Cisco patches critical flaw in Prime Home device management server

Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.The vulnerability affects Cisco Prime Home, an automated configuration server (ACS) that communicates with subscriber devices using the TR-069 protocol. In addition to remotely managing customer equipment, it can also "automatically activate and configure subscribers and deliver advanced services via service packages" over mobile, fiber, cable, and other ISP networks."A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges," Cisco said in its advisory.To read this article in full or to leave a comment, please click here

Cisco: Faulty clock part could cause failure in some Nexus switches, ISR routers, ASA security appliances

Cisco this week issued a notice that faulty clock timing chips in some of its switches, routers and security appliances could fail after about 18 months of service – causing those devices to crash and not recover.The notice includes some of the company’s most widely deployed products, from certain models of its Series 4000 Integrated Services Routers, Nexus 9000 Series switches, ASA security devices to Meraki Cloud Managed Switches. Clock components are critical to the synchronization of multiple levels of a given device.+More on Network World: Cisco amps-up Tetration platform with better security, reduced footprint, AWS cloud option+To read this article in full or to leave a comment, please click here

Cisco: Faulty clock part could cause failure in some Nexus switches, ISR routers, ASA security appliances

Cisco this week issued a notice that faulty clock timing chips in some of its switches, routers and security appliances could fail after about 18 months of service – causing those devices to crash and not recover. The notice includes some of the company’s most widely deployed products, from certain models of its Series 4000 Integrated Services Routers, Nexus 9000 Series switches, ASA security devices to Meraki Cloud Managed Switches. Clock components are critical to the synchronization of multiple levels of a given device. +More on Network World: Cisco amps-up Tetration platform with better security, reduced footprint, AWS cloud option+To read this article in full or to leave a comment, please click here

Corsa Enters Security with DDoS Mitigation Hardware

Red Armor can analyze data at 100G connection.

IDG Contributor Network: Service insertion—Why it’s so important

One of the major challenges that’s long faced enterprise network is the ability to spin up new network services. SD-WANs make this a lot easier through service insertion and service chaining.Suppose for a moment you want to construct a secure perimeter around your compute resources in your data center and Amazon Web Services (AWS) implementation. Normally, you’d introduce a firewall and an Intrusion Detection System (IDS) into each location. That way, should a security incident happen in one location, such as a malware outbreak or a denial of service attack, you would be able to mitigate that event without any reengineering work. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Service insertion—Why it’s so important

One of the major challenges that’s long faced enterprise network is the ability to spin up new network services. SD-WANs make this a lot easier through service insertion and service chaining.Suppose for a moment you want to construct a secure perimeter around your compute resources in your data center and Amazon Web Services (AWS) implementation. Normally, you’d introduce a firewall and an Intrusion Detection System (IDS) into each location. That way, should a security incident happen in one location, such as a malware outbreak or a denial of service attack, you would be able to mitigate that event without any reengineering work. To read this article in full or to leave a comment, please click here

Outlook for iOS speeds up work with third-party add ins

Users of Microsoft's Outlook app for iPhone and iPad can now get work done quicker using third-party integrations.As of Thursday, Outlook for iOS supports add-ins, which let software companies build extensions to their own products that interact with emails in Outlook on a user’s smartphone and tablet. At launch, the app supports add-ins from Evernote, GIPHY, Nimble, Trello and Smartsheet, in addition to those that Microsoft has created.For example, users will be able to translate emails using a Microsoft Translator add-in, add cards to a Trello board straight from their email and quickly reply to an email thread with a funny animated GIF.To read this article in full or to leave a comment, please click here

NFV Interoperability Testing Needs to Accelerate

To foster NFV interoperability, many initiatives have launched to help organizations determine what NFV software is compatible.

Worth Reading: Lazy thinking and modularity

There are two flaws in the Modularity Always Wins theory. In order to succeed, “disruptive modularity” needs a stable architecture with well-defined and documented boundaries. Module innovators need to be able to slide their creations into place without playing havoc with the rest of the edifice. This is how it worked in the Wintel PC world…sort of. In PC reality, as many of us have experienced, the sliding in and out of modules wasn’t so neat and often landed us in Device Driver purgatory. In the mid-nineties, one Microsoft director told me that the Redmond company actually spent more engineering resources on drivers than on Windows’ core software. —Monday Note

The post Worth Reading: Lazy thinking and modularity appeared first on 'net work.

