SD-WAN: An Ideal Enabler of Enterprise Digital Business
The rapid introduction of new technologies and an increasing emphasis on industry-backed standards will help to reduce complexity and further accelerate the SD-WAN and SASE market.2022 attacks! An August reading list to go “Shields Up”
In 2022, cybersecurity is a must-have for those who don’t want to take chances on getting caught in a cyberattack with difficult to deal consequences. And with a war in Europe (Ukraine) still going on, cyberwar also doesn’t show signs of stopping in a time when there never were so many people online, 4.95 billion in early 2022, 62.5% of the world’s total population (estimates say it grew around 4% during 2021 and 7.3% in 2020).
Throughout the year we, at Cloudflare, have been making new announcements of products, solutions and initiatives that highlight the way we have been preventing, mitigating and constantly learning, over the years, with several thousands of small and big cyberattacks. Right now, we block an average of 124 billion cyber threats per day. The more we deal with attacks, the more we know how to stop them, and the easier it gets to find and deal with new threats — and for customers to forget we’re there, protecting them.
In 2022, we have been onboarding many customers while they’re being attacked, something we know well from the past (Wikimedia/Wikipedia or Eurovision are just two case-studies of many, Continue reading
IPv6 Buzz 107: IPv6 Unique Local Addresses (ULA) At IETF 114
In this episode, Ed and Tom talk with Nick Buraglio about ongoing efforts within the IETF to improve ULA. Nick is co-author of the IETF draft "Unintended Operational Issues With ULA" and recently presented at IETF 114 in Philadelphia.
The post IPv6 Buzz 107: IPv6 Unique Local Addresses (ULA) At IETF 114 appeared first on Packet Pushers.
IPv6 Buzz 107: IPv6 Unique Local Addresses (ULA) At IETF 114
In this episode, Ed and Tom talk with Nick Buraglio about ongoing efforts within the IETF to improve ULA. Nick is co-author of the IETF draft "Unintended Operational Issues With ULA" and recently presented at IETF 114 in Philadelphia.Day Two Cloud 158: On Leadership With Chris Wahl
According to Chris Wahl, everyone in an organization can lead--not just those with "chief" or "manager" in their job title. Leadership isn't about telling everyone else what to do. Not at all. Have a listen as Chris explains what it is to lead, and how you can do so yourself while enabling others around you to do the same.Can a Weighted Eye Mask Relieve Tired Eyes?
If you’re anything like most people, you probably spend a lot of time staring at screens. Whether you’re working on a computer, scrolling through your phone, or watching TV, all that screen time can take a toll on your eyes. If you’re looking for a way to relieve tired eyes, you may want to try a weighted eye mask.
Weighted eye masks are filled with a material, such as plastic beads, that add a gentle pressure to the eyes. This pressure can help to relax the muscles around the eyes and reduce tension headaches. Additionally, the weight of the mask can help to block out light, which can further improve relaxation.
Different Types of Weighted Eye Masks and Their Benefits
There are a few different types of weighted eye masks on the market, each with its own benefits.
Pure hydration eye masks
Pure hydrating eye masks are filled with gel or liquid, rather than beads. These masks are often used to help with dry eyes, as the gel can help to increase moisture around the eyes.
Warming eye masks
Warming eye masks are filled with a material that retains heat. These masks can help to soothe tired eyes and reduce Continue reading
Reality Check: Why Your Cloud Provider Won’t Be Providing Multi-Cloud Failover
Your IT organization may view failing over from one hyperscaler's cloud to another as the ultimate security when it comes to cloud resiliency. Here's why that's not going to happen, plus a look at alternatives.Hedge 142: George Michaelson and the Pace of IPv6 Deployment
IPv6 is still being deployed, years after the first world IPv6 day, even more years after its first acceptance as an Internet standard by the IETF. What is taking so long? George Michaelson (APNIC) joins Tom Ammon and Russ White on this episode of the Hedge to discuss the current pace of IPv6 deployment, where there are wins, and why things might be moving more slowly in other areas.
What You Need to Know About Predictive Network Technology
You may not be able to peek into the future, but predictive network technology can spot and troubleshoot potential problems before they occur.Tanzu Service Mesh Acceleration using eBPF
Performance and Security Optimizations on Intel Xeon Scalable Processors – Part 1
Contributors
Manish Chugtu — VMware
Ramesh Masavarapu, Saidulu Aldas, Sakari Poussa, Tarun Viswanathan — Intel
Introduction
VMware Tanzu Service Mesh built on open source Istio, provides advanced, end-to-end connectivity, security, and insights for modern applications—across application end-users, microservices, APIs, and data—enabling compliance with Service Level Objectives (SLOs) and data protection and privacy regulations.
Service Mesh architecture pattern solves many problems, which are well known and extensively documented – so we won’t be talking about those in this blog. But it also comes with its own challenges and some of the top focus areas that we will discuss in this series of blogs are around:
- Performance
- Security
Intel and VMware have been working together to optimize and accelerate the microservices middleware and infrastructure with software and hardware to ensure developers have the best-in-class performance and low latency experience when building distributed workloads with a focus on improving the performance, crypto accelerations, and making it more secure.
In Part 1 of this blog series, we will talk about one such performance challenge (with respect to service mesh data path performance) and discuss our solution around that.
The current implementation Continue reading
Quick and easy vulnerability management with Calico Cloud
As more enterprises adopt containers, microservices, and Kubernetes for their cloud-native applications, they need to be aware of the vulnerabilities in container images during build and runtime that can be exploited. In this blog, I will demonstrate how you can implement vulnerability management in CI/CD pipelines, perform image assurance during build time, and enforce runtime threat defense to protect your workloads from security threats.
Image scanning and automatic blocking of high-risk images
The majority of images in CI/CD pipelines have vulnerabilities, misconfigurations, or both. An active cloud-native application protection platform (CNAPP) should scan, identify, and list vulnerabilities in container images based on databases such as NIST and NVD. The active CNAPP should then help teams build security policies to determine which images should be deployed or blocked based on several factors such as severity, last scan timestamp, and organizational exceptions. Given the sheer amount of vulnerabilities that appear daily, users will be easily overwhelmed if they have to address all existing vulnerabilities. Security teams will have to build a deploy/block criteria to prioritize vulnerabilities that they will address first—a workflow that is easy to start but difficult to manage and operate long-term. Hence, security teams should look for a security Continue reading
The mechanics of a sophisticated phishing scam and how we stopped it
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.
We have confirmed that no Cloudflare systems were compromised. Our Cloudforce One threat intelligence team was able to perform additional analysis to further dissect the mechanism of the attack and gather critical evidence to assist in tracking down the attacker.
This was a sophisticated attack targeting employees and systems in such a way that we believe most organizations would be likely to be breached. Given that the attacker is targeting multiple organizations, we wanted to share here a rundown of exactly what we saw in order to help other companies recognize and mitigate this attack.
Targeted Text Messages
On July 20, 2022, the Cloudflare Security team received reports of employees receiving legitimate-looking text messages pointing to what appeared to be a Cloudflare Okta login Continue reading