Next-Level Lateral Security for Your Private Cloud

Cyber attacks are growing in frequency and complexity. And at an average cost of $4.35M1, data breaches are no joke. With Generative AI, this threat will grow even further—equipping even an unsophisticated attacker with the means to become a sophisticated hacker.

Reality is, you can’t get away with just protecting your perimeter anymore. Today, the most common type of attack vectors—lateral movement, vulnerability exploits and zero day attacks — are all matters of lateral security. And with the majority of your traffic going east-west, protecting the inside of your network is beyond critical.

Traditional security solutions aren’t enough when it comes to lateral security: implemented with multiple appliances, they lead to traffic hairpinning, create bottlenecks, are cost-prohibitive, and only protect a subset of workloads. To make matters worse, they’re blind to VM-to-VM traffic, since traditional methods of using network taps only see traffic between physical hosts. And you can’t protect what you can’t see. 

To protect the inside of your private cloud, you need a comprehensive lateral security solution that gives you complete visibility and security.

VMware’s Lateral Security answers that call; it is distributed, built into the hypervisor, and scales seamlessly to meet your evolving Continue reading

A return to US net neutrality rules?

For nearly 15 years, the Federal Communications Commission (FCC) in the United States has gone back and forth on open Internet rules – promulgating and then repealing, with some court battles thrown in for good measure. Last week was the deadline for Internet stakeholders to submit comments to the FCC about their recently proposed net neutrality rules for Internet Service Providers (ISPs), which would introduce considerable protections for consumers and codify the responsibility held by ISPs.

For anyone who has worked to help to build a better Internet, as Cloudflare has for the past 13 years, the reemergence of net neutrality is déjà vu all over again. Cloudflare has long supported the open Internet principles that are behind net neutrality, and we still do today. That’s why we filed comments with the FCC expressing our support for these principles, and concurring with many of the technical definitions and proposals that largely would reinstitute the net neutrality rules that were previously in place.

But let’s back up and talk about net neutrality. Net neutrality is the principle that ISPs should not discriminate against the traffic that flows through them. Specifically, when these rules were adopted by the FCC in 2015, there Continue reading

Building A Hassle-Free Way To Port CUDA Code To AMD GPUs

Emulation is not just the sincerest form of flattery. It is also how you jump start the adoption of a new compute engine or move an entire software stack from one platform to another with a different architecture.

The post Building A Hassle-Free Way To Port CUDA Code To AMD GPUs first appeared on The Next Platform.

Building A Hassle-Free Way To Port CUDA Code To AMD GPUs was written by Timothy Prickett Morgan at The Next Platform.

University Of Stuttgart Spends €115M To Go Exascale

The University of Stuttgart’s High Performance Computing Center (HLRS) in Germany has tapped Hewlett Packard Enterprise to build a pair of its next-generation supercomputers.

The post University Of Stuttgart Spends €115M To Go Exascale first appeared on The Next Platform.

University Of Stuttgart Spends €115M To Go Exascale was written by Timothy Prickett Morgan at The Next Platform.

D2C226: Creating An Effective Cloud Migration Strategy

On today's Day Two Cloud podcast we talk about a cloud project where things didn't go as planned. There were people problems, technical problems, and regulatory problems. Our guest Jonah Andersson shares lessons learned and how they can inform your own cloud strategies. We also talk about how to determine if cloud is the right choice, why you need to account for people and processes and not just tech, and more.

The post D2C226: Creating An Effective Cloud Migration Strategy appeared first on Packet Pushers.

Don’t Let the Cyber Grinch Ruin your Winter Break: Project Cybersafe Schools protects small school districts in the US

As the last school bell rings before winter break, one thing school districts should keep in mind is that during the winter break, schools can become particularly vulnerable to cyberattacks as the reduced staff presence and extended downtime create an environment conducive to security lapses. Criminal actors make their move when organizations are most vulnerable: on weekends and holiday breaks. With fewer personnel on-site, routine monitoring and response to potential threats may be delayed, providing cybercriminals with a window of opportunity. Schools store sensitive student and staff data, including personally identifiable information, financial records, and confidential academic information, and therefore consequences of a successful cyberattack can be severe. It is imperative that educational institutions implement robust cybersecurity measures to safeguard their digital infrastructure.

If you are a small public school district in the United States, Project Cybersafe Schools is here to help. Don’t let the Cyber Grinch ruin your winter break.

The impact of Project Cybersafe Schools thus far

In August of this year, as part of the White House Back to School Safely: K-12 Cybersecurity Summit, Cloudflare announced Project Cybersafe Schools to help support eligible K-12 public school districts with a package of Zero Trust cybersecurity solutions — Continue reading

Setting Source IP Address on Traffic Started by a Multihomed Host

In the Path Failure Detection on Multi-Homed Servers blog post, I mentioned running BGP on servers as one of the best ways to detect server-to-network failures. As always, things aren’t as simple as they look, as Cathal Mooney quickly pointed out:

One annoyance is what IP address gets used by default by the system for outbound traffic. It would be nice to have a generic OS-level way to say, “This IP on lo0 should be default for outbound IP traffic unless to the connected link subnet itself.”

That’s definitely a tough nut to crack, and Cathal described a few solutions he used in the past:

Read more …

Setting Source IP Address on Traffic Started by a Multihomed Host

In the Path Failure Detection on Multi-Homed Servers blog post, I mentioned running BGP on servers as one of the best ways to detect server-to-network failures. As always, things aren’t as simple as they look, as Cathal Mooney quickly pointed out:

One annoyance is what IP address gets used by default by the system for outbound traffic. It would be nice to have a generic OS-level way to say, “This IP on lo0 should be default for outbound IP traffic unless to the connected link subnet itself.”

That’s definitely a tough nut to crack, and Cathal described a few solutions he used in the past:

Read more …

BGP Challenge: Merge Autonomous Systems

Here’s a challenge in case you get bored during the Christmas break: merge two networks running BGP (two autonomous systems) without changing anything but the configurations of the routers connecting them (the red BGP session in the diagram). I won’t give you any hints; you can discuss it in the comments or a GitHub discussion.

Hopefully, you won’t have to deal with something similar in real life, but then we know that crazy requirements trump good designs any day of the week.

BGP Challenge: Merge Autonomous Systems

Here’s a challenge in case you get bored during the Christmas break: merge two networks running BGP (two autonomous systems) without changing anything but the configurations of the routers connecting them (the red BGP session in the diagram). I won’t give you any hints; you can discuss it in the comments or a GitHub discussion.

Hopefully, you won’t have to deal with something similar in real life, but then we know that crazy requirements trump good designs any day of the week.

Explore the lab exercise

Australia’s cybersecurity strategy is here and Cloudflare is all in

We are thrilled about Australia’s strategic direction to build a world-leading cyber nation by 2030. As a world-leading cybersecurity company whose mission is to help build a better Internet, we think we can help.

Cloudflare empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.

Cloudflare first established a footprint in Australia in 2012 when we launched our 15th data center in Sydney (our network has since grown to span over 310 cities in 120 countries/regions). We support a multitude of customers in Australia and New Zealand, including some of Australia’s largest banks and digital natives, with our world-leading security products and services. For example, Australia’s leading tech company Canva, whose service is used by over 35 million people worldwide each month, uses a broad array of Cloudflare’s products — spanning use cases as diverse as remote application access, to serverless development, and even bot management to help Canva protect its network from attacks.

In support of the Australian Cyber Security Strategy Continue reading

1 107 108 109 110 111 3,763