Cloud Hosting

In March 2021, the container ship Ever Given got stuck in the Suez Canal for six days, triggering a worldwide supply-chain crisis with extensive economic consequences. This incident was a powerful reminder of how intertwined the Mediterranean Sea and the Indo-Pacific are. Yet, these two maritime areas are often seen as separate regions despite a growing list of shared challenges from climate to trade and security. Russias war in Ukraine has only added to this connectivity by destabilizing the energy market and provoking a food crisis.

Addressing these challenges requires overcoming the limits of existing institutions and multilateral formats, which are often restricted in their geographical scope, or paralyzed by internal divisions. In this context, innovative coalitions are emerging to tackle transnational issues, as recently illustrated with the Quad and the Israel-India-United Arab Emirates-United States I2U2 grouping. Cooperation between France, Egypt, and India could add an important new element to this web of overlapping coalitions.

Trilateral engagement between Paris, Cairo, and New Delhi would serve as a geostrategic corridor that connects the Mediterranean to the Indo-Pacific and allows the three countries to work together when interests align without being bound in a formal structure. To succeed, the three countries should refrain from pursuing far-fetched objectives, and instead focus on tangible issues such as maritime security, undersea cables, and food resilience.

Converging Geostrategic Interests

The potential for trilateral cooperation between France, Egypt, and India stems from their converging geostrategic interests. All three countries are maritime nations that are committed to preserving the stability of the transoceanic space stretching from the Mediterranean Sea to the Indo-Pacific. They share the same concern: that growing geopolitical tensions could jeopardize such stability, as recently witnessed in the Eastern Mediterranean and the Strait of Hormuz. The three countries are also aware of the destabilizing impact of climate change on the oceans, as illustrated by mounting illegal fishing activities and natural disasters.

Paris, Cairo, and New Delhi are also collectively facing the aftershocks of Russias war against Ukraine, specifically in the form of energy and food insecurity. Although the three countries are not perfectly aligned in their approach to this conflict, they have nonetheless displayed a common desire to address these challenges. On the energy front, France, like the rest of Europe, must find alternative gas and oil suppliers as the continent begins an energy divorce with Russia. Here, Cairo has positioned itself as a geostrategic partner to Europe, leveraging its status as the architect of gas production in the eastern Mediterranean. Egypt, in turn, as the worlds largest importer of wheat, has been hit particularly hard by the war. Cairo has been forced to diversify its wheat suppliers and look towards India and France as more reliable sources.

Strong Bilateral Partnerships

France, Egypt, and India have already built strong bilateral partnerships over the past few years. Since the 1990s, Paris and New Delhi have managed to develop a deep strategic partnership in key security areas such as maritime, space, and cyber as well as defense procurement. Since the 2010s, France and Egypt have progressively strengthened their defense cooperation, as demonstrated by Cairos acquisition of French Rafale jets and two Mistral helicopter carriers, along with joint maritime exercises in the Red Sea.

There is a historical affinity between Cairo and New Delhi because of their self-proclaimed status as civilization-states, demographic hegemony within their respective regions, geographic centrality, and well-earned geopolitical aspirations. From their shared struggle for independence against the British Empire to founding and leading the Non-Aligned Movement at the height of the Cold War, Egypt and India have long maintained close ties. Following Egypts transition from the Soviet to the American bloc after the 1978 Camp David Accords, bilateral relations cooled off and did not live up to their potential. Policymakers in Cairo and New Delhi bilaterally or within a Indo-Abrahamic framework now aim to revive them. President Abdel-Fattah el-Sisi and Prime Minister Narendra Modi have met in person several times, maintain a friendly and cooperative relationship, and have shown a clear appetite for closer ties. Both countries have recently increased their cooperation on various issues, including health (with Egypt supporting India during the pandemic), food security (with India supplying wheat to Egypt), and security (with joint air force exercises).

Embracing a Transoceanic Approach

Building on these shared interests, a trilateral partnership between France, Egypt, and India would ensure a much-needed transoceanic approach that would cover the Mediterranean Sea and the Indo-Pacific. In the 19th century, Britains vast imperial endeavor established a transcontinental geostrategic system that spanned from the Mediterranean Sea to the Indian Ocean via Egypts Suez Canal. Yet this transoceanic construct, which existed centuries ago before being appropriated by the British Empire, gradually collapsed following World Wars I and II. The Cold War divided the littoral states of these two maritime regions into warring camps with different sets of interests and objectives. Today, this region is often divided into separate bureaucratic sub-regions. In the U.S. system, for example, parts of it fall under the authority of four different combatant commands: Europe, Central, Africa, and Indo-Pacific.

