April 23, 2025 • 24 mins
The tech world gives and takes away as Google introduces CloudWAN while MITRE nearly loses CVE funding, showcasing both innovation and vulnerability in our digital infrastructure landscape. Politics increasingly intersects with technology as we examine controversial security clearance revocations alongside much-needed technical improvements in cloud networking.
• Google Cloud Next introduces CloudWAN service with two use cases: high-performance data center connectivity and premium branch networking
• Google's approach differs from AWS, encouraging single global VPC deployments across regions
• MITRE loses funding for the CVE program, threatening the global vulnerability tracking system
• CISA provides 11-month bridge funding, but fragmentation begins as EU launches alternative vulnerability tracking
• Azure announces general availability of route maps for Virtual WAN, bringing traditional networking capabilities to cloud
• Former CISA director Chris Krebs targeted in federal investigation for debunking 2020 election fraud claims
• Security clearance revocations increasingly used as political weapons against technology professionals
Subscribe to Cables to Clouds Fortnightly News and tell a friend about the show to stay informed about the evolving cloud technology landscape.
Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/
Check out the Fortnightly Cloud Networking News
https://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/
Visit our website and subscribe: https://www.cables2clouds.com/
Follow us on BlueSky: https://bsky.app/profile/cables2clouds.com
Follow us on YouTube: https://www.youtube.com/@cables2clouds/
Follow us on TikTok: https://www.tiktok.com/@cables2clouds
Merch Store: https://store.cables2clouds.com/
Join the Discord Study group: https://artofneteng.com/iaatj
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Chris (00:13):
Hello, hello and welcome back to another episode of the
Cables to Clouds FortnightlyNews episode.
So in this episode today, whatwe're going to do is go through
a few news articles that havecome out over the last few weeks
that we found interesting Maybea little bit of cynicism
sprinkled in, as usual, but yeah, let's hop into it.
(00:35):
So I am your host today.
My name is Chris Miles at BGPMain on Blue Sky.
Joining me, as always, is myco-host, who I'm running out of
adjectives to describe, timMcConaughey at Carpe-DMVPN on
Blue Sky.
So let's go ahead and hop rightinto the news.
So, as you may be aware, in theUS just in the last couple weeks
(00:56):
we had Google Cloud Next, whichis basically Google Cloud's
annual conference that they hold.
We've put a wrap-up in the shownotes kind of covering
conference that they hold.
Uh, there is, we've put a wrapup in the show notes kind of
covering everything that theyannounced, because that list is
quite lengthy and uh, there's alot of things sprinkled in there
about, um, uh, two word acronymthat you can probably guess Um,
but we have uh, one, oneannouncement out of this that we
(01:18):
wanted to touch on, which was,uh, the announcement of, uh, a
service that they have.
They must have had a lot oftrouble trying to name this
thing called CloudWan.
So you know, as you know,cloudwan is already a pretty
prominent product offered by AWS, but Google has come to the
(01:39):
table offering a similar servicecalled CloudWan.
I will say that the you know.
Obviously the description ofthis will be in the show notes,
but they really focus on twopredominant use cases here for
Google Cloud WAN, use case, onebeing high performance
connectivity from regional datacenters to cloud.
So it's leveraging some oftheir existing services like
(02:00):
Cloud Interconnect and CrossCloud Interconnect, which,
basically Cloud Interconnect, isyour means of connecting.
So it's leveraging some oftheir existing services like
cloud interconnect and crosscloud interconnect, which,
basically cloud interconnect, isyour means of connecting your,
your on-premises data centers togoogle cloud.
And then you have cross cloudinterconnect, which is the, the
service you use to facilitateconnecting your google cloud
(02:21):
environment to other clouds likeaws, azure, etc.
And then they this I believethis is a new service that
they've introduced calledCross-Site Interconnect, which
is basically like a layer twoextension between your cloud
interconnects.
So I'm thinking this is going tobe similar to a service like
SiteLink or something like that,so that you can have this
(02:43):
Cross-Site Interconnect act asyour kind of DCI connection
between your cloud interconnectcircuits.
And then there's a use case two, which is about premium tier
networking for branch and campus.
So this is kind of anamalgamation of a number of
services listed in here, sonetwork connectivity center, so
NCC cloud interconnect, nccgateway, which is kind of that
(03:06):
gateway service for connectingNCC to other services, cloud
next gen firewall, cross cloudinterconnect and some other open
ecosystems for services likeSSE, things like that.
So I will say this is not quitewhat I expected when they
announced something calledCloudWay and I thought it would
be a little bit more similar toAWS's offering, but I think
(03:29):
there is enough differentiationhere to be worthy.
So, yeah, how do you feel, tim?
What are your comments on this?
Tim (03:40):
Yeah, I mean other than the name being exactly the same, of
course.
What I find interesting aboutGoogle's version of this is that
Google's version does seem tobe closer to the actual spirit
of the word.
I guess WAN in this case likecloud WAN, not so much in the
first use case.
You know that first use caseseems pretty obvious.
You're going to have some kindof high performance connectivity
(04:03):
from you know on-prem to middlemile or to the cloud directly,
and this new layer twoconnectivity is going to be
definitely, I'm sure, likemiddle mile circuit stuff, you
know like Equinix or maybe notMegaport, but like Equinix or
something.
I'm not sure how the layer twoconnects.
I guess it depends on whetherit's a real layer two connection
or it's emulated layer 2, youknow like tunnel, you know Q&Q
(04:26):
or something like that.
But yeah, the use case 2 verymuch feels like true WAN
replacement, at least that seemslike.
You know.
Look at the diagram.
It's in the we'll have it alllinked in the show notes.
