0

Telefónica’s Security Biz Taps Google Cloud’s Chronicle

The deal comes as Google Cloud makes an all-out push to support mobile network operators.

0

Daily Roundup: Awake Security Displaces Cisco

Awake Security displaced Cisco; Ericsson beat out 5G rivals; and Viptela CEO launched multi-cloud...

Read More »

0

How Secure SD-WAN is the Foundation for Retail SD-Branch

Retail SD-branch needs a secure connection to ensure that customer data is kept safe. Secure SD-WAN...

Read More »

0

Ericsson Beats Out 5G Rivals to Replace BT’s Huawei Gear

The U.K. government is requiring operators to limit the use of Huawei equipment in the core of 5G...

Read More »

0

Awake Security Scores $36M, Displaces Cisco, RSA, and Darktrace

Earlier this year Awake partnered with Google Cloud, which extended its network traffic analysis...

Read More »

0

Offer of Assistance to Governments During COVID-19

As the COVID-19 emergency continues to affect countries and territories around the world, the Internet has been a key factor in providing information to the public. As businesses, organizations and government agencies adjust to this new normal, we recognize the strain that this pandemic has put on the groups working to assist in virus mitigation and provide accurate information to the general public on the state of the pandemic.

At Cloudflare, this means ensuring that these entities have the necessary tools and resources available to them in these extenuating circumstances. On March 13, we announced our Cloudflare for Teams products will be free until September 1, 2020, to ensure Cloudflare users and prospective users have the tools they need to support secure and efficient remote work. Additionally, we have removed usage caps for existing Cloudflare for Teams users and are also providing onboarding sessions so these groups can continue business in this new normal.

As a company, we believe we can do more and have been thinking about ways we can support organizations and businesses that are at the forefront of the pandemic such as health officials and those providing relief to the public. Many organizations have reached out to Continue reading

0

The Network Impact of the Global COVID-19 Pandemic

With so many countries in lockdown and so many people working (and learning) from home, online usage has risen significantly but so far, the internet is holding up well. Internet traffic is generally to 25% to 30% higher than usual, and what we do online is also changing. Internet usage often increases goes up in a typical month; for Akamai that’s usually 3% growth, in the last month it’s been 30%. In March 2019 their peak traffic was 82Tbps; this March it was 167Tbps and the sustained daily traffic rate is higher than last year’s peak for March. Internet exchanges in Amsterdam, Frankfurt and London saw 10-20% increases in traffic around March 9th, which the exchange in Milan had a 40% increase the day Italy was quarantined. Disturbingly, attacks are up too: Akamai Cloudflare tracks varies by city; it’s only up 11% in Berlin and 22% in London between early January and late March (and 17% up for the UK as whole), but it’s grown by 40% in New York and 48% in San Francisco and Silicon Continue reading

0

VMware Patches Critical Bug That Exposes Sensitive Data

The vulnerability could allow a hacker to “extract highly sensitive information which could be...

Read More »

0

Bringing Reference Architectures to Multi-Cloud Networking

Recently I attended Aviatrix Certified Engineer training to better understand multi-cloud networking and how Aviatrix is trying to solve its many problems, some of which I have experienced first-hand. Disclaimer: Since 2011, I’ve been an avid listener of the Packet Pushers podcast, where Aviatrix has sponsored 3 shows since December 2019. Ever since I embarked … Continue reading Bringing Reference Architectures to Multi-Cloud Networking →

0

Money Moves: March 2020

Palo Alto paid $420M for CloudGenix; Microsoft acquired Affirmed; AWS pledged $20 million to...

Read More »

0

Daily Roundup: Cisco Vows No Job Cuts

Cisco pledged to preserve jobs; AWS added direct storage to ECS, Fargate; and SAP prepped for...

Read More »

0

Zscaler Buys Cloud Security Startup Cloudneeti

Gartner recommends all security vendors invest in cloud security posture management and forecasts...