Yet this transoceanic region remains as important as ever. Suez is a major strategic chokepoint for Europe-Asia trade flows, with 12 percent of global trade and 30 percent of global container traffic crossing the canal. Often overlooked compared to East Asia and the Pacific, the Indian Ocean is also of central importance, with strategic routes for energy shipping and international trade that are increasingly a theater of geopolitical competition.

Given its geopolitical centrality, Egypt would be an anchor point for trilateral cooperation. Egypts civilization and geographic position between Africa, Europe, and Asia places Cairo as a bridge between multiple sub-regions. Over the past few years, Cairo has displayed renewed regional ambitions aimed at making Egypt an integral member state of any strategy that focuses on economic vitality and security among the littoral states of the Mediterranean and the Indian Ocean. These ambitions are reinforced by Egypts concerns about the growing competition in its near environment. Specifically, Cairo is seeking to diversify its partnerships in a context of strategic convergence between Turkey, Iran, and Pakistan across multiple theaters from the eastern Mediterranean Sea to Central Asia.

With a southern maritime coastline in the Mediterranean Sea and overseas territories (and military bases) both in the Indian Ocean and the Pacific, France is also in a unique position to tie together this region. In its 2018 Indo-Pacific strategy, Paris has already started to create bridges between Europe, the Indian Ocean, and the Pacific, with an extensive geographical definition of the Indo-Pacific stretching from Djibouti to Polynesia.

Coalition of Middle Powers

A trilateral arrangement between France, Egypt, and India would be part of a larger network of middle-power coalitions across the Indo-Pacific. As witnessed with the Quad or, more recently, with the Israel-India-United Arab Emirates-United States group (which may eventually extent to include Egypt), these minilateral formats have proliferated in recent years to overcome the limitations of traditional multilateralism. Compared to large organizations that are often paralyzed by consensus rule and internal divisions, these groupings are flexible and pragmatic enough to ensure quick, tangible results. Far from fragmenting international cooperation, these coalitions are actually strengthening multilateralism through their solution-oriented approach.

While traditional multilateral organizations are often built around existing geographical formats, smaller coalitions have helped to enable transregional cooperation. This was the rationale behind the French-Indian-Australian axis that has been promoted by Paris, New Delhi, and Canberra since 2018 in order to address shared challenges in the Indian Ocean and the Pacific. This specific format stalled after AUKUS, but there is now a potential for reviving it following the recent French-Australian rapprochement. More recently, India, France, and the United Arab Emirates have launched a new trilateral dialogue, at the technical level, to explore potential cooperation in the Indo-Pacific region.

The China Question

One potential challenge to trilateral cooperation between France, Egypt, and India could be Chinas reaction, particularly as the three countries have different approaches vis--vis Beijing. France has recently hardened its stance in response to Chinas assertive diplomatic and military posture. India has long pursued a more ambiguous approach, but has recently strengthened its ties with Washington, notably through the Quad, in light of mounting tensions with Beijing. On the other hand, Egypt does not want to choose the United States over China or vice versa. Cairo is a non-NATO ally for Washington but also emerging as a strategic partner for Beijing in Africa and the greater Middle East region. Egypt might be reluctant to engage in a trilateral framework that could be perceived by China as a coalition challenging its interests.

Against this backdrop, France, Egypt, and India should be careful how they frame their cooperation. From the start, they should be clear that such an arrangement would not alter their respective relationships with China, nor force them to choose between rival camps. Far from being a broader strategic alignment between the three countries, this trilateral arrangement would simply seek pragmatic cooperation on issues of shared interest. As outlined by the French defense minister at the Shangri-La Dialogue last June, Frances goal in the region is not to force its partners to join one side or the other, but to pursue a multilateral approach respecting the sovereignty of all. Trilateral cooperation between Paris, Cairo, and New Delhi would therefore counterbalance the conventional description of the Indo-Pacific as a new Cold War theater between the United States and China. Instead of fueling a bipolar competition, a France-Egypt-India framework would offer an alternative approach in which members could strengthen their own autonomy and sovereignty.