Basically it has NCC being acentral hub to centralize, to
conglomerate all these servicestogether.
(04:47):
So, like Chris was saying, likeSD-WAN and then, of course, any
kind of service that you wouldexpect your branch to want to
leverage right.
Instead of going straight toZscaler or three other different
SSC providers or something likethat, they're saying why don't
you just bring theirconnectivity to us and then
we'll be kind of the glue thatholds the whole thing together
(05:09):
and then you can peel off or addnew services?
So interesting offer.
Definitely, like I said, closerto the whole WAN thing, I am
curious to find out who, besidespeople who already use Google
as their primary provider, willactually want to centralize
their branch services like thiswith NCC, because I mean NCC by
(05:31):
itself.
Even though this offers aservice where, hey, you know,
you can bring in all of yourbranch services and then just
essentially connect us to yourbranches with NCC, I still feel
like there's a whole big chunkof the cloud piece missing.
Not missing, but just likewithout it it wouldn't be as
strong a value prop on its own.
Chris (05:48):
Yeah, I think we kind of talked about this before we hit
the record button, but I think abit of this kind of relates to
how Google does networking,quite different than all of the
other CSPs out there.
Out there, um, like a lot of itseems like a lot of
encouragement from Google is tofor customers just have one VPC,
(06:09):
like just have a global VPCdeployed across every region
that they want presence in, andeverything resides in the same
VPC.
And you know, that is verydifferent to what you would do
in AWS, because you can't evenhave, you know, subnets that go
multi-region, uh or multi-az atthat, uh, at that comment there.
But, um, so, like this, thisidea of like leveraging ncc as a
(06:31):
true like backbone type thing,um, it seems nice.
I just don't typically seecustomers consuming cloud in
this way um, yeah and the I meanthey obviously there's.
There's a lot of commentary inhere about how this can reduce
tco up to 40.
Yeah, that Google Cloud.
If Google is your primary cloud, then this may be a no brainer
(07:09):
for you.
But yeah, very, veryinteresting offering.
I'll say yeah for sure.
Tim (07:14):
I think we're going to need to wait and see who adopts and
how they end up using it.
Yep, agreed, all right, okay.
So now we have an article fromBleeping Computer about well,
it's been all over the news soI'd be amazed if somebody hadn't
seen it already but the wholeMITRE losing funding bit for the
CVE program.
(07:35):
It just so for those who maybedidn't already know, and I'll
dig into the article here in asecond about a week or two ago I
think, maybe two weeks now theuh mitre announced basically
that the um that they had lostfunding well, not lost funding,
it just wasn't going to berenewed for the, the new year um
(07:55):
and because of that fundingloss they were going to no
longer going to be able toadministrate the cve program.
The common vulnerabilities, nextpoints uh, which is kind of the
backbone of cybersecuritynotification, if you will right.
It's.
You know MITRE is a nonprofit.
It's you know its whole purposeis, well, not whole purpose,
(08:17):
but a large part of its purposeis administrating the CVE
program and that means you knowthat takes money, that takes
time, that takes obviously a lotof resources to not only
administrate the program butthen provide all of the you know
websites and everything for it,anyway.
So they lost funding becausethe government basically was not
going to renew the contractbecause there's a big surprise
(08:40):
there.
Luckily, cisa has stepped in.
Cisa, the government sorry thegovernment arm, if you will, of
cybersecurity.
I forget what CISA stands for.
Chris (08:52):
Cybersecurity and Infrastructure Security Agency.
Tim (08:55):
That's, it Could not just blank completely out of nowhere
on that one.
So, yeah, so they've stepped in.
They provided an 11 monthbridge contract, basically, um,
I am curious what is going tohappen after this is over, uh,
the 11th month.
So actually I'm kind of curiouswhat's going to happen even
before 11 months are over,because you know something that
basically was the gold standardfor the entire world
(09:17):
cybersecurity database is hasbeen shown to be essentially
vulnerable to the whims of ofgovernment.
So you know, I was readinganother article that, uh, maybe
we'll, maybe we will includethat one in the probably won't
cover it, but we'll mightinclude it in the show notes
about how the Europe is alreadystanding up its own, you know
CVE type of of thing, and we're,you know, here comes the
(09:38):
fracturing of that, uh, theeffort.
You know, to the point where CVEwon't be the only thing out
there.
You'll have other ones thattrack them differently or God
knows how that's going to work.
When you start assigning, youknow a vulnerability that now
carries a CVE number and some EUnumber and God knows what else
kind of number that down thesign.
So it's going to be reallycomplicated, man.
(09:59):
But yeah, it's absolutelyinsane to me.
I don't know.
What do you think?
Chris (10:04):
yeah, I mean the.
This bleeping computer articledoes briefly touch on at the end
, that the european europeanunion agency for cyber security,
or enissa, has launched theirprogram that embraces a multi
stakeholder approach bycollecting publicly available
vulnerability information frommultiple sources.
So they wanted to kind of be,um, not open source, but you
(10:26):
know what I mean kind of morewidespread and not tied to a
single entity.
My thing is, I don't know likemaybe this was brought up
several times, um, prior to thisdate, but I feel like I didn't
hear jack shit about this untilthe day that the funding was
running out and like, oh yeah,after today, it's, it's over.
Like we, we have no, no funding.
Like how in the fuck did it getto the last day before?
(10:49):
This was like a known thingamongst the community and like,
like you said, the, the exactlike the.
The concerning part is that thegold standard for what
vulnerabilities exist from acyber security perspective could
have been gone like that, likein an instant, just like
overnight, and and it gotextended for 11 months.