IDG Contributor Network: CRM and contact center are on a collision course

The arcs of two industries, customer relationship management (CRM) and contact center, are about to entangle. More descriptively, these two industries are on a collision course. Consequences include exciting new innovations in customer experience and dramatic market-wide change.Changing times Propelled in an age of big data and artificial intelligence (AI), CRM is entering the industry’s platinum age. At the same time, contact center is facing disruption as newer communications protocols come to broader acceptance, old guard companies face transitions, and ways of deploying applications—cloud for one—accelerate in adoption.  + Also on Network World: How to conquer a CRM monster + The two industries have existed in the same universe, that of the key ways that customers interact with an enterprise, but for the most part it's as if they have occupied different dimensions. As CRM matured, it was embraced by marketing, sales and service delivery. CRM and contact center would occasionally interact, such as when telephony call controls were added to a CRM screen or when a service call turned into an upselling opportunity. However, true synergies have seldom really gelled.To read this article in full or to leave a comment, please click here

50% off Watch Dogs 2, Playstation 4 – Deal Alert

Explore the birthplace of the tech revolution as Marcus Holloway, a brilliant young hacker who has fallen victim to ctOS 2.0's predictive algorithms and accused of a crime he did not commit. In Marcus' quest to shut down ctOS 2.0 for good, hacking is the ultimate weapon. Players can not only hack into the San Francisco Bay Area's infrastructure but also every person and any connected device they possess to trigger unpredictable chains of events in this vast open world. Watch Dogs 2 for the Playstation 4 is currently discounted 50% off its list price on Amazon, so you can pick it up for just $29.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

Arista enables visibility at cloud speed

You can’t manage what you can’t see. That phrase that has been used over and over again with network managers as they look to get a better handle on the goings on in their networks. The problem is pervasive visibility is hard. Collecting information from multiple systems, rolling it up into an aggregated view and then trying to do some kind of manual machine learning on it is next to impossible. I suppose if Mr. Spock were running the network, things might be OK. But the last time I checked, the U.S. wasn’t accepting H1-Bs from Vulcan, so humans will have to do. + Also on Network World: Cloud monitoring: Users review 5 top tools + The need for visibility has created a rising tide in the network packet broker market, and most of these do a fine job in the enterprise space, but the RISC-based processers that some of them use do not operate at cloud speeds when there are multiple 100 Gig-E connections that need to be tapped. I want to be clear that I’m making distinction between an enterprise monitoring cloud traffic and an actual cloud provider monitoring its internal traffic. The latter is Continue reading

Arista enables visibility at cloud speed

You can’t manage what you can’t see. That phrase that has been used over and over again with network managers as they look to get a better handle on the goings on in their networks. The problem is pervasive visibility is hard. Collecting information from multiple systems, rolling it up into an aggregated view and then trying to do some kind of manual machine learning on it is next to impossible. I suppose if Mr. Spock were running the network, things might be OK. But the last time I checked, the U.S. wasn’t accepting H1-Bs from Vulcan, so humans will have to do. + Also on Network World: Cloud monitoring: Users review 5 top tools + The need for visibility has created a rising tide in the network packet broker market, and most of these do a fine job in the enterprise space, but the RISC-based processers that some of them use do not operate at cloud speeds when there are multiple 100 Gig-E connections that need to be tapped. I want to be clear that I’m making distinction between an enterprise monitoring cloud traffic and an actual cloud provider monitoring its internal traffic. The latter is Continue reading

IBM Watson wants to do your tax returns

If anyone can make sense of the over 74,000 pages of the US tax code, IBM’s Watson can. Or at least that’s the plan as Big Blue has teamed up its Watson cognitive supercomputer with the tax return specialists at H&R Block to help customers with tax filing options.As part of the first phase of the collaboration, H&R Block and IBM development teams trained tax language Watson, first applying the technology to the myriad questions and topics discussed during the return filing process.The service uses cloud-based Watson services to understand context, interpret intent and draw connections between clients’ statements and relevant areas of their return, the companies said.To read this article in full or to leave a comment, please click here

