Open vSwitch Day at OpenStack Summit 2017

This is a “liveblog” (not quite live, but you get the idea) of the Open vSwitch Open Source Day happening at the OpenStack Summit in Boston. Summaries of each of the presentations are included below.

Kubernetes and OVN on Windows

The first session was led by Cloudbase Solutions, a company out of Italy that has been heavily involved in porting OVS to Windows with Hyper-V. The first part of the session focused on bringing attendees up to speed on the current state of OVS and OVN on Hyper-V. Feature parity and user interface parity between OVS/OVN on Hyper-V is really close to OVS/OVN on Linux, which should make it easier for Linux sysadmins to use OVS/OVN on Hyper-V as well.

The second part of the session showed using OVN under Kubernetes to provide networking between Windows containers on Windows hosts and Linux containers on Linux hosts, including networking across multiple cloud providers.

Lightning Talks

The lightning talks were all under 5 minutes, so a brief summary of these are provided below:

• Joe Stringer showed how to set up OVS with an OpenFlow controller (Faucet) to do networking between multiple hosts in 5 minutes or less.
• A gentleman (I didn’t catch Continue reading

How to protect your Google and Facebook accounts with a security key

In late March when I got an unsettling message on my Gmail account: "Warning: Google may have detected government-backed attackers trying to steal your password."Google sends them out when it detects a "government-backed attacker" has attempted to hack an account through phishing or malware.Last time I saw one, I added two-factor authentication to many of my accounts. This time it prompted me to ask: Can I do even better? Martyn Williams/IDGNS A security warning message displayed by Google.To read this article in full or to leave a comment, please click here

How to protect your Google and Facebook accounts with a security key

In late March when I got an unsettling message on my Gmail account: "Warning: Google may have detected government-backed attackers trying to steal your password."Google sends them out when it detects a "government-backed attacker" has attempted to hack an account through phishing or malware.Last time I saw one, I added two-factor authentication to many of my accounts. This time it prompted me to ask: Can I do even better? Martyn Williams/IDGNS A security warning message displayed by Google.To read this article in full or to leave a comment, please click here

New IoT malware targets 100,000 IP cameras via known flaw

Over 100,000 internet-connected cameras may be falling prey to a new IoT malware that’s spreading through recently disclosed vulnerabilities in the products.  The malware, called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro said on Tuesday. The malware does so by exploiting flaws in the cameras that a security researcher reported back in March.  The researcher, Pierre Kim, found that the vulnerabilities can allow an attacker to remotely execute code on the cameras, effectively hijacking them.At least 1,250 camera models produced by a Chinese manufacturer possess the bugs, the researcher went on to claim.To read this article in full or to leave a comment, please click here

New IoT malware targets 100,000 IP cameras via known flaw

Over 100,000 internet-connected cameras may be falling prey to a new IoT malware that’s spreading through recently disclosed vulnerabilities in the products.  The malware, called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro said on Tuesday. The malware does so by exploiting flaws in the cameras that a security researcher reported back in March.  The researcher, Pierre Kim, found that the vulnerabilities can allow an attacker to remotely execute code on the cameras, effectively hijacking them.At least 1,250 camera models produced by a Chinese manufacturer possess the bugs, the researcher went on to claim.To read this article in full or to leave a comment, please click here

Security-as-a-Service on the Rise Among Mid-Tier Companies

Network security spending is projected to reach $3.5 billion in 2021.

Threat detection automation won’t solve all your problems

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”To read this article in full or to leave a comment, please click here

Threat detection automation won’t solve all your problems

Threat detection automation won’t solve all your problems

Threat detection automation won’t solve all your problems

Threat detection automation won’t solve all your problems

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”To read this article in full or to leave a comment, please click here

Microsoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies

Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including for three flaws that are already exploited in targeted attacks by cyberespionage groups.Fifteen of the vulnerabilities fixed in Microsoft's patch bundle for May are rated as critical and they affect Windows, Microsoft Office, Microsoft Edge, Internet Explorer, and the malware protection engine used in most of the company's anti-malware products.System administrators should prioritize the Microsoft Office patches because they address two vulnerabilities that attackers have exploited in targeted attacks over the past two months. Both of these flaws, CVE-2017-0261 and CVE-2017-0262, stem from how Microsoft Office handles Encapsulated PostScript (EPS) image files and can lead to remote code execution on the underlying system.To read this article in full or to leave a comment, please click here

Microsoft fixes 55 vulnerabilities, 3 exploited by Russian cyberspies

Microsoft released security patches Tuesday for 55 vulnerabilities across the company's products, including for three flaws that are already exploited in targeted attacks by cyberespionage groups.Fifteen of the vulnerabilities fixed in Microsoft's patch bundle for May are rated as critical and they affect Windows, Microsoft Office, Microsoft Edge, Internet Explorer, and the malware protection engine used in most of the company's anti-malware products.System administrators should prioritize the Microsoft Office patches because they address two vulnerabilities that attackers have exploited in targeted attacks over the past two months. Both of these flaws, CVE-2017-0261 and CVE-2017-0262, stem from how Microsoft Office handles Encapsulated PostScript (EPS) image files and can lead to remote code execution on the underlying system.To read this article in full or to leave a comment, please click here

