Technology vendors update the Packet Pushers constantly with big announcements and blue sky visions. Subscribe to Briefings In Brief for our summaries of the press releases & conversations we find interesting. We filter the bloviation and bombast down to the best bits.
Automating Troubleshooting With Riverbed (Sponsored)
Our story is this Day Two Cloud Tech Bytes episode is about the automation of troubleshooting. For a lot of network engineers, Wireshark and a laptop are the standard tools for diagnosing a problem. And while Wireshark and a laptop can be very useful, there are situations where they may not be enough.
The goal is to take advantage of machine learning to be able to react to network issues automatically. Riverbed is our sponsor for this conversation, and our guest is Chris Eckert, Technical Solutions Architect at Riverbed.
* Why packet capture and flow records are necessary elements for troubleshooting
* What and where to monitor
* How to transition from reactive responsive to an automated approach
* Building a machine learning baseline
* The importance of APIs for your monitoring and visibility tools
Palo Alto Networks Pushes For The Next Generation Of SD-WAN (Sponsored)
Palo Alto Networks acquired CloudGenix in April 2020. On today’s Tech Bytes, sponsored by Palo Alto Networks, we discuss the latest advancements in Palo Alto Networks CloudGenix SD-WAN, explore two new appliances, and talk about where SD-WAN is headed and what network engineers and security pros should be thinking about when it comes to the WAN and SASE.
Our guest is Kumar Ramanchandran, SVP of Products at Palo Alto and a CloudGenix co-founder.
* Why applications, not packets, matter for SD-WAN
* New ION 1000 and ION 9000 appliances
* Adding ML capabilities for autonomous operations and smarter problem resolution
* Integration with Palo Alto Networks’ Prisma Access
CloudGenix Free Trial
Pluribus Rethinks Open Networking For Better Programmability, TCO (Sponsored)
Today we dive into Pluribus Networks’ Linux-based Netvisor ONE OS for white box switches. We also discuss Pluribus’ unique Adaptive Cloud Fabric, a distributed and controllerless SDN solution for deploying and automating data center fabrics that promises simpler operations and a lower TCO.
Curious? Our guest, Alessandro Barbieri, VP of Product Management, is here to whet your nerdy appetite with more details about how Pluribus sees things differently, and what it could mean for your network.
* Open networking with Linux based Netvisor ONE OS
* Controllerless Adaptive Cloud Fabric architecture and benefits
* Capex/opex savings with this architecture
* Automation & programmability of underlay and VXLAN overlay
* Single site DC fabric, multi-site DC fabric & MetroE use cases
* Standard protocols for interoperability
@pluribusnet – Pluribus Networks on Twitter
Pluribus Networks Netvisor ONE Data Sheet – Pluribus Networks (PDF)
Adaptive Cloud Fabric Product Overview – Pluribus Networks
Looking for a Cumulus Alternative? – Pluribus Networks
Cisco Tetration Enables Microsegmentation And App Dependency Mapping
Cisco Systems sponsored a Security Field Day event on October 21st 2020 to provide a deep dive into its Tetration product. Drew Conry-Murray attended (virtually) as a delegate. In this Briefings in Brief episode, Ethan Banks and Drew dive into details of Cisco’s presentation to get an update on Tetration, and Ethan finds out if Drew was actually paying attention.
What Is Tetration?
* It was originally launched in 2016 for data center analytics
* At present, Tetration focuses on two major use cases: application dependency mapping and microsegmentation. You can use Tetration to map application dependencies and relationships among apps both on premises and in the public cloud
* Once you understand those dependencies, you can then apply fine-grained segmentation policies via allow/deny lists to ensure that apps only interact with the right systems and services
* You can implement global rules (all Windows applications should talk to Active Directory) as well as more fine-grained rules
* 2 main components. One is the Big data Analytics platform that ingests packet and flow data to build its application maps. This platform also serves as a policy store
* Second is an agent that sits on application hosts, be they physical servers, VMs, or cloud hosts. The hosts collect packet and flow data to send to the analytics platform. The hosts also program a local host firewall with the requisite rules to enforce policies. For Windows machines that would be a local Windows firewall, and for Linux boxes it’s IP Tables. Agent hosts are managed in the same console where you review application dependencies
* The Big Data analytics platform can run on premises or as a SaaS option. The SaaS option came out in 2018. Before that, you had to spend big $$ on a full or half rack of servers and storage. We’re confident the subscription service is still reassuringly expensive…
How Does It Work?
