To reduce the risk of service problems, Cisco is making it harder for organizations to use weak cryptographic algorithms when setting up authentication for OSPF packets on certain Catalyst Edge Platforms and Integrated Services Routers (ISR).

Newer versions of Cisco’s IOS XE software (Release 17.11.1 and later) no longer support those algorithms—DES, 3DES, and MD5—by default, Cisco stated in a field Notice.

Specifically, the algorithms are no longer default options for the open shortest path first v 3 (OSPFv3) protocol, which uses the IPsec secure socket API to add authentication to OSPFv3 packets that distribute routing information.

To read this article in full, please click here

Virtualization technology provider VMware has announced that it is partnering with AMD, Samsung, and members of the RISC-V keystone community for the development and operations of confidential computing applications.

RISC-V is a hardware standards organization that is designing low-power processors; the Keystone Enclave is an open source project for building customizable trusted execution environments (TEEs).

The aim of the new partnership among VMware, AMD, Samsung and RISC-V participants is to collaborate to contribute to the open-source Certifier Framework project for confidential computing. The Certifier Framework is an open-source project started by VMware in 2022 to tackle the key barriers in the development of confidential computing applications.

To read this article in full, please click here

The software that runs Cisco’s new Firewall 4200 Series now includes the ability to see into encrypted traffic without decrypting it, which the vendor says will allow enterprise customers to better protect hybrid and multicloud applications.

The enhanced Cisco Encrypted Visibility Engine (EVE) is part of the 7.4 version of the Secure Firewall operating system. Version 7.4 also includes zero-trust capabilities and improved application access control. The 4200 Series’ operating system also helps improve overall firewall performance – it’s twice as fast as previous high-end Cisco firewalls, the company says.

EVE, which has been available since version 7.2 of the software, takes things further than traditional firewalls because it now lets customers detect the client application within an encrypted tunnel, according to Rick Miles, vice president of product management, cloud and network security in Cisco’s security business group.

To read this article in full, please click here

As adoption of artificial intelligence (AI) technology accelerates, IT organizations are concerned that their existing infrastructure isn’t powerful enough to keep up.

AI hardware – especially training hardware – is becoming more and more power hungry, according to Equinix, which just released its 2023 Global Tech Trends Survey.

The power draw from traditional racks in a data center is between 5 kW and 10 kW per rack. But, increasingly, newer generations of GPU-based racks are pushing power draws north of 30 kW per rack, and in some cases as high as 72 kW per rack, according to Kaladhar Voruganti, senior technologist at Equinix. “So, definitely, it's very hard to host this type of infrastructure in private data centers,” he said.

To read this article in full, please click here

Snapshots are a very popular way to create virtual copies of an entire system in order to facilitate very quick (or even instant) recovery.  A properly designed snapshot-based recovery system can recover very large volumes in just minutes and can often do so to a point in time just minutes ago. In contrast, a typical restore of such size would likely take many hours and would typically lose at least a day’s worth of data.

There are two distinct approaches when it comes to creating snapshots: copy-on-write and redirect-on-write. Let’s talk about the advantages and disadvantages associated with each method, as they will greatly determine the impact on system performance, and therefore your ability to keep snapshots for a long time.

To read this article in full, please click here

The Linux find command can locate files based on almost any criteria that you might need. This post describes the many criteria you can use to find what you’re looking for – even when you can’t remember what you named a file or when you last changed it or added content.

Basic find syntax

The basic syntax for the find command looks like this:

$ find [starting location] [criteria] [options] [action to take] 

The starting location can be a directory name (e.g., /var/log), the current directory (.), your home directory whether you’re sitting in it or not (~), or a directory relative to your current position (e.g., ./bin). You can be as specific as you want when entering the starting location.

To read this article in full, please click here

US semiconductor manufacturers such as Nvidia and AMD will face new controls on exports of their chips to China, with the US Department of Commerce set to announce the restrictions as early as July, according to a report in the Wall Street Journal.

In 2022, after the US placed new restrictions on exports to China of chips used in AI systems, Nvidia said it would offer a new export-compliant advanced A800 chip to the country, in addition to making changes to its H100 so that it would also comply with the changes to regulations.

However, new restrictions could see sales of A800 chips to China banned unless Nvidia obtains a special US export license, according to the Wall Street report, citing people familiar with the situation.

To read this article in full, please click here

By: Gabriel Gomane, Sr Product Marketing Manager, HPE Aruba Networking.

