Posts

The necessity for protocols to keep communication secure has been around since the dawn of the internet. The first ever VPN was jointly developed by a vendor consortium (which included Microsoft) in 1996, and came in the form of Point-to-Point Tunneling Protocol. Although many are skeptical about the value of VPNs in 2022 and beyond, customer consumption of cloud provider VPN services have paved the way for additional features and exponential scale.

Blowing out cloud spend is an easy thing to do. This McKinsey Report notes that 80% of enterprises consider managing cloud spend a challenge. I recently presented at the Cloud Security Alliance in Kansas City and had the opportunity to network with some tremendous DevOps and Security professionals. One excellent side conversation somehow transitioned to a deep discussion on better ways to understand cost implications in the era of infrastructure-as-code. Shouldn’t cost be someone else’s problem?

Optional attributes for object type constraints is almost here! I’ve been waiting for this feature to come along for a while. I have tested it extensively in -alpha, and I can confidently confirm that it is a game changer. This feature is long in the making, being discussed as far back as this thread in 2018. Today, it is now in beta, so the official release could be any day now. Let’s demonstrate how this is useful and build some common AWS infrastructure.

There is a reason why enterprises prefer the best-of-breed approach to connect and secure their network and intellectual property. Alkira announced its integration with Fortinet at AWS re:Inforce in July, and this is a perfect example of the best in action. As anyone that reads my blog knows, I have an automation first approach to everything. Alkira’s Terraform Provider is Fortinet ready, so let’s take it for a spin!

I had the opportunity to present at the 4th annual AWS Community Day for the Midwest in June. This event was planned, organized, and delivered by AWS user group leaders and was an absolute blast. I got to catch up with a few remarkable individuals I haven’t talked to since pre-pandemic, and I got to meet many new people and listen to their stories of transformation in their respective enterprises.

Zero Trust is all the rage lately, and traditional VPNs are getting a lot of scrutiny since they essentially add and remove encryption at the firewall. This means bad actors can skip off into the sunset (laterally) and gain access to those legacy systems with less effort. Another challenge with using a traditional VPN is scaling with the dramatic shift to hybrid work. ZeroTier is an interesting solution that claims to combine the capabilities of VPN and SD-WAN, among other things. Let’s take it for a spin.

Anyone that has worked in tech knows that building greenfield is much easier than dragging along brownfield environments through a roller-coaster they aren’t ready for. Tools like Terraform make infrastructure-as-code a breeze, but what about all that infrastructure you already have provisioned? April Edwards, Cloud Advocate at Microsoft, recently posted a blog about Azure Terrafy, a new tool in preview which aims to simplify the process. You can find the original blog here. Let’s take it for a spin!

The year is 2022, and Kubernetes is wreaking havoc on software delivery as we know it. Applications are going through modernization programs so they can be converted into microservices, but they are coming out the other end as distributed monoliths. Next thing you know, services exist across several clouds and even in your data centers. And, of course, the large majority of enterprises aren’t just greenfield.

The public cloud continued to dominate spending in 2021. Gartner forecasts worldwide end-user spending for public cloud to reach $397.4 billion by 2022. With increased velocity; automation continues to be a critical business imperative for the enterprise. Getting automation right means getting all the appropriate teams pulled into the process early on (shift left). Lightlytics is a new SaaS product on the market that aims to make DevOps for cloud infrastructure as agile as software delivery.

New to cryptocurrency? Check this out for a quick primer. One of the giant debates, often a significant source of criticism, is Bitcoin’s energy efficiency (or lack thereof). This criticism may also be expanded to any other currency, or blockchain backed technology that leverages proof-of-work as a consensus mechanism. Innovation is inherent in technology. New ideas, methods, and optimizations come along to take something, add new features, and make it more efficient. One such optimization is proof-of-stake which brings a greener look to consensus. How much can it help?

In Part 1, we laid out our foundation. In Part 2 and Part 3 we connected various networks (both cloud and on-premises) and provisioned NGFWs that scale to real-time capacity. By default, networks connected to our corporate segment have full-mesh connectivity to each other. Let’s build some policies in code that can work with the groups we created to produce logical micro-segmentation that mirror a few real-world use cases.

Check out Part 1 and Part 2 where we put together a scalable foundation and connect cloud networks from AWS, Azure, and GCP. For Part 3, we will bring on-premises back into the spotlight and connect some sites over Cisco SD-WAN and IPSEC.