Do NetAdmins like snacks? Asking cos here's a dish of tasty network news nibbles
Juniper's new routers emerge, Google QUIC-ens gets load balancing for HTTPS and more
Roundup Be nimble, be QUIC: Google's added secured load balancing support to its QUIC protocol.
The Chocolate Factory created QUIC as a way to speed up Web connections by reducing the number of round trips for connection setup and using UDP instead of TCP, but it's seen only limited adoption outside Google's own infrastructure. In January this year, a mere 161,000 domains were hosted on QUIC-capable infrastructure.
Giving QUIC the ability to accelerate HTTPS infrastructure is a way of enhancing its appeal, and software engineers Michael Behr and Ian Swett wrote that Google's made QUIC-enabling a load balancer a single Google Cloud Platform console setting. The sysadmin then edits their load balancer front-end configuration, and enable QUIC negotiation for the IP address and port.
Oh, and Google continues to negotiate the slow business of making QUIC a standard: the Internet Engineering Task Force working group, formed in 2016, will complete a v1 specification by November, and participants have presented ten implementations for interop testing so far.
ONAP Beijing release lands
A second release of the Linux Foundation's Open Network Automation Platform (ONAP) appeared last week.
Dubbed "beijing", the highlights of the release include Kubernetes support, and contributions from the Metro Ethernet Forum (MEF) and the service providers' TMForum to expand ONAP's APIs.
TMForum APIs carrying MEF-defined payloads are now included in ONAP's northbound interfaces, for better handling of how orders are placed and fulfilled.
Juniper unveils next FBR (flaming big router)
Juniper Networks has an eye to the Internet of Things and 5G markets with the launch of the latest member of its MX Series.
The MX Series 5G Universal Routing Platform uses the company's latest 16nm power-efficient Penta silicon, which gives its MX960, MX480 and MX240 triple the bandwidth, MACsec and IPsec in the crypto engine (able to terminate thousands of IPsec sessions), and FlexE (flexible Ethernet) support.
CUPS – control user-plane separation – is a standard from the 3GPP supported in the MX Series 5G platform on an accelerated 5G user plane.
The platform ships as the MX10008 and MX10016, which ship in the second half of this year; Penta-based line cards will land in the first quarter of 2019.
The popular network sniffer Wireshark needs an update after two vulnerabilities were disclosed this week, one in its RTCP (Real-Time Transport Control Protocol) dissector, the other in its NBAP (Node-B Application Part) dissector.
Both CVE-2018-11355 and CVE-2018-9261 allow an attacker to crash the relevant component by getting Wireshark to process malformed traffic – either by inserting malicious traffic onto the network under test, or by getting it to process packet traces containing attack traffic.
Proof-of-concept code has been published for both vulnerabilities.
The vulnerabilities were addressed in a new download.
A10 points provisioner at Kubernetes
A10 Networks has added Kubernetes to its portfolio.
The company's A10 Ingress Controller for Kubernetes is integrated with the company's container-native load balancing/application delivery solution.
The company says the A10 Ingress Controller also ties into Kubernetes container life cycles, and is automatically updated as application services scale up and down.
It also collects hundreds of application metrics, accessible either via APIs or its A10 Harmony portal.
Its Lightning application delivery controller runs on each Kubernetes node to provide app proxy services like load balancing, content switching, SSL termination, and security.
AppViewX gets new CEO, again
Network automation company AppViewX has appointed Ryan Windham as its CEO – the third to hold the role in the last year.
Windham (formerly with Cedexis, and before that F5 Networks) takes over from Manny Rivelo (also ex-F5 Networks), who took over when Anand Purusothaman became AppViewX's chair.
Windham's been briefed to drive the company's subscription sales with a view to the network automation market.
cPacket accelerates analytics
It's not just Cisco that makes announcements at Cisco Live: there are also partners like cPacket, which this week demonstrated the virtualised version of its cClear network performance dashboard and distributed data collectors, cClear-V.
Deployable either to hypervisor VMs or Docker containers, cClear's cVu traffic sensors do the data collection without dedicated hardware.
The data is then passed back to cClear for troubleshooting, network performance analysis, and capacity planning. ®
Sponsored: Becoming a Pragmatic Security Leader