An insider's view of open networking.
Welcome to Technology Short Take #71! As always, I have a list of links related to various data center technologies found below; hopefully something here proves useful.
The DevOps startup boosts its security offering.
Whether it’s Dropbox, LinkedIn, MySpace, PlayStation, or whatever the latest breach happens to be, it’s almost inevitable that you will be caught up in one of these breaches and have your username, password and possibly other information exposed in a data dump. Here’s how to respond when that happens.
A data dump is what often happens after a website has been breached and information about that site’s users/customers is stolen. All that stolen data is often “dumped” on the Internet for all to see. Once the data is dumped, it’s at that point that all this information becomes public and along with it, your information.
Sometimes, as in the case of the Ashely Madison dump, that information can be personally damaging. Other times the information is limited to usernames and passwords.
This article is going to focus on how to respond if your username and password are part of a data dump.
This is obvious, but go and change your password. Do it right now, before something comes along and distracts you. Even if you’re a security concious person and you’re using Two-Factor Authentication Continue reading
Spoiler: Intel didn't get its $7.7B back.
The NetSpyGlass software helps companies monitor thousands of devices.
Traditional O&M methods can’t monitor the status of the service and logical networks.
There’s a lot of information on the intertoobs about getting ssh-agent “working” in OS X and even more articles about when and how the stock behavior of ssh-agent changed (mostly with respect to how ssh-agent interacted with the Keychain).
This article doesn’t cover or care about any of that.
This article is concerned with:
Beware, reader. There’s an awful lot of outdated, inaccurate information out there on how to modify ssh-agent behavior on OS X. Guess what? OS X changes from version to version! Many articles out there cater to older versions of the OS and are either no longer applicable (due to changes in OS X behavior) or plain don’t work (due to functional changes in the software).
The steps below have been tested with OS X El Capitan (10.11).
The data center is driving toward a more software-centric security model and security performance in NFV will be key.
Enterprises have three options: Direct Internet Access (DIA); backhauling all traffic to centralized data centers; and regional hubs.
Several posts have been written prior on multi-site with Cross-VC NSX describing the fundamentals, use cases, deployment models, and flexibility Cross-VC NSX provides. In this post, we focus on the security benefits of a multi-site Cross-VC NSX solution.
Prior Cross-VC NSX Blogs:
Cross-VC NSX: Multi-site Deployments with Ease and Flexibility
NSX-V: Multi-site Options and Cross-VC NSX Design Guide
Enhanced Disaster Recovery with Cross-VC NSX and SRM
Cross-VC NSX for Multi-site Solutions
So, why multi-site with Cross-VC NSX? The following five reasons should be enough for you to seriously consider Cross-VC NSX as a solution for your multi-site needs:
1.) Centralized Management
Centralized management of security policies across multiple vCenter domains/sites. You have one central location to configure security policies and only write the security policy once, which is then applied across all vCenter domains/sites.
2.) Consistent Security Across vCenter Domains/Sites
Consistent security policies across vCenter domains/sites provided automatically by Cross-VC NSX enables enhanced workload mobility. Security policies are configured on the primary NSX Manager and automatically synced to the secondary NSX Managers providing for uniform security across all sites.
Figure 2 Consistent Security Across Sites Continue reading
IT experts are increasingly looking at securing the cloud using SDN technologies, which add policy awareness and features such as microsegmentation.
Still, its stock price was down in after-hours trading.
Customers get enhanced visibility into their workload traffic patterns.
Network virtualization and SDN technology can add to network security by enabling a secure DMZ in the data center.
This is a liveblog of the day 1 keynote at VMworld 2016 in Las Vegas, NV. I managed to snag a somewhat decent seat in the massive bloggers/press/analysts area, though it filled up really quickly. Based on the announcements made this morning, it should be a great general session, and I’m really interested to see how its received by the community.
The keynote starts with a high-energy percussion/DJ session, followed by a talk about tomorrow—from where tomorrow will emerge, what tomorrow will look like, and what tomorrow will care about. Don’t stand in line for tomorrow; you are tomorrow, because tomorrow is about people. Which way will you face? What will you do to bring about tomorrow? All of this lines up, naturally, with VMworld’s “be_Tomorrow” theme.
After that talk Pat Gelsinger, CEO of VMware, takes the stage. He talks briefly about his foot injury, then thanks the 21 “Alumni Elite” who have attended every single VMworld. Gelsinger then moves into a discussion of buzzwords and “digital transformation,” claiming that all businesses are digital businesses, and therefore all businesses need to worry about the challenges that face digital businesses. Gelsinger talks about a couple companies that have Continue reading
Welcome to part 6 of the Micro-segmentation Defined– NSX Securing “Anywhere” blog series. Previous topics covered in this series include
• Part I – Micro-segmentation Defined
• Part II – Securing Physical Environments
• Part III – Operationalizing Micro-segmentation
• Part IV – Service Insertion
• Part V – Context, Visibility, and Containment
Previous posts set the stage by introducing and defining the characteristics of micro-segmentation; showing how it has utility in the modern data center; how we might apply it to our existing software-defined and physical networks; how policy-driven NSX management may be used to deliver comprehensive security; and, that we can use physical and virtual third-party security appliances in conjunction with NSX to create a service chain and apply special processing to our vital network flows.
In this sixth part of the NSX Securing “Anywhere” blog, Chris Krueger of Coalfire Systems will preview some of our work in comprehensively benchmarking VMware NSX micro-segmentation. The Micro-segmentation Benchmark is a project being delivered by Coalfire Systems, Inc. an internationally recognized third party audit organization (3PAO) and leading provider of IT advisory services for security in retail, payments, healthcare, financial services, higher education, hospitality, government,and utilities. Coalfire has Continue reading