So you know what, maybe we'llbe having the same conversation
(11:15):
in, uh, you know, on March 16th2026, but I don't know.
It's just like.
That's absolutely insane.
Um, I actually do need to diveinto that and maybe find out how
.
I want to see all the points intime that led up to this,
because I feel like someoneshould have known this.
Tim (11:27):
Yeah, although, to be fair, it's not uncommon for
government contracts toessentially run their course and
then just be renewed.
Chris (11:35):
Like I'm assuming that what?
Tim (11:36):
happened is that there was an 11th hour, you know, doge cut
or something that, that thatimpacted this when it was
expected to be renewed.
I'm thinking that it's the onlything that makes sense, right,
like otherwise.
I would assume MITRE would have, up until this point, been like
hey, we're about to lose ourfunding.
Hey, we're going to lose ourfunding, like it had to have
been.
Oh yeah, of course, you guysare going to get funded.
We've been funding you to thepoint where you know.
(11:56):
And then, all of a sudden, elon, you know, was tying his shoes
or something and saw the wordsCVE somewhere reflected in a
monitor and decided they neededto cut it.
I don't know, man.
Chris (12:06):
I mean in that same breath, like I don't think.
If anyone's been watchingwhat's been happening with the
administration, I don't thinkyou can assume anything is going
to be renewed right.
Tim (12:16):
Yeah, that's true With the things that they're cutting.
Chris (12:19):
So it probably should have used a little common sense
there, I think.
But you know I'm not going tothrow stones.
I don't know what happened.
I'll look into it later andI'll get back to you.
Yeah, all right.
Next up, much more lightheartedannouncement from the Azure
Networking blog.
So they have announcedMicrosoft Azure has announced
(12:54):
the general availability ofroute maps for Azure Virtual WAN
.
So huge congrats to AWS or notAWS, sorry, azure route maps,
which is something that has beenkind of a staple for network
engineering for several, severalyears, Probably.
What are we going back like 20years at this point, maybe more.
So basically they've they'veadded a route map functionality
for virtual WAN and if you'reunfamiliar with route maps, it's
(13:15):
basically a, a semi-complexlike condition, match and and
and manipulation of routeadvertisements, where you can
set you know, match conditions,you can set actions and things
like that.
It's very useful formanipulating things like AS
paths or doing summarization or,you know, allowing or blocking
(13:37):
added communities, things likethat, which is all pretty much
baked into this looks like dayone, so, you know, very cool to
see this.
I'm kind of wondering why wedidn't see this sooner.
This seems like a relativelysimple operation.
You know like there's routemaps in use today that do far
more complex things like thanthis.
(13:59):
You know like Cisco, I thinkeven has RP um, rpl, right I
don't know if that's really inin big use still today the route
policy language um, which wasintroduced with iOS XR um where
you can do way more complexstuff, and it's almost like
programming for for uh, for um,route routing protocols.
but, um, yeah, cool to see this.
(14:20):
Um, don't know if it'll we'llsee increased adoption for VWAN
from this, but maybe we will.
If you're waiting for routemaps to pull the trigger on VWAN
, then this is probably a goodday for you.
Tim (14:32):
But yeah, I don't know how you feel, tim implemented, and
remember that you got to look atall of this through the lens of
.
You know you're consuming aservice from the provider.
The provider actually hasaccess to everything that's
possible under the hood.
What they're showing you andwhat they're allowing you to do,
(14:52):
that's the.
That's the thing, right?
So route maps are actuallyextremely powerful and can do a
lot more than this article saysthat they can do, but these are
the services that Microsoft hasessentially vetted and then made
available, created theprogramming, if you will, the
front end and the programmingand the back end to make you
know it, so that you can go in,go through their UI or their CLI
(15:15):
or API calls, whatever, andactually send these commands
that are, you know, can makethese route changes on the
backend, underlay, ultimately,vwan Azure routers that exist in
a data center somewhere, right?
So, yeah, I mean so.
With that in mind, it lookslike, hey, they don't offer
(15:37):
certainly they're not anynetwork person like a CCIE or
something would look at this andbe like, oh my God, this is
barely any kind of route map.
But honestly, in the cloud, Imean, what else do you need
beyond communities, you know, aspath and route prefix filtering
, like that's all you'reprobably ever going to need in
the cloud.
You know you're not doinganything super complex.
Chris (15:58):
Yeah, especially with something like VLAN, which
already has kind of its owndefined um route selection and
things like that.
You're you don't want to messwith too many things under the
hood, or else, um, you knowyou're gonna.
Tim (16:10):
You're asking for pain, basically right, and so you know
, honestly, the stuff they'veactually I they offered more
with this than I thought theywould like.
There's actually some reallycool stuff in here, like for,
for example, they have a thingwith a prefix replacement where
this is, like you know, this isnot a way a network person would
ever think to do it, butessentially this is how you
(16:32):
would summarize, right, this ishow you could summarize from,
say, you receive a componentroutes of 10.0008, but you only,
for whatever reason you know,want the 10.
Zero, zero, slash eight, to goin.
So normally, you know you would, you would trans, you would
with routing protocols and stuff.
You would do this a differentway.
You would use a summary commandunder the routing protocol that
(16:54):
you're using, like BGP, forexample.
In this case they're saying youdon't have access to any of
that.
So here's how you can do thatsame thing that you would expect
to be able to do.
So it's a little different, butI got to say I'm looking at it.
I'm not seeing any extrafunctionality that's missing
that I would have wanted.
