Network Break 278: Palo Alto Buys SD-WAN Maker CloudGenix; Zoom Gets Called On Security, Privacy Problems

Our weekly installment of tech news analysis includes Palo Alto's $420 million purchase of CloudGenix, Zoom's very bad week for security and privacy, Cisco Live going virtual, updates on professional development opportunities, and more on Network Break from the Packet Pushers.

The post Network Break 278: Palo Alto Buys SD-WAN Maker CloudGenix; Zoom Gets Called On Security, Privacy Problems appeared first on Packet Pushers.

The Wrong Certificate

I'm constantly impressed by the rather complex intricacies that are associated with running your own web server these days. A recent source of these complexities has been the PKI, the security infrastructure used to maintain secure connections over the network, and I'd like to recount my experience here, in case any others encounter the same seemingly inexplicable behaviours in their secure web service configurations.

Will the Pandemic Propel DevSecOps? Snyk Says Yes

This is also a great time to start a bug bounty program, says Guy Podjarny, founder and president...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Daily Roundup: Cisco Buys Backhaul Vendor

Cisco secured a deal to buy Fluidmesh Networks; IBM CEO threw down a hybrid-cloud challenge; and DT...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Nvidia Joins the Fight Against COVID-19

A task force made up of computer scientists at Nvidia has joined the COVID-19 High Performance...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Cisco Snatches Fluidmesh for On-the-Move IoT Backhaul

The terms of the deal were not disclosed, but Cisco said it expects the acquisition to close before...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

IBM CEO Throws Down Hybrid-Cloud Challenge

That challenge will rely heavily on IBM’s Red Hat business unit, which also received a new leader.

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Unfortunate Natural Experiment Shows the Internet Works

For many weeks now, as the pandemic caused by the coronavirus has spread around the world, people have been isolating themselves to reduce the spread of infection. Businesses and schools have closed, and whole cities have been ordered to stay indoors. People’s livelihoods have disappeared, and of course, far too many people have been critically ill or have died. It is a calamity. Yet it would be much worse, if it were not for the Internet.

It’s enabling life go on. Businesses and schools are able to continue their core activity online. People are able to order food and medicine delivery to lower the risk of contagion. Families are video conferencing to catch up, worship, and even attend weddings. Creators are streaming music and stories from their homes. Clinicians and researchers are sharing crucial medical data worldwide. Everyday citizens, remarkably informed, are trying to flatten the curve.

This is what the Internet is for: a force for good in society.

Resilient by Design

The Internet is working well under this sudden demand because of how it is designed. Nearly magic, the Internet is designed to be a reliable system built of unreliable parts. This might sound awful, as though it Continue reading

How to Easily Secure Virtual Desktops for your Remote Employees

The COVID-19 pandemic has forced many organizations to shift their business online and their employees to work from home. As a result,  business had to quickly adjust and scale up their infrastructure, sometimes with security as an afterthought.

Malicious actors are already taking advantage of this new reality by targeting the vulnerabilities commonly associated with employees connecting to corporate resources from their home environment. This includes social engineering and phishing campaigns, denial of service attacks, and exploiting vulnerabilities in home routers.

Secure VDI Environments with NSX

Providing employees working from home with secure and reliable access to their corporate resources and applications by the use of Virtual Desktop Infrastructure (VDI) helps our customers to reduce the impact on productivity and continuity as well as the risk associated with remote access to internal data.

In this blog post, I will cover a couple of use cases on how NSX can provide security for End User Compute and share some resources to help customers who are scaling up their VDI / remote desktop session host (RDSH) infrastructure to adapt to this new world in which vast numbers of employees are now working from home.

Protect Your Desktop Pools

The initial target of Continue reading

Tech Bytes: Gain Application Fluency Across Multiple Clouds With Oracle SD-WAN (Sponsored)

Today's Tech Bytes podcast tackles SD-WAN with sponsor Oracle. We examine how SD-WAN supports multi-cloud management, fail-safe network automation, more secure connections, and application fluency. Our guest is Doug Tait, Director of Product Marketing.

The post Tech Bytes: Gain Application Fluency Across Multiple Clouds With Oracle SD-WAN (Sponsored) appeared first on Packet Pushers.

Getting started with Ansible security automation: Investigation Enrichment

Last November we introduced Ansible security automation as our answer to the lack of integration across the IT security industry. Let's have a closer look at one of the scenarios where Ansible can facilitate typical operational challenges of security practitioners.