IBM Watson wants to do your tax returns

If anyone can make sense of the over 74,000 pages of the US tax code, IBM’s Watson can. Or at least that’s the plan as Big Blue has teamed up its Watson cognitive supercomputer with the tax return specialists at H&R Block to help customers with tax filing options.As part of the first phase of the collaboration, H&R Block and IBM development teams trained tax language Watson, first applying the technology to the myriad questions and topics discussed during the return filing process.The service uses cloud-based Watson services to understand context, interpret intent and draw connections between clients’ statements and relevant areas of their return, the companies said.To read this article in full or to leave a comment, please click here

Fighting ire with hire: Tech firms say immigration boosts employment

U.S. President Donald Trump is seeking to channel populist anger to stem immigration, but tech companies want him to know that hiring immigrants is necessary for the country's economy and boosts overall employment.Apple, Facebook, Microsoft, Amazon and Alphabet are said to be writing Trump a letter expressing their concern about the order on immigration he signed last Friday, and other changes to immigration policy he may plan.The letter, a draft of which has been published by a number of media outlets, including Recode.net, highlights the companies' dependence on immigrants for their success, and warns that the new policy could affect many visa holders already contributing to the U.S. economy.To read this article in full or to leave a comment, please click here

ENISA online training material updated and extended — ENISA

Free Training materials on IT Security incident and breach response. Looks quite good.

The new training material provides a step-by-step guide on how to address and respond to incidents, as an incident handler and investigator, teaching best practices and covering both sides of the breach. The material is technical and aims to provide a guided training both to incident handlers and investigators, while providing lifelike conditions. The training material mainly uses open source and free tools.

ENISA online training material updated and extended — ENISA : https://www.enisa.europa.eu/news/enisa-news/enisa-online-training-material-updated-and-extended

The post ENISA online training material updated and extended — ENISA appeared first on EtherealMind.

Why 2017 will be the worst year ever for security

Sony. Anthem. The Office of Personnel Management. Target. Yahoo. The past two years have seen one mega-breach after another—and 2017 promises to be the most catastrophic year yet.Security experts have long warned that most organizations don’t even know they’ve been breached. Attackers rely on stealth to learn about the network, find valuable information and systems, and steal what they want. Only recently have organizations improved their detection efforts and started investing the time, capital, and people needed to uncover vulnerabilities. When they do, the results are often alarming.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] “I think we are going to find more, not less, breaches in 2017,” says Ray Rothrock, CEO of RedSeal, a security analytics firm.To read this article in full or to leave a comment, please click here

Introducing VMware NSX for vSphere 6.3 & VMware NSX-T 1.1 

This past week at VMware has been quite exciting! Pat Gelsinger, VMware CEO, reported on the Q4 2016 earnings call that VMware NSX has more than 2,400 customers exiting 2016. Today, we continue that momentum by announcing new releases of our two different VMware NSX platforms – VMware NSX™ for vSphere® 6.3 and VMware NSX-T 1.1.

These releases continue to accelerate digital transformation for organizations through the most critical IT use cases – Security, Automation, and Application Continuity – while expanding support for new application frameworks and architectures.

As more and more customers adopt NSX for vSphere, we continue to add features to make it easier for you to deploy, operate and scale-out your environment. NSX empowers customers on their cloud journey. It is driving value inside the data center today and expanding across datacenters and to the cloud via our Cloud Air Network partnerships, and soon to VMware Cloud on AWS and native public cloud workloads via VMware Cross-Cloud Services.

Let’s take a look at some of the new features in NSX for vSphere 6.3:

Security

Some of the new capabilities delivered in NSX for vSphere 6.3 are the Application Rule Manager (available in NSX Advanced Continue reading

Why 2017 will be the worst year ever for security

Sony. Anthem. The Office of Personnel Management. Target. Yahoo. The past two years have seen one mega-breach after another—and 2017 promises to be the most catastrophic year yet.Security experts have long warned that most organizations don’t even know they’ve been breached. Attackers rely on stealth to learn about the network, find valuable information and systems, and steal what they want. Only recently have organizations improved their detection efforts and started investing the time, capital, and people needed to uncover vulnerabilities. When they do, the results are often alarming.[ 18 surprising tips for security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ] “I think we are going to find more, not less, breaches in 2017,” says Ray Rothrock, CEO of RedSeal, a security analytics firm.To read this article in full or to leave a comment, please click here