Securing BGP: A Case Study (9)
There are a number of systems that have been proposed to validate (or secure) the path in BGP. To finish off this series on BGP as a case study, I only want to look at three of them. At some point in the future, I will probably write a couple of posts on what actually seems to be making it to some sort of deployment stage, but for now I just want to compare various proposals against the requirements outlined in the last post on this topic (you can find that post here).
The first of these systems is BGPSEC—or as it was known before it was called BGPSEC, S-BGP. I’m not going to spend a lot of time explaining how S-BGP works, as I’ve written a series of posts over at Packet Pushers on this very topic:
Part 1: Basic Operation
Part 2: Protections Offered
Part 3: Replays, Timers, and Performance
Part 4: Signatures and Performance
Part 5: Leaks
Considering S-BGP against the requirements:
- Centralized versus decentralized balance:S-BGP distributes path validation information throughout the internetwork, as this information is actually contained in a new attribute carried with route advertisements. Authorization and authentication are implicitly centralized, however, with the Continue reading
Brocade Braces for a Disappointing Q2, Citing IP Headwinds
The macro storm is far from over.
Stronger protection and more control over security settings with CloudFlare’s new cPanel plugin
CloudFlare has released a new version of our plugin for cPanel with two new features and more control over the security settings of your website.
The new plugin (v6.0) uses the latest cPanel PHP-based APIs, and is completely re-architected to make adding new features easier, allowing for more frequent updates.
We’ve always focused on making integration with CloudFlare as easy as possible. As a customer of one of our hosting partners you can quickly start using CloudFlare features and routing your website traffic through CloudFlare’s global network by clicking on the CloudFlare icon from your cPanel interface.
New features offering stronger protection
Add domains to CloudFlare through Full Zone Provisioning. A huge benefit of Full Zone Provisioning is that it enables all of CloudFlare’s protection, including DDoS mitigation, at the root domain (yourdomain.com) as well the subdomain (www.yourdomain.com).
If your website is experiencing Layer 7 DDoS attacks, you can now click on the 'Enable “I'm under attack" mode ’ button to filter out malicious traffic while allowing legitimate visitors to reach your site. When this is in place, visitors will receive a temporary page for about five seconds while we analyze the traffic to make Continue reading
SDxCentral’s Top 10 Articles — April 2016
Verizon’s SDN-NFV Reference Architecture document, OpenStack's latest code release, VMware & Brocade hired by SmartSky, and more.