The 2021 IT Job Market: What a Year
Remote work and pent-up demand fueled a frenzied job market in 2021. IT pros sought higher salaries, and CIOs focused on retaining talent.Merry Christmas and Happy New Year 2022
Hello dear friend,
Another year is ending. It was not easy for many of us neither in professional nor in personal matters. Despite that, we still hope it was successful for you, as much as the year, when we spend a lot of time in lockdown and insolation, can be successful.
We sincerely wish you all the best in thew New 2022 Year!
– There will be challenges, but you are strong enough to overcome them.
– There will be storms, but you have your goals and you won’t get lost.
– There will be issues, but you have network automation to solve routine and leave your time for what matters.
Be healthy. Be lucky. Be happy.
Stay connected, we appreciate it a lot, dear friend.
Merry Christmas and Happy New Year!
And if you need any help, always feel free to reach us.
Your Team Karneliuk
How network policies can protect your environment from future vulnerabilities like Log4j
If you have access to the internet, it’s likely that you have already heard of the critical vulnerability in the Log4j library. A zero-day vulnerability in the Java library Log4j, with the assigned CVE code of CVE-2021-44228, has been disclosed by Chen Zhaojun, a security researcher in the Alibaba Cloud Security team. It’s got people worried—and with good reason.
This is a serious flaw that needs to be addressed right away, since it can result in remote code execution (RCE) in many cases. By now, I have seen many creative ways in which this can be used to infiltrate or disturb services. The right solution is to identify and patch your vulnerable Log4j installations to the fixed versions as soon as possible. If you are using Log4j, make sure you are following this page where you can find the latest news about the vulnerability.
What else should you be doing, though, for this and similar exploits? In this blog post, I’ll look at the impact of the vulnerability in a Kubernetes cluster, and share a couple of ways that you can prevent such vulnerabilities in the future.
How does the Log4j vulnerability work?
On its own, the Log4j vulnerability Continue reading
Introducing DARTH: Distributed Analysis for Research and Threat Hunting
As targeting data centers, which mainly run workloads on Linux, has proven to be a very lucrative target for cyber criminals, Linux malware has become increasingly prevalent. Although still an emerging threat that’s somewhat less complex than its Windows counterpart, analysis of Linux malware remains challenging due to lack of analysis tools in the Linux world.
Luckily, both the Linux kernel and the Linux ecosystem provide a set of capabilities and tools that, when combined, potentially allow for the creation of malware analysis frameworks as powerful as those available on Windows.
This blog details what can be achieved by leveraging tools and an analysis pipeline specifically tailored for Linux, and introduces our Distributed Analysis for Research and Threat Hunting
(DARTH) framework. We provide a high-level overview of the framework, including core components and modules, as well as the design requirements that have led our research efforts in this area. We then discuss Tracer, a dynamic analysis module used in DARTH to collect various behaviors during malware execution in a controlled environment.
High Level Overview: Where DARTH Began
As part of our research, we often find ourselves running new types of analysis on large collections of malicious samples; building a scalable Continue reading
SD-WAN and SASE – Hype or Reality?
With available standards and new standards coming in 2022 to define SASE and Zero Trust, enterprises will be better informed to compare services when purchasing secure SD-WAN and SASE managed services.Cloudflare Radar’s 2021 Year In Review
In 2021, we continued to live with the effects of the COVID pandemic and Internet traffic was also impacted by it. Although learning and exercising may have started to get back to something close to normal (depending on the country), the effects of what started almost two years ago on the way people work and communicate seems to be here to stay, and the lockdowns or restrictions continue to have an impact on where and how people go online.
So, Cloudflare Radar's 2021 Year In Review is out with interactive maps and charts you can use to explore what changed on the Internet throughout this past year. Year In Review is part of Cloudflare Radar. We launched Radar in September 2020 to give anyone access to Internet use and abuse trends.