A big portion of security practitioners' daily activity is dedicated to investigative tasks. Enrichment is one of those tasks, and could be both repetitive and time-consuming, making it a perfect candidate for automation. Streamlining these processes can free up their analysts to focus on more strategic tasks, accelerate the response in time-sensitive situations and reduce human errors. However, in many large organizations , the multiple security solutions aspect of these activities are not integrated with each other. Hence, different teams may be in charge of different aspects of IT security, sometimes with no processes in common.

That often leads to manual work and interaction between people of different teams which can be error-prone and above all, slow. So when something suspicious happens and further attention is needed, security teams spend a lot of valuable time operating on many different security solutions and coordinating work with other teams, instead of focusing on the suspicious activity directly.

In this blog post we Continue reading

The Week in Internet News: Stay-at-Home Orders Highlight Need for Internet Access

More important than ever: With most people in the U.S. and many other countries ordered to stay at home to prevent the spread of the coronavirus, a lack of Internet access in rural and poor areas is making people feel more disconnected than ever, according to an Associated Press story at NWAonline.com. Stella Ashcraft “lives from check to check and can’t afford internet. Her senior-citizen center, where she plays bingo, does puzzles and gets lunch five days a week, is closed. So is her church and the library where she checks email. ‘I feel very withdrawn, isolated, alone,’ she said.

Spotlight on Zoom’s privacy: With many people working from home, web-conferencing app Zoom has become a crucial service for many. However, with the increased use of Zoom is also coming increasing scrutiny. While the company has marketed its service as offering end-to-end encryption, that’s not really the case, The Intercept reports. Zoom Video Communications, the company behind Zoom, has been hit with a class-action lawsuit for allegedly sharing user data with Facebook, CBS News adds. Finally, Zoom has pledged to focus on privacy and security issues, TechXplore reports.

Homework hotspots: As most students in the U.S. and Continue reading

Conntrack tales – one thousand and one flows

Conntrack tales - one thousand and one flows

At Cloudflare we develop new products at a great pace. Their needs often challenge the architectural assumptions we made in the past. For example, years ago we decided to avoid using Linux's "conntrack" - stateful firewall facility. This brought great benefits - it simplified our iptables firewall setup, sped up the system a bit and made the inbound packet path easier to understand.

But eventually our needs changed. One of our new products had a reasonable need for it. But we weren't confident - can we just enable conntrack and move on? How does it actually work? I volunteered to help the team understand the dark corners of the "conntrack" subsystem.

What is conntrack?

"Conntrack" is a part of Linux network stack, specifically part of the firewall subsystem. To put that into perspective: early firewalls were entirely stateless. They could express only basic logic, like: allow SYN packets to port 80 and 443, and block everything else.

The stateless design gave some basic network security, but was quickly deemed insufficient. You see, there are certain things that can't be expressed in a stateless way. The canonical example is assessment of ACK packets - it's impossible to say if an ACK Continue reading

The Never-Ending Story of CLI or API

Over the last weekend I almost got pulled into yet-another CLI-or-automation Twitter spat. The really sad part: I thought we were past that point. After all, I’ve been ranting about that topic for almost seven years… and yet I’m still hearing the same arguments I did in those days.

Just for the giggles I collected a few old blog posts on the topic (not that anyone evangelizing their opinions on Twitter would ever take the time to read them ;).

Read more …

Can Fujitsu beat Nvidia in the HPC race?

Arm processors on servers has gone from failed starts (Calxeda) to modest successes (ThunderX2) to real contenders (ThunderX3, Ampere). Now, details have emerged about Japanese IT giant Fujitsu’s Arm processor, which it claims will offer better HPC performance than Nvidia GPUs but at a lower power cost.Fujitsu is developing the A64FX, a 48-core Arm8 derivative specifically engineered for high-performance computing (HPC). Rather than design general-purpose compute cores, Fujitsu has added compute engines specific to artificial intelligence, machine learning, and other technologies specific to the needs of HPC.It will go in a new supercomputer called Fugaku, or Post-K. Post-K is a reference to the K supercomputer, at one time the fastest supercomputer in the world, that ran on custom Sparc chips before RIKEN Lab, where it was installed, pulled the plug.To read this article in full, please click here

1 1,005 1,006 1,007 1,008 1,009 3,860