Building a Common Agenda

The starting point for a new France-Egypt-India relationship could be a trilateral foreign minister-level meeting, where the three nations agree on common objectives and priorities. Instead of pursuing grand and far-fetched goals, the trilateral format should focus on critical areas such as intelligence sharing, maritime security, cyber security, energy, food security and critical infrastructure such as 5G and undersea cables. Among those areas, three are particularly promising: maritime security, undersea cables, and food resilience.

First, greater cooperation between the French, Egyptian, and Indian navies would contribute to maritime security in the Indian Ocean, the Gulf, and the Mediterranean Sea. To start with, they could share data, including satellite imagery, to build a common operating picture. This would allow them to monitor illegal activities, from unlicensed fishing to piracy. The three navies should also organize joint exercises to build their interoperability and train for different scenarios, from humanitarian assistance to combat missions. This naval cooperation could contribute to ongoing efforts led by organizations such as the Indian Ocean Rim Association, of which France and India are members, and Egypt is a dialogue partner.

Second, Paris, Cairo, and New Delhi should cooperate on securing and even building undersea cables. These critical infrastructure elements carry over 95 percent of international data. Multiple undersea cables pass through the Suez Canal, linking Europe, Africa, the Middle East, and Asia. Up to 30 percent of global internet traffic is believed to flow through the canal. Given the mounting importance of this infrastructure, France, Cairo, and New Delhi should aim to better protect existing cables and also explore potential new cables to meet the growing bandwidth demand.

Third, the three countries should accelerate their collective effort to address the growing food insecurity that has resulted from the war in Ukraine. Paris and New Delhi have already taken encouraging steps. France will increase its wheat export to Egypt. New Delhi has also exempted Cairo from a recent wheat export ban imposed in response to its own limited supplies. Beyond this immediate assistance, the three countries should work on long-term solutions to develop and adapt their food production, notably by supporting the French-led Food and Agriculture Resilience Mission. Launched in response to the war in Ukraine, and supported by the World Food Program, the initiative aims to reduce tensions in agricultural markets and increase agricultural capabilities worldwide. Frances initiative is not the only framework. As part of the Israel-India-United Arab Emirates-United States group, India is committed to providing the needed agricultural land for integrated food parks. New Delhi could provide the same perk to the France-Egypt-India format.

Conclusion

With global disorder intensifying, new formats are needed to overcome the limitations of traditional multilateral institutions. An innovative coalition bringing together France, Egypt, and India would be an imaginative way of addressing transnational challenges affecting the transoceanic space from the Mediterranean Sea to the Indo-Pacific. In the short term, the three countries should be pragmatic and start with concrete cooperation on immediate challenges, such as maritime security, undersea cables, and food resilience. This can then grow into a format capable of engaging on a more global level by coordinating with other issue-based transregional groups, such as Israel-India-United Arab Emirates-United States and the Quad. By doing so, France, Egypt, and India would contribute to an emerging and promising trend of greater integration among the littoral states of Eurasia.

Mohammed Soliman is a manager at McLarty Associates and a non-resident scholar at the Middle East Institute. You can find him on Twitter at @Thisissoliman

Pierre Morcos is a French diplomat in residence and visiting fellow in the Europe, Russia, and Eurasia Program at the Center for Strategic and International Studies in Washington. You can find him on Twitter at @morcos_pierre.

Raja Mohan is a Senior Fellow at Asia Society Policy Institute, New Delhi. You can find him on Twitter at @MohanCRaja.

The views expressed in this article are strictly personal.

Photo by MEAphotogallery

Read this article:
France, Egypt, and India Can Help to Spread Security from Mediterranean to the Indo-Pacific - War on the Rocks

Tens of thousands of internet-facing IP cameras made by China-based Hikvision remain unpatched and exploitable despite a fix being issued for a critical security bug nearly a year ago.

Researchers at Cyfirma recently published a report [PDF] claiming they found more than 80,000 cameras in more than 100 countries online, with ports open and no protection against CVE-2021-36260, a command-injection vulnerability exploitable by anyone with HTTP access to TCP ports 80 or 443 of an affected camera.

Awarded a CVSS score of 9.8 of 10 in severity, the Hikvision bug was considered serious enough for the US Cybersecurity and Infrastructure Security Agency (CISA) to add it to its list of "must patch" security flaws early this year, adding that the vulnerability is already being exploited.

