Arista Countersues Cisco, Claiming Antitrust Violations

Two days before a ruling in a patent infringement case between the companies, Arista Networks is suing Cisco Systems for what it alleges are antitrust violations. Arista today filed a counterclaim to Cisco’s 13-month-old copyright infringement suit in the U.S. District Court, Northern District of California, for antitrust and unfair competition. Arista alleges Cisco conducts a “bait and switch” with its command line interface in which it claims it is an industry standard and then attempts to penalize competitors for emulating it.To read this article in full or to leave a comment, please click here

Ta-ta to passwords and PINs; faces and fingerprints to rule the future

Facial and fingerprint recognition technologies are expected to see accelerated growth over the next five years as security applications emerge in the government, enterprise, finance, consumer and other markets.The market value of facial recognition technologies is expected to nearly double from $230 million in 2015 to $450 million in 2019; that represents a compound annual growth rate (CAGR) of about 18%, according to market research firm TrendForce.Led by Apple's iPhone juggernaut, unit shipments of fingerprint sensors have grown from 316 million in 2014 to 499 million last year and will continue to increase each year to peak at 1.6 billion in 2020. Revenue growth for fingerprint sensors will increase from about $1.86 billion in 2015 to $2.6 billion in in 2020, according to the latest research from IHS Technology.To read this article in full or to leave a comment, please click here

How to determine if big data security analytics will produce useful outcomes

Samsung sued for not updating Android on older phones

The Dutch Consumers' Association (DCA), or Consumentenbond as it is known in its native land, is suing Samsung for not providing timely software updates to older models of its Android smartphones. The move was driven in part because Samsung has such a strong presence in Holland, and because Samsung is pretty bad about supporting old phones, as I've learned through personal experience.According to DCA's own research (PDF file), at least 82% of Samsung smartphones available in the Dutch market examined had not received any software updates to the latest version of Android in two years.To read this article in full or to leave a comment, please click here

Network Break 71: Network Startups Get Millions; Medical Device Insecurity

Network Break 71 covers new funding rounds for Big Switch Networks, Cumulus, and Plexxi, as well as Cisco's investment in SD-WAN startup VeloCloud. We also check in on product announcements from Dell and Arista Networks, and discuss potential security issues with medical devices.

The post Network Break 71: Network Startups Get Millions; Medical Device Insecurity appeared first on Packet Pushers.

Network Break 71: Network Startups Get Millions; Medical Device Insecurity

Network Break 71 covers new funding rounds for Big Switch Networks, Cumulus, and Plexxi, as well as Cisco's investment in SD-WAN startup VeloCloud. We also check in on product announcements from Dell and Arista Networks, and discuss potential security issues with medical devices.

The post Network Break 71: Network Startups Get Millions; Medical Device Insecurity appeared first on Packet Pushers.

Despite rhetoric, DoJ, NSA still seek backdoors

The U.S. took its encryption argument international last week, with Attorney General Loretta Lynch telling the World Economic forum that it doesn’t want to put security backdoors into encrypted communications, it just wants to vendors and service providers to decrypt when ordered to by a court.That ignores that facts that vendors and providers can’t decrypt unless there is a backdoor of some sort, and that any backdoor undermines the security and therefore the value of encryption.It’s a case of the Department of Justice – via Lynch and FBI Director James Comey – trying to steer clear, at least technically, of demanding backdoors, but it’s all a semantic game. Earlier, Comey stopped using the term backdoor and asked for front-door access to decryption instead. Backdoor had become too much of a flashpoint, even though a front-door is exactly the same as a backdoor from a technology standpoint.To read this article in full or to leave a comment, please click here

Talking NVMe, 3DXpoint and Networking

The IT Storage market is going through a lot of change. New silicon designs from Intel & Micron branded 3D Xpoint are impacting the short term future of the “all flash array” market. Intel has developed NVMe so that that speed of accessing this fancy new storage can be realised because the 30-year old SCSI/NFS/Fibrechannel protocols […]

The post Talking NVMe, 3DXpoint and Networking appeared first on EtherealMind.

Response: Doing No Harm

Ivan posted here: I’ll take ownership of the statement because at least it sounds like something I have discussed on the podcast and, sadly, because there aren’t that many networking podcasts. The comment is in relation to the purpose of a stateful firewall when compared to a stateless firewall aka access lists. I do think that […]

The post Response: Doing No Harm appeared first on EtherealMind.

6 analytics trends that will shape business in 2016

In its recently released Analytics Trends 2016 report, consulting firm Deloitte predicts six major trends will significantly shape business in 2016."Business leaders continue to face many varying challenges and opportunities, and staying ahead of these trends will have a lasting impact on how their organizations will operate in the future," says John Lucker, principal, Deloitte Consulting. "By going on the offensive with issues such as cybersecurity, organizations are making a strategic shift in the way they operate. Concurrently, the widening data scientist talent gap could be a business growth barrier. One thing is certain: effectively using analytics is essential in delivering insights that help achieve new levels of innovation and value."To read this article in full or to leave a comment, please click here

Planning for security breaches: What CIOs need to know to stay out of the hot seat

Foley & Lardner LLP Matthew Karlyn, Partner, Technology Transactions & Outsourcing Practice, Foley & Lardner LLP “I’ve been in meeting after meeting after meeting where companies like all of yours absolutely underestimate the impact of security breaches on the company,” Matthew Karlyn, Partner, Technology Transactions & Outsourcing Practice, Foley & Lardner LLP told attendees at the CIO Perspectives event in Houston in November 2015.To read this article in full or to leave a comment, please click here(Insider Story)

5G Depends on SDN & NFV

Multiple hierarchies will transform the RAN topology.

