Getting to know serverless computing architecture
Bloggers explore the dynamics of serverless computing architecture, efficacy and efficiency with endpoint security and use cases for bidirectional forwarding detection
Keith Townsend, writing in CTO Advisor, reminds engineers that servers still exist in a serverless computing architecture. According to Townsend, servers are a throwback to a time when distributed applications depended on physical hardware as the backbone of infrastructure.
Serverless computing architecture offered through services such as Lambda, Google Compute Cloud Functions or Microsoft Azure abstracts infrastructure and supports application developers writing scripts within repositories hosted by these systems. However, the overreaching goal is to reduce costs for IT teams by increasing the efficiency of running code. According to Townsend, in a server-centric setup, organizations can dedicate an entire server instance, only to have to then wait for an event to trigger a software function. Services such as Lambda speed up operations by having servers only process data as needed, thus, cutting costs.
Read more of Townsend's thoughts on serverless computing architecture.
Efficacy in endpoint security
Doug Cahill, an analyst with Enterprise Strategy Group in Milford, Mass., said efficiency and efficacy can no longer be mutually exclusive in modern enterprise IT. Many organizations face challenges with stopping threats, but are not able to do much extra work. Recent ESG research indicates that organizations experience poor endpoint security efficacy, for example, as a result of antivirus software that is unable to detect and block new endpoint threats. Other pain points included alert fatigue, re-imaging, a lack of integration between tools and slow endpoint agents.
According to Cahill, organizations are responding with training, incremental investment, getting security teams more involved and adding layers of extra controls. "For many, as the research results scream, the requisite design center can be summed up as 'efficient efficacy,' the need for new endpoint security solutions from established and emerging brands to detect and prevent a range of attacks without imposing operational overheads that disrupt the business," said Cahill.
Dig deeper into Cahill's thoughts on endpoint security.
Use cases for bidirectional forwarding detection
Ivan Pepelnjak, blogging in IP Space, answered a question about bi-directional forwarding detection (BFD). A network professional asked if BFD would still be used to detect a software failure on the other side, given a router-to-router physical link without Layer 2 transport in the middle According to Pepelnjak, the answer is, "it depends," and can be determined by figuring out what problem needs to be solved. As alternatives, an engineer could try detecting link failures at physical layer, data link layer or network layer (using BFD and routing protocols).
In most cases, physical layer detection is the easiest, although it can only detect physical failures such as a broken cable. Data link detection cannot spot end-to-end failures on a Layer 2 network. "BFD is perfectly positioned to solve the network path element failure detection challenge. It sits at the waist of the protocol hourglass, is standardized, and simple enough to be easy to implement," he said. Occasionally, using BFD timers can trigger false positives. He added that many network elements include BFD on line cards and central CPU, which becomes an important consideration if packet forwarding is being done on the same general CPU.
Explore more of Pepelnjak's thoughts about BFD.
Cloud boosted by serverless computing
How to improve endpoint security
Understanding centralized control planes