Archive

Category Archives for "Networking"

F5 Buys Shape for $1B to Dominate Application Security

Shape boasts that it protects more accounts from fraud than everyone else combined. Its customers...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Enforcing Network Security Policies with GitOps – Part 1

“How do I enable GitOps for my network security policies?” This is a common question we hear from security teams. Getting started with Kubernetes is relatively simple, but moving production workloads to Kubernetes requires alignment from all stakeholders – developers, platform engineering, network engineering, and security.

Most security teams already have a high-level security blueprint for their data centers. The challenge is in implementing that in the context of a Kubernetes cluster and workload security. Network policy is a key element of Kubernetes security. Network policy is expressed as a YAML configuration and works very well with GitOps.

We will do a three-part blog series covering GitOps for network security policies. In part one (this part), we cover the overview and getting started with a working example tutorial. In part two, we will extend the tutorial to cover an enterprise-wide decentralized security architecture. In the final part, we will delve into policy assurance with examples.

Note that all policies in Calico Enterprise (network security policy, RBAC, threat detection, logging configuration, etc.) are enforced as YAML configuration files, and can be enforced via a GitOps practice.

By adopting GitOps, security teams benefit in the following ways:

VMware, CenturyLink, 128 Unveil Holiday SD-WAN Deals

Those receiving SD-WAN gifts include Hughes Networks, Braskem, and Impulse Advanced...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Instana Gifts Itself a Triple Acquisition

Instana CEO Mirko Novakovic said the acquisitions advance the company's vision to "accelerate...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

An Update on CDNJS

An Update on CDNJS

When you loaded this blog, a file was delivered to your browser called jquery-3.2.1.min.js. jQuery is a library which makes it easier to build websites, and was at one point included on as many as 74.1% of all websites. A full eighteen million sites include jQuery and other libraries using one of the most popular tools on Earth: CDNJS. Beginning about a month ago Cloudflare began to take a more active role in the operation of CDNJS. This post is here to tell you more about CDNJS’ history and explain why we are helping to manage CDNJS.

What CDNJS Does

Virtually every site is composed of not just the code written by its developers, but also dozens or hundreds of libraries. These libraries make it possible for websites to extend what a web browser can do on its own. For example, libraries can allow a site to include powerful data visualizations, respond to user input, or even get more performant.

These libraries created wondrous and magical new capabilities for web browsers, but they can also cause the size of a site to explode. Particularly a decade ago, connections were not always fast enough Continue reading

EU Set to Green-Light Nvidia’s $6.9B Mellanox Acquisition

The deal will likely receive an unconditional approval from EU antitrust regulators, according to...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Ampere Teases Next-Gen Chip, Teams Up With Nokia at the Edge

These chips, designed for cloud and edge computing, use TSMC’s 7nm technology and have 80...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Nvidia Strikes China Mobile Edge Supercomputer Deal

The scope of the chipmaker’s deal with China Mobile is unclear, but it marks a major win for the...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Microsoft, Oracle Now Interconnect in Canada

The cloud interconnect expansion builds on the initial agreement announced in June.

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Deep Dive: How the News and Media Sector Scores on Security and Privacy

In April 2019 the Internet Society’s Online Trust Alliance released its 10th annual Online Trust Audit & Honor Roll. The Audit looks at the security and privacy practices of over 1,000 of the top sites in various sectors. The news and and media sector, compromised of the top 100 news and media sites according to US traffic to their websites, improved its privacy practices in 2018. Like most sites, however, there is still room for improvement in privacy statements.

In 2017 less than half (48%) of news and media sites made the Honor Roll. In 2018 that number went up significantly to 78%, largely due to improvements in privacy statements. Privacy is scored in two ways in the Audit, we look at trackers on each site and we score the privacy statements across over 30 criteria.

One area where news sites did not improve was in the use of trackers on their site. Out of all the sectors news and media scored the lowest in trackers with a score of 39 (out of 45). Part of the reason for this is the news and media sector relies on advertising revenue, which often requires the use of trackers to serve ads.

On Continue reading

Google Cloud’s 5 Boldest Moves of 2019

Google Cloud made some big moves in 2019, but will they be enough to best top-ranked Amazon and...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

5 questions to answer before deploying Wi-Fi 6

The Wi-FI 6 standard (802.11ax) is bringing many exciting improvements to Wi-Fi that make it an enticing option. These include speed, in the form of real-world multi-gigabit wireless connections, but also support for high-density networks like those in stadiums. However, it will take some careful thought and planning to know when to take the leap to Wi-Fi 6.To read this article in full, please click here(Insider Story)

Silver Peak, Ciena Tackle Enterprise SD-WAN Deployments

The vendors will run Silver Peak's SD-WAN, routing, segmentation, and WAN optimization software as...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Bamboo Systems redesigns server motherboards for greater performance

UK chip designer Kaleao has re-launched as Bamboo Systems with some pre-Series A funding and claims its Arm-based server chips will be considerably more power efficient than the competition.[Get regularly scheduled insights by signing up for Network World newsletters.] Bamboo is targeting the x86 servers, which have a 95% market share, rather than Marvell with its ThunderX2 and Ampere Systems with the eMAG Arm processors. The company argues that the two Arm processors are no different than x86.To read this article in full, please click here

Bamboo Systems redesigns server motherboards for greater performance

UK chip designer Kaleao has re-launched as Bamboo Systems with some pre-Series A funding and claims its Arm-based server chips will be considerably more power efficient than the competition.[Get regularly scheduled insights by signing up for Network World newsletters.] Bamboo is targeting the x86 servers, which have a 95% market share, rather than Marvell with its ThunderX2 and Ampere Systems with the eMAG Arm processors. The company argues that the two Arm processors are no different than x86.To read this article in full, please click here

Announcing the CSAM Scanning Tool, Free for All Cloudflare Customers

Announcing the CSAM Scanning Tool, Free for All Cloudflare Customers

Two weeks ago we wrote about Cloudflare's approach to dealing with child sexual abuse material (CSAM). We first began working with the National Center for Missing and Exploited Children (NCMEC), the US-based organization that acts as a clearinghouse for removing this abhorrent content, within months of our public launch in 2010. Over the last nine years, our Trust & Safety team has worked with NCMEC, Interpol, and nearly 60 other public and private agencies around the world to design our program. And we are proud of the work we've done to remove CSAM from the Internet.

The most repugnant cases, in some ways, are the easiest for us to address. While Cloudflare is not able to remove content hosted by others, we will take steps to terminate services to a website when it becomes clear that the site is dedicated to sharing CSAM or if the operators of the website and its host fail to take appropriate steps to take down CSAM content. When we terminate websites, we purge our caches — something that takes effect within seconds globally — and we block the website from ever being able to use Cloudflare's network again.

Addressing the Hard Cases

Continue reading