Center for Internet Security: 18 security controls you need

The Center for Internet Security has updated its set of safeguards for warding off the five most common types of attacks facing enterprise networks—web-application hacking, insider and privilege misuse, malware, ransomware, and targeted intrusions.In issuing its CIS Controls V8 this month, the organization sought to present practical and specific actions businesses can take to protect their networks and data. These range from making an inventory of enterprise assets to account management to auditing logs.In part the new version was needed to address changes to how businesses operate since V7 was issued three years ago, and those changes guided the work. “Movement to cloud-based computing, virtualization, mobility, outsourcing, work-from-home, and changing attacker tactics have been central in every discussion,” the new controls document says.To read this article in full, please click here

How We Built an Open Source Drop-In Replacement for gRPC

JT Olio JT is the CTO at Storj. He oversees product development and led the re-architecture of Storj’s distributed cloud storage platform. He was previously Director of Engineering at Space Monkey, which was acquired by Vivint in 2014. JT has an MS in Computer Science from the University of Utah and a BS in Computer Science and Mathematics from the University of Minnesota. Our team at Storj is building a decentralized cloud object storage and when we decided to build it using Go, we thought we’d also utilize

IXP.GT Improves Speed, Lowers Costs, and Increases Resilience and Security of Guatemala’s Internet

view of a highway interchange seen from up in the air

Of the four new Internet traffic exchange points in Latin America, the most advanced is IXP.GT in Guatemala. It started in November 2019 with three participants. A little over a year later it already had 10. Most are Internet service providers (ISPs), plus the university network. “The IXP is the best thing that happened to […]

The post IXP.GT Improves Speed, Lowers Costs, and Increases Resilience and Security of Guatemala’s Internet appeared first on Internet Society.

A Big Thank You to Our DockerCon Live 2021 Sponsors

With DockerCon just a day away, let’s not forget to give a big THANK YOU to all our sponsors.

As our ecosystem partners, they play a central role in our strategy to deliver the best developer experience from local desktop to cloud, and/or to offer best-in-class solutions to help you build apps faster, easier and more securely. Translation: We couldn’t do what we do without them.

So be sure to visit their virtual rooms and special sessions at DockerCon this Thursday, May 27. With more than 20 Platinum, Gold or Silver sponsors this year, you’ll have plenty to choose from.

For example, check out AWS’s virtual room and the session with AWS Principal Technologist Massimo Re Ferrè at 3:15 p.m.-3:45 p.m. PDT.

And check out Microsoft’s virtual room and any of the three sessions it’s offering — How to Package DevOps Tools Using Docker Containers (3:45 p.m.- 4:15 p.m.), Container-Based Development with Visual Studio Code (4:15 p.m.- 4:45 p.m.), and Supercharging Machine Learning Development with Azure Machine Learning and Containers in VS Code! (4:45 p.m.- 5:15 p.m.).

Or there’s Mirantis’ virtual room and their two Continue reading

Building real-time games using Workers, Durable Objects, and Unity

Building real-time games using Workers, Durable Objects, and Unity
Building real-time games using Workers, Durable Objects, and Unity

Durable Objects are an awesome addition to the Workers developer ecosystem, allowing you to address and work inside a specific Worker to provide consistency in your applications. That sounds exciting at a high-level, but if you're like me, you might be wondering "Okay, so what can I build with that?"

There’s nothing like building something real with a technology to truly understand it.

To better understand why Durable Objects matter, and how newer announcements in the Workers ecosystem like WebSockets play with Durable Objects, I turned to a category of software that I've been building in my spare time for a few months now: video games.

The technical aspects of games have changed drastically in the last decade. Many games are online-by-default, and the ubiquity of tools like Unity have made it so anyone can begin experimenting with developing games.

I've heard a lot about the ability of Durable Objects and WebSockets to provide real-time consistency in applications, and to test that use case out, I've built Durable World: a simple 3D multiplayer world that is deployed entirely on our Cloudflare stack: Pages for serving the client-side game, which runs in Unity and WebGL, and Workers as the Continue reading

Packet Forwarding and Routing over Unnumbered Interfaces

In the previous blog posts in this series, we explored whether we need addresses on point-to-point links (TL&DR: no), whether it’s better to have interface or node addresses (TL&DR: it depends), and why we got unnumbered IPv4 interfaces. Now let’s see how IP routing works over unnumbered interfaces.

The Challenge

A cursory look at an IP routing table (or at CCNA-level materials) tells you that the IP routing table contains prefixes and next hops, and that the next hops are IP addresses. How should that work over unnumbered interfaces, and what should we use for the next-hop IP address in that case?

Read more …

Packet Forwarding and Routing over Unnumbered Interfaces

In the previous blog posts in this series, we explored whether we need addresses on point-to-point links (TL&DR: no), whether it’s better to have interface or node addresses (TL&DR: it depends), and why we got unnumbered IPv4 interfaces. Now let’s see how IP routing works over unnumbered interfaces.

