Fortinet Stock Pops on Robust 2017 Q4 Results, Modest Forecasts
The company will also welcome a new CFO.
Explain Cisco ETA to Me in a Way That Even My Neighbor Can Understand It
Cisco Encrypted Traffic Analytics (ETA) sounds just a little bit like magic the first time you hear about it. Cisco is basically proposing that when you turn on ETA, your network can (magically!) detect malicious traffic (ie, malware, trojans, ransomware, etc) inside encrypted flows. Further, Cisco proposes that ETA can differentiate legitimate encrypted traffic from malicious encrypted traffic.
Uhmm, how?
The immediate mental model that springs to mind is that of a web proxy that intercepts HTTP traffic. In order to intercept TLS-encrypted HTTPS traffic, there’s a complicated dance that has to happen around building a Certificate Authority, distributing the CA’s public certificate to every device that will connect through the proxy and then actually configuring the endpoints and/or network to push the HTTPS traffic to the proxy. This is often referred to as “man-in-the-middle” (MiTM) because the proxy actually breaks into the encrypted session between the client and the server. In the end, the proxy has access to the clear-text communication.
Is ETA using a similar method and breaking into the encrypted session?
In this article, I’m going to use an analogy to describe how ETA does what it does. Afterwards, you should feel more comfortable about how Continue reading
Palo Alto Networks Stretches Security Posture Across Big 3 Public Clouds
The new features and additional cloud support aim to provide stronger security and simplified management.
Top 5 From The Last 3 Months
In today’s day and age, content is king. It’s nearly impossible to keep up with the deluge of information, especially in the tech space where change is constant. We’re aware that the struggle is real. To keep you up-to-date on the latest and greatest in networking, we’ve compiled a round-up blog of the top posts from the past few months.
VMware Closes Acquisition of VeloCloud Networks
In December, VMware NSX completed its acquisition of VeloCloud Networks, bringing their industry-leading, cloud-delivered SD-WAN solution to our own growing software-based networking portfolio. The acquisition of VeloCloud significantly advances our strategy of enabling customers to run, manage, connect and secure any application on any cloud to any device. Learn all about the acquisition from SVP and GM, Networking and Security Business Unit Jeff Jennings.
VMware SDDC with NSX Expands to AWS
With VMware Cloud on AWS, customers can now leverage the best of both worlds – the leading compute, storage and network virtualization stack enabling enterprises for SDDC can now all be enabled with a click of a button on dedicated, elastic, bare-metal and highly available AWS infrastructure. Bonus: because it’s a managed service by VMware, customers can focus on the Continue reading
‘Pain Points’ Haunt Kubernetes Adoption
Large-scale enterprises need to feel more comfortable before adoption can boom.
Exclusive: U.S. consumer protection official puts Equifax probe on ice – sources | Article [AMP] | Reuters
Once again, why bother implementing IT Security when there is no downside.
Blame privacy activists for the Memo??
Former FBI agent Asha Rangappa @AshaRangappa_ has a smart post debunking the Nunes Memo, then takes it all back again with an op-ed on the NYTimes blaming us privacy activists. She presents an obviously false narrative that the FBI and FISA courts are above suspicion.I know from first hand experience the FBI is corrupt. In 2007, they threatened me, trying to get me to cancel a talk that revealed security vulnerabilities in a large corporation's product. Such abuses occur because there is no transparency and oversight. FBI agents write down our conversation in their little notebooks instead of recording it, so that they can control the narrative of what happened, presenting their version of the converstion (leaving out the threats). In this day and age of recording devices, this is indefensible.
She writes "I know firsthand that it’s difficult to get a FISA warrant". Yes, the process was difficult for her, an underling, to get a FISA warrant. The process is different when a leader tries to do the same thing.
I know this first hand having casually worked as an outsider with intelligence agencies. I saw two processes in place: one for the flunkies, and Continue reading
Why CASB Is the Fastest Growing Security Category
Symantec, Skyhigh Networks (recently acquired by McAfee), and Netskope are leading vendors.
SDxCentral’s Weekly Roundup — February 2, 2018
AT&T to release its dNOS to Linux; Cisco buys BroadSoft; Aryaka and Radware team up.
It’s Time for a Collaborative G20 Digital Agenda
The G20 member states account for 85 percent of the global economy and are home to half of the world’s Internet users. From artificial intelligence to personal data protections, our physical world is being shaped by our digital world. As current president of the G20, Argentina has put a range of digital challenges on the table. But to tackle these, we need credible commitments and a long-term roadmap.
As three leading organisations from the Internet community, we welcome that Argentina continued the G20 digital work begun by Germany in 2017. Last year, Germany and the other G20 members outlined their aspirations for the development of our digital societies. And the Argentine presidency has identified five priority areas — digital inclusion, future job skills, digital government, SMEs and entrepreneurship, and Industry 4.0 — all dependent on a strong digital economy and society. Now is the year to turn these aspirations into actions.
