Archive for the ‘CohesiveFT’ Category
Moving on from Cohesive Networks
I’m writing this on my last day as CTO for Cohesive Networks, and by the time it’s published I’ll have moved on to a new role as CTO for Global Infrastructure Services at CSC. Looking Back It’s been a pretty incredible (almost) three years at Cohesive. Year 1 – focus on networking. When I joined Cohesive in […]
Filed under: CohesiveFT | 2 Comments
Tags: Cohesive, CSC, CTO
Late last year AWS launched Private DNS within Amazon VPC as part of their Route 53 service. This allows customers to create DNS entries that are only visible within a VPC (or group of VPCs). It’s also possible to have ‘split horizon’ DNS where servers inside a VPC get different answers to the same queries versus users […]
Filed under: CohesiveFT, howto, networking | 2 Comments
Tags: aws, Bind, DNS, Route 53, Unbound, VPC
All of the major cloud providers now offer some means by which it’s possible to connect to them directly, meaning not over the Internet. This is generally positioned as helping with the following concerns: Bandwidth – getting a guaranteed chunk of bandwidth to the cloud and applications in it. Latency – having an explicit maximum […]
Filed under: cloud, CohesiveFT, networking | Leave a Comment
Tags: amazon, aws, Azure, cloud, direct connect, direct peering, expressroute, GCE, GCP, google, Microsoft, network
This post originally appeared on the CohesiveFT blog The Docker subsystem available since version 3.5 allows additional virtualized network functions (VNFs) to be run on VNS3. I’ve previously written about using this capability for content caching, SSL termination and load balancing. This time I’ll cover using it as a network intrusion detection system (NIDS). Introducing Suricata […]
Filed under: CohesiveFT, Docker, networking, security | 1 Comment
Tags: Docker, intrusion, NIDS, rules, Snort, Suricata, VNS3
This post originally appeared on the CohesiveFT blog Amazon recently announced the new t2 family of low end instances, which I wrote about on InfoQ. Pricing wise the headline is that the t2.micro is ¢1.3/hr, which is a fair bit cheaper than the ¢2/hr of the t1.micro it replaces. It also has much better performance, and more […]
Filed under: cloud, CohesiveFT | Leave a Comment
Tags: amazon, aws, cloud, iaas, penny, pricing
This was a warm up for a presentation I’ll be doing at AppSec USA later in the year. I got some good feedback on the night, but if you have more then please make a comment below.
Filed under: CohesiveFT, Docker, presentation, security | Leave a Comment
Tags: Chicago, DevOps, Docker, meetup, security
This post originally appeared on the CohesiveFT blog Want to do more with your AWS Virtual Private Cloud (VPC)? We have 10 ways you can enhance cloud networking with our virtual appliance, VNS3. First, a quick background on the product: VNS3 creates an overlay networking on top of AWS infrastructure. This allows you to control security, topology, addressing and protocols […]
Filed under: cloud, CohesiveFT, networking | Leave a Comment
Tags: amazon, aws, ec2, VNS3, VPC
The cloud price wars that began at the end of March have been all about compute and storage pricing. I don’t recall hearing network pricing being mentioned at all; and indeed there haven’t been any major shifts in network pricing. Photo credit: Datacenter World Network is perhaps now the largest hidden cost of using major IaaS providers, […]
Filed under: cloud, CohesiveFT, networking | 5 Comments
Tags: amazon, Amazon Web Services, aws, Azure, bandwidth, cloud, GCE, google, iaas, margin, Microsoft, pricing, transfer
Beware the default network
I was helping a colleague troubleshoot a deployment issue recently. He’d set up a virtual private cloud (VPC) in Amazon with a public subnet and a bunch of private subnets: 10.0.0.0/16 – VPC (the default) 10.0.0.0/24 – Public subnet 10.0.0.1/24 – Private subnet 1 10.0.0.2/24 – Private subnet 2 10.0.0.3/24 – Private subnet 3 Everything was behaving […]
Filed under: cloud, CohesiveFT, Docker, networking | 1 Comment
Tags: aws, CIDR, conflict, defaults, Docker, howto, LXC, lxcbr0, networks, peering, routing, troubleshooting, VNS3, VPC
The dust is starting to settle now in the wake of Heartbleed[1] – those that are going to fix it have already, other servers that are suffering from the issue will remain vulnerable for years to come. It’s time now for reflection, so here’s mine. I was on a family vacation when Heartbleed was announced, and […]
Filed under: CohesiveFT, security | Leave a Comment
Tags: Heartbleed, IoT, OpenSSL, security, SSL, tls, vulnerability
Chris Swan's Weblog 