Nvidia unleashes new generation of GPU hardware

Nvidia, whose heritage lies in making chips for gamers, has announced its first new GPU architecture in three years, and it’s clearly designed to efficiently support the various computing needs of artificial intelligence and machine learning.The architecture, called Ampere, and its first iteration, the A100 processor, supplant the performance of Nvidia’s current Volta architecture, whose V100 chip was in 94 of the top 500 supercomputers last November. The A100 has an incredible 54 billion transistors, 2.5 times as many as the V100.10 of the world's fastest supercomputers Tensor performance, so vital in AI and machine learning, has been significantly improved. FP16 floating point calculations are almost 2.5x as fast as V100 and Nvidia introduced a new math mode called TF32. Nvidia claims TF32 can provide up to 10-fold speedups compared to single-precision floating-point math on Volta GPUs.To read this article in full, please click here

Mutable References To ‘self’ In Rust’s Object Methods

Lately I’ve been working on graphics programming in Rust, as a continuation of my first steps with the language. As part of this work, I created a type I created called Vec3f, to hold cartesian coordinates for a given vector: #[derive(Copy, Clone, Debug)] struct Vec3f { x: f32, y: f32, z: f32 } In the natural course of this work, I needed to add certain methods for this type to allow me to perform calculations like cross product, and dot/scalar product.

Securing work-at-home apps

In today's post, I answer the following question:
Our customer's employees are now using our corporate application while working from home. They are concerned about security, protecting their trade secrets. What security feature can we add for these customers?
The tl;dr answer is this: don't add gimmicky features, but instead, take this opportunity to do security things you should already be doing, starting with a "vulnerability disclosure program" or "vuln program".


Gimmicks

First of all, I'd like to discourage you from adding security gimmicks to your product. You are no more likely to come up with an exciting new security feature on your own as you are a miracle cure for the covid. Your sales and marketing people may get excited about the feature, and they may get the customer excited about it too, but the excitement won't last.

Eventually, the customer's IT and cybersecurity teams will be brought in. They'll quickly identify your gimmick as snake oil, and you'll have made an enemy of them. They are already involved in securing the server side, the work-at-home desktop, the VPN, and all the other network essentials. You don't want them as your enemy, you want them as your friend. You Continue reading

Full Stack Journey 042: How An IT Specialist Chooses Adjacent Competencies

David Klee is a SQL database expert, but he's also knowledgeable about virtualization, networking, and infrastructure. In today's Full Stack Journey podcast, host Scott Lowe talks with David about how and why IT specialists should be competent in other disciplines, how to decide which areas to branch out into, and how adjacent competencies enrich can enrich your specialization.

Full Stack Journey 042: How An IT Specialist Chooses Adjacent Competencies

David Klee is a SQL database expert, but he's also knowledgeable about virtualization, networking, and infrastructure. In today's Full Stack Journey podcast, host Scott Lowe talks with David about how and why IT specialists should be competent in other disciplines, how to decide which areas to branch out into, and how adjacent competencies enrich can enrich your specialization.

The post Full Stack Journey 042: How An IT Specialist Chooses Adjacent Competencies appeared first on Packet Pushers.

Juniper’s big push: AI in all areas of enterprise networking

Juniper intends to spread the gospel of artificial intelligence across enterprise networking in the coming months with new products and services.The expected moves are a continuation of a strategy that has been an integral part of Juniper since the company bought wireless and artificial-intelligence software maker Mist in 2019 for $405 million.[Get regularly scheduled insights by signing up for Network World newsletters.] Mist’s cloud-based Wi-Fi Assurance system includes an AI-base engine called Marvis that features dynamic packet capture and machine learning to automatically identify, adapt to and fix network issues.To read this article in full, please click here

Helping You Better Identify Vulnerabilities in Partnership with Snyk

We are really excited that Docker and Snyk are now partnering together to engineer container security scanning deeply into Docker Desktop and Docker Hub. Image vulnerability scanning has been one of your most requested items on our public roadmap.