Chris (17:12):
Yeah, and I think this kind of comes back to something
that we've talked about on theshow for a while, whereas cloud
has kind of been thisenvironment where you've had
people that don't really knownetworking, managing networks
right, you've had developerskind of spinning up VPCs and
VNets with the same sidearranges over and over and kind
of learning the hard way thatyou know things don't function
(17:33):
that way, that you know thingsdon't function that way.
I wonder if some of thelanguage that they've used here,
like you know, kind ofreplacing route prefixes versus
summarizing route prefixes, Iwonder if that's just kind of
catering to who they think willbe managing these environments,
which is totally fine.
But, like you said, I feel likethere's some, you know, just
(17:55):
kind of my you know, networkingPTSD gets a little.
Uh, it's a little triggeredwhen I see just kind of
replacing routes um with withthings without kind of strong
conditions in there.
Um, but to your point, like youknow, kind of they've kind of
scaled back the complexity froma networking perspective on what
(18:16):
you can really have as far asyou know loops and things like
that Um.
So I mean I guess, I guessmaybe this meets the criteria
for for the environment thatit's in.
But um, yeah, it's just justI'm thinking, maybe it's kind of
catering to the audience, but Idon't know.
Tim (18:32):
Yeah, the one that gives me hives from a networking
perspective is the one where youcan match and then remove all
the AS paths from the path.
That just really messes with me, because I'm thinking like, oh
good, so we're going tointroduce loops, but anyway.
Chris (18:47):
I imagine if you're removing all of them, you're not
removing your own right.
Tim (18:50):
You're still going to put the whatever, I would assume not
the Azure one is the what is it?
Chris (18:53):
1.2, whatever.
Oh, I assume not.
The Azure one is the what is it?
Tim (18:56):
One, two, whatever?
Oh man, I don't keep it off,yeah.
Chris (18:58):
I don't remember.
Tim (18:59):
It's a public one.
It's a public AS.
That I don't remember.
Chris (19:02):
I mean I don't think they're going to change the
rules, whereas, like, when theyadvertise this outside of VWAN,
that they're not going to puttheir own AS number.
That's like a general rule thatI think everyone has to follow,
(19:23):
follow for for it to meet thestandard.
But yeah, I know what you mean.
So that's kind of like ifyou're a, if you're a developer,
and you see that like, oh, Idon't need all these asns.
Tim (19:27):
I'll just get rid of them like bad move buddy.
Um, yeah, so we'll see.
All right, uh, one more.
And uh, this one is from techcrunch, so this one is yeah,
okay, so I'll just, I'll justroll into it.
So the former CISA director,the former director of CISA
under Trump, chris Krebs,basically has being targeted by
the Trump administration,essentially because he failed to
(19:48):
prove that the 2020 electionwas stolen from Trump.
It doesn't make any sense.
Oh, yeah, that's right.
Yeah, it was, because hebasically debunked the false
(20:11):
claims about the, about it beingrigged in 2020.
So I'm so confused.
Chris (20:18):
Yeah, it's.
We put this in here justbecause it said like he was
going to basically resign fromhis position at Sentinel-1 to
challenge this federalinvestigation, which is just
yeah.
The investigation claims thathe falsely and baselessly denied
the 2020 election was riggedand stolen.
That's right.
When, like I mean this is, thisis a person that, like Trump,
(20:41):
appointed to be the director ofCISA during his first term,
right, so it was like, and he'slike, if anyone's going to have,
like Chris Krebs is a verywell-respected person in the
world of cybersecurity for themost part.
If he was claiming that therewas no you know kind of
(21:02):
tampering with the election, Iimagine he's got security to
back or, sorry, he's gotevidence to back this up,
Whereas the currentadministration seems to be doing
things without a whole lot ofyou know, investigation and fact
based evidence on the decisionsthat they're making.
So this just seems likebullying man, Like I don't think
(21:23):
anything's going to come of it.
It's just really kind of maybea jab at Chris Krebs for
something that he did years ago.
Tim (21:32):
Yeah, it's crazy.
Notice that they also strippedhim of a security clearance.
Like this has happened this isnot just Krebs, right, like this
has happened multiple times now.
This administration issystematically finding people
that doesn't like and strippingthem of their security clearance
.
Like the there was a journalist.
There's some journalists thatjust or no law.
It was a lawyer, it was a, itwas a law um firm I can't
(21:55):
remember, uh, the name I left upmy head.
It happened really recently andthey lost their like security
clearance and stuff like right,just for no reason other than
you know they.
It was one of the firms that wasinvestigating trump.
Uh, you know, for one of the uh, I forget which federal one, if
it was the the one about uh itmisuse of campaign funds or
whatever it was.
But, yeah, they was completelypunitive.
(22:15):
They had no reason to do it.
They just went after them andtook their security clearance.
So this is this weaponization.
Is uh is terrifying, right,because they've just essentially
killed that.
They could have killed thatfirm basically took their
security clearance.
So this is this weaponization.
Is uh is terrifying right,cause they've just essentially
killed that.
They could have killed thatfirm basically, and maybe they
have because of their clienteleneeds, you know, might need
security clearance to to dealwith the clientele they have.
So, um, we're going to see moreof this and I, I, I don't know
(22:38):
what the answer is of how you,how to fight against it.
Chris (22:41):
Yeah, I don't, I don't think this has necessarily been
like the first domino to fall oranything like that.
I think we've already seenseveral dominoes.
At this point, um, this one'sjust kind of coming from a
different direction.
But you know, I don't, I don'tnecessarily want to get too
political on this show, but thisis just like.
This is just insane, like, uh,it's, it's.
The administration is venturingtoo far into into the realm of
(23:02):
technology for for me to becomfortable not speaking up
about some of this stuff.
So it's it's just, you know,it's going to get worse, I think
, before it gets any better.
