NetworkingNexus.net

Introducing the Customer Metadata Boundary

Data localisation has gotten a lot of attention in recent years because a number of countries see it as a way of controlling or protecting their citizens’ data. Countries such as Australia, China, India, Brazil, and South Korea have or are currently considering regulations that assert legal sovereignty over their citizens’ personal data in some fashion — health care data must be stored locally; public institutions may only contract with local service providers, etc.

In the EU, the recent “Schrems II” decision resulted in additional requirements for companies that transfer personal data outside the EU. And a number of highly regulated industries require that specific types of personal data stay within the EU’s borders.

Cloudflare is committed to helping our customers keep personal data in the EU. Last year, we introduced the Data Localisation Suite, which gives customers control over where their data is inspected and stored.

Today, we’re excited to introduce the Customer Metadata Boundary, which expands the Data Localisation Suite to ensure that a customer’s end user traffic metadata stays in the EU.

Metadata: a primer

“Metadata” can be a scary term, but it’s a simple concept — it just means “data about data.” In other Continue reading

How Vitamin C Improves Stress Resilience at Work

We all go through stressful situations at work. It is important to find ways to manage stress and relieve the symptoms of it when we are feeling overwhelmed. In this blog post, we will discuss how Vitamin C can improve your resilience in stressful situations at work. We will share with you the benefits of taking a Vitamin C supplement and explain why it is important for workplace health. Let’s get started.

Vitamin C Is an Essential Nutrient

Vitamin C is an essential nutrient that our body cannot produce on its own. We need to get Vitamin C from dietary sources or supplements, because it plays a key role in many processes of the human body. It strengthens the immune system and helps with wound healing by forming collagen (the protein found in connective tissues). Vitamin C also supports healthy vision and bone health. At work, we are exposed to all kinds of stressors which deplete our bodies’ stores of nutrients like Vitamin C. This can result in reduced immunity and poor recovery after illness or injury – both conditions that make us less productive at work! There are some simple ways you can improve your resilience when faced with Continue reading

How to buy SASE

Wouldn’t it be great if there were a cloud-based service that combined networking and security so that users located anywhere could safely and efficiently access applications and data located anywhere? That’s the aim of SASE (rhymes with gassy). SASE isn’t a single product, but rather it’s an approach, a platform, a collection of capabilities, an aspiration.Gartner coined the term Secure Access Service Edge in a 2019 research report, and the name stuck. Vendors have been doing backflips trying to cobble together complete SASE offerings, which would include at a minimum software-defined WAN (SD-WAN), secure Web gateway (SWG), cloud access security broker (CASB), firewall-as-a-service (FWaaS) and zero trust network access (ZTNA).To read this article in full, please click here

How to buy SASE

Highlights: Multi-Threaded Routing Daemons

The multi-threaded routing daemons blog post generated numerous in-depth comments here and on LinkedIn. As always, thanks a million for keeping me honest and providing more details or additional perspectives. Here are some of the best bits.

Jeff Tantsura provided the first dose of reality:

All modern routing protocols implementations are multi-threaded, with a minimum separation of adjacency handling, route calculations and update generation. Note - writing multi-threaded code for complex tasks is a non trivial exercise (you could search for thread safety and similar artifacts and what happens when not implemented correctly). Moving to a multi-threaded code in early 2010s resulted in a multi-release (year) effort and 100s of related bugs all around.

Dr. Tony Przygienda added his hands-on experience (he’s been developing routing protocol software for ages):

Highlights: Multi-Threaded Routing Daemons

Jeff Tantsura provided the first dose of reality:

All modern routing protocols implementations are multi-threaded, with a minimum separation of adjacency handling, route calculations and update generation. Note - writing multi-threaded code for complex tasks is a non trivial exercise (you could search for thread safety and similar artifacts and what happens when not implemented correctly). Moving to a multi-threaded code in early 2010s resulted in a multi-release (year) effort and 100s of related bugs all around.

Dr. Tony Przygienda added his hands-on experience (he’s been developing routing protocol software for ages):

Amazon announces third generation of Graviton processors

At its annual re:Invent conference, Amazon Web Services announced the newest generation of its Arm-based Graviton processors, the Graviton 3, which the company claims will be 25% or more faster than the last-generation chips in key workloads.The 25% is likely for integer workloads, because AWS also said the Graviton 3 boasts double the floating-point performances (FLOP), a three-fold performance improvement in machine-learning workloads, and better cryptographic performance. AWS also claims the new chips will use 60% less power.[Get regularly scheduled insights by signing up for Network World newsletters.] The chips will power new EC2 C7g instances in the AWS cloud. The chips and instances will be the first to use DDR5 memory, which delivers 50% higher bandwidth than DDR4 but with a much lower power draw.To read this article in full, please click here

