Apstra bring intent-based networking to life

What do UFOs, the Loch Ness Monster and intent-based networks have in common? These are all things that people claim to have seen, but no one can really prove it and their existence remains largely a myth.While the good folks over at the X-Files will continue to try and prove the first two, start-up vendor Apstra appears to have licked the third, as its latest operating system release, AOS 1.2 is making vendor-agnostic, intent-based networking a reality. RELATED: SD-WAN: What it is and why you will use it one day You might be asking what exactly intent-based networking is? Think of it as a network where you tell it the “what,” and the “how” is determined by the system. A good example of this is a self-driving car where the driver puts in the destination address, and the car’s system figures out the details. The driver just gives it a command and then gets there. To read this article in full or to leave a comment, please click here

Worth Reading: A bleak picture of internet trust

The 2017 CIGI-Ipsos Global Survey on Internet Security and Trust paints a bleak picture of the current state of trust online. A majority of those surveyed said they are more concerned about their privacy than the year before, with an almost even split between those “much more concerned” and those only “somewhat more concerned”. When asked whether they agree with the statement “overall, I trust the Internet”, only 12% of respondents strongly agreed and a further 43% somewhat agreed. This means only a little more than half agreed that they trust the Internet, and some even expressed some reservation by choosing to respond “somewhat agree”. —The Internet Society

The post Worth Reading: A bleak picture of internet trust appeared first on rule 11 reader.

Google echoes Amazon’s assurance on EU data protection compliance

Google has joined Amazon Web Services in promising customers of its cloud services that it will be compliant with new European Union data protection rules due to take effect next year.Neither company is fully compliant yet, but both have now made public commitments to meet the requirements of the EU General Data Protection Regulation (GDPR) by May 25, 2018, echoing a promise Microsoft made back in February.The GDPR replaces the 1995 Data Protection Directive. Among its biggest changes are requirements that companies:- erase personal data on request unless there is a legitimate reason to retain it; - inform those affected by data breaches, and- design data protection into their products and services from the earliest stage of development.To read this article in full or to leave a comment, please click here

33% off Vacu Vin Wine Saver Pump – Deal Alert

The Wine Saver is a vacuum pump that extracts the air from an opened wine bottle and re-seals it using a rubber stopper. The airtight vacuum inhibits the oxidation process that is responsible for the deterioration of wine. The vacuum is created by placing a stopper into the neck of the opened bottle and pumping it until resistance is detectable. The pump incorporates a patented 'click' mechanism that indicates when a sufficient airtight environment has been established. It's discounted 33% on Amazon, so you can get it right now for just $9.43 To read this article in full or to leave a comment, please click here

IDG Contributor Network: Barracuda protects industrial IoT with network-based firewall

Many industrial IoT systems have open doors that create unintended vulnerabilities. What information could be exposed by open communications protocols? How do hackers identify vulnerable systems? What security resources are available? How do IoT firewalls protect against such threats?TCP Port 502 vulnerabilities Many industrial systems use TCP Port 502, which allows two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered on port 502 in the same order in which they were sent. This creates the risk of remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. Scans from services such as Shodan identify systems that have an open TCP port 502 that could be vulnerable.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Barracuda protects industrial IoT with network-based firewall

Many industrial IoT systems have open doors that create unintended vulnerabilities. What information could be exposed by open communications protocols? How do hackers identify vulnerable systems? What security resources are available? How do IoT firewalls protect against such threats?TCP Port 502 vulnerabilities Many industrial systems use TCP Port 502, which allows two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered on port 502 in the same order in which they were sent. This creates the risk of remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. Scans from services such as Shodan identify systems that have an open TCP port 502 that could be vulnerable.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Migrating to the cloud: You want me to lift and shift what?

I recently participated in a webinar, and one of the questions I was asked made me think about a great first topic for this blog: What are the key drivers to keep an application and “lift and shift”?If you’re in a company that has a plan to move to the cloud, you’ve probably been asked what it is going to take to move an existing application to the cloud. In one of my previous roles, our CIO gave us the mandate that we were going to move everything out of one of our expensive data centers to the cloud within two years, so I saw a lot of “lift and shift” requests. But not a single one of those requests resulted in a lift and shift.Let’s review the benefits of running in the cloud and then see if we can characterize the types of applications that will run well in the cloud.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Migrating to the cloud: You want me to lift and shift what?