The Challenge

A cursory look at an IP routing table (or at CCNA-level materials) tells you that the IP routing table contains prefixes and next hops, and that the next hops are IP addresses. How should that work over unnumbered interfaces, and what should we use for the next-hop IP address in that case?

Read more …

Juniper Networks upgrades its Apstra intent-based networking software

Juniper Networks is releasing the latest version of its Apstra intent-based networking software that includes new monitoring features and configuration templates as well as better integration with VMware’s NSX virtualization and security platform.In January, Juniper bought Apstra and its Apstra Operating System (AOS), which was developed from the start to support IBN features. Once deployed, AOS—now just called Apstra—keeps a real-time repository of configuration, telemetry and validation information to ensure the network is doing what customers want it to do. Apstra also includes automation features to provide consistent network and security policies for workloads across physical and virtual infrastructures.To read this article in full, please click here

Juniper Networks upgrades its Apstra intent-based networking software

Juniper Networks is releasing the latest version of its Apstra intent-based networking software that includes new monitoring features and configuration templates as well as better integration with VMware’s NSX virtualization and security platform.In January, Juniper bought Apstra and its Apstra Operating System (AOS), which was developed from the start to support IBN features. Once deployed, AOS—now just called Apstra—keeps a real-time repository of configuration, telemetry and validation information to ensure the network is doing what customers want it to do. Apstra also includes automation features to provide consistent network and security policies for workloads across physical and virtual infrastructures.To read this article in full, please click here

Cloudflare’s SOC as a Service

Cloudflare’s SOC as a Service

When Cloudflare started, sophisticated online security was beyond the reach of all but the largest organizations. If your pockets were deep enough, you could buy the necessary services — and the support that was required to operate them — to keep your online operations secure, fast, and reliable. For everyone else? You were out of luck.

We wanted to change that: to help build a better Internet. To build a set of services that weren’t just technically sophisticated, but easy to use. Accessible. Affordable. Part of this meant that we were always looking to build and equip our customers with all the tools they needed in order to do this for themselves.

Of course, a lot has changed since we started. The Internet has only increased in importance, fast becoming the most important channel for many businesses. Cybersecurity threats have only become more prevalent — and more sophisticated. And the products that Cloudflare offers to keep you safe on the Internet have attracted some of the largest and most recognizable organizations in the world.

Ask some of these larger organizations about cybersecurity, and they’ll tell you a few things: first, they love our products. But, second, that when something happens Continue reading

Full Stack Journey 054: Changes Big And Small

On today's Full Stack Journey podcast, host Scott Lowe shares some personal changes in his life, including leaving VMware for a startup called Kong, selling a house and moving, and buying and using an M1-based MacBook Pro. He shares his reflections on career changes, his decision-making process, and more.

Jerikan: a configuration management system for network teams

There are many resources for network automation with Ansible. Most of them only expose the first steps or limit themselves to a narrow scope. They give no clue on how to expand from that. Real network environments may be large, versatile, heterogeneous, and filled with exceptions. The lack of real-world examples for Ansible deployments, unlike Puppet and SaltStack, leads many teams to build brittle and incomplete automation solutions.

We have released under an open-source license our attempt to tackle this problem:

  • Jerikan, a tool to build configuration files from a single source of truth and Jinja2 templates, along with its integration into the GitLab CI system,
  • an Ansible playbook to deploy these configuration files on network devices, and
  • a redacted version of the configuration data and the templates for our, now defunct, datacenters in San Francisco and South Korea, covering many vendors (Facebook Wedge 100, Dell S4048 and S6010, Juniper QFX 5110, Juniper QFX 10002, Cisco ASR 9001, Cisco Catalyst 2960, Opengear console servers, and Linux), and many functionalities (provisioning, BGP-to-the-host routing, edge routing, out-of-band network, DNS configuration, integration with NetBox and IRRs).

Here is a quick demo to configure a new peering:

This work is the collective effort of Continue reading

DockerCon 2021: Women in Tech Panel

At Docker, we feel strongly about embracing diversity and we are committed to being proactive with respect to inclusion. As an example of our support for diversity, we are hosting the Community Rooms during DockerCon with panels and sessions for our global audience in their native languages. We are also highlighting the contributions from our women Captains and community developers.

At DockerCon, the Women in Tech panel will focus on the breadth and depth of knowledge from our panelists and their experiences using Docker technology throughout their career. Join us as we discuss the career choices that led these women to become application developers and hear about key innovations that they are working on.  

Women in Tech Panel 4:15 Pacific on May 27, 2021

This panel is just one event out of a one day event packed with demonstrations, product announcement, company updates and more – all of it is focused on modern application delivery in a cloud-native world.

Our panelists and moderators include:

Hema Ganapathy – Moderator
Product Marketing, Docker

Hema is a highly seasoned technology professional with 30+ years of experience in software development, telecommunications, cloud computing and big data.  She has held senior positions in Continue reading

1 720 721 722 723 724 3,839