Modern software uses a lot of third party open source libraries, indeed this is one of the things that has really raised productivity in coding, as we can reuse work to support new features in our products and to save time in writing implementations of APIs, protocols and algorithms. But this comes with the downside of working out whether there are security vulnerabilities in the code that you are using. You have all told us that scanning is one of the most important roadmap issues for you.

Recall a famously huge data breach from the use of an unpatched version of the Apache Struts library, due to CVE 2017-5638. The CVE was issued in March 2017, and according to the official statement, while the patch should have been applied within 48 hours, it was not, and during May 2017 the websites were hacked, with the attackers having access until late July. This is everyone’s nightmare now. How can we help Continue reading

Resolve internal hostnames with Cloudflare for Teams

Resolve internal hostnames with Cloudflare for Teams

Phishing attacks begin like any other visit to a site on the Internet. A user opens a suspicious link from an email, and their DNS resolver looks up the hostname, then connects the user to the origin.

Cloudflare Gateway’s secure DNS blocks threats like this by checking every hostname query against a constantly-evolving list of known threats on the Internet. Instead of sending the user to the malicious host, Gateway stops the site from resolving. The user sees a “blocked domain” page instead of the malicious site itself.

As teams migrate to SaaS applications and zero-trust solutions, they rely more on the public Internet to do their jobs. Gateway's security works like a bouncer, keeping users safe as they navigate the Internet. However, some organizations still need to send traffic to internal destinations for testing or as a way to make the migration more seamless.

Starting today, you can use Cloudflare Gateway to direct end user traffic to a different IP than the one they originally requested. Administrators can build rules to override the address that would be returned by a resolver and send traffic to a specified alternative.

Like the security features of Cloudflare Gateway, the redirect function is Continue reading

Musings on IP Packet Reordering

During the Comparing Transparent Bridging and IP Routing part of How Networks Really Work webinar I said something along the lines of:

While packets should never be reordered in transit in transparent bridging, there’s no such guarantee in IP networks, and IP applications should tolerate out-of-order packets.

One of my regular readers who designs and builds networks supporting VoIP applications disagreed with that citing numerous real-life examples.

Of course he was right, but let’s get the facts straight first:

Read more …

For sale: Used, low-mileage hyperscaler servers

A company that specializes in creating second lives for IT hardware is expanding its initiative to reengineer and sell decommissioned data-center equipment from the major hyperscale operators that are aggressively replacing relatively new hardware.ITRenew announced the plan at the recent Open Compute Project (OCP) conference, promising to sell full servers previously owned by the big operators, reengineered, warrantied, and configured for turnkey uses like web serving and Kubernetes. ITRenew launched its first server racks two years ago and is now making the initiative more broadly available to all industries so more potential customers can buy OCP-certified hardware. To read this article in full, please click here

Choose flexible edge deployments carefully

Many edge-computing deployments are driven by very specific needs, but since new needs may arise down the road with a different set of edge requirements, IT leaders should adopt edge-computing architectures with flexibility and adaptability in mind.The fact that all edge-computing systems have certain things in common – complex combinations of hardware, applications, infrastructure software and networking – doesn’t mean they should all have the same design.[Get regularly scheduled insights by signing up for Network World newsletters.] Every new project requires highly specialized software and integrated custom networking to deliver on project goals across such diverse applications as industrial control, autonomous transportation, health services, public safety and energy management. Each use case will have its unique requirements in terms of performance, response times, quantity of data to be gathered and processed, and cost.To read this article in full, please click here

Calico Enterprise 3.0 with Calico Multi-Cluster Management

As our enterprise customers build out large, multi-cluster Kubernetes environments, they are encountering an entirely new set of security challenges, requiring solutions that operate at scale and can be deployed both on-premises and across multiple clouds.

Today we are thrilled to announce the release of Calico Enterprise 3.0 and the availability of Calico Multi-Cluster Management, a game-changing solution that provides centralized management for network security across every Kubernetes cluster in your organization.

Calico Multi-Cluster Management

Calico Multi-Cluster Management provides a centralized management plane and single point of control for multi-cluster and multi-cloud environments. Calico Enterprise’s centralized control simplifies and speeds routine maintenance, leaving more time for your platform team to address other important tasks.

