QUIC Version 1 is live on Cloudflare

QUIC Version 1 is live on Cloudflare
QUIC Version 1 is live on Cloudflare

On May 27 2021, the Internet Engineering Task Force published RFC 9000 - the standardarized version of the QUIC transport protocol. The QUIC Working Group declared themselves done by issuing a Last Call 7 months ago. The i's have been dotted and the t's crossed, RFC 8999 - RFC 9002 are a suite of documents that capture years of engineering design and testing of QUIC. This marks a big occasion.

And today, one day later, we’ve made the standardized version of QUIC available to Cloudflare customers.

Transport protocols have a history of being hard to deploy on the Internet. QUIC overcomes this challenge by basing itself on top of UDP. Compared to TCP, QUIC has security by default, protecting almost all bytes from prying eyes or "helpful" middleboxes that can end up making things worse. It has designed-in features that speed up connection handshakes and mitigate the performance perils that can strike on networks that suffer loss or delays. It is pluggable, providing clear standardised extensions point that will allow smooth, iterative development and deployment of new features or performance enhancements for years to come.

The killer feature of QUIC, however, is that it is deployable in reality. We are Continue reading

How to Protect Azure VMware Solution Resources with Azure Application Gateway

Azure VMware Solution (AVS) is a VMware validated private cloud solution managed and maintained by Azure. It runs on dedicated bare-metal Azure infrastructure. AVS allows customers to manage and secure applications across VMware environments and Microsoft Azure with a consistent operating framework. It supports workload migration, VM deployment, and Azure service consumption 

As AVS private cloud runs on an isolated Azure environment, it is not accessible from Azure or the Internet by default. Users can use either ExpressRoute Global Reach (i.e., from on-prem) or a jump box (i.e., on an Azure VNet) to access AVS private cloud. This means AVS workload VMs are confined within AVS private cloud and not accessible from the Internet 

But what if customers want to make AVS Private Cloud resources, such as web servers, accessible from the Internet? In that case, Public IP needs to be deployed. There are couple of ways to do this: (1) Azure Application Gateway, and (2) Destination NAT or DNAT using Azure WAN Hub and Firewall. Azure Application Gateway is Continue reading

Weekend Reads 052821


The round trip time to the root servers is dependent on multiple factors, but particularly, the proximity of a root server instance and it being routed to in the most efficient way.


UMN computer science researchers who were interested in the ability to intrude bad code into the Linux kernel abused submission processes, faking supportive reviews, to insert code deep in the operating system codebase.


Security researchers Thursday disclosed a new critical vulnerability affecting Domain Name System (DNS) resolvers that could be exploited by adversaries to carry out reflection-based denial-of-service attacks against authoritative nameservers.


We are launching a new Privacy Breakdown of Mobile Phones “playlist” on Surveillance Self-Defense, EFF’s online guide to defending yourself and your friends from surveillance by using secure technology and developing careful practices.


This kind of email attack is called business email compromise (BEC)—a damaging form of phishing designed to gain access to critical business information or extract money through email-based fraud.


Email Campaign builders (marketers) are flying blind. I know ESPs are genuinely timely about rolling out new products for their marketers, but there is a colossal gap in adopting data science and MLops into the email campaign building workflow.


The web has evolved a Continue reading

Document The First Time, Every Time

2053fountain_pen

Imagine you’re deep into a massive issue. You’ve been troubleshooting for hours trying to figure out why something isn’t working. You’ve pulled in resources to help and you’re on the line with the TAC to try and get a resolution. You know this has to be related to something recent because you just got notified about it yesterday. You’re working through logs and configuration setting trying to gain insights into what went wrong. That’s when the TAC engineer hits you with with an armor-piecing question:

When did this start happening?

Now you’re sunk. When did you first start seeing it? Was it happening before and no one noticed? Did a tree fall in the forest and no one was around to hear the sound? What is the meaning of life now?

It’s not too hard to imagine the above scenario because we’ve found ourselves in it more times than we can count. We’ve started working on a problem and traced it back to a root cause only to find out that the actual inciting incident goes back even further than that. Maybe the symptoms just took a while to show up. Perhaps someone unknowingly “fixed” the issue with a Continue reading

Heavy Networking 580: Multivendor EVPN? Nope

Today's Heavy Networking is a nerdy excursion into EVPN VXLAN, including how it works, why you might want it, and why multivendor interoperability is so difficult with this standard. Guest Tony Bourke and host Ethan Banks also explore hardware challenges, automation strategies, EVPN flooding mechanisms, BGP multi-homing, and more.

Heavy Networking 580: Multivendor EVPN? Nope

Today's Heavy Networking is a nerdy excursion into EVPN VXLAN, including how it works, why you might want it, and why multivendor interoperability is so difficult with this standard. Guest Tony Bourke and host Ethan Banks also explore hardware challenges, automation strategies, EVPN flooding mechanisms, BGP multi-homing, and more.

The post Heavy Networking 580: Multivendor EVPN? Nope appeared first on Packet Pushers.

3 Reasons to Process Closer to the Edge

Being able to increase processing speeds will inevitably improve productivity and efficiency, but more importantly, edge computing will help with the management and use of data. In today's world and business environment, we have endless data being collected and transmitted.

