Using VMware NSX, Log Insight, and vRealize Orchestator to Improve Security

This post was written by Hadar Freehling, Security & Compliance Systems Engineer Specialist at VMware. The post originally appeared here on the dfudsecurity blog

***

There is a lot of power in having security controls in software.  This is what I tell my customer, not just because I work for VMware. Why is that? The reason I find it so powerful is that I can now automate a lot of the security actions that use to be very manual. No more opening tickets to get a SPAN setup on the switch. No more waiting for a firewall change window to lock down a port. Not only that, I have visibility into the VM, like what apps are running and who started them, and what’s on the wire. I can protect different assets with different policies, and these polices can be dynamic.

With the help of my good friend John Dias (vRealize Orchestrator master), we created the follow video to show some of the potential of having everything in software.

Here is the scenario of the workflow.  You are a security person and want to stop all server admins and users from launching a putty session once they have RDPed into a server Continue reading

The Upload: Your tech news briefing for Tuesday, May 5

Chambers steps down as Cisco CEO, Robbins gets the jobIt’s finally time for the changing of the guard at Cisco, after many months of rumors that John Chambers, CEO for 20 years, was planning his retirement. His surprise replacement is senior VP of worldwide operations Chuck Robbins, who wasn’t highlighted in a succession plan a few years ago. Chambers will move into the role of executive chairman on July 26 when Robbins takes over.EU’s new digital strategy could target US tech vendorsTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Tuesday, May 5

Chambers steps down as Cisco CEO, Robbins gets the jobIt’s finally time for the changing of the guard at Cisco, after many months of rumors that John Chambers, CEO for 20 years, was planning his retirement. His surprise replacement is senior VP of worldwide operations Chuck Robbins, who wasn’t highlighted in a succession plan a few years ago. Chambers will move into the role of executive chairman on July 26 when Robbins takes over.EU’s new digital strategy could target US tech vendorsTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Tuesday, May 5

Chambers steps down as Cisco CEO, Robbins gets the jobIt’s finally time for the changing of the guard at Cisco, after many months of rumors that John Chambers, CEO for 20 years, was planning his retirement. His surprise replacement is senior VP of worldwide operations Chuck Robbins, who wasn’t highlighted in a succession plan a few years ago. Chambers will move into the role of executive chairman on July 26 when Robbins takes over.EU’s new digital strategy could target US tech vendorsTo read this article in full or to leave a comment, please click here

Dinesh Dutt from Cumulus Networks on Data Center Fabrics Webinar

Occasionally I’d invite a vendor speaker (usually working for an interesting startup) to present in my Data Center Fabrics webinar series. Dan Backman from Plexxi was talking about affinity networking in 2013, and in the May 2015 update session we’ll have Dinesh Dutt from Cumulus Networks talking about their software platform, architectures you can build with whitebox (or britebox) switches running Cumulus Linux, exciting network automation options, and cool new features they’re constantly adding to their software.

How Apple has made me feel really happy and really guilty at the same time

I’m feeling guilty; let me tell you why ... I hate having to stop using a piece of equipment because of designed-in obsolescence but, sometimes, there’s no choice. Consider products such as many of the available Bluetooth headsets; once the internal, non-replaceable battery fails they can only be thrown away. But those are as nothing to the top end Apple products which are designed for a life span of three years.I ran into the planned obsolescence issue recently with a 27-inch Apple iMac I purchased just over four years ago. It was a mid-2010 model  and I loved it until OS X Yosemite appeared. I’d given the new OS a few weeks before upgrading to see if anything  was going to be a problem for me but I didn't find anything major so I went ahead.To read this article in full or to leave a comment, please click here

Netflix open-sources security incident management tool

Netflix has released under an open-source license an internal tool it developed to manage a deluge of security alerts and incidents.Called FIDO (Fully Integrated Defense Operation), the tool is designed to research, score and categorize threats in order to speed up handling of the most urgent ones.Netflix started developing FIDO four years ago after finding it took from a few days to more than a week to resolve issues that were entered into its help-desk ticketing system, the company wrote in a blog post Monday.It was a largely manual and labor intensive process. “As attacks increase in number and diversity, there is an increasing array of detection systems deployed and generating even more alerts for security teams to investigate,” it said.To read this article in full or to leave a comment, please click here

Netflix open-sources security incident management tool

Netflix has released under an open-source license an internal tool it developed to manage a deluge of security alerts and incidents.Called FIDO (Fully Integrated Defense Operation), the tool is designed to research, score and categorize threats in order to speed up handling of the most urgent ones.MORE: New Cisco CEO: Meet the Real Chuck RobbinsNetflix started developing FIDO four years ago after finding it took from a few days to more than a week to resolve issues that were entered into its help-desk ticketing system, the company wrote in a blog post Monday.To read this article in full or to leave a comment, please click here

Sally Beauty investigates possible second card breach

Sally Beauty Holdings said it is investigating another possible payment card breach, about a year after it reported a similar cyberattack.The retail chain, which runs nearly 2,800 stores in the U.S., said it has received reports of ”unusual activity” involving payment cards used at some of its stores during the last week of April. Law enforcement has been contacted, the company said Monday.It did not say if the second incident is related to last year’s attack. “Until this investigation is completed, it is difficult to determine with certainty the scope or nature of any potential incident,” it said.To read this article in full or to leave a comment, please click here

