Page Shield is generally available
Supply chain attacks are a growing concern for CIOs and security professionals.
During a supply chain attack, an attacker compromises a third party tool or library that is being used by the target application. This normally results in the attacker gaining privileged access to the application’s environment allowing them to steal private data or perform subsequent attacks. For example, Magecart, is a very common type of supply chain attack, whereby the attacker skimms credit card data from e-commerce site checkout forms by compromising third party libraries used by the site.
To help identify and mitigate supply chain attacks in the context of web applications, today we are launching Page Shield in General Availability (GA).
With Page Shield you gain visibility on what scripts are running on your application and can be notified when they have been compromised or are showing malicious behaviour such as attempting to exfiltrate user data.
We’ve worked hard to make Page Shield easy to use: you can find it under the Firewall tab and turn it on with one simple click. No additional configuration required. Alerts can be set up separately on an array of different events.
What is Page Shield?
Back in March of this Continue reading
Zaraz use Workers to make third-party tools secure and fast
We decided to create Zaraz around the end of March 2020. We were working on another product when we noticed everyone was asking us about the performance impact of having many third-parties on their website. Third-party content is an important part of the majority of websites today, powering analytics, chatbots, conversion pixels, widgets — you name it. The definition of third-party is an asset, often JavaScript, hosted outside the primary site-user relationship, that is not under the direct control of the site owner but is present with ‘approval’. Yair wrote in detail about the process of measuring the impact of these third-party tools, and how we pivoted our startup, but I wanted to write about how we built Zaraz and what it actually does behind the scenes.
Third parties are great in that they let you integrate already-made solutions with your website, and you barely need to do any coding. Analytics? Just drop this code snippet. Chat widget? Just add this one. Third-party vendors will usually instruct you on how to add their tool, and from that point on things should just be working. Right? But when you add third-party code, it usually fetches even more code from remote Continue reading
Announcing Foundation DNS — Cloudflare’s new premium DNS offering
Today, we’re announcing Foundation DNS, Cloudflare’s new premium DNS offering that provides unparalleled reliability, supreme performance and is able to meet the most complex requirements of infrastructure teams.
Let’s talk money first
When you’re signing an enterprise DNS deal, usually DNS providers request three inputs from you in order to generate a quote:
- Number of zones
- Total DNS queries per month
- Total DNS records across all zones
Some are considerably more complicated and many have pricing calculators or opaque “Contact Us” pricing. Planning a budget around how you may grow brings unnecessary complexity, and we think we can do better. Why not make this even simpler? Here you go: We decided to charge Foundation DNS based on a single input for our enterprise customers: Total DNS queries per month. This way, we expect to save companies money and even more importantly, remove complexity from their DNS bill.
And don’t worry, just like the rest of our products, DDoS mitigation is still unmetered. There won’t be any hidden overage fees in case your nameservers are DDoS’d or the number of DNS queries exceeds your quota for a month or two.
Why is DNS so important?
The Domain Name System (DNS) Continue reading
Helping You Benefit from our Pluggable eBPF Data Plane – Introducing the New Calico eBPF Data Plane Certification
Why Create a Course About Calico’s eBPF Data Plane?
Calico is the industry standard for Kubernetes networking and security. It offers a proven platform for your workloads across a huge range of environments, including cloud, hybrid, and on-premises.
Calico has had a high-quality, production-ready, performant, eBPF data plane option for some time!
However, although many users are deploying it in production and benefitting, we still sometimes see users who don’t know that Calico has an eBPF data plane or feel confident deploying it, and:
- Don’t understand the benefits of Calico’s pluggable architecture
- Don’t fully understand what eBPF is
- Don’t know that Calico has an eBPF data plane
- Don’t understand why it is not the default Calico data plane or best choice
- Don’t feel confident to deploy the Calico eBPF data plane
We created the new CCO-L2-EBPF (Certified Calico Operator: eBPF) course specifically to address these points. The course will help you to understand the strengths of eBPF and when it is, or is not, the right choice. It will also help you see how easy it is to deploy the Calico eBPF data plane if you have made the choice that it is right for you and your cluster.
What Are You Going to Test in Network Automation CI/CD Pipeline?
Network automation CI/CD pipeline seems to be the next hot thing, with vendors and bloggers describing in detail how you could get it done. How realistic is that idea for an average environment that’s barely starting its automation journey?
TL&DR: it will take a long time to get there, and lack of tests is the first showstopper.
What Are You Going to Test in Network Automation CI/CD Pipeline?
Network automation CI/CD pipeline seems to be the next hot thing, with vendors and bloggers describing in detail how you could get it done. How realistic is that idea for an average environment that’s barely starting its automation journey?
TL&DR: it will take a long time to get there, and lack of tests is the first showstopper.
Is SONiC Right for Your Data Center and Private Cloud Network?
There are a number of questions that enterprises, communication service providers and tier 2 cloud service providers need to ask themselves to understand if SONiC is a good choice for their on-prem data center and private cloud networks.
The post Is SONiC Right for Your Data Center and Private Cloud Network? appeared first on Pluribus Networks.
Is SONiC Right for Your Data Center and Private Cloud Network?
Many data center operators are interested in bringing the benefits of hyperscaler technologies to on-prem data centers. One of these technologies is SONiC, an open source network operating system that is being advanced under the auspices of the Open Compute Project (OCP). There are a number of questions that enterprises, communication service providers and tier 2 cloud service providers need to ask themselves to understand if SONiC is a good choice for their on-prem data center and private cloud networks.
What is SONiC?
SONiC, which stands for “Software for Open Networking in the Cloud,” is a network operating system originally designed by Microsoft for their data center networks. Microsoft was frustrated with the overly complex operating systems provided by vendors like Cisco, Juniper and Arista that included many features that Microsoft simply did not need for their Azure cloud network. Thus, SONiC was built by Microsoft in a completely modular way based on running networking functions in containers so components could be added or removed as a mechanism to build a lean, optimized OS that only contained the essential features to run the Microsoft Azure cloud network. They also developed the Switch Abstraction Interface (SAI) with a goal of enabling Continue reading
AWS Unveils Private 5G Service, Validating Enterprise Use Case
Technology giant Amazon Web Services enters the private 5G service space. Here’s what it means for the enterprise.AWS Unveils Private 5G Service: Validates Enterprise Use-Case Need
Technology giant Amazon Web Services enters the private 5G service space. Here’s what it means for the enterprise.Update From the FishBowl
Hello EVERYONE I’m back! Let me share a random “update from the FIshBowl”. 🙂 So many things I have been working on and doing that I am just beyond excited to share. So expect lots of upcoming blogs and YouTube... Read More ›
The post Update From the FishBowl appeared first on Networking with FISH.
Cumulus Basics Part II – bridging
This second blog on Cumulus looks at basic layer2 functionality in Cumulus Linux.