Cloud Infrastructure

Software-Defined Distributed Storage for Kubernetes with Ceph

Ceph, Cloud Storage, Clustered Filesystem, Container Orchestration, Encryption At-Rest, Kubernetes, NetApp ONTAP, NextCloud, NFS, Object Storage, Persistent Storage

Clustered filesystems are an essential component of scale-out, distributed systems, such as applications hosted on a Kubernetes cluster. They provide storage volumes which can be written to by multiple pods across multiple Kubernetes nodes simultaneously. Even if a storage device…

BigQuery as a Data Warehouse for Cloudflare Firewall Events

Cloud Infrastructure

Big Data, BigQuery, Cloud Firewalls, Cloud Run, CloudFlare, Cybersecurity, Data Pipelines, Google Cloud, Microservices, SecOps, Web Application Firewall

If you have created some custom rules for your zone in the Cloudflare WAF, you can easily see the IP addresses and URI paths which have triggered those rules by simply selecting the rule from the Cloudflare dashboard. A key…

Deploy & Configure OPNsense on AWS (or OCI) from Custom AMI with Private Subnet

Cloud Infrastructure

AWS, Cybersecurity, OPNsense, Oracle Cloud, pfSense Alternative, SecOps

OPNsense, like pfSense, is an open source FreeBSD-based network firewall distribution. The world of the public cloud is dominated by Linux and Windows VMs, so network administrators deploying a FreeBSD image for the first time often ask “how to do…

OPNsense Open Source Firewall vs. Cloudflare Managed WAF

Cloud Infrastructure

Cloud Firewalls, CloudFlare, Cybersecurity, DDoS Protection, IDS/IPS, ModSecurity, NAXSI, OPNsense, pfSense Alternative, SecOps, Suricata, Web Application Firewall

Since both are labelled as “firewall” products, a managed WAF like Cloudflare is often compared to a stateful firewall like OPNsense – which also has WAF capabilities, and much more. This comparison is not really apples-to-apples, especially since OPNsense has…

Kuberenetes RWX persistent volumes with Rook Ceph storage orchestrator

Clustered ReadWriteMany Filesystems for Kubernetes Persistent Volumes

Cloud Infrastructure

Ceph, Cloud Storage, Clustered Filesystem, Container Orchestration, Encryption At-Rest, Kubernetes, NetApp ONTAP, NextCloud, NFS, Object Storage, OpenZFS, Persistent Storage, TrueNAS

Many applications you might wish to deploy on a Kubernetes cluster require persistent storage in the form of PVCs (persistent volume claims) and PVs (persistent volumes). As the lifetime of a pod is ephemeral, and app data is not normally…

OPNsense Open Source Security Appliance for Cloud VPCs & On-Prem

Cloud Infrastructure

AWS, BSD, Cloud Firewalls, Cybersecurity, HAProxy, High Availability, ModSecurity, NAXSI, OPNsense, pfSense Alternative, SecOps, Suricata, VPN, Web Application Firewall, WireGuard

Whether you are protecting a traditional corporate network, cloud resources, or increasingly common – both in a hybrid setting, implementing a security appliance at each perimeter is essential to safeguarding your internal & external services and endpoint devices. A network…

Sovereign Cloud vs. Offshore Hosting – Privacy & Security Benefits

Cloud Infrastructure

Cloud Firewalls, Cloud Platforms, Cybersecurity, Data Portability, Encryption At-Rest, Open Source, Self Hosted AI, Self-Hosted Apps

The sovereign cloud and offshore hosting are two seemingly opposite concepts that both have an important role in maintaining data protection through data residency. “Data residency” is the legal jurisdiction where the data for your information systems are stored and…

Migration to Enterprise Linux Rebuilds – Rocky Linux & Alma Linux

Cloud Infrastructure

CentOS, Cybersecurity, Enterprise Linux, Linux

The CentOS 7 end of life (EOL) date when the distribution stops receiving security patches is Jun 30, 2024. Prior to the acquisition of Red Hat by IBM in Dec 2019, Red Hat made available the source of Red Hat…

Key Management for Full Disk Encryption At-Rest

Cloud Infrastructure

DM-Crypt, Key Management Service, LUKS

Encrypting data in transit using HTTPS is now nearly universal, but have you considered the importance of encrypting data at rest? File system permissions only protect your data from prying eyes so long as your servers’ disks are properly mounted…

Higher Performance Caching Options in Mautic

Cloud Infrastructure

Cloud Performance, Mautic 3, Memcached, Redis

Starting with Mautic 3.3, Mautic fully supports the Memcached and Redis cache adapters — improving on a major bottleneck for larger Mautic installations. In prior Mautic versions, storing the Symfony cache on the filesystem was the only option. Now, Mautic…

Maintaining a Secure Hybrid Workplace with Nextcloud

Cloud Infrastructure

Cloud Storage, Cybersecurity, NextCloud

The pandemic is finally subsiding in many parts of the world, bringing optimism for a vibrant, post-pandemic recovery that some say will be comparable to the Roaring Twenties period of the 1920s. Despite the brightening outlook, cyberattackers continue to take…

Move to the Cloud Easily with CyberPanel – Open Source Hosting Panel

Cloud Infrastructure

CyberPanel, Hosting Control Panel, OpenLiteSpeed

Are you ready to graduate from shared hosting to an enterprise grade cloud provider with dedicated resources and root access for installing virtually any web application? If you’re used to managing web sites using graphical control panels such as cPanel,…