Thus, we have thousands of publicly exposed devices home cameras, no less that are easy to exploit to gain control of, and have been exploited, presumably to press gang them into botnets, launch attacks on other networks, snoop on owners, and so on.

In a report last December, researchers at Fortinet said that the Hikvision vulnerability was being targeted by "numerous payloads," including variants of the Mirai botnet.

Cyfirma's said it also discovered multiple instances of criminals collaborating online to exploit the Hikvision vulnerability. "We have reasons to believe that Chinese threat groups such as MISSION2025/APT41, APT10 and its affiliates, as well as unknown Russian threat actor groups could potentially exploit vulnerabilities in these devices," Cyfirma said.

Being as simple as it is to execute, its past known use, and continued discussion of its merits, it's safe to assume that unpatched Hikvision cameras are already compromised.

Patches for affected Hikvision devices, of which there are more than 70 models, are available on the maker's website, where Hikvision urges its distributors to "work with your customers to ensure proper cyber hygiene and install the updated firmware."

In terms of where most affected devices are located, Cyfirma said most it found were in China, followed by the US, Vietnam, the UK, and Ukraine.

"Open vulnerabilities and ports in such devices will only compound the impact on targeted organizations and their countries economic and state prowess. It is paramount to patch the vulnerable software of the Hikvision camera products to the latest version," Cyfirma said.

This isn't Hikvision's first brush with bad publicity in the past few years. In 2019, the US placed the biz on a trade deny-list over allegations it helped the Chinese government repress Uyghur Muslims in the country by supplying cameras for surveillance.

Since then, America has also considered a wider ban on Hikvision through restrictions on US investment in the company as well as freezing its assets held in the US.

Similar discussions are being had in the UK, where several lawmakers backed a campaign in July to ban the sale or use of Hikvision or Dahua cameras for the same human rights-based reasons as the US.

See the original post here:
80,000 internet-connected cameras still vulnerable after critical patch offered - The Register

Sponsored Feature There are tens of millions of lines of code in thousands of software programs, on a typical server in the datacenter. All of which collectively present a huge attack surface for various kinds of malware.

And no matter how hard vendors and open-source project developers try to secure the code they produce, its still susceptible to vulnerabilities.

That puts the datacenter in a quandary, given that the value of modern applications derives from the fact that they can easily share data and the results of processing that data. Cyber security has been a concern since the first moment two computers were networked together. But it moved into the big league with the commercialization of the Internet and shortly thereafter, the emergence of web applications.

Its taken a long time to come up with computing platforms that deliver adequate security without leaving too much control in the hands of systems manufacturers. The Trusted Computing technology of the 2000s focused primarily on digital rights management (DRM). While it was too draconian for the enterprise datacenter, it was well suited to military and government institutions that need absolute control over data and applications residing on the machines attached to their networks.

The on-prem and cloud infrastructure increasingly used by enterprises needs a different approach, which is where the Confidential Computing movement and its idea of a Trusted Execution Environment, or TEE, have stepped in.

For datacenters, the foundation for Confidential Computing on Intels Xeon SP CPUs is its Software Guard Extension, or SGX. The extension was initially added in the first generation Skylake Xeon SP processors and has gradually been added to more CPUs since. The protected memory area that SGX creates has also been increased over time, making it not only suitable for holding cryptographic keys, but also for housing entire datasets and the applications that use them.

The idea is to create enclaves secure partitions within main system memory where data and applications can reside and run in an encrypted state which makes them impenetrable to outsiders. Well, at least impenetrable enough to make it a real hassle to try to hack into the encrypted memory areas of the system short of using cold DRAM extraction or bus and cache monitoring quantum cryptographic hacking techniques in other words rendering the prospect extremely unattractive to the perpetrator so much less likely to occur.

The first principle of the early 21st century is that exponentially more data is being generated on a global basis. And that means more transactions with personal information are happening every day. Equally the volume and sophistication of hacking, phishing, and ransomware is increasing in parallel. So Confidential Computing implemented in different ways by hardware and software needs to inhabit any device handling sensitive data.

Data encryption has been around for a long time. It was first made available for data at rest on storage devices like disk and flash drives as well as data in transit as it passed through the NIC and out across the network. But data in use literally data in the memory of a system within which it is being processed has not, until fairly recently, been protected by encryption.

