A Year Later: Reflections on the ANZ Security Landscape

A Year Later: Reflections on the ANZ Security Landscape
A Year Later: Reflections on the ANZ Security Landscape

It’s been one year since I joined Cloudflare as Head of Australia and New Zealand. While it has been a great year for our ANZ operations, it is hard to stop thinking about the elephant in the room, especially as I’m writing this blog from my home in the middle of Melbourne’s lockdown.

The pandemic has not only disrupted our daily lives, but has also caused a massive shift to remote work for many of us. As a result, security teams lost visibility into office network traffic, their employees moved to unsupervised WiFi networks with new video conferencing technology, and their IT teams found that their out-dated VPN platforms could not handle all the traffic of remote employees. While many organisations were already moving to cloud-based applications, this year has exacerbated the need for greater security posture. Our team has been even more humbled by our mission to help build a better Internet and help organisations face the increased security threats COVID-19 has triggered. With that in mind, I’d like to take a look back at the milestones of the past year.

First, I’d like to recognise how strong and resilient our people have been in the past year. It Continue reading

What is a virtual machine, and why are they so useful?

Many of today’s cutting-edge technologies such as cloud computing, edge computing and microservices, owe their start to the concept of the virtual machine—separating operating systems and software instances from the underlying physical computer.What is a virtual machine? A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a host computer.To read this article in full, please click here

What is a virtual machine, and why are they so useful?

Many of today’s cutting-edge technologies such as cloud computing, edge computing and microservices, owe their start to the concept of the virtual machine—separating operating systems and software instances from the underlying physical computer.What is a virtual machine? A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a host computer.To read this article in full, please click here

Challenge Labs added to NVIDIA Cumulus in the Cloud

There are many aspects to developing the skills to be an effective network engineer and this skill set falls into a few different categories. Logically the first step to conquer is understanding the various networking technologies and protocols. This requires a more traditional form of learning— studying protocols through specs or RFCs, reading whitepapers etc. The next step is implementing this knowledge through configuring network devices. Learning this skill is more like trying to learn a different language. The BGP protocol itself adheres to a set of standards, but each network device might present the configuration of BGP in a different way. The final, and possibly most difficult skill to acquire is a combination of the first two: troubleshooting.

Effectively troubleshooting requires not just a solid foundational knowledge about the technology and how it works, but also the need to understand how to configure and validate that configuration on the network devices. The foundational knowledge permeates through the various implementations regardless of vendor, but configuration and validation vary drastically from one to the next. This leads to perhaps the most difficult aspect of troubleshooting. It’s not just enough to understand how a technology works, but you must also understand a Continue reading

Docker Open Sources Compose for Amazon ECS and Microsoft ACI

Today we are open sourcing the code for the Amazon ECS and Microsoft ACI Compose integrations. This is the first time that Docker has made Compose available for the cloud, allowing developers to take their Compose projects they were running locally and deploy them to the cloud by simply switching context.

With Docker focusing on developers, we’ve been doubling down on the parts of Docker that developers love, like Desktop, Hub, and of course Compose. Millions of developers all over the world use Compose to develop their applications and love its simplicity but there was no simple way to get these applications running in the cloud.

Docker is working to make it easier to get code running in the cloud in two ways. First we moved the Compose specification into a community project. This will allow Compose to evolve with the community so that it may better solve more user needs and ensure that it is agnostic of runtime platform. Second, we’ve been working with Amazon and Microsoft on CLI integrations for Amazon ECS and Microsoft ACI that allow you to use docker compose up to deploy Compose applications directly to the cloud.

While implementing these integrations, we wanted to Continue reading

VMware Transit Connect – Simplifying Networking for VMC

The release of VMware Cloud on AWS (VMC) 1.12 brings a number of exciting new capabilities to the managed service offering. A comprehensive list can be reviewed in the release notes. A key feature that is now Generally Available (GA) in all VMC commercial regions worldwide is VMware Transit ConnectTM. VMware Transit Connect enables customers to build high-speed, resilient connections between their VMware Cloud on AWS Software Defined Data Centers (SDDCs) and other resources. This capability is enabled by a feature called SDDC Groups that helps customers to logically organize SDDCs together to simplify management.

The SDDC Group construct empowers customers to quickly and easily define a collection of SDDCs, Virtual Private Clouds (VPCs) or on-premises connectivity that need to interconnect. Additionally, the SDDC Group construct provides value inside the individual SDDCs by simplifying security policy as will be shown later in this post. Behind the simplification that SDDC Groups provide is the instantiation of an VMware Managed AWS Transit Gateway, a VTGW. The VTGW is a managed service from VMware and provides the underlying connectivity between the different resources.

The initial Transit Connect service provides three primary connectivity models:

Building even faster interpreters in Rust

Building even faster interpreters in Rust
Building even faster interpreters in Rust

At Cloudflare, we’re constantly working on improving the performance of our edge — and that was exactly what my internship this summer entailed. I’m excited to share some improvements we’ve made to our popular Firewall Rules product over the past few months.

Firewall Rules lets customers filter the traffic hitting their site. It’s built using our engine, Wirefilter, which takes powerful boolean expressions written by customers and matches incoming requests against them. Customers can then choose how to respond to traffic which matches these rules. We will discuss some in-depth optimizations we have recently made to Wirefilter, so you may wish to get familiar with how it works if you haven’t already.