Why VCE customers should embrace, not fear, Dell’s merger with EMC

2015 was filled with many big technology acquisitions, the most notable of which was Dell dropping a whopping $67 billon for EMC. One of the most interesting questions that has been raised regarding the acquisition is what happens to the EMC Federation companies, most notably, VCE (disclosure: VMware is a client of ZK Research).VCE was founded as a joint venture between three market-leading vendors – VMware, Cisco, and EMC – to deliver a converged solution comprised of products from the three companies. In October of 2014, VCE announced it was acquiring controlling interest in the JV from Cisco (VMware was a minority shareholder).To read this article in full or to leave a comment, please click here

Worth Reading: Light at the end of the silicon

Silicon photonics has emerged as one of those areas of such far-reaching potential that its challenges and benefits tend to be clouded in generalities. Light as the main medium does indeed promise to alter fields including biological and chemical sensing, navigation, radio frequency sensing, communications, but for our purposes here, the potential within large-scale computing is of greater interest. -via the next platform

The post Worth Reading: Light at the end of the silicon appeared first on 'net work.

Take Our Programmable Network Survey – It’s Live!

Take the Programmable Network Survey and enter to win one of three $300 Amazon Gift Cards.

Time to Consider User Behavior Analytics (UBA)

In 2012, I did an extension research project on big data security analytics. My thesis was that big data tools like Hadoop, Mahout, MapReduce, and Pig would greatly enhance in-depth historical cybersecurity investigations beyond anything provided by SIEM tools. In retrospect, I believe my assumptions were correct, but the market remains in an early stage of development even today. While general use of big data security analytics is still in its genesis phase, there appears to be an increasingly popular use case in cybersecurity: User Behavior Analytics (UBA). UBA is roughly defined as the analysis of all activities related to individual users, covering devices, processes, applications, network sessions, and data consumed and utilized. UBA builds a data analytics model where all log files, endpoint and network forensics, authentication requests, and data access actions are aligned with individual users themselves. To read this article in full or to leave a comment, please click here

Critical vulnerabilities patched in Magento e-commerce platform

If you're running an online shop based on the Magento e-commerce platform, it's a good idea to update it as soon as possible. The latest patches fix critical vulnerabilities that could allow attackers to hijack administrative accounts.One issue was discovered by researchers from Web security firm Sucuri and stems from improper validation of email addresses in the customer registration form.The flaw allows a malicious user to include JavaScript code in the email field, leading to a so-called stored cross-site scripting (XSS) attack. The JavaScript code is saved along with the form and is triggered when the user account is listed in the website's back-end panel.To read this article in full or to leave a comment, please click here

Securing BGP: A Case Study (1)

What would it take to secure BGP? Let’s begin where any engineering problem should begin: what problem are we trying to solve?

In this network—in any collection of BGP autonomous systems—there are three sorts of problems that can occur at the AS level. For the purposes of this explanation, assume AS65000 is advertising 2001:db8:0:1::/64. While I’ve covered this ground before, it’s still useful to outline them:

1. AS65001 could advertise 2001:db8:0:1::/64 as if it is locally attached. This is considered a false origination, or a hijacked route.
2. AS65001 could advertise a route to 2001:db8:0:1::/64 with the AS path [65000,65001] to AS65003. This is another form of route hijacking, but instead of a direct hijack it’s a “one behind” attack. AS65001 doesn’t pretend to own the route in question, but rather to be connected to the AS that is originating the route.
3. AS65000 could consider AS65003 a customer, or rather AS65003 might be purchasing Internet connectivity from AS65000. This would mean that any routes AS65000 advertises to AS65003 are not intended to be retransmitted back to AS65004. If, for instance, 2001:db8:0:1::/64, is advertised by AS65000 to AS65003, and AS65003 readvertises it to AS65004, AS65003 would be an unintentional transit AS in the Continue reading

A Threatening Situation

CISOs should take security training seriously

In many ways, security awareness training exemplifies the way information security is seen and tackled by senior management.A once-a-year, classroom-based approach may be traditional, with security updates and warnings posted on walls and the Intranet, but it is also a sign of a tick-box, compliance-driven approach to security. It is often done to appease industry regulators, PCI and data protection authorities, and the training can offer relatively basic – arguably condescending- advice.But times are changing. The threat landscape is growing with the arrival of millions of mobiles and wearables, each with their own IP address, while organized crime and nation-state APT groups are looking at new ways of compromising victims. From exploit kits and Trojans to ransomware, phishing and social engineering scams – the criminal game has moved on.To read this article in full or to leave a comment, please click here