Rombertik malware destroys computers if detected

A new type of malware resorts to crippling a computer if it is detected during security checks, a particularly catastrophic blow to its victims.The malware, nicknamed Rombertik by Cisco Systems, is designed to intercept any plain text entered into a browser window. It is being spread through spam and phishing messages, according to Cisco’s Talos Group blog on Monday.Rombertik goes through several checks once it is up and running on a Windows computer to see if it has been detected.That behavior is not unusual for some types of malware, but Rombertik “is unique in that it actively attempts to destroy the computer if it detects certain attributes associated with malware analysis,” wrote Ben Baker and Alex Chiu of the Talos Group.To read this article in full or to leave a comment, please click here

VCE’s VxRack systems want to be Vblocks for the next generation

EMC’s VCE division wants to take the engineered systems approach it’s honed with its Vblocks into next-generation mobile and cloud applications.On Monday, it introduced the VCE VxRack System, a hyperconverged platform designed to scale out to thousands of racks of computing and storage capacity. Where Vblocks are designed to run traditional business applications like ERP (enterprise resource planning), VxRack is built for a new era.The Vblock coverged architecture has been a success among customers looking to run traditional mission-critical enterprise applications. It was the founding product of VCE, which was formed in 2009 as a joint venture among VMware, Cisco Systems and EMC, and it remains VCE’s flagship, the company;s CEO Praveen Akkiraju said on Monday at EMC World, where the VxRack System was announced.To read this article in full or to leave a comment, please click here

Chambers Says He Won’t Rule Cisco From the Shadows

Chuck Robbins is no puppet for Cisco's soon-to-be executive chairman.

Microsoft picks security for the enterprise win

Microsoft is betting that good security support will be key to keeping its enterprise customers from straying to rivals.At the kickoff of the company’s Ignite conference for IT professionals, Microsoft executives unveiled a number of advanced security services, and took jabs at competitor Google for not being as mindful of security.“Google takes no responsibility to update their customers’ devices, leaving end-users and businesses increasingly exposed every day they use their Android devices,” said Terry Myerson, Microsoft’s executive vice president of operating systems. “Google just ships a big pile of code, and then leaves you exposed with no commitments.”To read this article in full or to leave a comment, please click here

Google buys Timeful to boost its apps’ time management skills

Google has acquired startup Timeful, whose iOS app uses machine learning to help people plan their days.People link Timeful to their calendars and then enter tasks, projects, events and hobbies into the app. For example, a user can tell Timeful he likes to jog four days a week, wants to finish painting a room by the end of the month and has a work presentation due on Friday.Timeful’s algorithm will use this information to create a schedule tailored to a person’s needs and preferences. The more information that is entered into Timeful and the more people use the app, the better it becomes at learning users’ activity patterns, schedules and habits.To read this article in full or to leave a comment, please click here

Google buys Timeful to boost its apps’ time management skills

Google has acquired startup Timeful, whose iOS app uses machine learning to help people plan their days.People link Timeful to their calendars and then enter tasks, projects, events and hobbies into the app. For example, a user can tell Timeful he likes to jog four days a week, wants to finish painting a room by the end of the month and has a work presentation due on Friday.Timeful’s algorithm will use this information to create a schedule tailored to a person’s needs and preferences. The more information that is entered into Timeful and the more people use the app, the better it becomes at learning users’ activity patterns, schedules and habits.To read this article in full or to leave a comment, please click here

Cisco passes the torch

Three years into his two- to four-year window, John Chambers retired. And 16 months after a succession plan was disclosed, Chuck Robbins was tapped to replace him.Robbins, Cisco’s senior vice president of worldwide operations, will become the 31-year-old company’s fourth CEO on July 26 as Chambers steps aside after 20 years at the helm. Chambers will become executive chairman.+MORE ON NETWORK WORLD: New Cisco CEO: Meet the real Chuck Robbins; How Chambers kept a high profile+To read this article in full or to leave a comment, please click here

Cerf thinks encryption back doors would be ‘super risky’

Internet pioneer Vinton Cerf argued Monday that more users should encrypt their data, and that the encryption back doors the U.S. FBI and other law enforcement agencies are asking for will weaken online security.The Internet has numerous security challenges, and it needs more users and ISPs to adopt strong measures like encryption, two-factor authentication and HTTP over SSL, said Cerf, chief Internet evangelist at Google, in a speech at the National Press Club in Washington, D.C.Recent calls by the FBI and other government officials for technology vendors to build encryption workarounds into their products is a bad idea, said Cerf, co-creator of TCP/IP. “If you have a back door, somebody will find it, and that somebody may be a bad guy,” he said. “Creating this kind of technology is super, super risky.”To read this article in full or to leave a comment, please click here

Cerf thinks encryption back doors would be ‘super risky’

Internet pioneer Vinton Cerf argued Monday that more users should encrypt their data, and that the encryption back doors the U.S. FBI and other law enforcement agencies are asking for will weaken online security.The Internet has numerous security challenges, and it needs more users and ISPs to adopt strong measures like encryption, two-factor authentication and HTTP over SSL, said Cerf, chief Internet evangelist at Google, in a speech at the National Press Club in Washington, D.C.Recent calls by the FBI and other government officials for technology vendors to build encryption workarounds into their products is a bad idea, said Cerf, co-creator of TCP/IP. “If you have a back door, somebody will find it, and that somebody may be a bad guy,” he said. “Creating this kind of technology is super, super risky.”To read this article in full or to leave a comment, please click here

Big Tap 4.5: Next-gen NPB for Pervasive Security and Pervasive Visibility

Cool ways to celebrate Star Wars Day

May the Fourth be with youImage by Lucas Films Inc.May 4 is International Star Wars Day, the unofficial holiday where we celebrate the Force, X-wings, Ewoks and women wearing their hair in the shape of their favorite breakfast pastries.  But how do you give your week that particular galaxy-far-far-away flavor? Some suggestions follow.To read this article in full or to leave a comment, please click here