The Fat Pipe - All of the Packet Pushers Podcasts

Firewalls are the linchpin of a traditional network security infrastructure. They guard the perimeter of the network and stand sentry at key locations within the campus and the data center. But can you operate a secure infrastructure without firewalls? On today’s Datanauts show, we’ve brought on a pair of guests to make that case. Our guests are Nick Buraglio, Lead face melter at Energy Sciences Network (that’s the title he put in the show notes); and Jon Zeolla, CTO at Seiso. We start by defining firewalls and their core functions, and then examine arguments for not having them. We then examine other options for inspecting perimeter traffic and drill into options including Bro, Suricata, vulnerability assessment, and host-based tools. We also look at the operation and compliance impacts of getting rid of firewalls. Last but not least, we talk about the importance of log and data analysis and ways to extract meaningful information and put it to use. By the end of the show, you might just be running into the data center and unplugging your firewall cables. Show Links: Jon Zeolla on LinkedIn ForwardingPlane.net – Nick Buraglio’s blog Bro Network Security Monitor – bro.org Best practices for Securing the Science DMZ by Nick Buraglio – YouTube January Presentation Security Data Analysis for the masses – Jon Zeolla, YouTube

Today on the Priority Queue, OPNsense wants to be your next open source firewall. The project’s trademark is “High-end security made easy.” Interested? Good, because I’ve got Franco Fichtner from the OPNsense core development team here to talk about it. We discuss why OPNsense was forked from the pfSense and m0n0wall projects several years ago, and then jump into technical features including high availability, routing capabilities, traffic shaping, and more. We also talk about monitoring and reporting capabilities, troubleshooting, and the project’s roadmap. Show Links: OPNsense.org OPNsense on Twitter Lastsummer.de – Franco Fichtner’s blog Franco Fichtner on Twitter

Anuta Networks has announced ATOM, a software platform that can automate and orchestrate the operation of multi-vendor network infrastructure. ATOM is an evolution of and replacement for its existing NCX platform. New Features Include: * Support for over 40 vendors, including Cisco, Juniper, F5, and others * Scalability to orchestrate up to one million devices * A new microservices architecture using Docker containers for resiliency and cloud deployment * Telemetry and analysis for closed-loop automation Get more details at anutanetworks.com.

On the Datanauts podcast today, we have a chat with VMware, this episode’s sponsor, about AppDefense. According to VMware, AppDefense is “a new security solution for protecting applications running in virtualized and cloud environments. Rather than chasing after threats, AppDefense understands how applications are supposed to work and monitors for changes to that intended state that indicate a threat. When a threat is detected, AppDefense automatically responds.” Our guest is Tom Corn, Senior VP, Security Products at VMware. We set the stage by examining the state of security, and then dive into how AppDefense works, including how it leverages the hypervisor. We also review how security policies are described in AppDefense, where and how those policies are enforced, and what actions AppDefense can take. In addition, we discuss the operational impacts of running AppDefense, including its use of system resources and how new applications are profiled. Show Links: VMware AppDefense Understanding VMware AppDefense: A Tom Corn Perspective – YouTube Tom Corn on LinkedIn

I had a briefing with ReSTNSX, and they demoed their VMware NSX-enhancing platform to me. Have a listen in the player above for my impressions of the demo. Features Include… * A different UI for NSX that makes it easier to leverage the NSX API. * The ability to import lots of objects via CSV instead of clicking until your finger breaks. * Creation of custom workflows. * Dashboards for NSX tenants. For More Information * http://restnsx.com

In late 2017 AT&T released a white paper outlining the company’s vision for a “Disaggregated Network Operating System” or dNOS. According to AT&T, dNOS aims: * To be network OS separate from the underlying hardware that runs on multiple platforms including merchant networking silicon and x86 * To have standardized APIs and other interfaces for clean separation of the control plane and data plane * To provide a platform to integrate with existing tools and applications and spur the development of new ones On today’s Priority Queue, John Medamana, AT&T Fellow and Vice President, Packet & Optical Networks at AT&T, joins us to share more information about this project. We talk about why AT&T is driving this effort, what the company hopes to achieve, and where they are in the process. Note that after this podcast was recorded, AT&T announced it was moving the dNOS project to the Linux Foundation. John is co-author of Building the Network of the Future: Getting Smarter, Faster, and More Flexible with a Software Centric Approach. You can also follow him on Twitter at @johnmedamana.