With the addition of memory encryption and enclaves, it is now possible to actually deliver a Confidential Computing platform with a TEE that provides data confidentiality. This not only stops unauthorized entities, either people or applications, from viewing data while it is in use, in transit, or at rest. It also stops them from adding, removing, or altering data or code while it is in use, in transit, or at rest too.

It effectively allows enterprises in regulated industries (banking, insurance, finance, healthcare, life sciences for example) as well as government agencies (particularly defense and national security) and multi-tenant cloud service providers to better secure their environments. Importantly, Confidential Computing means that any organization running applications on the cloud can be sure that any other users of the cloud capacity and even the cloud service providers themselves cannot access the data or applications residing within a memory enclave.

Intel SGX features which deliver those guarantees are now pervasive across third generation Xeon processors and make use of the integrated cryptographic acceleration circuits on the CPUs. On earlier generations of Intel Xeon, the memory enclave had a maximum capacity of 256 MB, but with the release of the third generation of this technology, it has grown to a 1 TB that can unlock data insights faster than ever.

The combination of encryption plus the memory enclave which is isolated from other parts of the memory space where the operating system and other software resides means that certain data and applications can be secured from disclosure or modification.

This allows for organizations that might not otherwise work together to share data and compute against it without actually having access to that data a process called federated analytics and learning.

Privacy preserving analytics have been revolutionary in a lot of industries, explains Laura Martinez, director of datacenter security marketing at Intel. Take insurance as one example. In the past, insurance companies did not have the ability to share data. That made it hard to detect double dipping, which is when bad actors create multiple claims for the same loss event at multiple insurers, which in turn makes it hard to know if you have more than one policy.

Until recently, there was no technology that supported this type of data exchange. With the recent advancements and adoption of enterprise blockchain and confidential computing, companies like IntellectEU have built solutions to securely and privately share and match data without compromising the customer data.

Fraud detection is a good example of how analytics and machine learning from within shared secure enclaves can deliver benefits that were not possible before Intel SGX. Healthcare is another. HIPAA and other regulations are strict in their controls of patient data, but if you want an AI algorithm to work properly, you need a tremendous amount of data. And, if you want to train an AI application to read brain scans, you have to figure out a way to share patient data without violating patient rights.

Enter the memory enclave and Intel SGX. The University of Pennsylvania, working with Intel and funded by the US National Institutes of Health, has been able to put together the brain scans of dozens of different healthcare institutions to run AI algorithms against a much larger dataset than any individual institution could run against alone.

What these use cases demonstrate is that often Confidential Computing is more about sharing data and applications than it is about restricting use of data and applications.

Sponsored by Intel.

Go here to read the rest:
Why Memory Enclaves Are The Foundation Of Confidential Computing - The Next Platform

Systems Approach Edge routers have been an essential part of the internet for decades, connecting access networks enterprise LANs, mobile and broadband networks to the global backbone.

These devices often have cryptic names MPLS VPN Provider Edge routers, S/P-Gateways in the case of cellular networks, and Broadband Network Gateways (BNG) in the case of fiber networks but they are, at their core, IP (L3) packet forwarders, sometimes augmented with features to support the business logic required by commercial access providers. But the world is changing, and the form and function of the edge router is changing with it.

To account for modern cloud technology, especially the rush to the edge, we expect it to be less common to think in terms of edge networks connecting to backbone networks. Instead, we will think in terms of local edge clouds connecting to global hyperscalers. Devices will request service from an edge cloud, which will sometimes forward requests to remote clouds (see for example, Cloudflare Workers and Fly.io), continuing the trend of true end-to-end connections being the exception.

The edge router will increasingly be realized as a disaggregated collection of virtual functions rather than by a physical box

L3 connectivity is still there, of course, but it will increasingly be an implementation detail. And as this transition happens, the L3 data plane will be subsumed into the switching fabric of the edge cloud, with the associated control plane (whether IETF-specified, 3GPP-specified, BBF-specified, or proprietary) implemented by microservices running in the cloud (at the edge or centralized).

That is, the edge router will increasingly be realized as a disaggregated collection of virtual functions rather than by a physical box, with control in the cloud and with the dataplane running on specialized infrastructure for speed and scale. In this sense, we see the paradigm introduced by SDN logically centralized control with distributed forwarding making its way to the edge.