So I guess we will, we willstrap in, yeah.
Tim (23:17):
All right.
Well, on that exciting note, weshould probably go ahead and
wrap up for the day.
Chris (23:24):
Yeah, so if you made it this far, thank you so much for
listening.
This has been the Cables toClouds Fortnightly News Update.
Again, we put all of thesearticles that we covered today
into a Google Doc, which isavailable in the show notes.
So if you want to read any more, if you really want to look at
what was announced at Googlecloud next 2025, highly
recommend looking in there,because we put the full wrap up
link in there.
Um, and if, uh, if you don'talready subscribe, you know, hit
(23:49):
that little subscribe button.
Let us, uh, let us know whatyou think about the show, tell a
friend about the show and, uh,we will see you again in two
weeks, take care.
Hello, hello and welcome back to another episode of the
Cables to Clouds FortnightlyNews episode.
So in this episode today, whatwe're going to do is go through
a few news articles that havecome out over the last few weeks
that we found interesting Maybea little bit of cynicism
sprinkled in, as usual, but yeah, let's hop into it.
(00:35):
So I am your host today.
My name is Chris Miles at BGPMain on Blue Sky.
Joining me, as always, is myco-host, who I'm running out of
adjectives to describe, timMcConaughey at Carpe-DMVPN on
Blue Sky.
So let's go ahead and hop rightinto the news.
So, as you may be aware, in theUS just in the last couple weeks
(00:56):
we had Google Cloud Next, whichis basically Google Cloud's
annual conference that they hold.
We've put a wrap-up in the shownotes kind of covering
conference that they hold.
Uh, there is, we've put a wrapup in the show notes kind of
covering everything that theyannounced, because that list is
quite lengthy and uh, there's alot of things sprinkled in there
about, um, uh, two word acronymthat you can probably guess Um,
but we have uh, one, oneannouncement out of this that we
(01:18):
wanted to touch on, which was,uh, the announcement of, uh, a
service that they have.
They must have had a lot oftrouble trying to name this
thing called CloudWan.
So you know, as you know,cloudwan is already a pretty
prominent product offered by AWS, but Google has come to the
(01:39):
table offering a similar servicecalled CloudWan.
I will say that the you know.
Obviously the description ofthis will be in the show notes,
but they really focus on twopredominant use cases here for
Google Cloud WAN, use case, onebeing high performance
connectivity from regional datacenters to cloud.
So it's leveraging some oftheir existing services like
(02:00):
Cloud Interconnect and CrossCloud Interconnect, which,
basically Cloud Interconnect, isyour means of connecting.
So it's leveraging some oftheir existing services like
cloud interconnect and crosscloud interconnect, which,
basically cloud interconnect, isyour means of connecting your,
your on-premises data centers togoogle cloud.
And then you have cross cloudinterconnect, which is the, the
service you use to facilitateconnecting your google cloud
(02:21):
environment to other clouds likeaws, azure, etc.
And then they this I believethis is a new service that
they've introduced calledCross-Site Interconnect, which
is basically like a layer twoextension between your cloud
interconnects.
So I'm thinking this is going tobe similar to a service like
SiteLink or something like that,so that you can have this
(02:43):
Cross-Site Interconnect act asyour kind of DCI connection
between your cloud interconnectcircuits.
And then there's a use case two, which is about premium tier
networking for branch and campus.
So this is kind of anamalgamation of a number of
services listed in here, sonetwork connectivity center, so
NCC cloud interconnect, nccgateway, which is kind of that
(03:06):
gateway service for connectingNCC to other services, cloud
next gen firewall, cross cloudinterconnect and some other open
ecosystems for services likeSSE, things like that.
So I will say this is not quitewhat I expected when they
announced something calledCloudWay and I thought it would
be a little bit more similar toAWS's offering, but I think
(03:29):
there is enough differentiationhere to be worthy.
So, yeah, how do you feel, tim?
What are your comments on this?
Tim (03:40):
Yeah, I mean other than the name being exactly the same, of
course.
What I find interesting aboutGoogle's version of this is that
Google's version does seem tobe closer to the actual spirit
of the word.
I guess WAN in this case likecloud WAN, not so much in the
first use case.
You know that first use caseseems pretty obvious.
You're going to have some kindof high performance connectivity
(04:03):
from you know on-prem to middlemile or to the cloud directly,
and this new layer twoconnectivity is going to be
definitely, I'm sure, likemiddle mile circuit stuff, you
know like Equinix or maybe notMegaport, but like Equinix or
something.
I'm not sure how the layer twoconnects.
I guess it depends on whetherit's a real layer two connection
or it's emulated layer 2, youknow like tunnel, you know Q&Q
(04:26):
or something like that.
But yeah, the use case 2 verymuch feels like true WAN
replacement, at least that seemslike.
You know.
Look at the diagram.
It's in the we'll have it alllinked in the show notes.
Basically it has NCC being acentral hub to centralize, to
conglomerate all these servicestogether.
(04:47):
So, like Chris was saying, likeSD-WAN and then, of course, any
kind of service that you wouldexpect your branch to want to
leverage right.
Instead of going straight toZscaler or three other different
SSC providers or something likethat, they're saying why don't
you just bring theirconnectivity to us and then
we'll be kind of the glue thatholds the whole thing together
(05:09):
and then you can peel off or addnew services?
So interesting offer.
Definitely, like I said, closerto the whole WAN thing, I am
curious to find out who, besidespeople who already use Google
as their primary provider, willactually want to centralize
their branch services like thiswith NCC, because I mean NCC by
(05:31):
itself.
