Building Facebook’s service encryption infrastructure

| May 29, 2019

article image
We run one of the largest microservices deployments in the world, with thousands of services that perform billions of requests per second. Keeping information secure as these services communicate globally is a complex job that requires thoughtful consideration of tradeoffs between performance, security, and operability. We are sharing new details about how we designed our encryption infrastructure within our data centers, along with lessons for others working to implement state-of-the-art security in their own systems. We previously explained how we implement Transport Layer Security (TLS) on the public internet, including our Fizz library and our pilot project for DNS over TLS. In this post, we’ll talk about how we migrated our encryption infrastructure in data centers from the Kerberos authentication protocol to TLS. Optimizing for operability and performance, while still satisfying the right security model for each service, required navigating difficult trade-offs. By sharing our experiences, we hope to show how we think about our encryption infrastructure and help others as they think through their own implementation.

Spotlight

HCL Technologies

Over the past decade, HCL has been one of the fastest growing technology companies not only in India but in the world even during the depths of the economic downturn. What has been the source of HCL’s success during this period of economic turmoil? A combination of unparalleled technical expertise and a unique management philosophy called Employees First. At HCL, employees at all levels of the organization are “ideapreneurs,” empowered indeed, expected to develop innovative solutions to operational and customer challenges.

OTHER ARTICLES

A new era of automation with Cisco ACI and the Citrix ADC Manager app

Article | February 12, 2020

Since it was first available, Citrix has worked with Cisco Application Centric Infrastructure (ACI) to integrate Citrix ADC with the Cisco Application Policy Infrastructure Controller (APIC). As a valued technology partner, Citrix has a device package — a software module — that enables users to configure the Citrix ADC directly from a Cisco APIC. This setup has run in many customer production environments over the years. Let’s consider one of those customers — Jim. He was the first to deploy the integrated solution in his data center. The solution gave him the automation he needed and a single view to configure, deploy, and manage applications. However, his application admins preferred to use the Citrix ADC user interface to manage L4-L7 services.

Read More

How to Decide Between a Hybrid Cloud and Multicloud Environment

Article | February 12, 2020

Judging from search engine traffic — and from the calls I receive — there’s some confusion out there about hybrid cloud and multicloud. More than once, I’ve heard the story of a technology manager’s boss returning from a conference a year or two ago raving about hybrid cloud, only now to insist that the organization needs to pursue a multicloud strategy. This rapid change in focus, combined with continued confusion over the terms themselves, is enough to make an IT professional’s head spin. In truth, hybrid cloud and multicloud (and even some combination of them) are completely viable models, with various organizations relying on each to achieve significant business benefits. But before IT and business leaders can decide which approach makes the most sense for them, they need to step back and ask themselves what outcomes they are trying to achieve.

Read More

What Makes Digital Transformation a Success?

Article | February 12, 2020

Despite more than $5 trillion having been spent on digital transformation efforts, survey after survey shows that successful digital transformations are far and few in-between. By many estimates, more than 50% of digital transformation efforts failed in recent years. While a recent survey conducted by Hanover Research and commissioned by AHEAD, the State of Enterprise Digital Transformation, found that 93% of enterprises are undergoing some digital transformation as they seek to cut costs (77%) and improve customer experience (71%). The survey found 42% of enterprises struggling to reach success as their efforts fall behind or stall.

Read More

How to backup hyperconverged infrastructure

Article | February 12, 2020

Enterprises running hypervisors on hyper-converged infrastructure (HCI) systems typically have backup options available to them that are not available to those running on generic hardware. Such customers may also have additional backup challenges depending on the HCI vendor and hypervisor they have chosen. Let’s take a look.

Read More

Spotlight

HCL Technologies

Over the past decade, HCL has been one of the fastest growing technology companies not only in India but in the world even during the depths of the economic downturn. What has been the source of HCL’s success during this period of economic turmoil? A combination of unparalleled technical expertise and a unique management philosophy called Employees First. At HCL, employees at all levels of the organization are “ideapreneurs,” empowered indeed, expected to develop innovative solutions to operational and customer challenges.

Events