Connect with us

Networks

Philippines government makes cloud-first a post-pandemic ‘new normal’ for all agencies

Avatar

Published

on

The Philippines has updated its cloud-first policy and suggested that in a post-pandemic world clouds should be just-about mandatory across government.

The revised policy [PDF] tidies up vague wording in the previous document by making it plain that all government agencies must consider the cloud first, either the nation’s own GovCloud or an external provider’s rig. Congress and the judiciary are explicitly named as strongly suggested to adopt the policy after being omitted last time around.

Even suppliers to Philippines government agencies must henceforth put cloud at the top of their shopping lists. Suppliers have also been given a new requirement to match international skills and certifications standards if they want to work with GovCloud, giving the revised policy an industry development angle.

But the policy is also aware that cloud doesn’t always mean a hyperscaler: it mentions private, hybrid and pure-play clouds as options to consider. Which is sensible as among the big five clouds on AWS has infrastructure in the nation, and even then only an edge location rather than a fully-fledged bit barn.

The policy also offers exceptions to cloud-first if an agency can show that an on-prem solution would be more secure, offer better features, be cheaper or make deployment easier. Data rated “Secret” or “Top Secret” must be stored on clouds located either on local soil or in spots like embassies where the Philippines can exercise sovereignty.

Intriguingly, the new policy took immediate effect upon publication “In view of the declared public health emergency and the imposition of enhanced community quarantine” imposed during the COVID-19 pandemic. That won’t stop sysadmins having to visit hardware that’s not yet in the cloud. But is an unusual justification for a policy. ®

Source: https://go.theregister.com/feed/www.theregister.com/2020/06/15/philippines_cloud_first_policy/

Networks

Oracle aims high-end cloudy database release at existing customers in ‘defensive’ move

Avatar

Published

on

Oracle has brought out a new Exadata Cloud Service based on the Exadata X8M platform, bringing its high-end persistent memory feature to the cloud. Well, Oracle’s cloud at least.

The transactional and analytics database system Exadata X8M was first released last year in a launch Oracle claimed would reduce IO latency by up to 10 times with its use of persistent memory and remote direct memory access (RDMA) over Ethernet.

Bringing the system to the Exadata Cloud Service makes it available on a consumption basis in the Oracle cloud, including 26 global cloud regions and its on-prem service, Cloud@Customer. The omnipresent enterprise computing biz claimed it could help run applications needing multiple workloads and data types in a single converged Oracle Database, avoiding integration of multiple different database services.

Oracle claimed this meant 2.5 times higher transaction processing IOs, and 10 times better IO latency than its previous Exadata Cloud Service release.

The Exadata Database Machine started life in 2008 as an in-memory database appliance that supports OLTP (transactional) and OLAP (analytical) database systems. It was the result of a collaborative project between Big Red and HP (as it was then known), but was later ported to Sun hardware. A version has been available on Oracle Cloud since 2015.

David Floyer, CTO at Wikibon, said that with IO latency of around 20 microseconds and a 25 PB data warehouse available, Wikibon assessed it as the “highest-performance cloud database service available.”

Regardless of its performance, part of the positioning is to boost Oracle in the cloud market, as it was with the Zoom deal earlier this year, said Philip Carnelley, associate vice president of software research at IDC.

It would suit Oracle’s existing customers who want options in the cloud, he added.

“If you’ve already got loads of Oracle everywhere, then it’s becoming more viable to move what you want into the cloud: that’s their big thrust. There is such a huge install base of Oracle, it’s offering them everything in the cloud, on prem, or wherever they want it. From Oracle’s point of view, it could be seen as defensive. This will appeal to very large organisations with a very large investment in Oracle,” he said.

Carnelley said businesses were looking to move to the cloud as soon as possible, while at the same time IT departments would be reluctant to abandon their existing investments. “If it ain’t broke, don’t fix it: you don’t want to change too many things and fewer things you have to change, the better,” he said.

