Heavy Networking 609: Innovation Or Stagnation – A Year-End Networking Review
Today's Heavy Networking considers the current state of networking technologies and the networking market. We debate whether we've seen any significant innovations over the past year, if the industry has stagnated, or if we're simply trying to stay on top of disruptions caused by cloud, Covid, and the erosion of traditional network boundaries. We also discuss how network engineers and the industry are dealing with complexity, if organizations can "cloud" their way out of legacy problems, and more.Heavy Networking 609: Innovation Or Stagnation – A Year-End Networking Review
Today's Heavy Networking considers the current state of networking technologies and the networking market. We debate whether we've seen any significant innovations over the past year, if the industry has stagnated, or if we're simply trying to stay on top of disruptions caused by cloud, Covid, and the erosion of traditional network boundaries. We also discuss how network engineers and the industry are dealing with complexity, if organizations can "cloud" their way out of legacy problems, and more.
The post Heavy Networking 609: Innovation Or Stagnation – A Year-End Networking Review appeared first on Packet Pushers.
Getting Started with VMware Transit Connect Intra-Region Peering for VMware Cloud on AWS
VMware Transit Connect has proven itself as a valuable tool to enable high bandwidth and speed connectivity for VMware Cloud on AWS customers and their Software Defined Data Centers (SDDCs). There are hundreds of customers using this feature across the fleet in a myriad of combinations. Since the initial offering in 2020 we have worked with our partner, AWS, to expand the service’s capabilities to include SDDC Grouping across multiple regions in addition to support for Transit/Security VPC models. These capabilities combine to provide a comprehensive networking solution to address some of the most challenging networking requirements. However, there has been one gap in the connectivity – the ability to peer the VMware Managed Transit Gateway (VTGW) with a native AWS Transit Gateway (TGW).
At AWS re:Invent 2021, the ability to peer VTGWs to AWS TGWs in the same region, also referred to as intra-region peering was announced. VMware and AWS have been working on this solution diligently and we are excited to announce VMware Cloud on AWS support for this new capability in this announcement blog. Equally exciting is that this feature will be available to VMware Cloud on AWS customers with SDDCs that are on any version. To Continue reading
The Grinch Bot is Stealing Christmas!
This week, a group of US lawmakers introduced the Stopping Grinch Bots Act — new legislation that could stop holiday hoarders on the Internet. This inspired us to put a spin on a Dr. Seuss classic:
Each person on the Internet liked Christmas a lot
But the Grinch Bot, built by the scalper did not!
The Grinch Bot hated Christmas! The whole Christmas season!
Now, please don’t ask why. No one quite knows the reason.
Cloudflare stops billions of bad bots every day. As you might have guessed, we see all types of attacks, but none is more painful than a Grinch Bot attack. Join us as we take a closer look at this notorious holiday villain...
25 days seconds of Christmas
What is the Grinch Bot? Technically speaking, it’s just a program running on a computer, making automated requests that reach different websites. We’ve come to refer to these requests as “bots” on the Internet. Bots move quickly, leveraging the efficiency of computers to carry out tasks at scale. The Grinch Bot is a very special type that satisfies two conditions:
- It only pursues online inventory, attempting to purchase items before humans can complete their orders.
- It only operates Continue reading
You Down with IoT? You Better Be!
Did you see the big announcement from AWS re:Invent that Amazon has a preview of a Private 5G service? It probably got buried under the 200 other announcements that came out on so many other things so I’ll forgive you for missing it. Especially if you also managed to miss a few of the “hot takes” that mentioned how Amazon was trying to become a cellular provider. If I rolled my eyes any harder I might have caused permanent damage. Leave it to the professionals to screw up what seems to be the most cut-and-dried case of not reading the room.
Amazon doesn’t care about providing mobile service. How in the hell did we already forget about the Amazon (dumpster) Fire Phone? Amazon isn’t trying to supplant AT&T or Verizon. They are trying to provide additional connectivity for their IoT devices. It’s about as clear as it can get.
Remember all the flap about Amazon Sidewalk? How IoT devices were going to use 900 MHz to connect to each other if they had no other connectivity? Well, now it doesn’t matter because as long as one speaker or doorbell has a SIM slot for a private 5G or CBRS node Continue reading
Get notified when your site is under attack
Our core application security features such as the WAF, firewall rules and rate limiting help keep millions of Internet properties safe. They all do so quietly without generating any notifications when attack traffic is blocked, as our focus has always been to stop malicious requests first and foremost.