57% off J5 Tactical V1-Pro Ultra Bright 3 Mode Flashlight – Deal Alert

Heavy duty, compact and tough as nails. Perhaps the last flashlight you'll ever need. That's how J5 Tactical describes their V1-Pro. A super bright 300 lumens LED produces an intense beam of light up to 600 feet with high, low and strobe modes. It can take a beating, is weather resistant, and works for hours on a single AA battery. With over 11,600 reviews on Amazon, it averages 4.6 out of 5 stars (read reviews). Its typical list price of $29.95 has been reduced by 57% to $12.95. See the discounted J5 Tactical V1-Pro flashlight now on Amazon.To read this article in full or to leave a comment, please click here

Dell EMC Ethernet Switching Update

I’m at the Dell EMC World 2017 conference in Las Vegas this week, and I’ve been enjoying catching up on what the network group has been up to. In my previous experience, the legacy Dell Networking products have unfortunately been seen as those things that get thrown in when you buy a rack of servers. In other words, they lacked credibility or worse, the rack would come with another vendor’s switches in them, reinforcing the idea that Dell’s own products weren’t up to the job.

It’s my belief though, that two things in recent years have dramatically changed that perspective. The first is Dell EMC’s OS10, a modular network operating system which by all accounts is actually pretty capable. Previous OS incarnations were of varying quality, as has been the case with many vendor-branded switches, and with the release of OS10, Dell Networks (as it was at the time) put a stake in the ground and showed that they wanted things to be different.

The second element is disaggregation. Dell identified the opportunity to use what was becoming ubiquitous merchant silicon like the Broadcom Trident II chipset to be able to play at the exact same level as everybody Continue reading

Did cloud kill backup?

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.With enterprises rapidly adopting hybrid and multi-cloud infrastructure and migrating traditional workloads to the cloud, distributed architectures have become de-facto standard, but traditional backup and recovery strategies have not kept pace. A new cloud-first approach to data protection is required.According to IDC, 70% of CIOs have a cloud-first strategy, and it is safe to assume most enterprises have a multi-cloud infrastructure, deploying applications on the best suited cloud whether private, public or managed. This evolution to multi-cloud has created two transformative shifts that are disrupting the application tier of the infrastructure world.To read this article in full or to leave a comment, please click here

Why Edward Snowden loves open source

Infamous government hacker Edward Snowden believes open source is a fundamentally better way to use technology compared to proprietary technology that he believes disempowers users.Snowden was interviewed at the open source cloud computing project OpenStack Summit in Boston via video from a non-descript location and spoke about his personal use of open source technology. In 2013 Snowden, then a government contractor, leaked classified information about government surveillance programs run by the National Security Agency, which brought him worldwide fame.+MORE AT NETWORK WORLD: Deep dive comparison of Amazon, Microsoft and Google cloud storage +To read this article in full or to leave a comment, please click here

Worth Reading: Cherry picker

For big data analytics jobs, especially recurring jobs, finding a good cloud configuration (number and type of machines, CPU, memory ,disk and network options) can make a big different to overall cost and runtimes. Likewise, a poor choice can seriously degrade performance and/or increase costs. … How do you find the good configurations though? Just on instance types, Amazon EC2 and Microsoft Azure each offer over 40 (GCP offered 18 at the time of writing, plus the ability to customise VM memory and cores). And that’s before we’ve started to experiment with cluster size… An exhaustive search of the space is clearly way too expensive, especially as each data point requires a run of the job. —The Morning Paper

The post Worth Reading: Cherry picker appeared first on rule 11 reader.

Verizon taps into open source, white box fervor with new CPE offering

Verizon this week said it would begin offering x86-based servers with OpenStack software aimed at customers looking to support all manner of advanced cloud, software defined networking and network functions virtualization-based enterprises.+More on Network World: Extreme offers glimpse of integrated Avaya, Brocade technology future+According to Verizon, letting customers use a combination of off the shelf hardware over a distributed deployment of OpenStack will let them decouple hardware from software and frees them from proprietary hardware. OpenStack is developed by some 150 companies from AT&T to IBM and Red Hat to Cisco, Dell EMC and others. The open software controls large pools of compute, storage, and networking resources throughout a data center, managed typically through a single dashboard.To read this article in full or to leave a comment, please click here

Verizon taps into open source, white box fervor with new CPE offering

Verizon this week said it would begin offering x86-based servers with OpenStack software aimed at customers looking to support all manner of advanced cloud, software defined networking and network functions virtualization-based enterprises.+More on Network World: Extreme offers glimpse of integrated Avaya, Brocade technology future+According to Verizon, letting customers use a combination of off the shelf hardware over a distributed deployment of OpenStack will let them decouple hardware from software and frees them from proprietary hardware. OpenStack is developed by some 150 companies from AT&T to IBM and Red Hat to Cisco, Dell EMC and others. The open software controls large pools of compute, storage, and networking resources throughout a data center, managed typically through a single dashboard.To read this article in full or to leave a comment, please click here