VMworld 2013
Lenin Singaravelu, VMware
Haoqiang Zheng, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Integrating OpenStack To Existing InfrastructureHui Cheng
1. How to integrate OpenStack environment to our existing infrastructure.
2. How to efficiently interconnect the SAE & SWS, while preserving security properties and seamless connection.
3. The challenges we are facing when building & providing OpenStack-based public cloud service and how we solved it.
http://openstackconferencespring2012.sched.org/event/370f9d74a4e9e938a7f6f1e2af0958fe?iframe=yes&w=990&sidebar=no&bg=no#?iframe=yes&w=990&sidebar=no&bg=no#sched-body-outer
VMworld 2013
Lenin Singaravelu, VMware
Haoqiang Zheng, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Integrating OpenStack To Existing InfrastructureHui Cheng
1. How to integrate OpenStack environment to our existing infrastructure.
2. How to efficiently interconnect the SAE & SWS, while preserving security properties and seamless connection.
3. The challenges we are facing when building & providing OpenStack-based public cloud service and how we solved it.
http://openstackconferencespring2012.sched.org/event/370f9d74a4e9e938a7f6f1e2af0958fe?iframe=yes&w=990&sidebar=no&bg=no#?iframe=yes&w=990&sidebar=no&bg=no#sched-body-outer
Virtualization Forum 2015, Praha, 7.10.2015
sál Juniper Networks
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf.
Openstack Networking Internals - first partlilliput12
Openstack Networking Internals - first part
Description of the Virtual Network Infrastructure inside an OpenStack cluster
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
Is OpenStack Neutron production ready for large scale deployments?Елена Ежова
OpenStack Neutron with ML2 OVS has always been a challenging component in terms of performance and scalability. However, in recent releases, several enhancements and bug-fixes have resulted in significant improvements in overall reliability, performance and scalability of Neutron. In this presentation, we will share the results of our testing (both control-plane and data-plane) at large scale and provide a detailed data-driven analysis that explores the true scale limits and bottlenecks of Neutron.
Openstack Networking Internals - Advanced Part
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxCumulus Networks
Are you building a new private cloud or moving your workloads to a hybrid cloud in 2015? Or, are you just interested in exploring what OpenStack has to offer but don't have all the resources and toolsets to understand the gaps.
Virtualization Forum 2015, Praha, 7.10.2015
sál Juniper Networks
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf.
Openstack Networking Internals - first partlilliput12
Openstack Networking Internals - first part
Description of the Virtual Network Infrastructure inside an OpenStack cluster
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
Is OpenStack Neutron production ready for large scale deployments?Елена Ежова
OpenStack Neutron with ML2 OVS has always been a challenging component in terms of performance and scalability. However, in recent releases, several enhancements and bug-fixes have resulted in significant improvements in overall reliability, performance and scalability of Neutron. In this presentation, we will share the results of our testing (both control-plane and data-plane) at large scale and provide a detailed data-driven analysis that explores the true scale limits and bottlenecks of Neutron.
Openstack Networking Internals - Advanced Part
The pictures of the VNI were taken with the "Show my network state" tool
https://sites.google.com/site/showmynetworkstate/
Unlock Your Cloud Potential with Mirantis OpenStack & Cumulus LinuxCumulus Networks
Are you building a new private cloud or moving your workloads to a hybrid cloud in 2015? Or, are you just interested in exploring what OpenStack has to offer but don't have all the resources and toolsets to understand the gaps.
Sharing High-Performance Interconnects Across Multiple Virtual Machinesinside-BigData.com
In this deck from the Stanford HPC Conference, Mohan Potheri from VMware presents: Sharing High-Performance Interconnects Across Multiple Virtual Machines.
"Virtualized devices offer maximum flexibility: sharing of hardware between virtual machines, the use of VMware vMotion to handle migration and take snapshots. However, when performance is the most critical requirement there are other options. VMware Direct Path I/O delivers excellent performance, but only for a single virtual machine. Single root I/O virtualization (SR-IOV), on the other hand, offers the performance of pass-through mode while allowing devices to be shared by multiple virtual machines.
This session introduces SR-IOV, explains how it is enabled in VMware vSphere, and provides details of specific use cases that important for machine learning and high-performance computing. It includes performance comparisons that demonstrate the benefits of SR-IOV and information on how to configure and tune these configurations."