Today, we are happy to announce a big step in that direction. Business and Enterprise customers can now set up proactive alerts whenever we observe a spike in firewall related events indicating a likely ongoing attack.
Alerts can be configured via email, PagerDuty or webhooks, allowing for flexible integrations across many systems.
You can find and set up the new alert types under the notifications tab in your Cloudflare account.
What Notifications are available?
Two new notification types have been added to the platform.
Security Events Alert
This notification can be set up on Business and Enterprise zones, and will alert on any spike of firewall related events across all products and services. You will receive the alert within two hours of the attack being mitigated.
Advanced Security Events Alert
This notification can be set up on Enterprise zones only. It allows you to filter on the exact security service you are Continue reading
Hyperscalers Start Taking Pure Storage Flash For A Spin
Usually, innovation starts with the hyperscalers, HPC centers, and cloud builders of the world and spreads to the enterprise. …
Hyperscalers Start Taking Pure Storage Flash For A Spin was written by Timothy Prickett Morgan at The Next Platform.
HPC In The Cloud Enables Diverse Scientific Research
Institutions supporting HPC applications are finding increased demand for heterogeneous infrastructures to support simulation and modeling, machine learning, high performance data analytics, collaborative computing and analytics, and data federation. …
HPC In The Cloud Enables Diverse Scientific Research was written by Ken Strandberg at The Next Platform.
Video: Machine Learning 101
After a brief overview of the AI/ML hype, Javier Antich continued the AI and ML in Networking webinar with the basics of underlying technologies, starting with the machine learning fundamentals.
You need Free ipSpace.net Subscription to access this webinar.
Video: Machine Learning 101
After a brief overview of the AI/ML hype, Javier Antich continued the AI and ML in Networking webinar with the basics of underlying technologies, starting with the machine learning fundamentals.
You need Free ipSpace.net Subscription to access this webinar.
AWS Sizes Trainium for AI/ML Model Boom
While AWS is making it clear they will continue to innovate around GPUs for cloud-based machine learning, there was little doubt after today that their own Trainium devices are set to outdo what even the top-line Nvidia GPU instances have achieved. …
AWS Sizes Trainium for AI/ML Model Boom was written by Nicole Hemsoth at The Next Platform.
Neutral Host Technology Poised to Change the Game for Indoor Cellular
New small cell approaches to improving cellular signal coverage indoors are driving increased enterprise interest in private 5G LANs.AWS Goes Wide And Deep With Graviton3 Server Chip
It is always an exciting time when there is a new compute engine coming into the market, and interest is particularly keen with any new Arm server chip entry. …
AWS Goes Wide And Deep With Graviton3 Server Chip was written by Timothy Prickett Morgan at The Next Platform.
Calico WireGuard support with Azure CNI
Last June, Tigera announced a first for Kubernetes: supporting open-source WireGuard for encrypting data in transit within your cluster. We never like to sit still, so we have been working hard on some exciting new features for this technology, the first of which is support for WireGuard on AKS using the Azure CNI.
First a short recap about what WireGuard is, and how we use it in Calico.
What is WireGuard?
WireGuard is a VPN technology available in the Linux kernel since version 5.6 and is positioned as an alternative to IPsec and OpenVPN. It aims to be faster, simpler, leaner and more useful. This is manifested in WireGuard taking an opinionated stance on the configurability of supported ciphers and algorithms to reduce the attack surface and auditability of the technology. It is simple to configure with standard Linux networking commands, and it is only approximately 4,000 lines of code, making it easy to read, understand, and audit.
While WireGuard is a VPN technology and is typically thought of as client/server, it can be configured and used equally effectively in a peer-to-peer mesh architecture, which is how we designed our solution at Tigera to work in Kubernetes. Using Calico, Continue reading
Hedge 110: Andrew Alston and SRv6 Security
SRv6, a form of source routing, is the new and interesting method being created by the IETF to allow traffic engineering and traffic steering. This is not the first time the networking world has tried source routing, however—and in the spirit of rule 11, we should ask some questions. How and why did source routing fail last time? Have we learned those lessons and changed the way we’re doing things to overcome those limitations? Security seems to be one area where problems arise in the source routing paradigm.
Andrew Alston joins Tom Ammon and Russ White to discuss security in SRv6.