Patrik Schindler sent me his views on code quality and resulting security nightmares after reading the Cisco SD-WAN SQL Injection saga. Enjoy!
I think we have a global problem with code quality. Both from a security perspective, and from a less problematic but still annoying bugs-everywhere perspective. I’m not sure if the issue is largely ignored, or we’ve given up on it (see also: Cloud Complexity Lies or Cisco ACI Complexity).
Patrik Schindler sent me his views on code quality and resulting security nightmares after reading the Cisco SD-WAN SQL Injection saga. Enjoy!
I think we have a global problem with code quality. Both from a security perspective, and from a less problematic but still annoying bugs-everywhere perspective. I’m not sure if the issue is largely ignored, or we’ve given up on it (see also: Cloud Complexity Lies or Cisco ACI Complexity).
This week we celebrate Cloudflare's birthday. We launched the company 11 years ago tomorrow: September 27, 2010. It has been our tradition, since our first birthday, to use this week to launch innovative new products that we think of as our gift back to the Internet.
Since going public, it's also been an opportunity for us to update our Annual Founders' Letter and share what's on our mind. Recently we've been thinking about three things: team, the Internet, and innovation.
When anyone asks us the key to Cloudflare's success, we always say the same thing: the team we've been able to attract to help us achieve our mission of helping build a better Internet. In the last year we've had more than 250,000 people apply to work for us and extended offers to less than one half of one percent of them. We continue to attract great people.
It's incredible to realize that more than half of Cloudflare's team today started since March 13, 2020, when we closed all our physical offices due to the pandemic. In the last several months, as we've started to see a light at the end of the COVID tunnel, we've been hosting what Continue reading
If they are doing their jobs right, the high performance computing centers around the world in academic and government institutions are supposed to be on the cutting edge of any new technology that boosts the performance of simulation, modeling, analytics, and artificial intelligence. …
NSF Puts $10 Million Into Composable Supercomputer was written by Timothy Prickett Morgan at The Next Platform.
I know we talk about the subject of private 5G a lot in the industry but there are more players coming out every day looking to add their voice to the growing supporters of these solutions. And despite the fact that we tend to see 5G and Wi-Fi technologies as ships in the night this discussion isn’t going to go away any time soon. In part it’s because decision makers aren’t quite savvy enough to distinguish between the bands, thinking all wireless communications are pretty much the same.
I think we’re not going to see much overlap between these two technologies. But the reasons why aren’t quite what you might think.
Working from anywhere other than the traditional office is here to stay. Every major Silicon Valley company has looked at the cost benefit analysis and decided to let workers do their thing from where they live. How can I tell it’s permanent? Because they’re reducing salaries for those that choose to stay away from the Bay Area. That carrot is pretty enticing and for the companies to say that it’s not on the table for remote work going forward means they have no incentive to make people Continue reading
Must-See Sessions for Networking
This year’s networking sessions – based on the audience feedback from VMworld 2020 – not only feature more customers stories and interviews, but have a balance of innovation, industry trends, roadmap, and technical get-your-hands-dirty sessions. The VMworld 2021 Session Types and Levels summary gives you an idea of what’s available for you and your colleagues.
If you’re not sure about the different learning tracks or what they will include, check out the VMworld learning index here. The robust Content Catalog will allow you to filter sessions based on topic, tracks, products, type and level; the scheduler lets you to build an itinerary.
Lastly, we have made a list of can’t miss sessions based on your role.
For Networking Leaders:
For Networking Practitioners:
Welcome to Technology Short Take #145! What will you find in this Tech Short Take? Well, let’s see…stuff on Envoy, network automation, network designs, M1 chips (and potential open source variants!), a bevy of security articles (including a couple on very severe vulnerabilities), Kubernetes, AWS IAM, and so much more! I hope that you find something useful here. Enjoy!
On today's sponsored Heavy Networking we talk with DriveNets about why it’s time to take the disaggregated model--where you buy whitebox hardware and put a network operating system of your choice on it--seriously. Along the way, we’re going to hit DriveNets network architectures and operating models, and get you thinking about why disaggregated networking might make sense for you.
The post Heavy Networking 599: DriveNets Taps Disaggregation To Build Networks Like Cloud (Sponsored) appeared first on Packet Pushers.
In this section, I am going to introduce the default Network ACL for subnets in VPC NVKT-VPC-01.
Figure 1-28 shows the complete structure of our VPC NVKT-VPC-01. We have a Public subnet 10.10.0.0/24 in AZ eu-west-2c a Private subnet 10.10.1.0/24 in AZ eu-west-2a. Both subnets are protected by the default VPC’s NACL named NWKT-NACL. NACL allows all traffic to and from the subnet by default.
Figure 1-37: Complete VPC Stack.
Continue reading
In this post, we create a Subnet with the set of properties and attach it to VPC. We also specify a Route Table, which we associate with the Subnet using association.
1) AWS::EC2::VPC (NwktVPC)
2) AWS::EC2::Subnet (NwktSubnet)
3) AWS::EC2::RouteTable (NwktPUB2RouteTable)
4) AWS::EC2::SubnetRouteTableAssociation(NwktRouteTableAssociation)
We are using a Ref function for defining the dependencies between AWS resources when the actual AWS resource Identifier is unknown. For example, the Ref function in AWS::EC2::Subnet resource [2] refers to the resource AWS::EC2::VPC’s logical name NwktVPC (A). We have to use an intrinsic function because we don’t know which VPC Identifier AWS generates to VPC. After creating the subnet, we specify the subnet-specific Route Table [3]. First, we need to bind it to VPC using the Ref function value NwktVPC (B). Next, we “glue” the Route Table to Subnet using RouteTableAssociation, where we use two Ref functions. The first one refers to Route Table (C), and the second to Subnet (D).
Figure 1-34: Subnet Route Table.
Continue reading
The Internet Society supports and promotes the development of the Internet as a global technical infrastructure, a resource to enrich people’s lives, and a force for good in society. Our work aligns with our goals for the Internet to be open, globally-connected, secure, and trustworthy