Amazon announces third generation of Graviton processors

Cisco hit with software and physical issues

Cisco Systems has been hit with an unusual double-whammy of issues, one of them in software and one in hardware.First, the more serious issue, a firewall flaw. Security researcher Positive Technologies, which hunts for security vulnerabilities, posted a warning that a vulnerability in Cisco firewall appliances could allow hackers to cause them to fail.The problem is in the Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls. Forrester Research says there are more than a million of them deployed worldwide. Positive assessed the severity level of vulnerability as high and recommended users should install updates, which are available, as soon as possible.To read this article in full, please click here

Cisco hit with software and physical issues

Use dmseg to check your Linux system’s kernel message buffer

The dmesg command displays the content of the kernel's message buffer since the system's most recent boot. It displays a lot of details on how the system is working and problems it might be running into that you won't normally see. That can be a lot of data, but there are several tricks for paring it down.For example, Even though the system queried below has only been up a little more than three days, it's collected more than a thousand lines of data.$ dmesg | wc -l 1034 Linux security: Cmd provides visibility, control over user activity [Get regularly scheduled insights by signing up for Network World newsletters.] If you type only dmesg, you will see all available data. Sudo access is not required. You can also pipe the output of dmesg to the more and less commands to scan through it or simply pipe the output to grep, but the command itself provides a lot of options for selecting the most relevant information from the file.To read this article in full, please click here

Use dmseg to check your Linux system’s kernel message buffer

Bumps in the road for open RAN

Open standards for radio access networking (RAN) technology have long been hyped as a way for mobile network operators to control the costs of 5G deployment, but some experts are beginning to question that potential, and legal difficulties for vendors working on the standard continue to arise.The idea behind open RAN is relatively simple. Using a standards-based approach to carrier radio equipment would allow carriers to mix and match the gear they use in base stations--freeing them from the traditional vertical integration of such equipment and potentially making the market more competitive, driving prices down.[Get regularly scheduled insights by signing up for Network World newsletters.] But this requires a considerable degree of coordination from companies like Ericsson, Nokia and Samsung that aren’t used to working cooperatively with one another. And some reports suggest that the hype around open RAN is considerably exaggerated.To read this article in full, please click here

Get Moving: 3G Sunsetting Deadline is Rapidly Approaching

What makes 3G sunsetting so potentially disruptive is that 3G has been used for nearly 20 years. For a generation of users and applications, it has been the service of choice.

Stacking Up AMD MI200 Versus Nvidia A100 Compute Engines

The modern GPU compute engine is a microcosm of the high performance computing datacenter at large. …

Stacking Up AMD MI200 Versus Nvidia A100 Compute Engines was written by Timothy Prickett Morgan at The Next Platform.

They’ll Remember The Rage Monster

I was tired. Very tired. Tired in my brain. Tired in my body. I needed to eat, puke, and scream…all of those things as soon as possible. Big cutovers are like that. You know the kind of change I’m talking about. The kind where you only get a maintenance window twice a year, so you plan to throw in the new core switch pair because that’s easy, re-tool the BGP peering that twelve other changes are waiting for, and bring up the new firewall all in one night.

Stupid! Unthinkable! Small changes only!! I mean…obviously. Of course. But sometimes, that’s just not the way it works out. And so it was that after several hours of executing a meticulously planned change that would create the network foundation for the company’s big plans, I needed to eat, puke, and scream.

You see, the change hadn’t got entirely well. It had only gone mostly well. The core switch upgrade really was easy. The BGP peering work went well enough. The new firewall was a fight, though.

At first, the firewall pair wouldn’t pass traffic. At all. Despite a lovely routing table and so on. After sitting in the freezing data center for Continue reading

No REST For The Wicked

So far, this series has explored applying the Model, View, Controller (MVC) software design pattern to infrastructure with purely Python-driven network automation. We have created a fully function infrastructure-as-software application using the out-of-the-box Django framework; a PostgreSQL database (Model); pyATS jobs (Controller); and the trinity of Python URLs and Views and Django Templating Language (DTL) […]

The post No REST For The Wicked appeared first on Packet Pushers.

4 Hot Network Security Acronyms You Must Know: ZTN, XDR, SASE, BYOD

Organizations must adopt a forward-looking network security strategy that can deal with advanced threats, ensure regulatory compliance, and safeguard the network.

Tech Bytes: The Security Fabric Advantage With Fortinet (Sponsored)

Today's Tech Bytes podcast is a security conversation--specifically security fabrics or ‘security mesh’ architectures: an integrated set of products that work together to help you manage risk in the network, on endpoints, and to do things like improve detection and response. Fortinet is our sponsor.

Tech Bytes: The Security Fabric Advantage With Fortinet (Sponsored)

The post Tech Bytes: The Security Fabric Advantage With Fortinet (Sponsored) appeared first on Packet Pushers.

« Previous 1 … 611 612 613 614 615 … 3,841 Next »