This year we’ve added a mobile vs desktop traffic chart, but also the attack distribution that shows the evolution throughout the year — the beginning of July 2021, more than a month after the famous Colonial Pipeline cyberattack, was the time of the year when attacks worldwide peaked.
There are also interesting pandemic-related trends like the (lack) of Internet activity in Tokyo with the Summer Olympics in town and Continue reading
ACE IaC – Another Industry First by Aviatrix
Today Aviatrix launched the self-paced version of Aviatrix Certified Engineer (ACE) Infrastructure as Code (IAC) training and certification. This is the industry’s first multi-cloud networking and security Infrastructure as Code training, that too in a self-paced format. ACE IaC brings together the concepts of DevOps by automating a multi-cloud network infrastructure through 3 hands-on labs. … Continue reading ACE IaC – Another Industry First by AviatrixACE IaC – Another Industry First by Aviatrix
Today Aviatrix launched the self-paced version of Aviatrix Certified Engineer (ACE) Infrastructure as Code (IAC) training and certification. This is the industry’s first multi-cloud networking and security Infrastructure as Code training, that too in a self-paced format. ACE IaC brings together the concepts of DevOps by automating a multi-cloud network infrastructure through 3 hands-on labs. … Continue reading ACE IaC – Another Industry First by Aviatrix“My First Flight: Dec 16th, 1960”
Note: This Post was written by Fish’s Mom, Dr Patricia Fishburne It was decided. Stokes would stay at Ohio State University and work on his ongoing experiment for his Ph.D. in Aeronautical Engineering while I flew to New Jersey for... Read More ›
The post “My First Flight: Dec 16th, 1960” appeared first on Networking with FISH.
Simplify NSX Security for Brownfield vSphere Deployments with NSX-T 3.2
Perimeter-only security controls are just not sufficient to address sophisticated attacks on mission-critical infrastructure. VMware NSX pioneered the “micro-segmentation” approach, in which granular security controls enable Zero-Trust Security. With micro-segmentation, each individual workload inside the network receives unprecedented protection from attacks originating from both external as well as internal threat actors. One of the primary reasons for NSX’s instant success in the industry was the fact that deploying Zero-Trust security across the infrastructure is quite easy and effectively mitigates malicious lateral movement with L4 and L7 Application controls. With the NSX 3.2 release, we are further simplifying the NSX Security deployment experience.
This blog captures why deploying NSX for micro-segmentation is already a simple experience, and how NSX 3.2 further simplifies that experience. Specifically, the following two key capabilities will be covered:
- NSX Distributed Security support for vSphere Distributed Switch-based workloads, and
- Embedded vCenter-based NSX Distributed Firewall workflows
Achieving Zero-Trust for Applications with NSX today
From the initial days of VMware NSX, we strongly believed that achieving micro-segmentation should not come at the cost of complexity.
If you ask our customers, this is why they love NSX:
- Ease of deployment: NSX does not require any custom firewall Continue reading
Announcing VMware HCX 4.3
VMware HCX, an application mobility platform, is a crucial part of an organization’s digital transformation journey. HCX simplifies application migration, workload rebalancing, and business continuity across data centers and clouds. This becomes increasingly important as organizations consolidate data centers, extend data centers to the cloud, or replace on-premises infrastructure.
Let’s dig into some of the new and exciting features of HCX 4.3.0:
Transition to PostgreSQL
One of the key improvements HCX 4.3.0 introduces is the use of PostgreSQL. The goal is to replace the older databases and leverage some inherent advantages of PostgreSQL. From an end-user perspective, this transition will have no impact. Once the upgrade process is triggered, the system will automatically transition to the newer database in the backend, and all the data is seamlessly transferred to the new database.
Building Resiliency in HCX Network Extension
The second significant enhancement is the high availability of Network Extension appliances. Network Extension service is a critical part of HCX, and any disruption during normal migration activities can have a high impact on business operations. HCX 4.3.0 aims to minimize the impact of such disruptions by introducing a high availability (HA) feature for Network Extension Continue reading