We call on Argentina to build on this consensus with a dedicated G20 digital agenda. This roadmap must include milestones to the next G20 presidency, to be held by Japan. Priority commitments should include:
- Boost Internet access, by providing meaningful access, continuing and going to scale with Continue reading
CA Technologies Boasts Highest Revenue in 4 Years in Q3 2018 Earnings
The company integrated two acquisitions during the quarter.
Rapid Micro-segmentation using Application Rule Manager Recommendation Engine
Customers understand the need for micro-segmentation and benefits it provides to enhance the security posture within their datacenter. However, one of the challenges for a Security admin is how to define micro-segmentation policies for applications owned and managed by application teams. This is even more challenging especially when you have tens or hundreds of unique applications in your data center, all of which use different port and protocols and resources across the cluster. The traditional manual perimeter firewall policy modeling may not be ideal and may not be able to scale for the micro-segmentation of your applications as it would be error-prone, complex and time consuming.
NSX addresses the how & where to start micro-segmentation challenge by providing the built-in tool called Application Rule Manager (ARM), to automate the application profiling and the onboarding of applications with micro-segmentation policies. NSX ARM has been part of NSX, since the NSX 6.3.0 release but here we will talk about Application Rule Manager (ARM) enhancement, Recommendation Engine, introduced as part of NSX 6.4.0 release. This enhancement allows you to do Rapid Micro-segmentation to your data center application by recommending “ready to consume” workload grouping & firewall policy rules.
Recorded Future Gives Companies Single View, Analysis of Security Threats
The SaaS pushes as much of the work as possible to computing and the human on top of it "rides into victory."
Nuage Networks Q&A: The 5 Key Success Factors on your Digital Transformation Journey for the WAN and Beyond
Thanks to all who joined us for the Nuage Networks webinar: The 5 Key Success Factors on your Digital Transformation Journey for the WAN and Beyond. With over 20 SD-WAN solutions in the market it is increasingly difficult to select the right one. Nuage Networks provided an evaluation framework that can be used to not... Read more →
ExtraHop Makes its Security Status Official with Reveal(x)
Security has been ExtraHop customers’ top use case for its real-time analytics software.
Giving the Monkey a Smaller Club
Over at the ACM blog, there is a terrific article about software design that has direct application to network design and architecture.
What do monkeys and clubs have to do with software or network design? The primary point of interaction is security. The club you intend to make your network operator’s life easier is also a club an attacker can use to break into your network, or damage its operation. Clubs are just that way. If you think of the collection of tools as not just tools, but also as an attack surface, you can immediately see the correlation between the available tools and the attack surface. One way to increase security is to reduce the attack surface, and one way to reduce the attack surface is tools, reduce the number of tools—or the club.
The best way to reduce the attack surface of a piece of software is to remove any unnecessary code.
Consider this: the components of any network are actually made up of code. So to translate this to Continue reading
Trump Administration Considers a Nationalized 5G Network, Report Says
FCC Chairman Ajit Pai compared the proposal to a lead balloon made out of a Ford Pinto.
The problematic Wannacry North Korea attribution
Last month, the US government officially "attributed" the Wannacry ransomware worm to North Korea. This attribution has three flaws, which are a good lesson for attribution in general.It was an accident
The most important fact about Wannacry is that it was an accident. We've had 30 years of experience with Internet worms teaching us that worms are always accidents. While launching worms may be intentional, their effects cannot be predicted. While they appear to have targets, like Slammer against South Korea, or Witty against the Pentagon, further analysis shows this was just a random effect that was impossible to predict ahead of time. Only in hindsight are these effects explainable.
We should hold those causing accidents accountable, too, but it's a different accountability. The U.S. has caused more civilian deaths in its War on Terror than the terrorists caused triggering that war. But we hold these to be morally different: the terrorists targeted the innocent, whereas the U.S. takes great pains to avoid civilian casualties.
Since we are talking about blaming those responsible for accidents, we also must include the NSA in that mix. The NSA created, then allowed the release of, weaponized exploits. That's Continue reading
Apstra Adds Intent-Based Analytics to Its Operating System
It uses the same device agents for its intent-based networking.
Limited Time Only: Read our Springer/Nature Paper on Healthcare, Security, and Privacy
Last year, I was invited to contribute a paper to a special edition of the Health and Technology Journal published by Springer/Nature. The special issue addressed privacy and security, with a particular focus on healthcare and medical data. I’m happy to announce that now, for four weeks only, the publishers have made the whole issue available free.
From our accompanying blog post last July:
“The paper, “Trust and ethical data handling in the healthcare context” examines the issues associated with healthcare data in terms of ethics, privacy, and trust, and makes recommendations about what we, as individuals, should ask for and expect from the organisations we entrust with our most sensitive personal data.”
Although we can find several comprehensive and mature data protection frameworks around the world, current legal safeguards to not seem to prevent data controllers from indulging in:
- over collection
- insufficient care of personal data
- unexpected or unwelcome use
- excessive sharing
In my paper, I argue that a narrow focus on regulatory compliance can lead to a “checklist” mentality, obscure the real reasons why organisations should treat data with care and respect, and lead to poor outcomes for both the organisation and the individual. I Continue reading