Today on the Datanauts podcast, we talk with Vivian Zhang, a Machine Learning (ML) expert. If you’ve been hearing about ML from IT marketing folks and it all sounds like magic unicorn dust, this is your show. We’re cutting through the cruft to get to what’s real. Vivian Zhang is CTO and Chief Data Scientist at the NYC Data Science Academy. We establish a baseline of what machine learning is, how it fits into the broader category of artificial intelligence, and how ML might move the needle in IT infrastructure. We look at business problems that ML can be applied to, and explore real-world examples including anomaly detection. Show Links: NYC Data Science Academy NYC Data Science Academy on Twitter Amazon SageMaker

Today's Full Stack Journey dives into Istio, Envoy & service meshes with guest Shannon McFarland. The post Full Stack Journey 018: Istio, Envoy & Service Meshes appeared first on Packet Pushers.

Today’s Priority Queue delves into Open vSwitch with guest Ben Pfaff, an Open vSwitch contributor for the past ten years. As you might infer from the name, Open vSwitch is open source software that provides switching capabilities and can run in a hypervisor, on bare metal servers, in containers, and on NICs. You can program OVS directly or via a controller such as OpenDaylight or a commercial controller. Open vSwitch is a project within the Linux Foundation. This podcast was recorded live during a meeting with Ben in which he recorded a podcast with me, which you can find at OVS Orbit. We discuss an overview of OVS, explore key features, and examine how OVS applies to the enterprise. We also look at the relationship between SmartNICs and OVS, and discuss how OVS works with service meshes. If you want to learn more about OVS, check out Ben’s podcast at OVS Orbit. Show Links: Open vSwitch.org OvS Orbit Ben Pfaff on Twitter

Virtual Instruments has visibility and testing tools for FibreChannel networks. Analyse the network traffic to determine the performance of the storage traffic – file protocols and object protocols It can analyse storage protocols  captured from the network and then replay these patterns against various storage equipment. This allows for testing and analysis of the vendor equipment. Why is this important ? An inspirational cynicisist view is that storage vendors are unable to make products that work properly or as advertised so there is need to test and validate the operational capability. Or perhaps customers expect to see bugs in the product and testing will help to find them. Another use case is that product upgrades are expected to be unreliable so testing of new software is needed to ensure that the vendor got it right. A less cynical view is hard to find. Storage products are not made to fit every use case and customers are not able to easily pick out the product that is good for them. Testing helps here. Anyway the idea of load testing is well established, capture data from the network and software can then analyse the captured data and then create a replay. You don’t need to see the payload here. You can collect the storage protocol requests and then build a test that simulates. I saw demonstrations of the software interface that showed a wide range of analysis and showed the visibility. The ability to conduct a test workload and then vary the storage query parameters. There are similar products in the networking space – look at Ixia Systems and Spirent who do similar things for networking with the protocol inspection. Virtual Instruments offers a version of this that is specific to storage industry, seems to have deeper capabilities. Takeaways: * the larger part of the the storage market believes that they are special snowflakes with unique requirements and specific conditions that only storage specific solutions can solve. * The value of storage is different, remember that a data loss is a permanent and potentially catastrophic event. A network outage has less impact and there is less we can do for true availability. * For customers with critical dependencies on the storage engine, the ability to test and analyse storage traffic to validate storage products is key. And Virtual Instruments is a solution in this space.