But outside Oracle’s install base, the appeal becomes less certain. In transaction systems Oracle would go up against IBM’s Db2 and SAP’s in-memory HANA database, both of which are available on the public cloud from the usual suspects.

On the analytical systems, Oracle must compete with cloud-native data warehouses such as Snowflake, AWS’s Redshift, Google’s BigQuery and Microsoft’s Synapse. ®

Source: https://go.theregister.com/feed/www.theregister.com/2020/10/16/oracle_cloudy_db/

Continue Reading

Networks

OpenStack’s 10th birthday is next week, but you get the present of a new release today!

Avatar

Published

on

On October 21st, 2010, something new hit the world of enterprise infrastructure software: it was free software called OpenStack “Austin” and comprised the Nova VM-wrangler and the Swift Object store.

Enthusiasm for OpenStack has waxed and waned since. In its early years the project’s openness saw the likes of Cisco, Rackspace and HPE tout it as a better alternative than proprietary clouds from AWS Microsoft.

We know how that turned out: AWS, Azure and Google dominate the cloud and while OpenStack runs plenty of colossal web companies, the project’s own user surveys suggest that the majority of deployments are at organisations with between 100 and 10,000 employees.

China turned out to be a big part of the OpenStack story: its web giants Baidu and Tencent are known users, while the nation’s big three telcos – China Mobile, China Telecom and China Unicom – also adopted the stack. They’ve adopted it because OpenStack now offers over 40 modules that are collectively capable of doing just about anything a cloudy or webscale stack requires.

The Register will properly assess OpenStack’s first decade soon, but for now we need to consider the project’s 22nd major release, dubbed “Victoria”, which landed earlier this week.

The new release includes over 20,000 code changes by 794 developers from 160 different organisations and over 45 countries.

The OpenStack Foundation rates improved Kubernetes support, including support for containerised network functions, as among its most important new additions. More FPGA support has been added, specifically for Intel and Inspur accelerators, just in time for the SmartNIC craze to crest. And because too much security is seldom enough, the Octavia module now supports HTTP/2 over TLS using Application Layer Protocol Negotiation (ALPN).

The Ironic module, dedicated to provisioning bare metal servers, has a new communications flow for agent tokens that should make it safer to communicate with devices on the edge. Ironic had a 66% increase in activity compared to the OpenStack Ussuri cycle, and added more security for edge deployments by combining the communication flow for agent token which was added in Ussuri with the automatic agent TLS feature. Now, malicious attackers are unable to possibly intercept the “token” and through standard communication exchanges with the Ironic services. The Foundation also highlighted the following enhancements for “complex networking issues”:

  • The SDN module Neutron now provides metadata service over IPv6 and has added support for flat networks for Distributed Virtual Routers (DVR), Floating IP port forwarding for the OVN backend, and router availability zones in OVN.
  • Load-balancing module Octavia now support version two of the PROXY protocol.
  • Container networking module Kuryr has added support for autodetection of VM bridging interface in nested setups.

OpenStack has published a full list of enhancements present in Victoria here. The next OpenStack release has been named “Wallaby” and should hop into view in April 2021. The release’s timeline and goals can be found here. ®

Source: https://go.theregister.com/feed/www.theregister.com/2020/10/16/openstack_victoria/

Continue Reading

Networks

Your web browser running remotely in Cloudflare’s cloud. That’s it. That’s the story

Avatar

Published

on

Network services giant Cloudflare wants to host your web browser in the cloud so it can send you only safe content.

On Thursday, the biz invited customers to sign up for the beta release of its Browser Isolation service, a third component in its evolving Cloudflare for Teams offering that came from S2 Systems, a Kirkland, Washington-based startup acquired earlier this year.

Browser isolation generally involves running a headless web browser – the browser foundation without its graphic interface – on a remote server, now commonly referred to as “the cloud,” and then buffering its visual output in some kind of format to send to software on the user’s computer to display. Scrubbing the web content of bad stuff before it’s rendered is a possibility, too, and that’s what Cloudflare’s Browser Isolation appears to do.