* You choose an application, deploy the agents, and start collecting packet and flow data
* Over time (days to weeks), the analytics platform maps out dependencies and services. You can also pull in information from vCenter, ServiceNow, IPAM, and other sources
* Once you feel like you have a sufficient grasp of the application’s dependencies and behaviors, you create policies that will be translated into host firewall rules
* You can test these rules before you deploy. This is a key feature! Before you push to production, you can test the rules against the analytics platform to find out if you’ve broken anything. The system can show you that a specific rule blocks the app from connecting to the backup server. Cheers to you for learning that before you caused a bunch of storage admins to freak out!
* As applications change or new apps get updated, you can rejigger rules as part of your operational process, whether it’s a CI/CD pipeline or a set of tickets through your ITSM
* Use cases include segmenting apps and systems that touch credit card data and would therefore be in scope for PCI, for example
Doesn’t Cisco ACI Already Have Microsegmentation?
* Yes it does. But it doesn’t help you understand the consequences of segmentation or how to best implement segmentation. And Tetration is decoupled from the network infrastructure, unlike ACI
* You can run ACI for the fabric and use Tetration for the segmentation and compliance management if that appeals to you
Doesn’t Cisco Already Have AppDynamics?
* Yes, and you can learn application dependencies with AppDynamics, but AppDynamics is performance monitoring product. Tetration isn’t going to tell you much about application performance.
Protecting Remote Workers From VPN Risks With Zscaler (Sponsored)
Many organizations use VPNs to protect their distributed workforce. But VPNs present their own security challenges, from compromised clients, to VPN servers that have security vulnerabilities or are misconfigured, to the use of outmoded encryption algorithms. Case in point: the foreign exchange provider Travelex was breached via a VPN gateway, which enabled attackers to collect sensitive information, move laterally through the organization, delete backups, and install ransomware.
Zscaler, our sponsor for today’s episode, explains how its cloud-based security service provides safe, high-performance remote access. Our guest is Lisa Lorenzin, Director, Transformation Strategy at Zscaler.
* The VPN attack surface
* How Zscaler reduces remote access risks
* Integrating with your premises or cloud-based identity management system
* Agent and agentless options
* Certificate pinning
Securing Remote Work ebook – Zscaler
Zenith Live 2020: Zscaler Annual Cloud Summit – Zscaler
Tech Bytes: Providing Secure Work-From-Anywhere With Zscaler (Sponsored) – Packet Pushers
Heavy Networking 509: Zscaler – Enabling Fast, Secure Remote Work For Employees (Sponsored) – Packet Pushers
Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored)
Today’s Day Two Cloud Tech Bytes is all about proactive network monitoring with sponsor Riverbed. The goal of proactive network monitoring is, wherever possible, to see and respond to an emerging issue before it becomes a problem that affects end users or application performance.
Riverbed’s network monitoring approach supports next-generation and hybrid IT environments, including early detection, blind spots to be aware of, and managing the complexity of mixed infrastructures.
Our guest is Chris Eckert, Technical Solutions Architect at Riverbed.
* The benefits of proactive monitoring to spot issues before they impact performance
* How to set useful baselines for your monitoring platform
* The most strategic places in the network to monitor
* Why NetFlow is so valuable
* Integrating packet captures
* Monitoring cloud workloads and services
Riverbed User Conference
NPM Digital Discussions