  Micron makes memory and storage. * total 110B market for memory * total semiconductor market 385B * memory is a substantial proportion of the whole market. Micron highlights two transitions from centralised storage to distributed storage, then placing the data at the edge of the network. Interpretation  * storage arrays are less important because they are smaller part of the mix * edge storage is a new market for smaller, niche solution Public cloud storage spent $19.6B in 2018. growing at 12% CAGR F500 moving to a combined in/off premise storage model  — Some workloads and data will remain on premise Takeaway: There will be a dirty winner takes all battle for enterprise IT storage. SSD are $7B market growing 31% CAGR Flash is 50% is Enterprise SSD market Public cloud is driving the technology in SSD, while the Enterprise is moving away from storage array to distributed storage engines. Enterprise it storage will use technology that is led by public cloud companies driving their requirements with manufacturer Micron is making a wider range of products. Takeaway: whats striking here is the change in storage technology now that legacy storage vendors are no longer involved. When most storage came through EMC, it made sense to prevent innovation so they could sell old products at higher products. Make something once, sell it many times is a good business model that inherently prevents innovation. Now that public cloud/hyperscalers are driving technology and spending money to buy the newer storage, this means that a wider range of different products is possible. So we will see SATA SSD, NVMe SSD exist. Plus other 3D express, 3D NAND etc where before it was difficult to bring them to market via the storage vendors. Micron talks about improving the Linux software for flash. By improving the applications you can achieve order of magnitude improvements is flash. Working with database software to increase storage performance by 8 times. Also reducing Linux storage stack by 95% while reducing power consumption by up to 85%. I’d like to get more details how this is done to understand more about this but its Takeaways:  Storage industry is growing in new ways. The need for more storage is only part of the story, the rise of hyperscalers are driving new technology which drive new products. At the same time, there are moves to optimise the storage software drivers so further improve performance and power consumption. Again, driven by hyperscalers companies because enterprise it vendors never really cared about power or improving their products. Enterprise IT is slow to implement change. In my view, legacy storage vendors are slow to adopt new technology because they have to spend money (they would call it investment) to make new products. It makes more sense for them to sell the old products and get sales people to convince customers that the old stuff is still worth buying. So the public cloud gets better at a faster rate than enterprise it. Because they are willing to implement new technology while Enterprise IT isn’t.

Today the Datanauts explore the mysterious worlds of consulting and VARs, and the focus areas for customers who engage with these groups. Our guests are Jason Nash, Field CTO at Rubrik; and Josh Coen, a cloud architect at Sirius Computer Solutions. We’ll discuss what Nash and Coen hear from customers about data center transformation, including hybrid and multi-cloud, and whether enterprise data centers are beginning to shrink. We also talk about the value of certifications for VARs and consultants and which certs carry weight with customers and partners (for education and for deal reg). And finally, we look at the technologies and topics  driving conversations around consulting and technical investments. Show Links: @TheJasonNash – Twitter VCDX – VMware Premier Partner Level Requirement? – VCDX133.com

In this briefing, Netscout talked to me about how they are unifying visibility fabrics inside of an IT team, so that both network operations and security operations can monitor the network with common tools. This is a big deal according to Netscout because secops folks tend to build out their own toolchains to get the functionality they desire, whereas on the Netscout platform, secops folks can share some tools with others in IT while still having their needs met. Click in the player above to hear my overview of the briefing. For More Information * Netscout nGenius PFS5000 product page * Netscout Unifies Visibility For Network And Security Ops (official press release)

I do a quick walk through of VMware’s official release notes for NSX 6.4. Click in the player above to listen to this short round up of what stuck out to me the most.     For More Information VMware NSX 6.4 Release Notes

The final presentation from Networking Field Day 17 was unique: Mellanox, Ixia, and Cumulus shared the presentation slot to talk about their individual merits as well as how they work together. Mellanox Mellanox builds Ethernet and storage switches for a variety of use cases. The company touted its custom silicon as a differentiator, as well as the fact that you can run Mellanox using its own network OS, or load a variety of third-party NOSs (hint: Cumulus is one of them). After a brief tour through its Ethernet product line, Mellanox made the case for a Clos/leaf-spine configuration as the ideal design for a data center network, and EVPN VXLAN as the ideal fabric for that design. Ixia Next up, Ixia presented on its flagship IxNetwork testing suite and how it can be used to validate the performance, scalability, and efficiency of a data center network. The company followed with a demonstration of a test of a data center network built from Mellanox switches running the Cumulus NOS and using a VXLAN fabric. Cumulus Networks Last but not least, Cumulus presented on its Cumulus Linux network OS and how it works on whitebox switches. Cumulus touted the advantages of a Linux core, including the ability to manage the software using common tools such as Puppet and Chef. For those not conversant with Linux, Cumulus also shared details about its Network Command Line Utility (NCLU), a CLI that network operators will find familiar. The presentation also demonstrated some of the capabilities of Cumulus NetQ, a telemetry system that collects state information from NetQ agents running on Cumulus and other Linux OSs, bare metal hosts, and VMs, and then sends that state information to a database that engineers can query. Using NetQ, engineers can validate network state, test configuration changes in a virtual lab, and diagnose problems.