Read More »

0

Remote User Access in the Era of COVID-19

The worldwide lockdown due to COVID-19 has given me an opportunity to reflect on many aspects of life and work. Nowadays I’m helping enable companies and non-profits for secure remote access work (i.e. not site-to-site VPN). I was looking into enterprise-grade solutions for secure remote users access to VPNs when I came across the Smart … Continue reading Remote User Access in the Era of COVID-19 →

0

Rolling With The Punches: Shifting Attack Tactics & Dropping Packets Faster & Cheaper At The Edge

On Cloudflare’s 8th birthday in 2017, we announced free unmetered DDoS Protection as part of all of our plans, regardless if you’re an independent blogger using WordPress on Cloudflare's Free plan or part of a large enterprise operating global network infrastructures. Our DDoS protection covers attack vectors on Layers 3-7; whether highly distributed and volumetric (rate-intensive) or small and sneaky. We protect over 26 million Internet properties, and at this scale, identifying small and sneaky DDoS attacks can be challenging, especially at L7. In this post, we discuss this challenge along with trends that we’ve seen, interesting DDoS attacks, and how we’ve responded to them so that you don’t have to worry.

Let’s Talk Trends

When analyzing attacks on the Cloudflare network, we’ve seen a steady decline in the proportion of L3/L4 DDoS attacks that exceed a rate of 30 Gbps in recent months. From September 2019 to March 2020, attacks peaking over 30 Gbps decreased by 82%, and in March 2020, more than 95% of all network-layer DDoS attacks peaked below 30 Gbps. Over the same time period, the average size of a DDoS attack has also steadily decreased by 53%, to just 11.88 Gbps. Yet, very large Continue reading

0

Video: Networks Are (Not) Secure

It’s amazing how many people still believe in Security Fairy (the mythical entity that makes your application magically secure), fueling the whole industry of security researchers who happily create excruciatingly detailed talks of how you can use whatever security oversight to wreak havoc (even when the limitations of a technology are clearly spelled out in an RFC).

In the Networks Are Not Secure (part of How Networks Really Work webinar) I described why we should never rely on network infrastructure to provide security, but have to implement it higher up in the application stack.

0

Why McAfee’s Beefing Up Its SASE With Browser Isolation

Browser isolation is like social distancing. But instead of protecting people from pandemics,...

Read More »

0

NacXwan Taps Lanner for SD-WAN Hardware

The agreement pairs Lanner's universal CPE hardware with nacXwan’s SD-WAN software stack to...

Read More »

0

How To Use 1.1.1.1 w/ WARP App And Cloudflare Gateway To Protect Your Phone From Security Threats

Cloudflare Gateway protects users and devices from security threats. You can now use Gateway inside the 1.1.1.1 w/ WARP app to secure your phone from malware, phishing and other security threats.

The 1.1.1.1 w/ WARP app has secured millions of mobile Internet connections. When installed, 1.1.1.1 w/ WARP encrypts the traffic leaving your device, giving you a more private browsing experience.

Starting today, you can get even more out of your 1.1.1.1 w/ WARP. By adding Cloudflare Gateway’s secure DNS filtering to the app, you can add a layer of security and block malicious domains flagged as phishing, command and control, or spam. This protection isn’t dependent on what network you’re connected to - it follows you everywhere you go.

You can read more about how Cloudflare Gateway builds on our 1.1.1.1 resolver to secure Internet connections in our announcement. Ready to get started bringing that security to your mobile device? Follow the steps below.

Download the 1.1.1.1 w/ WARP mobile app

If you don’t have the latest version of the 1.1.1.1 w/ WARP app go to the Apple Continue reading

0

Why use Typha in your Calico Kubernetes Deployments?

Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal. In this blog, we will focus on Kubernetes pod networking and network security using Calico.

Calico uses etcd as the back-end datastore. When you run Calico on Kubernetes, you can use the same etcd datastore through the Kubernetes API server. This is called a Kubernetes backed datastore (KDD) in Calico. The following diagram shows a block-level architecture of Calico.

Calico-node runs as a Daemonset, and has a fair amount of interaction with the Kubernetes API server. It’s easy for you to profile that by simply enabling audit logs for calico-node. For example, in my kubeadm cluster, I used the following audit configuration

 

0

How to Protect Your Virtual Meetings from Zoombombing

Imagine, if you will, you’re participating in a Eric Yuan has put a freeze on feature updates, in order to address the security issues. Zoom’s promise was to address the problem within the next 90 days, when Yuan said, “Over the next 90 days, we are committed to dedicating the resources needed to better identify, address, and fix issues proactively. We are also committed to being transparent throughout this process. We want to do what it takes to maintain your trust.” Another writer for The New Stack, Jennifer Riggins Continue reading