New! Security Analytics provides a comprehensive view across all your traffic

New! Security Analytics provides a comprehensive view across all your traffic
New! Security Analytics provides a comprehensive view across all your traffic

An application proxying traffic through Cloudflare benefits from a wide range of easy to use security features including WAF, Bot Management and DDoS mitigation. To understand if traffic has been blocked by Cloudflare we have built a powerful Security Events dashboard that allows you to examine any mitigation events. Application owners often wonder though what happened to the rest of their traffic. Did they block all traffic that was detected as malicious?

Today, along with our announcement of the WAF Attack Score, we are also launching our new Security Analytics.

Security Analytics gives you a security lens across all of your HTTP traffic, not only mitigated requests, allowing you to focus on what matters most: traffic deemed malicious but potentially not mitigated.

Detect then mitigate

Imagine you just onboarded your application to Cloudflare and without any additional effort, each HTTP request is analyzed by the Cloudflare network. Analytics are therefore enriched with attack analysis, bot analysis and any other security signal provided by Cloudflare.

Right away, without any risk of causing false positives, you can view the entirety of your traffic to explore what is happening, when and where.

This allows you to dive straight into analyzing the results Continue reading

Stop attacks before they are known: making the Cloudflare WAF smarter

Stop attacks before they are known: making the Cloudflare WAF smarter
Stop attacks before they are known: making the Cloudflare WAF smarter

Cloudflare’s WAF helps site owners keep their application safe from attackers. It does this by analyzing traffic with the Cloudflare Managed Rules: handwritten highly specialized rules that detect and stop malicious payloads. But they have a problem: if a rule is not written for a specific attack, it will not detect it.

Today, we are solving this problem by making our WAF smarter and announcing our WAF attack scoring system in general availability.

Customers on our Enterprise Core and Advanced Security bundles will have gradual access to this new feature. All remaining Enterprise customers will gain access over the coming months.

Our WAF attack scoring system, fully complementary to our Cloudflare Managed Rules, classifies all requests using a model trained on observed true positives across the Cloudflare network, allowing you to detect (and block) evasion, bypass and new attack techniques before they are publicly known.

The problem with signature based WAFs

Attackers trying to infiltrate web applications often use known or recently disclosed payloads. The Cloudflare WAF has been built to handle these attacks very well. The Cloudflare Managed Ruleset and the Cloudflare OWASP Managed Ruleset are in fact continuously updated and aimed at protecting web applications against known Continue reading

Intel Xeons to offer on-demand special functionality

Intel has a new program called Intel On Demand that will allow customers of its new Xeon Scalable Processors to unlock specialty processing engines for an extra fee.Intel has not disclosed what it will cost to access the On Demand features, which are activated through Intel Software Defined Silicon (SDSi), a newly added function using authentication keys to activate the additional features.For most customers, the standard Xeon core is all they need. But some may want the specialty processing engines included in the latest Xeon generation, codenamed Sapphire Rapids. The chips are available now to OEMs but will have a formal launch Jan. 10, 2023.To read this article in full, please click here

Intel Xeons to offer on-demand special functionality

Intel has a new program called Intel On Demand that will allow customers of its new Xeon Scalable Processors to unlock specialty processing engines for an extra fee.Intel has not disclosed what it will cost to access the On Demand features, which are activated through Intel Software Defined Silicon (SDSi), a newly added function using authentication keys to activate the additional features.For most customers, the standard Xeon core is all they need. But some may want the specialty processing engines included in the latest Xeon generation, codenamed Sapphire Rapids. The chips are available now to OEMs but will have a formal launch Jan. 10, 2023.To read this article in full, please click here

Gartner: Top trends to know for infrastructure and operations in 2023

Two networking technologies – secure access service edge (SASE) and wireless— lead a  list of six core trends that will impact enterprise infrastructure and operations activity in 2023, according to new research revealed by Gartner analysts at its IT Infrastructure, Operations & Cloud Strategies Conference this week.Implementing SASE, a term coined by Gartner, has been ongoing but is expected to grow substantially in the next year. Gartner forecasts that worldwide SASE spending will hit $9.2 billion in 2023, a 39% increase from 2022.To read this article in full, please click here

Gartner: Top trends to know for infrastructure and operations in 2023

Two networking technologies – secure access service edge (SASE) and wireless— lead a  list of six core trends that will impact enterprise infrastructure and operations activity in 2023, according to new research revealed by Gartner analysts at its IT Infrastructure, Operations & Cloud Strategies Conference this week.Implementing SASE, a term coined by Gartner, has been ongoing but is expected to grow substantially in the next year. Gartner forecasts that worldwide SASE spending will hit $9.2 billion in 2023, a 39% increase from 2022.To read this article in full, please click here