For example, instead of logging in to 50 clusters one-at-a-time to make a policy change, with a single log-in to Calico Enterprise you can apply policy changes consistently across all 50 clusters. You can also automatically apply existing network security controls to new clusters as they are added.

Calico Multi-Cluster Management includes centralized log management, troubleshooting with Flow Visualizer, and cluster-wide IDS (intrusion detection). It also provides compliance reporting, and alerts on non-compliance and indicators of compromise. Alerts are sent to SIEMs, including Splunk and Continue reading

Learning from the Post-Mortem

Post-mortem reviews seem to be quite common in the software engineering and application development sides of the IT world—but I do not recall a lot of post-mortems in network engineering across my 30 years. This puzzling observation sprang to mind while I was reading a post over at the ACM this last week about how to effectively learn from the post-mortem exercise.

The common pattern seems to be setting aside a one hour meeting, inviting a lot of people, trying to shift blame while not actually saying you are shifting blame (because we are all supposed to live in a blame-free environment now—fix the problem, not the blame!), and then … a list is created on a whiteboard, pictures are taken, and everyone walks away with a rock-solid plan to never do that again.

In a few months’ time, the same team will be in the same room, draw the same drawings, and say the same things all over again. At least that is the way it seems to me. If there is an effective post-mortem process in use by a company someplace, I do not think I have seen it.

From the article—

Are we missing anything in Continue reading

Are We Ready to Work from Home in the Middle East?

Even before COVID-19, political and economic scenes within the MENA region were changing. Differences across economies, politics, religion, and even the weather kept governments occupied.

Amid all that, the region has been shaken by COVID-19 as nations have moved operations into the home.

Looking at this from a technology perspective, we must ask ourselves: Are we ready for this? Are we able to transfer all our businesses and schools to our homes? Do we have an adequate Internet-based economy and good quality connectivity to back up the huge demand?

There’s no question that the Internet provides significant economic and social benefits. COVID-19 has made that especially clear. For many parts of the world, it has allowed us to carry on. But for the first time, governments have had to face the reality that there is no time for pilot projects. This is happening and it is happening now.

COVID-19 has opened the world’s eyes to how critical the Internet is for the economy. How can the Middle East build on what COVID-19 has taught us about the Internet and connectivity? The Internet Society has released two papers that can help develop the answers: “Middle East & North Africa Internet Continue reading

Build an OpenStack/Ceph cluster with Cumulus Networks in GNS3: part 2

Adding virtual machine images to GNS3

I’m going to assume that at this stage, you’ve got a fully working (and tested) GNS3 install on a suitably powerful Linux host. Once that is complete, the next step is to download the two virtual machine images we discussed in part 1 of this blog, and integrate them into GNS3.

In my setup, I downloaded the Cumulus VX 4.0 QCOW2 image (though you are welcome to try newer releases which should work), which you can obtain by visiting this link: https://cumulusnetworks.com/accounts/login/?next=/products/cumulus-vx/download/

I also downloaded the Ubuntu Server 18.04.4 QCOW2 image from here: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img

Once you have downloaded these two images, the next task is to integrate them into GNS3. To do this:

  1. Select Edit > Preferences in the GNS3 interface.
  2. When the Preferences dialog pops up, from the left pane select QEMU VMs, then click New.
  3. Enter a name for the Image (e.g. Cumulus VM 4.0)
  4. Select the Qemu binary, and specify default RAM size for each instance (I used 1024MB). You can override this for each VM you create on the GNS3 canvas, so don’t worry too much about it.
  5. Select the Continue reading

Network Break 284: Dell Technologies Announces SONiC Distro; Microsoft Acquires Metaswitch Networks

Today's Network Break asks if enterprises want a supported SONiC network OS, Microsoft acquires Metaswitch Networks, VMware buys Kubernetes security platform Octarine, Cisco announces quarterly results, and more tech news.

The post Network Break 284: Dell Technologies Announces SONiC Distro; Microsoft Acquires Metaswitch Networks appeared first on Packet Pushers.

1 955 956 957 958 959 3,841