Today's Day Two Cloud covers the most interesting announcements and presentations from VMworld 2020, including Project Monterey and partnerships with nVidia and Pensando, an an announcement from analysis tool vendor Runecast, and highlights from Pure Storage.
The post Day Two Cloud 072: VMworld 2020 Analysis And Roundup – Project Monterey And More appeared first on Packet Pushers.
Every few years the industry takes a significant step towards a more holistic and capable security model. At the beginning, everything and everyone was trusted, and for good reason. You knew every operator and every machine that was connected to the network. But as networks have become ubiquitous, that level of trust is simply unreasonable. So we’ve built firewalls, and differing levels of inspection, but all of these tools still allow for some implicit level of trust between a machine and those machines closest to them. That is changing and that is what we’re here to talk about today. The newest trend in security is the concept of zero trust, and while it’s suffering the common plight of any new trend with multiple vendors trying to shape the definition, removing implicit trust in our networks is the next logical step towards a truly secure infrastructure.
We’re excited to announce the release of NFA v 20.10 today. This version comes with support for the IPFIX variable length information
The post Announcing NFA v 20.10 with support for Custom IP Groups appeared first on Noction.
The post Introducing NFA Custom Groups appeared first on Noction.
One of my readers is designing a layer-2-only data center fabric (no SVI interfaces on switches) with stringent security requirements using Cisco Nexus switches, and he wondered whether a host connected to such a fabric could attack a switch, and whether it would be possible to reach the management network in that way.
Do you think it’s possible to reach the MANAGEMENT PLANE from the DATA PLANE? Is it valid to think that there is a potential attack vector that someone can compromise to source traffic from the front of the device (ASIC) through the PCI bus across the CPU to the across the PCI bus to the Platform Controller Hub through the I/O card to spew out the Management Port onto that out-of-band network?
My initial answer was “of course there’s always a conduit from the switching ASIC to the CPU, how would you handle STP/CDP/LLDP otherwise”. I also asked Lukas Krattiger for more details; here’s what he sent me:
One of my readers is designing a layer-2-only data center fabric (no SVI interfaces on switches) with stringent security requirements using Cisco Nexus switches, and he wondered whether a host connected to such a fabric could attack a switch, and whether it would be possible to reach the management network in that way.
Do you think it’s possible to reach the MANAGEMENT PLANE from the DATA PLANE? Is it valid to think that there is a potential attack vector that someone can compromise to source traffic from the front of the device (ASIC) through the PCI bus across the CPU to the across the PCI bus to the Platform Controller Hub through the I/O card to spew out the Management Port onto that out-of-band network?
My initial answer was “of course there’s always a conduit from the switching ASIC to the CPU, how would you handle STP/CDP/LLDP otherwise”. I also asked Lukas Krattiger for more details; here’s what he sent me:
Maximizing the aggregate amount of compute that can be brought to bear for any given pile of money is what traditional high performance computing is all about. …
For HPC And AI, Composability Might Trump Cheap Flops was written by Timothy Prickett Morgan at The Next Platform.
One of the positive aspects of this difficult period, if I may say so, is the possibility of taking a Pearson Vue test online, called OnVue. Last Friday, October 23rd, I took a Cisco exam from home and I think it’s interesting to share with you the details of this experience. With OnVue – Get certified from your home! The registration for the exam The registration for the test is almost the same as for a Cisco test done in a Vue test center. Go to the website of Pearson…
The post OnVue – Get certified from your home appeared first on AboutNetworks.net.
2020 has been quite the year. Pandemic, lockdowns, virtual conferences and back-to-back Zoom meetings. Global economic pressures, confinement and webcams aside, we at Docker have been focused on delivering what we set out to do when we announced Docker’s Next Chapter: Advancing Developer Workflows for Modern Apps last November 2019. I wish to thank the Docker team for their “can do!” spirit and efforts throughout this unprecedented year, as well as our community, our Docker Captains, our ecosystem partners, and our customers for their non-stop enthusiasm and support. We could not have had the year we had without you.
This next chapter is being jointly written with you, the developer, as so much of our motivation and inspiration comes from your sharing with us how you’re using Docker. Consider the Washington University School of Medicine (WUSM): WUSM’s team of bioinformatics developers uses Docker to build pipelines – consisting of up to 25 Docker images in some cases – for analyzing the genome sequence data of cancer patients to inform diagnosis and treatments. Furthermore, they collaborate with each other internally and with other cancer research institutions by sharing their Docker images through Docker Hub. In the words of WUSM’s Dr. Continue reading
The rumors were right, and AMD president and chief executive officer Lisa Su is indeed printing out a tower of stock to acquire FPGA maker Xilinx for what amounts to about $35 billion and, as it turns out, she is relinquishing her position as president to Victor Peng, chief executive at Xilinx, to close the deal. …
AMD Girds For Compute War With Xilinx Deal was written by Timothy Prickett Morgan at The Next Platform.
Before the large cable providers came on the scene, most people accessed the Internet through dial-up MODEMS, connecting to services like America Online, across plain old telephone lines. The entrance of cable providers, and cable MODEMs, allowed the edge of the Internet to explode, causing massive growth. Join Donald Sharp and I on this episode of the History of Networking as John Chapman discusses the origins of the cable MODEM, and the origins of the DOCSIS standards.
Zero trust network access is ideal for today's distributed workforce, but it can be tricky to put into place. On today's sponsored Heavy Networking podcast, we talk with NetMotion about its remote access product that enable zero trust plus performance monitoring to help troubleshoot problems for remote workers. Our guest is Jay Klauser, VP of Worldwide Sales Engineering & Alliances at NetMotion.
The post Heavy Networking 546: Making Zero Trust Remote Access Work (Sponsored) appeared first on Packet Pushers.