Tag Archives: handle

Are SD-WAN security concerns warranted?

Are software-defined WAN security features sufficient to handle the demands of most enterprises? That’s the question addressed by author and engineer Christoph Jaggi, whose SD-WAN security concerns were cited in a recent blog post on IPSpace. The short answer? No — primarily because of the various connections that can take place over an SD-WAN deployment.

“The only common elements between the different SD-WAN offerings on the market are the separation of the data plane and the control plane and the takeover of the control plane by an SD-WAN controller,” Jaggi said. “When looking at an SD-WAN solution, it is part of the due diligence to look at the key management and the security architecture in detail. There are different approaches to implement network security, each having its own benefits and challenges.”

Organizations contemplating SD-WAN rollouts should determine whether prospective products meet important security thresholds. For example, products should support cryptographic protocols and algorithms and meet current key management criteria, Jaggi said.

Read what Jaggi had to say about the justification for SD-WAN security concerns.

Wireless ain’t nothing without the wire

You can have the fanciest access points and the flashiest management software, but without good and reliable wiring underpinning your wireless LAN, you’re not going to get very far. So said network engineer Lee Badman as he recounted a situation where a switch upgrade caused formerly reliable APs to lurch to a halt.

“I’ve long been a proponent of recognizing [unshielded twisted pair] as a vital component in the networking ecosystem,” Badman said. Flaky cable might still be sufficient in a Fast Ethernet world, but with multigig wireless now taking root, old cable can be the source of many problems, he said.

For Badman, the culprit was PoE-related and once the cable was re-terminated and tested anew, the APs again worked like a charm. A good lesson.

See what else Badman had to say about the issues that can plague a WLAN.

The long tail and DDoS attacks

Now there’s something new to worry about with distributed denial of service, or DDoS, attacks. Network engineer Russ White has examined another tactic, dubbed tail attacks, which can just as easily clog networking resources.

Unlike traditional DDoS or DoS attacks that overwhelm bandwidth or TCP sessions, tail attacks concentrate on resource pools, such as storage nodes. In this scenario, a targeted node might be struggling because of full queues, White said, and that can cause dependent nodes to shut down as well. These tail attacks don’t require a lot of traffic and, what’s more, are difficult to detect.

For now, tail attacks aren’t common; they require attackers to know a great deal about a particular network before they can be launched. That said, they are something network managers should be aware of, White added.

Read more about tail attacks.

Wanted – Laptop or desktop for photo editing

Guys I’m looking for something to handle photo editing so something with a good screen and plenty of grunt

I’ll check out whatever I’m offered and get back to you asap

Regards

Scott

Location: Coatbridge, Scotland

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Tintri storage solves healthcare firm’s primary and DR needs

Before settling on Tintri storage to handle more than 40 million files, Cross Country Healthcare used more than a half dozen systems for primary and secondary data. None of them fit quite right.

Cross Country Healthcare, a healthcare staffing company based in Boca Raton, Fla., had arrays spread across its branch and regional offices before consolidating production and data protection to reduce its IT footprint.

Cross Country used three NetApp filers to handle about 42 million files, one EMC VNX and one EMC XtremIO all-flash array for other primary data, along with a couple of EMC Data Domains and a Dell Compellent array for backup.

Each of the storage systems had its own problems, said Jason Bourque, vice president of infrastructure at Cross Country Healthcare. He said the NetApp arrays didn’t scale well enough to keep up with heavily virtualized workloads, Cross Country lacked the in-house experience to manage the VNX, and the Dell EMC XtremIO was too expensive.

“We needed to start over [because] I was dealing with disparate technologies across different platforms,” Bourque said. “We were trying to get away from the old point-to-point architecture. So we started to think about what our storage backbone should be.”

Tintri storage to the rescue

Tintri developed its storage arrays specifically for VMware virtualized workloads, making it a good fit for the 100% virtualized healthcare staffing firm. Bourque said Cross Country bought its first Tintri storage system in 2015 and moved all production workloads over to the new Tintri T850 array, consolidating five platforms into one.

Cross Country now has more than 400 virtual machines running on Tintri flash storage to handle production workloads. The Tintri arrays provide storage for Microsoft SQL databases and front-office applications, 80 branch offices and more than 10 regional locations. Tintri’s VM Scale-out software pools storage across its VMstore arrays and Tintri Analytics helps with capacity planning.

We were trying to get away from the old point-to-point architecture. So we started to think about what our storage backbone should be.
Jason Bourquevice president of infrastructure, Cross Country Healthcare

Two years after standardizing production on Tintri storage, the healthcare staffing provider implemented a new data protection and disaster recovery project. Initially, Cross Country moved off of the Data Domain and Compellent systems to ExaGrid disk backup. The firm used Veeam Software for agent-based backups to an ExaGrid library, and then replicated to another ExaGrid system at a secondary disaster recovery site. The primary site was in Miami with the secondary site in Atlanta.

But backing up more than 50 systems with large data sets caused a long lag time in sending all the large blocks of data to the recovery site.

“It took two weeks to get data to the recovery site,” Bourque said. “We were putting ourselves at risk. In order to back up, we used Veeam that sent backups to the ExaGrid storage and then it was replicated to another ExaGrid. We had so much data that [we did] snapshots each day and sent them to the backup site. It would take two weeks to move the large blocks of data.”

Bourque said Cross Country bought a new Tintri VMstore array for its primary data center and moved one of the older systems to the Atlanta DR site in March 2017. Now it replicates between the Tintri storage arrays, reducing its recovery point objective from two weeks to less than a day.

“We snapshot once a day,” he said, “so our recovery time is within 24 hours. Tintri knows the block-level changes so it only sends the changed data. We continue to use Veeam and ExaGrid to archive data.”

Cross Country Healthcare now is working on turning its virtualized infrastructure into a private cloud setup. Tintri has repositioned itself as a cloud service platform with its Tintri Enterprise Cloud EC6000 Series.

“We have a cloud-first approach,” Bourque said. “I don’t want to deal with anything that is two versions behind. We want to put ourselves completely in the cloud.”