The advent of digital transformation has brought about a complete overhaul in the workplace and revolutionized the way we access applications. This transformation can be attributed to four pivotal factors: the emergence of hybrid working, the migration of business applications to the cloud, the rapid proliferation of IoT devices, and the growing concerns surrounding cybersecurity risks.

To enable this transformation, organizations can deploy SASE and tailor their SASE journey to align with their specific security and business goals. They can start their SASE journey by securing remote workers with ZTNA or they can begin by addressing application performance issues in branches with SD-WAN. There are no right or wrong choices, but it’s rather a matter of prioritizing specific use cases.

To read this article in full, please click here

Cisco again opened its checkbook this week and snatched up privately held broadband-network monitoring company SamKnows for an undisclosed amount.

Founded in 2008, the London-based firm uses a global network of software agents located in everything from home systems to mobile devices and service provider netoworks to get a real-time measurement of internet performance and customer experience. Through a central dashboard the  company can analyze the results and identify faults and the root cause of problems to help with remediation.

SamKnows technology will be integrated into Cisco’s ThousandEyes cloud-based network intelligence software that analyzes everything from the performance of local and wide-area networks to ISP, cloud, and collaboration-application performance to the health of the internet.

To read this article in full, please click here

PuTTY is a great tool for connecting between systems of different types. In case you’re not familiar with the tool, the name has no connection to Silly Putty. Instead, the capitalization of the TTY part of the name suggests its connection with the acronym tty. It provides an easy way to log into a Linux system from Windows as well as many other systems.

Say you want to log into your Linux system from a Windows system. This tool will allow you to set up a connection (IP address, host name, etc.) and control the size, colors and font to be used. This post explains how to set PuTTY up to optimize your view of the Linux command line. PuTTY was actually born on Windows to make this kind of connection possible.

To read this article in full, please click here

The reliability of services delivered by ISPs, cloud providers and conferencing services (a.k.a. unified communications-as-a-service (UCaaS)) is an indication of how well served businesses are via the internet.

ThousandEyes is monitoring how these providers are handling the performance challenges they face. It will provide Network World a roundup of interesting events of the week in the delivery of these services, and Network World will provide a summary here. Stop back next week for another update, and see more details here.

Cato Networks’ new deep learning algorithms are designed to identify malware command and control domains and block them more quickly than traditional systems based on domain reputation, thanks to extensive training on the company’s own data sets.

Cato, a SASE provider based in Tel Aviv, announced the new algorithmic security system today. The system is predicated on the idea that domain reputation tracking is insufficient to quickly identify the command servers used to remotely control malware. That’s because most modern malware uses a domain generation algorithm (DGA) to rapidly generate pseudorandom domain names — which the deployed malware also has a copy of.

To read this article in full, please click here

Japanese semiconductor equipment maker JSR has accepted a buyout offer of $6.4 billion (909.3 billion yen) from the Japanese government, in the country’s latest move to bolster its domestic chip industry.

JSR is the world's leading maker of photoresists , the chemicals used for the process of printing circuit designs on chip wafers. It is also one of three Japanese companies that controls the world’s supply of fluorinated polyimide and hydrogen fluoride, compounds which are used to make the semiconductors found in supercomputers, AI-harnessing data centers and iPhones.

Under the plan, Japan Investment Corp (JIC) – state-backed investment enterprise of Japan, specializing in private equity and venture capital investments primarily in Japan – would offer JSR $31.25 (4,350 yen) per share, a price that represents a 35% premium on the company’s share price when the markets closed on Friday. The resulting deal will see the company go private and provide Japan with a greater control over a technological process of which it is already a global leader.

To read this article in full, please click here

The enterprise IT landscape is littered with supposedly paradigm-shifting technologies that failed to live up to the hype, and until now, one could argue that AI fell into that category. But generative AI, which has taken the world by storm in the form of OpenAI’s ChatGPT chatbot, just might be the real deal.

Chris Bedi, chief digital information officer at ServiceNow, says the release of ChatGPT last November was “an iPhone moment,” an event that captured the public’s attention in a way that “changed everything forever.” He predicts that generative AI will become embedded into the fabric of every enterprise, and he recommends that CIOs and other IT leaders should begin now to develop their generative AI strategies.

To read this article in full, please click here

AMD has unveiled plans to invest $135 million over the next four years in several strategic research and development projects in Ireland. To support its R&D efforts there, targeted at developing technology for data centers, networking, 6G infrastructure, and next generation AI, AMD said it will hire 290 engineers and researchers, in addition to a number of additional support roles.