There are also client-side variations like Apozy’s Native Browser Isolation, and HP-acquired Bromium (now HP Sure Click), which relies on running browser tasks inside a hardware-isolated micro virtual machine.

Lord_Of_the_Rings_ring

Cloudflare floats cloud grand unification theory based on zero-trust access and security

READ MORE

Browser quarantine regimes have won corporate fans as a way to mitigate web-based security threats, and also to manage how workers interact with the unwholesome web. Think of web content as a package containing a bomb; if it explodes, you’ll wish you opened it in a concrete, reinforced bunker so that adjacent bunkers and buildings aren’t taken out. That’s browser isolation: containing any malicious stuff that spills into and out of the browser on your employees’ PCs.

Companies playing in the browser isolation market like Authentic8, Broadcom (Symantec), Menlo Security, and Webgap, among others, generally point to business-justifying stats compiled by consultancies.

Cloudflare, for instance, cites Gartner’s 2018 claim that web browsers are the source of 70 per cent of endpoint compromises. The IT research firm, declaring the public internet “a cesspool of attacks,” also projected that by 2022, 25 per cent of enterprises will adopt browser isolation technology for high-risk users and specific use-cases, up from one per cent in 2017.

Tim Obezuk, principal solutions engineer at Cloudflare, contends that Cloudflare Browser Isolation has an advantage over other approaches that rely on pixel pushing or DOM reconstruction. The former involves streaming rendered screen pixels to a remote user (slow) or loading pages remotely, checking them, then repacking and relaying them to a remote client (misses threats and prone to errors).

“Instead of streaming pixels to the user, Cloudflare Browser Isolation sends the final output of a browser’s web page rendering,” said Obezuk in a blog post. “The approach means that the only thing ever sent to the device is a package of draw commands to render the webpage, which also makes Cloudflare Browser Isolation compatible with any HTML5 compliant browser.”

Cloudflare Browser Isolation relies on Network Vector Rendering (NVR) technology from its S2 Systems acquisition. This intercepts the draw commands directed at the the remote Chromium browser’s Skia graphics rendering layer, then encodes, compressed, and encrypts them in a highly compact form before sending them to the remote client browser – which can be any HTML5-compliant browser (e.g. Chrome, Edge, Firefox, Safari).

Using an NVR WebAssembly library with an embedded Skia library that has been pushed to the local web browser, the transmitted draw commands can be unpacked, decrypted, and replayed with speed that approaches native device code.

It’s an approach that looks like it could work well given Cloudflare’s edge-centric network – with more than 200 data centers around the globe, latency between the user and the Cloudflare Browser Isolation host is likely to be less than it would be for a service operating under a more centralized network architecture.

We asked Cloudflare if browser add-ons will fit into its isolation approach, and a spokesperson told us:

If hosted browsers of this sort catch on, it may be time to stop referring to them as “user-agents” and call them something more accurate like “admin-agents.” ®

Source: https://go.theregister.com/feed/www.theregister.com/2020/10/15/cloudflare_browser_isolation/

Continue Reading
Energy2 hours ago

World’s Sole Owner of PERKLONE and TRIKLONE Now Supplying Saudi Arabia Oil & Petroleum Refineries; PERKLONE EXT; Catalyst grade, UOP Approved

Esports4 hours ago

Complexity Gaming Signs Jks From 100 Thieves

Energy7 hours ago

EV Charge Holding Limited sichert sich 15 Millionen Euro von GEM

Energy7 hours ago

Xinhua Silk Road: Chinas Solarindustrie soll angesichts der angestrebten Klimaneutralität schneller wachsen

Energy9 hours ago

Xinhua Silk Road: o setor solar da China deve concretizar um crescimento mais rápido em meio a um objetivo de neutralidade de carbono