Even though this offers aservice where, hey, you know,
you can bring in all of yourbranch services and then just
essentially connect us to yourbranches with NCC, I still feel
like there's a whole big chunkof the cloud piece missing.
Not missing, but just likewithout it it wouldn't be as
strong a value prop on its own.
Chris (05:48):
Yeah, I think we kind of talked about this before we hit
the record button, but I think abit of this kind of relates to
how Google does networking,quite different than all of the
other CSPs out there.
Out there, um, like a lot of itseems like a lot of
encouragement from Google is tofor customers just have one VPC,
(06:09):
like just have a global VPCdeployed across every region
that they want presence in, andeverything resides in the same
VPC.
And you know, that is verydifferent to what you would do
in AWS, because you can't evenhave, you know, subnets that go
multi-region, uh or multi-az atthat, uh, at that comment there.
But, um, so, like this, thisidea of like leveraging ncc as a
(06:31):
true like backbone type thing,um, it seems nice.
I just don't typically seecustomers consuming cloud in
this way um, yeah and the I meanthey obviously there's.
There's a lot of commentary inhere about how this can reduce
tco up to 40.
Yeah, that Google Cloud.
If Google is your primary cloud, then this may be a no brainer
(07:09):
for you.
But yeah, very, veryinteresting offering.
I'll say yeah for sure.
Tim (07:14):
I think we're going to need to wait and see who adopts and
how they end up using it.
Yep, agreed, all right, okay.
So now we have an article fromBleeping Computer about well,
it's been all over the news soI'd be amazed if somebody hadn't
seen it already but the wholeMITRE losing funding bit for the
CVE program.
(07:35):
It just so for those who maybedidn't already know, and I'll
dig into the article here in asecond about a week or two ago I
think, maybe two weeks now theuh mitre announced basically
that the um that they had lostfunding well, not lost funding,
it just wasn't going to berenewed for the, the new year um
(07:55):
and because of that fundingloss they were going to no
longer going to be able toadministrate the cve program.
The common vulnerabilities, nextpoints uh, which is kind of the
backbone of cybersecuritynotification, if you will right.
It's.
You know MITRE is a nonprofit.
It's you know its whole purposeis, well, not whole purpose,
(08:17):
but a large part of its purposeis administrating the CVE
program and that means you knowthat takes money, that takes
time, that takes obviously a lotof resources to not only
administrate the program butthen provide all of the you know
websites and everything for it,anyway.
So they lost funding becausethe government basically was not
going to renew the contractbecause there's a big surprise
(08:40):
there.
Luckily, cisa has stepped in.
Cisa, the government sorry thegovernment arm, if you will, of
cybersecurity.
I forget what CISA stands for.
Chris (08:52):
Cybersecurity and Infrastructure Security Agency.
Tim (08:55):
That's, it Could not just blank completely out of nowhere
on that one.
So, yeah, so they've stepped in.
They provided an 11 monthbridge contract, basically, um,
I am curious what is going tohappen after this is over, uh,
the 11th month.
So actually I'm kind of curiouswhat's going to happen even
before 11 months are over,because you know something that
basically was the gold standardfor the entire world
(09:17):
cybersecurity database is hasbeen shown to be essentially
vulnerable to the whims of ofgovernment.
So you know, I was readinganother article that, uh, maybe
we'll, maybe we will includethat one in the probably won't
cover it, but we'll mightinclude it in the show notes
about how the Europe is alreadystanding up its own, you know
CVE type of of thing, and we're,you know, here comes the
(09:38):
fracturing of that, uh, theeffort.
You know, to the point where CVEwon't be the only thing out
there.
You'll have other ones thattrack them differently or God
knows how that's going to work.
When you start assigning, youknow a vulnerability that now
carries a CVE number and some EUnumber and God knows what else
kind of number that down thesign.
So it's going to be reallycomplicated, man.
(09:59):
But yeah, it's absolutelyinsane to me.
I don't know.
What do you think?
Chris (10:04):
yeah, I mean the.
This bleeping computer articledoes briefly touch on at the end
, that the european europeanunion agency for cyber security,
or enissa, has launched theirprogram that embraces a multi
stakeholder approach bycollecting publicly available
vulnerability information frommultiple sources.
So they wanted to kind of be,um, not open source, but you
(10:26):
know what I mean kind of morewidespread and not tied to a
single entity.
My thing is, I don't know likemaybe this was brought up
several times, um, prior to thisdate, but I feel like I didn't
hear jack shit about this untilthe day that the funding was
running out and like, oh yeah,after today, it's, it's over.
Like we, we have no, no funding.
Like how in the fuck did it getto the last day before?
(10:49):
This was like a known thingamongst the community and like,
like you said, the, the exactlike the.
The concerning part is that thegold standard for what
vulnerabilities exist from acyber security perspective could
have been gone like that, likein an instant, just like
overnight, and and it gotextended for 11 months.
So you know what, maybe we'llbe having the same conversation
(11:15):
in, uh, you know, on March 16th2026, but I don't know.
It's just like.
That's absolutely insane.
Um, I actually do need to diveinto that and maybe find out how
.
I want to see all the points intime that led up to this,
because I feel like someoneshould have known this.
Tim (11:27):
Yeah, although, to be fair, it's not uncommon for
government contracts toessentially run their course and
then just be renewed.
Chris (11:35):
Like I'm assuming that what?
Tim (11:36):
happened is that there was an 11th hour, you know, doge cut
or something that, that thatimpacted this when it was
expected to be renewed.
I'm thinking that it's the onlything that makes sense, right,
like otherwise.
I would assume MITRE would have, up until this point, been like
hey, we're about to lose ourfunding.