To read this article in full, please click here

Hands-on experience with network hardware and software can solidify certification-test concepts or let you practice skills that may be part of a cert exam, and the process can be helped along by use of a home lab. But how do you go about building one?

Start by identifying your learning goals and figuring out the hardware and software they’ll require. If you’re focused on applications, server environments, automation, or identity management, a server for hosting virtual environments may suffice. But if you’re interested in networking at Layers 1, 2 and 3, you’ll need some physical networking hardware such as routers, switches, or hardware firewalls. This is especially true if you’re seeking vendor certification on specific devices.

To read this article in full, please click here

Hewlett Packard Enterprise (HPE) is offering support for demanding AI applications with a new cloud-based service underpinned by the company’s supercomputers.

The initial service is designed specifically to facilitate large language models (LLM), but the company says it plans to roll out similar AI services for domain- and industry-specific applications in climate modeling, healthcare and life sciences, financial services, manufacturing, and transportation.

All of these will fall under HPE’s GreenLake portfolio, but unlike the rest of GreenLake services, these will be hosted entirely in the cloud. The other services run either entirely on customer premises or in a hybrid on-prem/cloud environment.

To read this article in full, please click here

Looking to improve network visibility, Cisco plans to buy Accedian Networks, makers of software for monitoring and analyzing network performance.

Founded 2004, Accecian sells Skylight, a platform that diagnoses problems and recommends remediation to fix them. The package is aimed at mobile backhaul, data-center services, service providers, and cloud-connectivity customers.

The company, which competes with players including IBM, SolarWinds, Progress, NetScout, and Kentik, is already a Cisco business partner. Cisco offers Skylight for near-real-time network performance monitoring, analytics, and assurance within its Cisco Crosswork Network Automation platform for service providers.

To read this article in full, please click here

Intel will spend more than $32 billion to open two high-end microchip fabrication facilities in Magdeburg, Germany, in an expansion of the chipmaking giant’s plans for European growth.

In an announcement on Monday, Intel also said that the facilities would use its more advanced Angstrom manufacturing process, which is used to manufacture sub-nanometer chips. The use of this technology has always been in the plans for the Magdeburg site, for which Intel acquired the land in November 2022. That initial plan, announced in March 2022, earmarked $18.55 billion for the site.

The company said that the facility will enter production in four to five years, “following the European Commission’s approval of the incentive package.” About 30% of the costs for the Magdeburg facility (roughly $5.5 billion) will be covered by government subsidies, according to a report from Bloomberg at the time of the deal’s initial announcement. That figure is set to increase to nearly $11 billion as of yesterday’s announcement.

To read this article in full, please click here

Cisco is taking the wraps off new high-end programmable Silicon One processors aimed at underpinning large-scale Artificial Intelligence (AI)/Machine Learning (ML) infrastructure for enterprises and hyperscalers.

The company has added the 5nm 51.2Tbps Silicon One G200 and 25.6Tbps G202 to its now 13-member Silicon One family that can be customized for routing or switching  from a single chipset, eliminating the need for different silicon architectures for each network function. This is accomplished with a common operating system, P4 programmable forwarding code, and an SDK.

To read this article in full, please click here

By: Eve-Marie Lanza, Senior Security Solutions Marketing Manager, HPE Aruba Networking.

IT security gaps caused by lack of visibility and control into user and device activities persist for many organizations, according to a report recently released by security research firm Ponemon Institute.

In the report sponsored by Hewlett Packard Enterprise, The 2023 Global Study on Closing the IT Security Gap: Addressing Cybersecurity Gaps from Edge to Cloud, 67% of respondents indicated that identifying and authenticating IoT devices accessing their network is critical to their organizations’ security strategy. Yet nearly the same number of respondents (63%) said their security teams lack visibility and control into all the activity of every device connected to their IT infrastructure.

To read this article in full, please click here

Shortages due to supply-chain problems has faded from the headlines, but they persist and are actually getting worse in some sectors.

A report from AFCOM, an organization of data-center professionals, found that 44% of data-center operators surveyed had suffered downtime or an outage because they couldn’t get needed parts.

In the report “State of the Data Center 2023,” 94% of respondents said that they have had supply-chain issues of one kind or another. The most commonly cited items in short supply (59%) are basic IT equipment such as servers and switches, followed by power systems (51%) including generators and UPSes.

But even acquiring security systems (34%) such as secure doors and cameras and building materials like concrete (35%) were an issue for many respondents.

To read this article in full, please click here

Co-management is a key part of many arrangements between enterprise IT teams and their managed service providers (MSP), but it’s not always clear where the management boundaries and overlaps exist and how they should be handled.