Watch the video: https://youtu.be/-iYYmsBw8SU
Learn more: https://www.vmware.com
and
http://hpcadvisorycouncil.com
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
VMworld 2013: Real-world Deployment Scenarios for VMware NSX VMworld
VMworld 2013
Taruna Gandhi, VMware
Jeremy Hanmer, DreamHost
Funs Kessen, Schuberg Philis
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
Prezentace z webináře dne 10.3.2022
Prezentovali:
Jaroslav Malina - Senior Channel Sales Manager, Oracle
Josef Krejčí - Technology Sales Consultant, Oracle
Josef Šlahůnek - Cloud Systems sales Consultant, Oracle
Prezentace z webináře ze dne 9.2.2022
Prezentovali:
Jaroslav Malina - Senior Channel Sales Manager, Oracle
Josef Krejčí - Technology Sales Consultant, Oracle
Josef Šlahůnek - Cloud Systems Sales Consultant, Oracle
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
6. SRX Series Services Gateways for Branch
All in one routing, switching and security in a single platform
Security at a every layer with MAC-sec, IPSec and application security
Best end-user application experience and operational efficiency
7. SRX3xx Portfolio Summary
*Performance numbers for the IMIX packet size
**NGFW = IPS + AppFW + External Logging
App Firewall*
Routing*
IPSec VPN*
NGFW**
500 Mbps 1 Gbps 2 Gbps 3 Gbps
500 Mbps 1 Gbps 1.7 Gbps 2.5 Gbps
100 Mbps
100 Mbps
200 Mbps
200 Mbps
300 Mbps
300 Mbps
350 Mbps
350 Mbps
SRX300
Retail Office
Up to 50 Users
SRX320
Small Branch
Up to 50 Users
SRX340
Mid Branch
Up to 100 Users
Large Branch
Up to 500 Users
SRX550SRX345
Mid-Large Branch
Up to 200 Users
8. SRX1500 Services Gateway
Specification SRX1500
RAM / storage 16GB / 16GB
On-board 1G ports 16xGE (w 4x SFP)
On-board 10G ports 4x SFP+
OOB Management port 1x GE
Acoustics 66 dBA
SSD Storage 120G
Power Supply 1+1 400W PSU
Forwarding capacity 1.8 Mpps
Routing / firewall 5 Gbps
IPSec VPN (IMIX) 1.2 Gbps
IPS 3.5 Gbps
NGFW 1 Gbps
Concurrent session 2,000,000
• SRX1500 is a high performance, cost effective and high
available next generation firewall
• Provide outstanding protection with Sky ATP
• Integrate networking & security in a single platform
• High port density and small form factor
• Targeted for
• Enterprise Campus Edge
• Data Center Edge
• Branch Router
9. SRX5400
• Ideal for medium to large enterprises
and Service Provider networks
• Software Security Services
– AppSecure and IPS
– AV and web filtering
• Next-generation, high-performance line
cards
SRX5400
On-board Ports 100GE-CFP/CFP2
40GE-QSFPP
10GE-SFPP, XFP
1GE - SFP
JUNOS Software Version Support JUNOS 15.1X49-D10
Firewall Performance (w/ Express Path) 65Gbps (480 Gbps)
Firewall Performance IMIX (w/ Express
Path)
32 Gbps (450 Gbps)
Firewall Performance
(Firewall + Routing PPS 64byte)
(w/Express Path)
8 Mpps (98 Mpps)
VPN Performance – AES256+SHA-1 35 Gbps
AppSecure 42 Gbps
Intrusion Prevention System 22 Gbps
Connections Per Second (CPS) 450 K
Maximum Concurrent Sessions 42 M
High Availability A/A or A/P
12. Next-Gen Firewall Features on SRX
Application Reporting
Application Firewalling
Geo-IP
C&C & Reputation Filtering User Firewalling
Intrusion Prevention
Web Filtering
Anti-Virus
Anti-Spam
Content Filtering
SSL Inspection
Cloud-based Anti-malware
13. 01101010 01110101 01101110 01101001 01110000
What is Sky Advanced Threat Prevention
Customer
SRX
Juniper Cloud
Customer
Sandbox
w/Deception
Static
Analysis
ATP
1. SRX extracts potentially malicious
objects and files and sends them
to the cloud for analysis
2. Known malicious files are quickly
identified and dropped before they
can infect a host
3. Multiple techniques identify new