Hey, we're going to lose ourfunding, like it had to have
been.
Oh yeah, of course, you guysare going to get funded.
We've been funding you to thepoint where you know.
(11:56):
And then, all of a sudden, elon, you know, was tying his shoes
or something and saw the wordsCVE somewhere reflected in a
monitor and decided they neededto cut it.
I don't know, man.
Chris (12:06):
I mean in that same breath, like I don't think.
If anyone's been watchingwhat's been happening with the
administration, I don't thinkyou can assume anything is going
to be renewed right.
Tim (12:16):
Yeah, that's true With the things that they're cutting.
Chris (12:19):
So it probably should have used a little common sense
there, I think.
But you know I'm not going tothrow stones.
I don't know what happened.
I'll look into it later andI'll get back to you.
Yeah, all right.
Next up, much more lightheartedannouncement from the Azure
Networking blog.
So they have announcedMicrosoft Azure has announced
(12:54):
the general availability ofroute maps for Azure Virtual WAN
.
So huge congrats to AWS or notAWS, sorry, azure route maps,
which is something that has beenkind of a staple for network
engineering for several, severalyears, Probably.
What are we going back like 20years at this point, maybe more.
So basically they've they'veadded a route map functionality
for virtual WAN and if you'reunfamiliar with route maps, it's
(13:15):
basically a, a semi-complexlike condition, match and and
and manipulation of routeadvertisements, where you can
set you know, match conditions,you can set actions and things
like that.
It's very useful formanipulating things like AS
paths or doing summarization or,you know, allowing or blocking
(13:37):
added communities, things likethat, which is all pretty much
baked into this looks like dayone, so, you know, very cool to
see this.
I'm kind of wondering why wedidn't see this sooner.
This seems like a relativelysimple operation.
You know like there's routemaps in use today that do far
more complex things like thanthis.
(13:59):
You know like Cisco, I thinkeven has RP um, rpl, right I
don't know if that's really inin big use still today the route
policy language um, which wasintroduced with iOS XR um where
you can do way more complexstuff, and it's almost like
programming for for uh, for um,route routing protocols.
but, um, yeah, cool to see this.
(14:20):
Um, don't know if it'll we'llsee increased adoption for VWAN
from this, but maybe we will.
If you're waiting for routemaps to pull the trigger on VWAN
, then this is probably a goodday for you.
Tim (14:32):
But yeah, I don't know how you feel, tim implemented, and
remember that you got to look atall of this through the lens of
.
You know you're consuming aservice from the provider.
The provider actually hasaccess to everything that's
possible under the hood.
What they're showing you andwhat they're allowing you to do,
(14:52):
that's the.
That's the thing, right?
So route maps are actuallyextremely powerful and can do a
lot more than this article saysthat they can do, but these are
the services that Microsoft hasessentially vetted and then made
available, created theprogramming, if you will, the
front end and the programmingand the back end to make you
know it, so that you can go in,go through their UI or their CLI
(15:15):
or API calls, whatever, andactually send these commands
that are, you know, can makethese route changes on the
backend, underlay, ultimately,vwan Azure routers that exist in
a data center somewhere, right?
So, yeah, I mean so.
With that in mind, it lookslike, hey, they don't offer
(15:37):
certainly they're not anynetwork person like a CCIE or
something would look at this andbe like, oh my God, this is
barely any kind of route map.
But honestly, in the cloud, Imean, what else do you need
beyond communities, you know, aspath and route prefix filtering
, like that's all you'reprobably ever going to need in
the cloud.
You know you're not doinganything super complex.
Chris (15:58):
Yeah, especially with something like VLAN, which
already has kind of its owndefined um route selection and
things like that.
You're you don't want to messwith too many things under the
hood, or else, um, you knowyou're gonna.
Tim (16:10):
You're asking for pain, basically right, and so you know
, honestly, the stuff they'veactually I they offered more
with this than I thought theywould like.
There's actually some reallycool stuff in here, like for,
for example, they have a thingwith a prefix replacement where
this is, like you know, this isnot a way a network person would
ever think to do it, butessentially this is how you
(16:32):
would summarize, right, this ishow you could summarize from,
say, you receive a componentroutes of 10.0008, but you only,
for whatever reason you know,want the 10.
Zero, zero, slash eight, to goin.
So normally, you know you would, you would trans, you would
with routing protocols and stuff.
You would do this a differentway.
You would use a summary commandunder the routing protocol that
(16:54):
you're using, like BGP, forexample.
In this case they're saying youdon't have access to any of
that.
So here's how you can do thatsame thing that you would expect
to be able to do.
So it's a little different, butI got to say I'm looking at it.
I'm not seeing any extrafunctionality that's missing
that I would have wanted.
Chris (17:12):
Yeah, and I think this kind of comes back to something
that we've talked about on theshow for a while, whereas cloud
has kind of been thisenvironment where you've had
people that don't really knownetworking, managing networks
right, you've had developerskind of spinning up VPCs and
VNets with the same sidearranges over and over and kind
of learning the hard way thatyou know things don't function
(17:33):
that way, that you know thingsdon't function that way.
I wonder if some of thelanguage that they've used here,
like you know, kind ofreplacing route prefixes versus
summarizing route prefixes, Iwonder if that's just kind of
catering to who they think willbe managing these environments,
which is totally fine.
But, like you said, I feel likethere's some, you know, just
(17:55):
kind of my you know, networkingPTSD gets a little.
Uh, it's a little triggeredwhen I see just kind of
replacing routes um with withthings without kind of strong
conditions in there.
Um, but to your point, like youknow, kind of they've kind of
scaled back the complexity froma networking perspective on what
(18:16):
you can really have as far asyou know loops and things like
that Um.
