Archive

Category Archives for "Security"

Weekly Wrap: Palo Alto Networks Leaps Into SASE Market

SDxCentral Weekly Wrap for Nov. 22, 2019: The burgeoning SASE market lures another entrant; Nokia...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Cisco Shakeup Hits Cloud, Networking Teams

The changes will "strongly position the company against our competitors," according to an internal...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Verizon Drives SDP Into Its Zero Trust Architecture

The new Zero Trust Architecture blocks connectivity to servers and applications from unknown...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Rachel Player Honored by Internet Security Research Group with Radiant Award

Internet security is accomplished by many unsung heroes. People who put their talent and passion into improving the Internet, making it secure and trustworthy. This is a feature of the Internet: security isn’t achieved through a central mandate but through the hard work and tenacity of individuals working across the globe.

Rachel Player, a cryptographic researcher, is one of those unsung heroes. She’s just been awarded the Radiant Award from the Internet Security Research Group, the folks behind Let’s Encrypt, for her work in post-quantum cryptography and homomorphic encryption. Homomorphic encryption allows people to do computations on encrypted data, so that information can remain private and still be worked with. This is a highly-relevant field in any area that deals with sensitive and personal data, such as medicine and finance. Player is also interested in lowering the barriers for young people – young women, especially – to work professionally on topics like cryptography.

To learn more, read the announcement by the Internet Security Research Group and Rachel Player’s blog post about her work and her interest in making the profession more accessible.

Want to know more about Let’s Encrypt? Read a comprehensive overview of the initiative – from inspiration to Continue reading

Introducing Flan Scan: Cloudflare’s Lightweight Network Vulnerability Scanner

Introducing Flan Scan: Cloudflare’s Lightweight Network Vulnerability Scanner
Introducing Flan Scan: Cloudflare’s Lightweight Network Vulnerability Scanner

Today, we’re excited to open source Flan Scan, Cloudflare’s in-house lightweight network vulnerability scanner. Flan Scan is a thin wrapper around Nmap that converts this popular open source tool into a vulnerability scanner with the added benefit of easy deployment.

We created Flan Scan after two unsuccessful attempts at using “industry standard” scanners for our compliance scans. A little over a year ago, we were paying a big vendor for their scanner until we realized it was one of our highest security costs and many of its features were not relevant to our setup. It became clear we were not getting our money’s worth. Soon after, we switched to an open source scanner and took on the task of managing its complicated setup. That made it difficult to deploy to our entire fleet of more than 190 data centers.

We had a deadline at the end of Q3 to complete an internal scan for our compliance requirements but no tool that met our needs. Given our history with existing scanners, we decided to set off on our own and build a scanner that worked for our setup. To design Flan Scan, we worked closely with our auditors to understand Continue reading

Google Cloud Toughens Up Encryption, Network Security

This includes a new External Key Manager, which allows companies to store and manage encryption...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

MEF Presses Managed Security in SD-WAN

“SD-WAN is the gateway for security,” MEF CTO Pascal Menezes said during his keynote at MEF...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

IBM Boosts Open Tech With Cloud Pak for Security

The platform uses an open-source connector to integrate with IBM and other vendors’ security...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Even faster connection establishment with QUIC 0-RTT resumption

Even faster connection establishment with QUIC 0-RTT resumption

One of the more interesting features introduced by TLS 1.3, the latest revision of the TLS protocol, was the so called “zero roundtrip time connection resumption”, a mode of operation that allows a client to start sending application data, such as HTTP requests, without having to wait for the TLS handshake to complete, thus reducing the latency penalty incurred in establishing a new connection.

The basic idea behind 0-RTT connection resumption is that if the client and server had previously established a TLS connection between each other, they can use information cached from that session to establish a new one without having to negotiate the connection’s parameters from scratch. Notably this allows the client to compute the private encryption keys required to protect application data before even talking to the server.

However, in the case of TLS, “zero roundtrip” only refers to the TLS handshake itself: the client and server are still required to first establish a TCP connection in order to be able to exchange TLS data.

Even faster connection establishment with QUIC 0-RTT resumption

Zero means zero

QUIC goes a step further, and allows clients to send application data in the very first roundtrip of the connection, without requiring any other handshake to be Continue reading

Cloud Storage Startup Storj Hypes ‘Airbnb for Disk Drives’

The startup claims its decentralized storage costs less than half the price of AWS and cloud...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Orange, SoftBank Pick Fortinet SD-WAN

In addition to expanding its service provider reach, Fortinet announced an alliance with Siemens to...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Aryaka Breaks Out SD-WAN Into Smart Services Suite

Aryaka's restructured SmartServices product line breaks out many features previously only available...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Microsoft Drives Confidential Computing Into Kubernetes

The initiative taps into Intel’s Software Guard Extension platform to support confidential...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

MEF Trumpets Progress on SD-WAN, Eyes Edge on 5G

MEF’s community has grown about 70% to more than 200 organizations during the last 18 months, and...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

A10 Says Multi-Cloud Is Passé, Pushes Polynimbus

Polynimbus is essentially multi-cloud phase two, and it addresses how to manage and secure...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Facts and Fiction: BGP Is a Hot Mess

Every now and then a smart person decides to walk away from their competence zone, and start spreading pointless clickbait opinions like BGP is a hot mess.

Like any other technology, BGP is just a tool with its advantages and limitations. And like any other tool, BGP can be used sloppily… and that’s what’s causing the various problems and shenanigans everyone is talking about.

Just in case you might be interested in facts instead of easy-to-digest fiction:

Read more ...

Log every request to corporate apps, no code changes required

Log every request to corporate apps, no code changes required

When a user connects to a corporate network through an enterprise VPN client, this is what the VPN appliance logs:

Log every request to corporate apps, no code changes required

The administrator of that private network knows the user opened the door at 12:15:05, but, in most cases, has no visibility into what they did next. Once inside that private network, users can reach internal tools, sensitive data, and production environments. Preventing this requires complicated network segmentation, and often server-side application changes. Logging the steps that an individual takes inside that network is even more difficult.

Cloudflare Access does not improve VPN logging; it replaces this model. Cloudflare Access secures internal sites by evaluating every request, not just the initial login, for identity and permission. Instead of a private network, administrators deploy corporate applications behind Cloudflare using our authoritative DNS. Administrators can then integrate their team’s SSO and build user and group-specific rules to control who can reach applications behind the Access Gateway.

When a request is made to a site behind Access, Cloudflare prompts the visitor to login with an identity provider. Access then checks that user’s identity against the configured rules and, if permitted, allows the request to proceed. Access performs these checks on each request a user Continue reading

Dell Technologies CTO: Why AI Needs Empathy

If we want humans to trust artificial intelligence, then we need to teach the machines empathy,...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Palo Alto Networks Leaps Into SASE Market

Fulfilling Gartner's predictions, Palo Alto Networks announced its transition to a secure access...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Weekly Wrap: Juniper Guns for Cisco, Aruba With Mist AI

SDxCentral Weekly Wrap for Nov. 15, 2019: Juniper enhances its Mist AI platform and launches a new...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

1 50 51 52 53 54 182