New products of the week 10.31.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Atlantis Workspace Infrastructure integrated with CitrixKey features: Atlantis integrated workspace infrastructure into the Citrix management suite. The combination of applications, management and infrastructure into a single PaaS solution will lower cost and complexity for managing virtual workspaces. More info.To read this article in full or to leave a comment, please click here

GRE over IPSec Tunnel and NAT Between Cisco and VyOS

The goal of this tutorial is to provide a configuration for Cisco and VyOS network devices with configured PAT (Port Address Translation) that connect two remote sides A and B through point-to-point GRE tunnel encapsulated into a IPsec tunnel. In a previous tutorial we proved that GRE tunnels in conjunction with IPsec tunnels transmit multicast traffic while data integrity, authentication and confidentiality was in place. I also provided a simple configuration of GRE, IPsec tunnel and OSPF routing protocol on the Cisco and VyOS routers. In this tutorial I will go further and provide full configuration of  the all network devices including PAT and access-lists.  

Picture 1 - Network Topology

Topology Description - Side A

Each side has a Layer 2 Cisco switch located in a LAN network. A switch connects hosts to its switchports. Each switchport is assigned to a particular VLAN. For instance, a host PC1 is connected to the switch SW1 and the switchport is assigned to a VLAN 100. Hosts in VLAN 100 (subnet 192.168.1.0/24) have guaranteed access to a remote subnet 192.168.2.0/24 via GRE/IPsec tunnel. A NAT access-list configured on a router R1 ensures that IP address of the host in VLAN 100 is not translated by PAT when a destination address is Continue reading

Black Friday isn’t dead in 2016

The Black Friday 2016 headlines are dire:   ”Is Black Friday dead?”  “Black Friday: Is the commercial holiday dying?” ”Black Friday is Dead, Long Live Black Friday” But no, Black Friday isn’t really dead and oodles of computers, smartphones, video game consoles and TVs will be snapped up at bargain prices on Friday, Nov. 25 itself, as well as pre-Thanksgiving, on Thanksgiving Day and on the Saturdays leading up to Christmas. Oh, yeah, even Cyber Monday will grab stragglers on Nov. 28.To read this article in full or to leave a comment, please click here

FBI doesn’t have a warrant to review new emails linked to Clinton investigation

After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no criminal charges for Clinton, is now being treated like her enemy.“It is pretty strange to put something like that out with such little information right before an election,” Clinton said during a rally at Daytona Beach on Saturday. “In fact, it’s not just strange; it’s unprecedented and deeply troubling.” She added, “So we’ve called on Directory Comey to explain everything right away, put it all out on the table.”To read this article in full or to leave a comment, please click here

FBI doesn’t have a warrant to review new emails linked to Clinton investigation

After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no criminal charges for Clinton, is now being treated like her enemy.“It is pretty strange to put something like that out with such little information right before an election,” Clinton said during a rally at Daytona Beach on Saturday. “In fact, it’s not just strange; it’s unprecedented and deeply troubling.” She added, “So we’ve called on Directory Comey to explain everything right away, put it all out on the table.”To read this article in full or to leave a comment, please click here

It’s time to rein in social media services

If you run a social networking service then the one thing you don’t want to be considered to be is a publisher. As a publisher, you become responsible for whatever your users care to post which means when they post something that’s illegal in any way, you are as liable as the poster to be prosecuted. On the other hand, as a “platform”, where no editorial control is exercised, a social media service is only obliged to act on content when they received a court order or a DMCA takedown notice. Pixabay This distinction between being a publisher and a platform is crucial to the major social media services because the cost of vetting and policing user-generated content would be prohibitively expensive even if it were possible (every minute, Twitter generates 350,000 tweets while in the same window 510 comments are posted, 293,000 statuses are updated, and 136,000 photos are uploaded to Facebook).To read this article in full or to leave a comment, please click here

Hacking forum cuts section allegedly linked to DDoS attacks

An online hackers' forum has deleted a section that allegedly offered paid distributed denial-of-service attacks, following last Friday's massive internet disruption. HackForums.net will be shutting down the "Server Stress Testing" section, the site's admin Jesse "Omniscient" LaBrocca said in a Friday posting. "I do need to make sure that we continue to exist and given the recent events I think it's more important that the section be permanently shut down," he wrote. The section was designed to let members offer so-called stress testing services for websites as a way to check their resiliency. However, security firms claim Hack Forums was actually promoting DDoS-for-hire services that anyone can use to launch cyber attacks.To read this article in full or to leave a comment, please click here

Hacking forum cuts section allegedly linked to DDoS attacks

An online hackers' forum has deleted a section that allegedly offered paid distributed denial-of-service attacks, following last Friday's massive internet disruption. HackForums.net will be shutting down the "Server Stress Testing" section, the site's admin Jesse "Omniscient" LaBrocca said in a Friday posting. "I do need to make sure that we continue to exist and given the recent events I think it's more important that the section be permanently shut down," he wrote. The section was designed to let members offer so-called stress testing services for websites as a way to check their resiliency. However, security firms claim Hack Forums was actually promoting DDoS-for-hire services that anyone can use to launch cyber attacks.To read this article in full or to leave a comment, please click here