Oftentimes, enterprises land on a co-management approach because they don’t want to give up total control, and the MSP may be promising productive cooperation with prospective customers to provide reassurance and close the deal. In practice, co-managed technology services can vary widely depending on the type of services being offered and the parties involved.

For the sake of this article, let’s assume that enterprises are already committed to outsourcing some elements of their IT and communications services to an MSP partner. The benefits of outsourcing – such as expense or headcount reduction, increased expertise, improved productivity, core business focus and enhanced capability – are well established, and the potential risks and concerns – including loss of control, reduced flexibility, dwindling internal expertise and fears about data protection and ownership – are also well known.

To read this article in full, please click here

Lenovo is planning a major push into AI with a $1 billion investment in new hardware and software over the next three years. Its AI focus is not only on the data center, where a lot of the action is, but also on the edge. To that end, it announced two new edge servers specifically designed for AI processing.

First up is the new ThinkEdge SE360 V2, an edge server designed to provide advanced computing performance for AI applications such as computer vision, voice AI, and generative AI. The ThinkEdge SE360 V2 is built on Intel and Nvidia processors with support for Nvidia's AI Enterprise software platform and Qualcomm's Cloud AI 100 platform for processing intense workloads at the data source. It features a compact size and ruggedized form factor designed to withstand remote and rugged environments.

To read this article in full, please click here

Error mitigation for quantum computers could ultimately lead to more reliable and useful systems, according to IBM, which recently demonstrated how its error-handling technology enabled a quantum computer to outperform a classical supercomputing approach.

Quantum computing excels at solving large, data-heavy problems, and future applications are expected to significantly advance areas such as AI and machine-learning in industries including automotive, finance, and healthcare. But among the challenges developers face are the noisiness of today's quantum systems and the errors they generate.

To read this article in full, please click here

AMD is coming for Nvidia’s AI crown in a big way with the launch of its new Instinct processor, which it claims can do the work of multiple GPUs.

CEO Lisa Su called the Instinct MI300X “the most complex thing we’ve ever built.” She held up the chip, which is about the size of a drink coaster, at an event on Tuesday in San Francisco.

Weighing in at 146 billion transistors, the MI300X comes with up to 192GB of high-bandwidth HBM3 memory shared by both the CPU and GPU. It has a total of 13 chiplets on the die. The chip also has a memory bandwidth of 5.2 TB/s, which is 60% faster than Nvidia’s H100.

The chip consists of Zen CPU cores and AMD’s next-generation CDNA 3 GPU architecture. The enormous amount of memory is the real selling point, according to Su.

To read this article in full, please click here

By: Sue Gillespie, Senior Product Marketing Manager, HPE Aruba Networking.

Creating a secure, high-performance, always-on network that’s designed for operational efficiency and growth begins with a modern infrastructure—and depends on campus core switches to be the beating heart of enterprise connectivity. Because of this key role, campus core switch capabilities directly impact user and device experience, network security, and IT operational efficiency.

What is a campus core switch?

These are typically Ethernet switches that manage traffic coming to and from aggregation switches, the wide area network (WAN), and the internet via router or gateway. Network architectures often deploy either 2-tier collapsed core approaches with a single switch playing the role of both core switch and aggregation (distribution) switch or a 3-tier approach with separate core and aggregation switches.  Here’s an example of a 3-tier network from our ESP Campus Design Validated Solution Guide:

To read this article in full, please click here

Amazon Web Services (AWS) on Tuesday said its North Virginia (US-East-1) region faced disruption in services for nearly four hours, affecting thousands of customers.

“Between 11:49 AM PDT and 3:37 PM PDT, we experienced increased error rates and latencies for multiple AWS Services in the US-EAST-1 region,” AWS wrote on its health status page, adding that at least 104 of its services were affected during the outage.

AWS services that were malfunctioning during these four hours included the likes of AWS Management Console, Amazon SageMaker, AWS Glue, Amazon Connect, AWS Fargate, and Amazon GuardDuty.

To read this article in full, please click here

Keeping your files private from anyone but those with superuser (root) access is easy on Linux. File permissions provide everything you need. By default, you'll have a username and primary group assigned to your account, and you can use the chmod (change mode) command to control what anyone else can view or change.

(If permissions like "750" and "rwxr-x---" don't ring any bells for you, check out these posts for insights into how file permissions work on Linux: A deeper dive into Linux permissions and Unix: beyond group and everyone else)

To read this article in full, please click here