So I mean I guess, I guessmaybe this meets the criteria
for for the environment thatit's in.
But um, yeah, it's just justI'm thinking, maybe it's kind of
catering to the audience, but Idon't know.
Tim (18:32):
Yeah, the one that gives me hives from a networking
perspective is the one where youcan match and then remove all
the AS paths from the path.
That just really messes with me, because I'm thinking like, oh
good, so we're going tointroduce loops, but anyway.
Chris (18:47):
I imagine if you're removing all of them, you're not
removing your own right.
Tim (18:50):
You're still going to put the whatever, I would assume not
the Azure one is the what is it?
Chris (18:53):
1.2, whatever.
Oh, I assume not.
The Azure one is the what is it?
Tim (18:56):
One, two, whatever?
Oh man, I don't keep it off,yeah.
Chris (18:58):
I don't remember.
Tim (18:59):
It's a public one.
It's a public AS.
That I don't remember.
Chris (19:02):
I mean I don't think they're going to change the
rules, whereas, like, when theyadvertise this outside of VWAN,
that they're not going to puttheir own AS number.
That's like a general rule thatI think everyone has to follow,
(19:23):
follow for for it to meet thestandard.
But yeah, I know what you mean.
So that's kind of like ifyou're a, if you're a developer,
and you see that like, oh, Idon't need all these asns.
Tim (19:27):
I'll just get rid of them like bad move buddy.
Um, yeah, so we'll see.
All right, uh, one more.
And uh, this one is from techcrunch, so this one is yeah,
okay, so I'll just, I'll justroll into it.
So the former CISA director,the former director of CISA
under Trump, chris Krebs,basically has being targeted by
the Trump administration,essentially because he failed to
(19:48):
prove that the 2020 electionwas stolen from Trump.
It doesn't make any sense.
Oh, yeah, that's right.
Yeah, it was, because hebasically debunked the false
(20:11):
claims about the, about it beingrigged in 2020.
So I'm so confused.
Chris (20:18):
Yeah, it's.
We put this in here justbecause it said like he was
going to basically resign fromhis position at Sentinel-1 to
challenge this federalinvestigation, which is just
yeah.
The investigation claims thathe falsely and baselessly denied
the 2020 election was riggedand stolen.
That's right.
When, like I mean this is, thisis a person that, like Trump,
(20:41):
appointed to be the director ofCISA during his first term,
right, so it was like, and he'slike, if anyone's going to have,
like Chris Krebs is a verywell-respected person in the
world of cybersecurity for themost part.
If he was claiming that therewas no you know kind of
(21:02):
tampering with the election, Iimagine he's got security to
back or, sorry, he's gotevidence to back this up,
Whereas the currentadministration seems to be doing
things without a whole lot ofyou know, investigation and fact
based evidence on the decisionsthat they're making.
So this just seems likebullying man, Like I don't think
(21:23):
anything's going to come of it.
It's just really kind of maybea jab at Chris Krebs for
something that he did years ago.
Tim (21:32):
Yeah, it's crazy.
Notice that they also strippedhim of a security clearance.
Like this has happened this isnot just Krebs, right, like this
has happened multiple times now.
This administration issystematically finding people
that doesn't like and strippingthem of their security clearance
.
Like the there was a journalist.
There's some journalists thatjust or no law.
It was a lawyer, it was a, itwas a law um firm I can't
(21:55):
remember, uh, the name I left upmy head.
It happened really recently andthey lost their like security
clearance and stuff like right,just for no reason other than
you know they.
It was one of the firms that wasinvestigating trump.
Uh, you know, for one of the uh, I forget which federal one, if
it was the the one about uh itmisuse of campaign funds or
whatever it was.
But, yeah, they was completelypunitive.
(22:15):
They had no reason to do it.
They just went after them andtook their security clearance.
So this is this weaponization.
Is uh is terrifying, right,because they've just essentially
killed that.
They could have killed thatfirm basically took their
security clearance.
So this is this weaponization.
Is uh is terrifying right,cause they've just essentially
killed that.
They could have killed thatfirm basically, and maybe they
have because of their clienteleneeds, you know, might need
security clearance to to dealwith the clientele they have.
So, um, we're going to see moreof this and I, I, I don't know
(22:38):
what the answer is of how you,how to fight against it.
Chris (22:41):
Yeah, I don't, I don't think this has necessarily been
like the first domino to fall oranything like that.
I think we've already seenseveral dominoes.
At this point, um, this one'sjust kind of coming from a
different direction.
But you know, I don't, I don'tnecessarily want to get too
political on this show, but thisis just like.
This is just insane, like, uh,it's, it's.
The administration is venturingtoo far into into the realm of
(23:02):
technology for for me to becomfortable not speaking up
about some of this stuff.
So it's it's just, you know,it's going to get worse, I think
, before it gets any better.
So I guess we will, we willstrap in, yeah.
Tim (23:17):
All right.
Well, on that exciting note, weshould probably go ahead and
wrap up for the day.
Chris (23:24):
Yeah, so if you made it this far, thank you so much for
listening.
This has been the Cables toClouds Fortnightly News Update.
Again, we put all of thesearticles that we covered today
into a Google Doc, which isavailable in the show notes.
So if you want to read any more, if you really want to look at
what was announced at Googlecloud next 2025, highly
recommend looking in there,because we put the full wrap up
link in there.
Um, and if, uh, if you don'talready subscribe, you know, hit
(23:49):
that little subscribe button.
Let us, uh, let us know whatyou think about the show, tell a
friend about the show and, uh,we will see you again in two
weeks, take care.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!