SD-WANs are a current example of applying an SDN architecture to the edge, and more recently, cloud-delivered SASE (Secure Access Service Edge) services blend layers of security into the solution. But the pattern is much the same L3 packet forwarding in the data plane coupled with a rich cloud-based control plane with significant (functional) overlap with cloud native implementations of access gateways.

And with most of todays SD-WAN offerings being vertically integrated and proprietary, we would argue that the benefits of SDN (such as the ability for network operators to customize the functionality) are only partly delivered in these solutions today.

Once you stop thinking in terms of edge routers as special devices and start to view routing as yet another edge function, its a small step to realize that todays diverse set of edge routers are all fundamentally the same, and that it is possible to build a generalized (and disaggregated) edge routing capability that accommodates them all. This function can be centrally orchestrated and deployed, with functional elements running in multiple edges where case-specific packet processing needs to take place.

Easier said than done, of course, but it strikes me as a likely outcome, and worth a little forethought. The key insight is that all the scenarios outlined above have a similar structure, with L3 forwarding in the data plane augmented with support for:

Secure tunnels requiring encapsulation/decapsulation

Differentiated Service requiring Q-in-Q tagging and class-based queues

Billing & Accounting requiring per-flow counters

Policy Enforcement requiring access control rules

Observability requiring in-band network telemetry

And a microservice-based control plane that implements:

Authentication triggering changes to data plane tunnels

Subscriber Management triggering updates to per-flow counters and queues

Mobility & Routing triggering forwarding changes according to resource availability

Session & Policy Management triggering changes access control rules

Diagnostics & Anomaly Detection triggering changes to in-band network telemetry

All of the data plane features can be realized in P4-programming forwarding pipelines (more on that in a moment), where the triggering relationship in the list of control functions helps us understand how to craft a converged control/data-plane interface something that P4-Runtime (P4RT) supports.

An example of the generalized data plane already exists, and we describe it in our SDN book. Its the fabric.p4 program that implements the forwarding pipeline for ONFs SD-Fabric, which (a) implements L3 forwarding for the leaf-spine switching fabric you would find in an edge cloud, and (b) can be extended to connect different access network technologies (5Gs UPF and a PON-based BNG) to the internet.

The current implementation is a bit crude (it uses #ifdef), but the idea is clear: its possible to build an L3 forwarding pipeline that can be extended with access-specific plugins.

Popping up a level, one can imagine iterating on fabric.p4 until you have an extensible edge cloud data plane suitable for all of the use cases outlined above. The P4RT-generated interface could then support multiple control plane tenants, for example, allowing a 3GPP-defined core and an SD-WAN controller to independently set queue parameters, define encapsulation/decapsulation labels, install forwarding rules, and so on.

Converging on a shared data plane, but accepting that multiple control planes will co-exist, is a good starting point. But converging on the control plane is likely within reach as well, where we can expect a converged data plane to catalyze that process.

In my mind, its primarily a matter of aligning incentives for the various domains. Its already the case that the BBF is working towards a converged access network control plane that aligns with the 3GPP-defined mobile core, largely because Telcos have an incentive to make that happen.

Another good example is Magma, which defines a unified control plane and a programmable data plane for both RAN-based and Wi-Fi-based wireless networks. As enterprises start to roll out private 5G, the push to unify how they are managed will only increase.

The SD-WAN use case is more of a wild card. On the one hand, SD-WAN is surprisingly similar to SD-RAN in the functionality it needs from an edge router. On the other hand, SD-WAN offerings so far have resisted disaggregation. Of course the same was true of telco access networks, until recently.

Operators gain the ability to customize the functionality rather than just accepting the bundle that comes from the router vendor

If we accept that unification of edge routing is possible, a reasonable next question is: is it desirable? I would argue that the value will come first from disaggregation, as we have already seen in other environments such as the cloud data center.

Once the control plane is disaggregated from the data plane, innovation can happen more easily in both, and the operators of these devices gain the ability to customize the functionality rather than just accepting the bundle that comes from the router vendor.

And secondly, there is an opportunity to take a more holistic view of the edge, which offers the chance for applying consistent network policies that are independent of the access technology. But this is a topic for another post.

View post:
The internet's edge routers are all so different. What if we unified them with software? - The Register