This blog post was co-authored by Jessie Jia, Senior Program Manager The Internet is the new corporate network and the fabric that connects users, devices, and data to applications of all types. It is foundational to how organizations run their businesses, engage their customers, conduct commerce, operate their supply chain, and enable their employees to work from anywhere. However, while the Internet is highly scalable and ever expanding, it…
Read More →Author: learn2skills
With the new Azure Firewall Premium now in public preview, you can now perform the following new capabilities: Transport Layer Security (TLS) Inspection: Azure Firewall Premium decrypts outbound traffic, performs the required value-added security functions and re-encrypt the traffic which is sent to the original destination. Intrusion Detection and Prevention System (IDPS): Azure Firewall Premium…
Read More →The internet runs on the Border Gateway Protocol (BGP). A network or autonomous system (AS) is bound to trust, accept, and propagate the routes advertised by its peers without questioning its provenance. That is the strength of BGP and allows the internet to update quickly and heal failures. But it is also its weakness—the path…
Read More →Deploying new applications and workloads can require big changes to your network. Read what the Enterprise Strategy Group found during their technical validation of AWS Transit Gateway. This report, Simplifying Global Network Architecture, dives into the tradeoffs and benefits of building networks with AWS Transit Gateway. It details their findings from technical validation with three customers using AWS…
Read More →Azure Bastion and VNet peering can be used together. When VNet peering is configured, you don’t have to deploy Azure Bastion in each peered VNet. This means if you have an Azure Bastion host configured in one virtual network (VNet), it can be used to connect to VMs deployed in a peered VNet without deploying…
Read More →Virtual private network (VPN) technology has changed immensely since the publication of the original Guide to IPsec VPNs (SP 800-77) in 2005. The guide was recently reworked and modernized, and Red Hat engineers lent a hand to updating this important document. The updated document takes into consideration the evolution of cryptography, software and hardware capabilities,…
Read More →Once upon a time, the term “product documentation” conjured images of ring-bound tomes several thousand pages long that would get shipped to users alongside the latest offering. In the days before the internet, this wasn’t just the best option available; it was the only option. It was big, it was slow, and it was expensive,…
Read More →Seeing a demo of Session Recording in Red Hat Enterprise Linux 8 was an eye-opener for me because it may change the way we manage systems. Let’s take a look at what you can do with session recording and where it comes in handy for troubleshooting. Session recording can help system administrators track and trace…
Read More →We’ve all been in situations where something works on one system, but not another, and we’re not sure why. Perhaps your boss is asking “Why does this work in the test environment, but not production?” and you need an answer as soon as possible. In the past when this has happened, I would open SSH…
Read More →This month marks the five year anniversary since Red Hat acquired Ansible, and since then, much has changed in the IT automation world. IT organizations have always faced continual pressure to support rapid innovation at-scale, but 2020 has been an especially challenging year. Organizations required solutions that delivered fast responses to changing business requirements, and automation…
Read More →Application allowlisting is the practice of specifying an index of approved applications or executable files that are permitted to run on a system by a specific user. This is often used on a multi-user system or some kind of a shared hosting server, where multiple users exist and they have to be given limited permissions, so…
Read More →In this article, we focus on advanced troubleshooting scenarios with middlebox appliances and SD-WAN in a global network on AWS. Middlebox appliances and SD-WAN A customer building a global network may wish to implement traffic inspection with their own network security appliances. Frequently this requirement is achieved through introduction of a transparent, middlebox appliance. AWS…
Read More →Red Hat Enterprise Linux (RHEL) version 7.5 introduced the “boom” utility for managing LVM snapshot and image boot entries. This new functionality could be very helpful for system administrators, especially those responsible for RHEL servers running directly on physical hardware, where booting from snapshots has previously been more difficult. This post will cover the…
Read More →When we unveiled Red Hat Enterprise Linux 8 at Red Hat Summit 2019, our primary focus was to deliver innovation while keeping enterprise IT’s needs for production reliability and operational compatibility front-and-center. With this launch came a predictable, six month release cadence for minor releases which continues today with Red Hat Enterprise Linux 8.3 beta. With global…
Read More →We are excited to announce that Azure Load Balancer customers now have instant access to a packaged solution for health monitoring and configuration analysis. Built as part of Azure Monitor for Networks, customers now have topological maps for all their Load Balancer configurations and health dashboards for their Standard Load Balancers preconfigured with relevant metrics. Through this, you…
Read More →In this final entry for the container security series, we’ll look at network traffic control for containers running in Red Hat OpenShift. In a Multi-Level Security (MLS) environment, you will want to be able to ensure that containers in different security levels can only talk to pods in the same security level. For instance, a…
Read More →In Red Hat Enterprise Linux 8.1, we added new container features including full support for rootless Podman, Podman Play/generate Kube, and container images for the Golang toolset (“A minor release with major new container capabilities“). Red Hat Enterprise Linux 8.2 hits the ground with an even bigger set of features. Here’s a quick summary: Update…
Read More →Today we’re announcing the general availability of Azure Spot Virtual Machines (VMs). Azure Spot VMs provide access to unused Azure compute capacity at deep discounts. Spot pricing is available on single VMs in addition to VM scale sets (VMSS). This enables you to deploy a broader variety of workloads on Azure while enjoying access to discounted pricing…
Read More →Red Hat Enterprise Linux (RHEL) 8.2 will be GA soon, and brings new features and improvements to existing ones across the board. RHEL 8.2 includes installation enhancements and a better in place upgrade experience, to resource management for optimizing workloads on large systems, to new container tools to improve use of RHEL and the Red…
Read More →Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to capture detailed information…
Read More →When choosing an operating system for running database workloads like Microsoft SQL Server, Red Hat Enterprise Linux (RHEL) offers several unique advantages. But why is this the case? When it comes to picking a database for your mission-critical application, performance is a crucial decision factor. In fact, delivering low latency, and high-throughput application responses comes…
Read More →Today marks the general availability of new Azure disk sizes, including 4, 8, and 16 GiB on both Premium and Standard SSDs, as well as bursting support on Azure Premium SSD Disks. To provide the best performance and cost balance for your production workloads, we are making significant improvements to our portfolio of Azure Premium…
Read More →As I was reading through the Red Hat Enterprise Linux 8 Beta release notes, one thing that caught my eye was that a session recording solution had been added to RHEL 8 Beta, which allows for users’ terminal sessions to be recorded and played back at a later time. Before coming to Red Hat…
Read More →AWS Global Accelerator is a network service that routes incoming network traffic over the AWS global network to multiple AWS Regions in order to improve performance and availability for your global applications. It makes use of our collection of edge locations and our congestion-free global network to direct traffic based on application health, network health, and the geographic…
Read More →Satellite and Ansible Tower are each powerful tools, and many customers utilize both of them. It is possible to integrate these tools and in part 1 of this series we covered how to configure Ansible Tower to pull a dynamic inventory of hosts from Satellite. One of Satellite’s features is the ability to provision new hosts, while…
Read More →