Minimizing CPU usage

As a new member of the Firewall team, I quickly learned that performance is important — even in our security products. We look for opportunities to make our customers’ Internet properties faster where it’s safe to do so, maximizing both security and performance.

Our engine is already heavily used, powering all of Firewall Rules. But we have bigger plans. More and more products like our Web Application Firewall (WAF) will be running behind our Wirefilter-based engine, and it will become responsible for eating up a Continue reading

Could human organs join networks?

The idea of integrating computer networks and the human body is driving research in a number of areas. Recently, two teams of researchers shared their respective projects, which explore how biological cells might become networked and how electronics could become directly integrated with human tissue.Both presentations were part of the American Chemical Society's (ACS) Fall 2020 Virtual Meeting & Expo.The first presentation, conducted by a team at the University of Maryland, is focused on communications networks that mimic electronic networks but are derived from biological cells. The second study, led out of University of Delaware, discusses the idea of interfacing hardware and human tissue.To read this article in full, please click here

The Many Uses of Network Observability

[This post is jointly written by Justin Pietsch and Dinesh Dutt]. Observability is an important concept in distributed systems these days. It is taken from control systems, which has a very precise mathematical definition. From Wikipedia: “It is a measurement of how much of the internal state of the system...

Go Learning Resources

This is a record of the resources that I am/have used to learn the Go programming language. This is mostly for my records but other that venture down the Golang path may also find it useful. Books Get Programming with Go - Nathan Youngman / Roger Peppe Black Hat Go: Go Programming For...

Vendors lengthen the range of 5G millimeter-wave transmissions

Two wireless vendors say they have collaborated to significantly extend the useful range of millimeter-wave 5G transmissions beyond what had been widely considered its limits. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises Qualcomm and Ericsson have worked together in separate trials with two other companies to boost that distance from less than a mile (1.6km) to 3.8km in one case and to 5km-plus in the other, the companies claim.To read this article in full, please click here

Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud

The mainframe has been declared “dead”, “morphed” and “transformed” so many times over the years sometimes it’s sometimes hard to believe the Big Iron still has an identity in the enterprise world.But clearly it does and in a major way, too. [ Lessons on diversity in IT: 10 professional organizations focused on diversity in tech • Being Black in IT: 3 tech leaders share their stories • Gender gapped: The state of gender diversity in IT • Māori participation in IT: diversity insights for CIOs everywhere • IT snapshot: Ethnic diversity in the tech industry ] Take recent news as an example: According to IBM, 75% of the top 20 global banks are running the newest z15 mainframe, and the IBM Systems Group reported a 68% gain in Q2 IBM Z revenue year-over-year.To read this article in full, please click here

Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud

The mainframe has been declared “dead”, “morphed” and “transformed” so many times over the years sometimes it’s sometimes hard to believe the Big Iron still has an identity in the enterprise world.But clearly it does and in a major way, too. [ Lessons on diversity in IT: 10 professional organizations focused on diversity in tech • Being Black in IT: 3 tech leaders share their stories • Gender gapped: The state of gender diversity in IT • Māori participation in IT: diversity insights for CIOs everywhere • IT snapshot: Ethnic diversity in the tech industry ] Take recent news as an example: According to IBM, 75% of the top 20 global banks are running the newest z15 mainframe, and the IBM Systems Group reported a 68% gain in Q2 IBM Z revenue year-over-year.To read this article in full, please click here

Tech Bytes: Dell Technologies With Intel Partner To Deliver An Innovative Microsoft Azure Stack HCI (Sponsored)

Today's Tech Bytes podcast, sponsored by Dell Technologies, examines an Azure Stack HCI offering from Dell EMC. Dell worked with Intel and Microsoft to optimize the performance and scale of the Azure Stack platform, including the use of Intel Optane's persistent memory. Our guests are Jayanth YK, Sr. Cloud Architect - Microsoft Hybrid Cloud at Dell Technologies; and Chris “Murph” Murphy, Regional Sales Director at Intel.

Tech Bytes: Dell Technologies With Intel Partner To Deliver An Innovative Microsoft Azure Stack HCI (Sponsored)

Today's Tech Bytes podcast, sponsored by Dell Technologies, examines an Azure Stack HCI offering from Dell EMC. Dell worked with Intel and Microsoft to optimize the performance and scale of the Azure Stack platform, including the use of Intel Optane's persistent memory. Our guests are Jayanth YK, Sr. Cloud Architect - Microsoft Hybrid Cloud at Dell Technologies; and Chris “Murph” Murphy, Regional Sales Director at Intel.

The post Tech Bytes: Dell Technologies With Intel Partner To Deliver An Innovative Microsoft Azure Stack HCI (Sponsored) appeared first on Packet Pushers.

The Hedge Podcast #53: Deprecating Interdomain ASM

Interdomain Any-source Multicast has proven to be an unscalable solution, and is actually blocking the deployment of other solutions. To move interdomain multicast forward, Lenny Giuliano, Tim Chown, and Toerless Eckhert wrote RFC 8815, BCP 229, recommending providers “deprecate the use of Any-Source Multicast (ASM) for interdomain multicast, leaving Source-Specific Multicast (SSM) as the recommended interdomain mode of multicast.”

download

1 905 906 907 908 909 3,860