Energy9 hours ago

Xinhua Silk Road: La industria solar de China adoptará un crecimiento más rápido en busca del objetivo de la neutralidad de carbono

Esports10 hours ago

jks: “I’m at the point in my career where I really just want to win a lot of things; this is the reason why I came to Complexity”

Energy11 hours ago

Insights on the Fermented Ingredients Global Market to 2027 – Strategic Recommendations for New Entrants

Energy11 hours ago

$6.9 Billion Worldwide Spandex Industry to 2027 – Impact of COVID-19 on the Market

Energy11 hours ago

Kimbell Royalty Partners Declares Third Quarter 2020 Distribution

Denmark
Esports11 hours ago

Vitality edge out Astralis to reach DreamHack Open Fall grand final

Energy11 hours ago

Turquoise Hill completes 10:1 share consolidation

Energy11 hours ago

Insights on the Rayon Fibers Global Market to 2027 – Featuring Grasim Industries, Kelheim Fibres and Lenzing Among Others

Esports12 hours ago

How to Make Excellent Throws in Pokémon GO

Esports12 hours ago

Professor Willow Spotted a Colorful Pokémon: Galarian Ponyta Teased in Pokémon GO

Esports12 hours ago

Adventure Together Pokémon GO: How to Make a Pokémon Your Buddy

Energy12 hours ago

Valvoline to Participate in Gabelli Annual Automotive Aftermarket Symposium on Nov. 3

Energy12 hours ago

$172 Million Worldwide Friction Stir Welding Equipment Industry to 2027 – Impact of COVID-19 on the Market

Energy12 hours ago

Three Verdant Power Tidal Turbines Deployed in New York City’s East River

Energy12 hours ago

Kennametal to Attend Baird 2020 Global Industrial Virtual Conference

Brazil
Esports13 hours ago

MIBR add stand-in trio for BLAST Premier Fall, Flashpoint

Energy13 hours ago

Worldwide Thermal Energy Storage Industry to 2025 – Featuring Abengoa, Baltimore Aircoil & Brightsource Energy Among Others

Esports13 hours ago

Apex Legends Shadowfall: Will it Come Back?

Esports13 hours ago

Cyberpunk 2077 Early Access: Is There One?

Esports13 hours ago

Cyberpunk 2077 Map Size: Denser Than You Might Think

Esports13 hours ago

Executing Zombies in Warzone Gives It a Walking Dead Type Feel

AR/VR13 hours ago

Competition: Win Either Angry Birds VR or Acron: Attack of the Squirrels! for Oculus Quest

Denmark
Esports13 hours ago

Complexity unveil jks

Cyber Security13 hours ago

How Comodo’s Auto-Containment Technology Is Helping an IT Company Provide Ransomware Protection to Clients

Esports14 hours ago

How to Get Logan Wolverine Skin in Fortnite

Energy14 hours ago

SkyWater Commissions Department of Defense-Funded Facility Expansion with Ribbon-Cutting Ceremony and Distinguished Speakers

Energy14 hours ago

Leading Edge Materials Updates on Norra Karr Exploration License

AR/VR14 hours ago

Beat Saber Multiplayer for PlayStation VR Arrives Early 2021

Esports14 hours ago

Eris Loris Among Us: The Hacker Frustrating Among Us Players

Energy15 hours ago

Global $2.25+ Billion Mobile Power Plant Markets to 2026

Energy15 hours ago

Global Environment Media (GEM) Announces the First-of-its-Kind Digital Media Network Dedicated to Positive Environmental Solutions

AR/VR15 hours ago

The VR Game Launch Roundup: A Horrifyingly Tasty Selection

Blockchain News15 hours ago

Microstrategy CEO Reveals BTC Purchase is Corporate Strategy to Adopt Bitcoin Standard

Brazil
Esports15 hours ago

BOOBIE joins Yeah

Energy16 hours ago

EPRI Joins International Consortium to Overcome Barriers to Renewable Energy Integration

Trending