I recently participated in a webinar, and one of the questions I was asked made me think about a great first topic for this blog: What are the key drivers to keep an application and “lift and shift”?If you’re in a company that has a plan to move to the cloud, you’ve probably been asked what it is going to take to move an existing application to the cloud. In one of my previous roles, our CIO gave us the mandate that we were going to move everything out of one of our expensive data centers to the cloud within two years, so I saw a lot of “lift and shift” requests. But not a single one of those requests resulted in a lift and shift.Let’s review the benefits of running in the cloud and then see if we can characterize the types of applications that will run well in the cloud.To read this article in full or to leave a comment, please click here

Micron’s SolidScale system pushes SSDs out to shared storage

SSDs operate the fastest when inside a computer. Micron's new SolidScale storage system uproots SSDs from servers and pushes them into discrete boxes while reducing latency.SolidScale is a top-of-the-rack storage system that will house many SSDs. It will connect to servers, memory, and other computing resources in a data center via gigabit ethernet, and will use the emerging NVMeoF (NVMe over Fabric) 1.0 protocol for data transfers.The new storage system is faster than regular storage arrays, Micron claimed. SolidScale can deliver data more than two times faster than a standard all-flash array.SolidScale is a step in decoupling SSDs from servers and putting them into shared storage in data centers. It also provides a power-efficient way of packing fast storage into tight spaces.To read this article in full or to leave a comment, please click here

Micron’s SolidScale system pushes SSDs out to shared storage

SSDs operate the fastest when inside a computer. Micron's new SolidScale storage system uproots SSDs from servers and pushes them into discrete boxes while reducing latency.SolidScale is a top-of-the-rack storage system that will house many SSDs. It will connect to servers, memory, and other computing resources in a data center via gigabit ethernet, and will use the emerging NVMeoF (NVMe over Fabric) 1.0 protocol for data transfers.The new storage system is faster than regular storage arrays, Micron claimed. SolidScale can deliver data more than two times faster than a standard all-flash array.SolidScale is a step in decoupling SSDs from servers and putting them into shared storage in data centers. It also provides a power-efficient way of packing fast storage into tight spaces.To read this article in full or to leave a comment, please click here

Automated mitigation on endpoint devices and networks can be tricky

Many companies have automated systems in place for preventing, detecting, and investigating security incidents, but automating the incident response and mitigation process for networks and endpoint devices has been a tougher nut to crack.That includes actions such as automatically re-imaging endpoint devices, isolating devices from corporate networks, or shutting down particular network processes in order to quickly and efficiently respond to attacks."I think there's a lot of potential," said Joseph Blankenship, analyst at Forrester Research. "We're definitely in a period of discovery, though, and that has to take place before we're going to see widespread, mainstream adoption."To read this article in full or to leave a comment, please click here

Automated mitigation on endpoint devices and networks can be tricky

Many companies have automated systems in place for preventing, detecting, and investigating security incidents, but automating the incident response and mitigation process for networks and endpoint devices has been a tougher nut to crack.That includes actions such as automatically re-imaging endpoint devices, isolating devices from corporate networks, or shutting down particular network processes in order to quickly and efficiently respond to attacks."I think there's a lot of potential," said Joseph Blankenship, analyst at Forrester Research. "We're definitely in a period of discovery, though, and that has to take place before we're going to see widespread, mainstream adoption."To read this article in full or to leave a comment, please click here

How to protect yourself in an age of insecurity

At a time where state actors have working exploits that target smart TVs and undisclosed zero-day exploits of fully patched PC and smartphone platforms, there is no question that practicing safe computing is more important than ever. While there is no silver bullet for you to protect yourself against constantly evolving security threats, there are some steps you can take to reduce your likelihood of being a victim in this age of insecurity.To read this article in full or to leave a comment, please click here(Insider Story)