malware, adding it to the Known
Bad list and reporting it to SecOps
4. Correlation between newly
identified malware and known
C&C sites aids analysis
5. SRX blocks known malicious file
downloads and outbound C&C
traffic
Sky Advanced
Threat Prevention
Cloud
14. The ATP verdict chain
Staged analysis: combining rapid response and deep analysis
Suspect
file
1
2
3
4
Suspect files enter the analysis chain in the cloud
Cache lookup: (~1 second)
Files we’ve seen before are identified and a verdict immediately goes back to SRX
Anti-virus scanning: (~5 second)
Multiple AV engines to return a verdict, which is then cached for future reference
Static analysis: (~30 second)
The static analysis engine does a deeper inspection, with the verdict again cached for
future reference
Dynamic analysis: (~7 minutes)
Dynamic analysis in a custom sandbox leverages deception and provocation techniques
to identify evasive malware
15. • Build for Aruba ClearPass integration but can be used by 3rd party
• https://srxhostname/api/userfw/v1/
SRX User Identity Restful API (12.3X48-D30)
Healthy(0), Checkup(10), Transition(15),
Quarantine(20), Infected(30), Unknown(100)
“Aruba ClearPass”, “UAC”, “Active Directory”
IPv4 & IPv6 support
Standard XML DateTime format (ISO8601)
logon, logoff or posture-update for logon, role-list is a
must for logoff
A list of roles, maximum 200 with each 64 characters
17. SSL Forward Proxy and UTM
• 12.3X48-D25 and 15.1X49-D40 support UTM with SSL Proxy
• No configuration changes on UTM side. A ssl-proxy profile must be
applied
[…]policy trust-to-untrust match source-address any
[…]policy trust-to-untrust match destination-address any
[…]policy trust-to-untrust match application junos-any
[…]policy trust-to-untrust then permit application-services ssl-proxy profile-name ssl-inspection-p
[…]policy trust-to-untrust then permit application-services utm-policy junos-av-policy
[…]policy trust-to-untrust then permit application-services application-firewall rule-set block-app
[…]policy trust-to-untrust then log session-close
18. Juniper site to site VPN Solutions update
Use Case Auto VPN Auto + AD VPN Group VPN
Network Topology
Failover Redundancy
Traffic Steering
• Large Scale of Hub and Spoke
• Cluster Hub/Spoke
• Active-Passive
• Active-Backup
• Traffic Selector with Static
Routes – Higher scalability
• Dynamic Routing
• On Demand Spoke to Spoke
• Dynamic Any-to-Any
• Cluster Hub
• Cluster Spokes (Hierarchy)
• Traffic Selector with Static
Routes – Higher scalability
• Dynamic Routing - OSPF
• Any-to-Any
• Full Mesh
• Server Cluster for Key Server
protection
• Up to 4 server in the same
cluster.
• No overlay routing
• Advance QoS for encrypted
traffic
Tunnel Technology
• Tunnel Based VPN
• St0 P2P with Traffic Selector
• St0 P2MP with Routing
• IKEv1 and IKEv2
• Dynamic Spoke to Spoke
Tunnel
• IKEv2
• Tunnel-less VPN
• Group Protection
• IKEV1
Performance / Scalability
• Up to 1 Gbps / 3 Gbps and
2000 Tunnel - SRX1500
• 15K Tunnel with TS
• 256 shortcut tunnels- SRX550M
• 512 shortcut tunnels - SRX650
and above
• 4000 group members per
server
• 16K per cluster
23. Software Defined Secure Network Vision
Unify and rate threat intelligence, from
multiple sources
Create and centrally manage security
policy through user-intent based system
Enforce policy in near real time across
the network; ability to adapt to network
changes
Detection
Enforcement
Policy
Users & Roles
Departments &
Sites
Devices
Applications
Business
Needs
IT View
Switch Ports
VLANs
ACLs
IPs/Subnets
VRFs
ACLs
Firewall Zones
Rules
Users & Apps
Threats
Location