SONiC builds muscle for enterprise-network service in 2023

The coming year could be a very big one for the open-source network operating system SONiC as it garners start-up support and increasing interest from major networking vendors.The Linux-based Software for Open Networking in the Cloud decouples network software from the underlying hardware and lets it run on hundreds of switches and ASICs from multiple vendors while supporting a full suite of network features such as Border Gateway Protocol (BGP), remote direct memory access (RDMA), QoS, and Ethernet/IP. It was developed and then open-sourced by Microsoft, which in April turned the project over to the Linux Foundation and its 450,000 developers. The vendor community supporting SONiC has been growing, too, and includes Dell, Arista, Nokia, Alibaba, Comcast, Cisco, Broadcom, Juniper Apstra, Edgecore, Innovium, Nvidia-Mellanox, Celetica and VMware.To read this article in full, please click here

ChatGPT and Creating For Yourself

I’m sure you’ve been inundated by posts about ChatGPT over the past couple of weeks. If you managed to avoid it the short version is that there is a new model from OpenAI that can write articles, create poetry, and basically answer your homework. Lots of people are testing it out for things as mundane as writing Amazon reviews or creating configurations for routers.

It’s not a universal hit though. Stack Overflow banned ChatGPT code answers because they’re almost always wrong. My own limited tests show that it can create a lot of words from a prompt that seem to sound correct but feel hollow. Many others have accused the algorithm of scraping content from others on the Internet and sampling it into answers to make it sound accurate but not the best answer to the question.

Are we ready for AI to do our writing for us? Is the era of the novelist or technical writer finished? Should we just hang up our keyboards and call it a day?

Byte-Sized Content

When I was deciding what I wanted to do with my life after college I took the GMAT to see if I could get into grad school for Continue reading

Hedge 157: Vendor Lock-in with Frank Seesink

Vendor lock-in has been an issue in networking for the entire time I’ve been working in the field—since the late 1980s. I well remember the arguments over POSIX compliance, SQL middleware standards, ADA, and packet formats. It was an issue in electronics, which is where I worked before falling into a career in computer networks, too. What does “vendor independence” really mean, and what are the ways network operators can come close to having it? Frank Seesink joins Russ White and Tom Ammon to rant about—and consider—solutions to this problem.

download

How to combat counterfeit network gear

In today challenging business and economic environment, everybody's looking for a deal. Yet there is one "bargain" that network managers should avoid at all costs – low-priced network devices that turn out to be counterfeit.No competent network manager would intentionally purchase a faux network component, but that doesn't mean it never happens. "If signs of counterfeit parts were obvious, this issue would probably be resolved quickly," says John Loucaides, senior vice president of strategy at security technology provider Eclypsium.Virtually every type of network device is shadowed by one or more unauthorized doppelgängers. Fake drop-in replacements are particularly prevalent. "This enables a wide variety of cheaper parts to be used in a non-obvious way, maximizing the benefit of providing a counterfeit device," Loucaides says. Sometimes, however, only a single component within a device is counterfeited. "Given a financial motive, this is likely the most expensive part being substituted for a cheaper part," he says.To read this article in full, please click here

Arista EOS Configuration Automation

I keep getting questions along the lines of “is network automation practical/a reality?” with arguments like:

Many do not see a value and are OK with just a configuration manager such as Arista CVP (CloudVision Portal) and Cisco DNA.

Configuration consistently is a huge win regardless of how you implement it (it’s perfectly fine if the tools your vendor providers work for you). It prevents opportunistic consistency, as Antti Ristimäki succinctly explained:

Read more …

Alex Kim: Why I joined Cloudflare

Alex Kim: Why I joined Cloudflare

This post is also available in 한국어, 简体中文, 繁體中文 and 日本語.

Alex Kim: Why I joined Cloudflare

I am excited to announce that as of November 1, I have joined Cloudflare as Country Manager of South Korea to help build a better Internet and to expand Cloudflare’s growing customer, partner, and local teams in Korea. We just opened a new entity (after making Seoul our 23rd data center, more than 10 years ago)  and I am the first official employee of Cloudflare Korea LLC in Seoul, which is truly a great moment and privilege for me.

A little about me

I was born in Korea and was educated in Korea until middle school, then I decided to move to Toronto, Canada to study film making to become a movie director. I finished high school and obtained a university degree in Toronto, during which I had the opportunity to be exposed to various cultures, as well as learn and become well-versed in the English language. I think it was a great time to learn how diverse people in the world are. My dream of becoming a movie director has changed over time for many reasons, but I think it is no coincidence that I Continue reading

1 2 3 3,358