Mauritius Must Not Fall into the ‘Mass Surveillance’ Trap

This article was originally published in French in L’express. On 17 May, 2020, The Internet Society, alongside the IGF Mauritius, submitted a response to the call to the government of Mauritius’ call to provide input to the proposed amendments to the ICT ACT for regulating the use and addressing the abuse and misuse of Social Media […]

The post Mauritius Must Not Fall into the ‘Mass Surveillance’ Trap appeared first on Internet Society.

Edge devices improve drilling efficiency for energy company

Moving compute and storage resources to edge locations can reduce latency and bandwidth needs, improve performance and save money. At the same time, widespread edge computing deployments can introduce significant management challenges. Servers can be hard enough to maintain when they’re in an on-prem data center. What if they’re deployed in the middle of nowhere?Energy companies know all too well the challenges of remote computing.“When we drill a well, it’s always in the middle of nowhere,” says Dingzhou Cao, senior advisor for data science at independent shale producer Devon Energy, a Fortune 500 company based in Oklahoma City, Okla.To read this article in full, please click here

Edge devices improve drilling efficiency for energy company

Moving compute and storage resources to edge locations can reduce latency and bandwidth needs, improve performance and save money. At the same time, widespread edge computing deployments can introduce significant management challenges. Servers can be hard enough to maintain when they’re in an on-prem data center. What if they’re deployed in the middle of nowhere?Energy companies know all too well the challenges of remote computing.“When we drill a well, it’s always in the middle of nowhere,” says Dingzhou Cao, senior advisor for data science at independent shale producer Devon Energy, a Fortune 500 company based in Oklahoma City, Okla.To read this article in full, please click here

Learn from industry experts at the Kubernetes Security and Observability Summit—next week!

The Kubernetes Security and Observability Summit is only 1 week away! The industry’s first and only conference solely focused on Kubernetes security and observability will be taking place online June 3, 2021.

During the Summit, DevOps, SREs, platform architects, and security teams will enjoy the chance to network with industry experts and explore trends, strategies, and technologies for securing, observing and troubleshooting cloud-native applications.

What does security and observability mean in a cloud-native context? What challenges should Kubernetes practitioners anticipate and what opportunities should they investigate? Join us to explore these types of questions and gain valuable insight you’ll be able to take back to your teams.

Speakers & sessions

Tigera’s President & CEO, Ratan Tipirneni, will kick off the Summit with an opening keynote address. Two additional keynotes from Graeme Hay of Morgan Stanley and Keith Neilson of Discover Financial Services will follow. Attendees will then have the opportunity to attend breakout sessions organized into three tracks:

  1. Stories from the real world
  2. Best practices
  3. Under the hood

During these sessions, experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, PayPal, Salesforce, and of course, Tigera, will share real-world stories, best practices, and technical concepts related to Continue reading

BrandPost: The five core components that will drive the next wave of banking innovation

The growth in online banking has been – and will continue to be – rapid. From a valuation of $11.43 billion in 2019, the projections are that it will reach $31.81 billion by 2027, at a CAGR of 13.6%.For the incumbent banking system, this rapid growth poses a real and ongoing challenge, as it has opened the door to unconventional disruption and new competition. Non-banking companies are now able to bring different business models and expertise in customer experience to the financial services sector. New products and services are being adopted enthusiastically by consumers, and indeed, there is the rise of entirely new forms of currency and payments that are changing how we think about money.To read this article in full, please click here

Dennis Jennings and the History of NSFNET

The NSFNET followed the CSNET, connecting the campuses of several colleges and supercomputing systems with a 56K core in 1986. The NSFNET was the first large-scale implementation of Internet technologies in a complex environment of many independently operated networks, and forced the Internet community to iron out technical issues arising from the rapidly increasing number of computers and address many practical details of operations, management and conformance. The NSF eventually became the “seed” of the commercialized core of the Internet, playing an outsized role in the current design of routing, transport, and other Internet technologies.

In this episode of the History of Networking, Dennis Jennings joins Donald Sharp and Russ White to discuss the origins and operation of the NSFNET.

You can find out more about Dennis and the NSFNET in the following links.

https://internethalloffame.org/inductees/dennis-jennings
https://en.wikipedia.org/wiki/National_Science_Foundation_Network
https://www.nsf.gov/news/news_summ.jsp?cntn_id=103050
http://arvidc.weebly.com/nsfnet.html

download

Learn from industry experts at the Kubernetes Security and Observability Summit—next week!

The Kubernetes Security and Observability Summit is only 1 week away! The industry’s first and only conference solely focused on Kubernetes security and observability will be taking place online June 3, 2021.

During the Summit, DevOps, SREs, platform architects, and security teams will enjoy the chance to network with industry experts and explore trends, strategies, and technologies for securing, observing and troubleshooting cloud-native applications.

What does security and observability mean in a cloud-native context? What challenges should Kubernetes practitioners anticipate and what opportunities should they investigate? Join us to explore these types of questions and gain valuable insight you’ll be able to take back to your teams.

Speakers & sessions

Tigera’s President & CEO, Ratan Tipirneni, will kick off the Summit with an opening keynote address. Two additional keynotes from Graeme Hay of Morgan Stanley and Keith Neilson of Discover Financial Services will follow. Attendees will then have the opportunity to attend breakout sessions organized into three tracks:

  1. Stories from the real world
  2. Best practices
  3. Under the hood

During these sessions, experts from industry-leading companies like Amazon, Box, Citi, EY, Mirantis, Morgan Stanley, PayPal, Salesforce, and of course, Tigera, will share real-world stories, best practices, and technical concepts related to Continue reading

1 735 736 737 738 739 3,856