How to protect yourself in an age of insecurity

At a time where state actors have working exploits that target smart TVs and undisclosed zero-day exploits of fully patched PC and smartphone platforms, there is no question that practicing safe computing is more important than ever. While there is no silver bullet for you to protect yourself against constantly evolving security threats, there are some steps you can take to reduce your likelihood of being a victim in this age of insecurity.Good online habits For all the sophistication of modern exploits, the traditional warning about how files haring is a hotbed for malware is as valid today as ever. It is a good practice not to download and run software from untrusted online sources or via peer-to-peer networks. Hackers have been known to take legitimate software and infect it with malware before distributing it to the unsuspecting. Some even take the extra step of removing copy protection on licensed software to sweeten the bait.To read this article in full or to leave a comment, please click here(Insider Story)

Social media breaks more common among teens than you might think

I did wonder whether my youngest teenage son would return from a recent week-long service trip on which electronic devices were banned quivering from some sort of social media withdrawal, but he survived just fine and the salmon in Washington State thank him for his efforts.Despite what you might see all around you, teens taking either voluntary or involuntary hiatuses from social media apparently isn't entirely unusual: A new survey of nearly 800 Americans between the ages of 13 and 17 found that 58% of them reported taking significant breaks from the likes of Snapchat and Instagram.What's more, 65% of those teens claimed to have done so voluntarily, according to the Associated Press-NORC Center for Public Affairs Research survey. Also, one in five teens who haven't taken a break say they would like to do so.To read this article in full or to leave a comment, please click here

How to protect your data when using public Wi-Fi

Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.+ Also on Network World: 4 lesser-known Wi-Fi security threats and how to defend against them + The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.To read this article in full or to leave a comment, please click here

How to protect your data when using public Wi-Fi

Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.+ Also on Network World: 4 lesser-known Wi-Fi security threats and how to defend against them + The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.To read this article in full or to leave a comment, please click here

How eero mesh WiFi routers connect to the cloud

This is a guest post by Gabe Kassel, Product Manager for Embedded Software at eero.

Relying on a single wireless router to provide internet in every room of the home is like expecting a single light bulb to illuminate the entire house. It’s physics - WiFi radio waves don’t travel through walls or objects easily. The eero Home WiFi System is a new take on home connectivity, bucking the trend of one high-powered device in the center of the home. Instead, eero uses multiple access points that talk to each other via our proprietary mesh technology -- TrueMesh -- to spread coverage and a high throughput connection throughout a home.

eero’s hardware - its distributed access point system - solves the problem of spreading a consistent, stable WiFi signal in a home. But hardware is only part of the puzzle. On the backend of eero’s technology, we face different challenges: how do we build a highly available, high performance infrastructure that’s able to communicate with each eero device? We’ve discussed parts of our architecture previously, but we haven’t yet explored into how we use Cloudflare to eliminate one “single-point-of-failure” in our architecture.

How eeros interact with the cloud

eero Continue reading

Xen hypervisor faces third highly critical VM escape bug in 10 months

The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer among them.Two of the patched vulnerabilities can only be exploited under certain conditions, which limits their use in potential attacks, but one is a highly reliable flaw that poses a serious threat to multitenant data centers where the customers' virtualized servers share the same underlying hardware.The flaws don't yet have CVE tracking numbers, but are covered in three Xen security advisories called XSA-213, XSA-214 and XSA-215.To read this article in full or to leave a comment, please click here

Xen hypervisor faces third highly critical VM escape bug in 10 months

The Xen Project has fixed three vulnerabilities in its widely used hypervisor that could allow operating systems running inside virtual machines to access the memory of the host systems, breaking the critical security layer among them.Two of the patched vulnerabilities can only be exploited under certain conditions, which limits their use in potential attacks, but one is a highly reliable flaw that poses a serious threat to multitenant data centers where the customers' virtualized servers share the same underlying hardware.The flaws don't yet have CVE tracking numbers, but are covered in three Xen security advisories called XSA-213, XSA-214 and XSA-215.To read this article in full or to leave a comment, please click here