Aqua Buys CloudSploit, Moves Into Cloud Security Posture Management

AT&T Sounds Alarm on 5G Security

Juniper Guns for Cisco, Aruba With Mist AI

Analysts Debate SASE’s Merits as Vendors Board Hype Train

Google Killed Chronicle, Report Claims

Weekly Wrap: Fortinet Fortifies Firewall, SD-WAN Capabilities

Kasten K10 v2.0 Targets Security and Simplicity

The Future of Hidden Features

You may have noticed last week that Ubiquiti added a new “feature” to their devices in a firmware updated. According to this YouTube video from @TomLawrenceTech, Ubiquiti built an new service that contacts a URL to “phone home” and check in with their servers. It got some heavy discussion going, especially on Reddit.

The consensus is that Ubiquiti screwed up here by not informing people they were adding the feature up front and also not allowing users to opt-out initially. The support people at Ubiquiti even posted a quick workaround of blocking the URL at a perimeter firewall to prevent the communications until they could patch in the option to opt-out. If this was an isolated incident I could see some manner of outcry about it, but the fact of the matter is that companies are adding these hidden features more and more every day.

The first issue comes from the fact that most release notes for apps any more are nothing aside from platitudes. “Hey, we fixed some bugs and stuff so turn on automatic updates so you get the best version of our stuff!” is somewhat common now when it comes to a list of Continue reading

Infoblox Snaps Up SnapRoute, Eyes SASE Market

SEC 2. Data plane and control plane protection in the networking (Nokia, Cisco and Mellanox/Cumulus) for IPv6.

Hello my friend,

After the release of the previous article outlining the data and control plane security for IPv4 in Cisco, Nokia and Mellanox/Cumulus (link) I’ve got several requests about the security in IPv6. The requests were fair enough and with this article we close this gap.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Thanks

Special thanks for Avi Alkobi from Mellanox and Pete Crocker and Attilla de Groot from Cumulus for providing me the Mellanox switch and Cumulus license for the tests. 

Disclaimer

This is the fourth article in the series about the Mellanox/Cumulus switch. The three previous are:

• Building lab with Mellanox SN2010
• Configuring Segment Routing on Mellanox/Cumulus, Cisco IOS XR and Nokia SR OS and connecting physical and virtual networks
• Data and control plane protection in Mellanox/Cumulus, Cisco IOS XR and Nokia SR OS

Brief description

The importance of the security for the network in terms of the control and data plane protection was explained in the previous article Continue reading

VMware, Menlo Security Unite, Safeguard SD-WAN Stronghold

Fortinet Locks SD-WAN, WAF Into Azure

You can find out more about

Pica8’s Threshold Guns for Cisco, Legacy Vendors

Cisco SVP: Security’s Worst Enemy Is Complexity

VMware Project Maestro Orchestrates Telco Cloud

Announcing VMware NSX Distributed IDS/IPS

Six years ago, VMware pioneered the concept of micro-segmentation to stop the internal, lateral spread of malware. We then launched the NSX Service-defined Firewall, an internal firewall that’s built into the hypervisor, distributed, and application aware. Shortly thereafter we introduced NSX Intelligence to automate security rule recommendations, streamlining the deployment of micro-segmentation.

Now we are announcing that we will be taking internal security to the next level by introducing optional Intrusion Detection and Prevention (IDS/IPS) for our Service-defined Firewall. Built on the same philosophy, the new NSX Distributed IDS/IPS will allow enterprises to fortify applications across private and public clouds.

VMware’s Security Is Intrinsic. Here’s What That Means.

Intrinsic Security is security that’s built in, not bolted on. And that makes it better.

When security is bolted on, it’s never as good as built-in security. Imagine an apartment building where you add the alarm system, the security cameras, and the fire escape after the fact. It looks awkward and doesn’t work that well, either.

But when you design those things in upfront, the effect is completely different. Everything just works better, as parts of a whole system. The same thing is true for security.

More importantly, when you build in Continue reading

Former Contrail CEO Launches Volterra With $50M, 30 Customers

This is your first post

Fortinet Fortifies Firewall, SD-WAN Capabilities