapping Service system decoupled from the network devices. It means that switches are unaware of Overlay Networks having no state information related to VPC’s, Subnets, EC2 Instances, or any other Overlay Network components. From the Control-Plane perspective, physical network switches participate in the Underlay Network routing process by advertising the reachability information of physical hosts, Mapping Service, and so on. From the Data-Plane point of view, they forwards packet based on the outer IP header.
Mapping Register
Starting an EC2 instance triggers the Control-Plane process on a host. Figure 2-1 illustrates that Host-1 and Host-2 store information of their local EC2 instances into the Mapping cache. Then they register these instances into Mapping Service. You can consider the registration process as a routing update. We need to inform the Mapping Service about the EC2 instance’s a) MAC/IP addresses bind to ENI, b) Virtual Network Identifier (=VPC), c) the physical host IP, d) and the encapsulation mode (VPC tunnel header). If you are familiar with Locator/Id Separation Protocol LISP, you may notice that its Control-Plane process follows the same principles. The main difference is that switches in LISP-enabled networks have state information related to virtual/bare-metal servers running in a virtual network.
Figure 2-1: VPC Control-Plane Operation: Mapping Register.
Continue reading
Stuff The Internet Says On Scalability For October 4th, 2021
Hey, HighScalability is here again!
The circulatory system of the internet. @tylermorganwall
Love this Stuff? I need your support on Patreon to keep this stuff going.
Sorry for the long gap in posting, but I’ve been building a new app. I’m looking for testers for my new iOS fitness app: Max reHIT Workout. It guides you through proven reduced-exertion high-intensity interval workouts. If that interests you, please give it a try through TestFlight. I’d appreciate any feedback and suggestions for improvement. Thanks!
Don't miss all that the Internet has to say on Scalability, click below and become eventually consistent with all scalability knowledge (which means this post has many more items to read so please keep on reading)...