Lost thumb drives bedevil US banking agency

A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss represented "a major information security incident" as it reported the case to Congress on Friday.The data was taken in November 2015, but its loss was only discovered in September this year as the agency reviewed downloads to removable media devices in the last two years.The employee in question used two thumb drives to store the information, both of which he is unable to locate, the agency said.To read this article in full or to leave a comment, please click here

Lost thumb drives bedevil US banking agency

A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss represented "a major information security incident" as it reported the case to Congress on Friday.The data was taken in November 2015, but its loss was only discovered in September this year as the agency reviewed downloads to removable media devices in the last two years.The employee in question used two thumb drives to store the information, both of which he is unable to locate, the agency said.To read this article in full or to leave a comment, please click here

Best Deals of the Week, October 24th – October 28th – Deal Alert

Best Deals of the Week, October 24th - October 28th - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of October 17th. All items are highly rated, and dramatically discounted.66% off KMASHI 15000mAh External Battery Power BankKMASHI's 15,000mAh power bank can charge any 2 smartphones, tablets or USB devices simultaneously at high speed, and several times over without needing to be recharged. It currently averages 4 out of 5 stars on Amazon from over 7,700 customers (read reviews). With the current 66% discount you can buy it on Amazon for just $17. See it now on Amazon.To read this article in full or to leave a comment, please click here

Microsoft to launch low-end VR headset in December

Apparently Microsoft is not done with hardware introductions. The company plans to bring new low-cost mixed-reality headsets to market through its Windows Holographic platform for as little as $299. The details came out at the big Surface launch event in New York earlier this week, but the news site Polygon got more details from Microsoft Technical Fellow and head of the HoloLens program Alex Kipman.To read this article in full or to leave a comment, please click here

Worth Reading: Seven (more) deadly sins of microservices

It seems like the development community is quite excited about microservices these days, but at OSCON Europe, Daniel Bryant, who is chief scientist at OpenCredo, continued to point out some of the mistakes that architects and administrators routinely make while adopting to this new “Loosely coupled service oriented architecture with bounded contexts,” as Adrian Cockcroft described microservices. —The New Stack

The post Worth Reading: Seven (more) deadly sins of microservices appeared first on 'net work.

Companies complacent about data breach preparedness

The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren't updating or practicing the plan regularly, according to study released earlier this month."When it comes to managing a data breach, having a response plan is simply not the same as being prepared," Michael Bruemmer, vice president at Experian Data Breach Resolution (which sponsored the study) said in a statement. "Unfortunately many companies are simply checking the box on this security tactic. Developing a plan is the first step, but preparedness must be considered an ongoing process, with regular reviews of the plan and practice drills."To read this article in full or to leave a comment, please click here

Companies complacent about data breach preparedness

The likelihood that companies will experience a security incident continue to rise every year. While most organizations have put a data breach preparedness plan in place to combat such incidents, most executives aren't updating or practicing the plan regularly, according to study released earlier this month."When it comes to managing a data breach, having a response plan is simply not the same as being prepared," Michael Bruemmer, vice president at Experian Data Breach Resolution (which sponsored the study) said in a statement. "Unfortunately many companies are simply checking the box on this security tactic. Developing a plan is the first step, but preparedness must be considered an ongoing process, with regular reviews of the plan and practice drills."To read this article in full or to leave a comment, please click here

Show 312: What’s It Like To Run A Startup?

Todays Weekly Show is a two-part episode. Part one is an interview with the founders of two networking startups. Part two looks at the future of networking in regard to automation, open source, and more. The post Show 312: What’s It Like To Run A Startup? appeared first on Packet Pushers.

After DDOS attack, senator seeks industry-led security standards for IoT devices

Last week’s massive distributed denial-of-service attack has prompted an urgent focus on the need for industry-led cybersecurity standards for internet of things devices.U.S. Sen. Mark Warner, (D-Va.) said Thursday that he favors an industry-based approach before seeking some form of government regulation of IoT security.“Last week’s attack does reveal a new level of vulnerability, and I’m trying to make it clear ... that this is not a problem that the government ought to be the first actor in solving,” he said in a telephone interview.To read this article in full or to leave a comment, please click here

After DDOS attack, senator seeks industry-led security standards for IoT devices

Last week’s massive distributed denial-of-service attack has prompted an urgent focus on the need for industry-led cybersecurity standards for internet of things devices.U.S. Sen. Mark Warner, (D-Va.) said Thursday that he favors an industry-based approach before seeking some form of government regulation of IoT security.“Last week’s attack does reveal a new level of vulnerability, and I’m trying to make it clear ... that this is not a problem that the government ought to be the first actor in solving,” he said in a telephone interview.To read this article in full or to leave a comment, please click here

Nuage Thinks SD-WAN Should Reach Farther, Even Into Public Clouds

Other SD-WANs don't think end-to-end, Nuage claims.

FBI to probe new emails related to Clinton’s private server

The FBI has uncovered new emails related to Hillary Clinton's use of a private email server, prompting federal authorities to investigate them. The FBI discovered the emails as part of an "unrelated case," FBI Director James Comey said in a letter to a congressional committee that was later tweeted on Friday. These emails "appear to be pertinent" to the FBI's original investigation into Clinton's private server use, which the agency wrapped up back in July, Comey said. Clinton, now the Democratic nominee for U.S. president, used the privacy server while she served as secretary of state.To read this article in full or to leave a comment, please click here