BrandPost: 5 Ways SD-WAN Promote Business Agility

The Greek philosopher Heraclitus is credited with coining the adage “change is the only constant in life” –  a saying that certainly applies to enterprises in 2019. With change as a given, it’s crucial for businesses to be agile and flexible in order to keep up.Employing software-defined wide-area network (SD-WAN) technology is one way to promote business agility. SD-WANs abstract the network control layer from the underlying forwarding plane and physical transport. Users can employ most any wide-area network service – leased lines, MPLS, broadband wireless, Internet – and still apply policy-based control and other SD-WAN features.To read this article in full, please click here

To secure industrial IoT, use segmentation instead of firewalls

The internet of things (IoT) has been top of mind for network and security professionals for the better part of the past five years. This has been particularly true for the area of industrial IoT (IIoT). Connected industrial devices are nothing new, but most IT people aren’t familiar with them because they have been managed by operational technology (OT) teams. More and more, though, business leaders want to bring OT and IT together to drive better insights from the combined data set.While there are many advantages to merging IT and OT and having IIoT fall under IT ownership, it has a profound impact on the cybersecurity team because it introduces several new security threats. Each connected endpoint, if breached, creates a backdoor into the other systems.To read this article in full, please click here

To secure industrial IoT, use segmentation instead of firewalls

The internet of things (IoT) has been top of mind for network and security professionals for the better part of the past five years. This has been particularly true for the area of industrial IoT (IIoT). Connected industrial devices are nothing new, but most IT people aren’t familiar with them because they have been managed by operational technology (OT) teams. More and more, though, business leaders want to bring OT and IT together to drive better insights from the combined data set.While there are many advantages to merging IT and OT and having IIoT fall under IT ownership, it has a profound impact on the cybersecurity team because it introduces several new security threats. Each connected endpoint, if breached, creates a backdoor into the other systems.To read this article in full, please click here

Dell EMC’s PowerMax is Now All NVM-Express, Persistent Storage

When Dell EMC more than a year ago introduced the PowerMax storage array as the successor to the company’s all-flash VMAX offerings, the company touted the system’s readiness to leverage the NVM-Express (NVMe) protocol and, more importantly, its ability to serve as a gateway to NVMe-over Fabrics (NVMe-oF) and storage-class memory (SCM), both of which would address the growing demand for better performance and latency. …

Dell EMC’s PowerMax is Now All NVM-Express, Persistent Storage was written by Jeffrey Burt at The Next Platform.

How open standards help with defense in depth

If you ask an ordinary person about information security, they’ll probably talk to you about endpoints. Most people are aware of virus scanners for notebooks or PCs, and may have encountered some kind of mobile device management on a work-provided phone. These endpoint solutions naturally come to mind if someone mentions cyber security. However, this is backward from the way that infosec professionals think about the issue.

Someone who works in infosec will tell you that the endpoint should be the absolute last line of defense. If a virus scanner finds malware on your work notebook, the malware should have had to defeat a long list of other security precautions in order to get that far. This layered approach to security is known as defense in depth.

The term “defense in depth” originally was applied to military strategy. It described the practice of trying to slow an enemy down, disperse their attack, and cause casualties; rather than trying to stop their attack at a single, heavily fortified point. The enemy might breach the first layer of defenses, but would find additional layers beyond. While they struggled to advance, they could be surrounded and then counter-attacked.

Infosec in Depth

The information Continue reading

AT&T Trumpets SDN Milestone, Reiterates Virtualization Goal

Citrix Fortifies SD-WAN With Palo Alto Firewalls

Can AMD convert its growing GPU presence into a data center play?

AMD's $5.4 billion purchase of ATI Technologies in 2006 seemed like an odd match. Not only were the companies in separate markets, but they were on separate coasts, with ATI in the Toronto, Canada, region and AMD in Sunnyvale, California.They made it work, and arguably it saved AMD from extinction because it was the graphics business that kept the company afloat while the Athlon/Opteron business was going nowhere. There were many quarters where graphics brought in more revenue than CPUs and likely saved the company from bankruptcy.But those days are over, and AMD is once again a highly competitive CPU company, and quarterly sales are getting very close to the $2 billion mark. While the CPU business is on fire, the GPU business continues to do well.To read this article in full, please click here

Can AMD convert its growing GPU presence into a data center play?

AMD's $5.4 billion purchase of ATI Technologies in 2006 seemed like an odd match. Not only were the companies in separate markets, but they were on separate coasts, with ATI in the Toronto, Canada, region and AMD in Sunnyvale, California.They made it work, and arguably it saved AMD from extinction because it was the graphics business that kept the company afloat while the Athlon/Opteron business was going nowhere. There were many quarters where graphics brought in more revenue than CPUs and likely saved the company from bankruptcy.But those days are over, and AMD is once again a highly competitive CPU company, and quarterly sales are getting very close to the $2 billion mark. While the CPU business is on fire, the GPU business continues to do well.To read this article in full, please click here

How Castle is Building Codeless Customer Account Protection

This is a guest post by Johanna Larsson, of Castle, who designed and built the Castle Cloudflare app and the supporting infrastructure.

Strong security should be easy.

Asking your consumers again and again to take responsibility for their security through robust passwords and other security measures doesn’t work. The responsibility of security needs to shift from end users to the companies who serve them.

Castle is leading the way for companies to better protect their online accounts with millions of consumers being protected every day. Uniquely, Castle extends threat prevention and protection for both pre and post login ensuring you can keep friction low but security high. With realtime responses and automated workflows for account recovery, overwhelmed security teams are given a hand. However, when you’re that busy, sometimes deploying new solutions takes more time than you have. Reducing time to deployment was a priority so Castle turned to Cloudflare Workers.

User security and friction

When security is no longer optional and threats are not black or white, security teams are left with trying to determine how to allow end-user access and transaction completions when there are hints of risk, or when not all of the information is available. Continue reading

Voices from the Pacific at APrIGF

The Asia Pacific Regional Internet Governance Forum (APrIGF) was held on 16-19 July 2019 at the recently constructed Far Eastern Federal University on Russky Island in Vladivostok, Russia. The theme of this year’s event was “Enabling a Safe, Secure and Universal Internet for All in Asia Pacific,” with 22 sessions covering six sub-themes: safer Internet, cybersecurity and regulation; access and universality; emerging technologies and society; human rights online; the evolving role of Internet governance (IG) and multistakeholder participation; and digital economy.

The Board of the Pacific Islands Chapter of the Internet Society (PICISOC) was represented by Anju Mangal from Fiji, James Ahwai from Samoa, and myself from the Cook Islands. James Ahwai, a newcomer to the IG scene, participated as a panellist in the opening plenary on The State of Play and Outlook for IG in the Asia Pacific and contributed a Pacific perspective. Anju Mangal, a former member of the IGF Multistakeholder Advisory Group, moderated the closing plenary on APrIGF Multistakeholder Participation in the Global IGF.

I led a workshop, which was a follow-up to a session on “e-Government for Empowering Pacific Citizens,” introduced at the APrIGF in Vanuatu last year. This year, PICISOC Board member, Cherie Lagakali, Continue reading

Infrastructure As Code 101

As the networking world continues to embrace automation and orchestration, some of the terms used to explain this new way of doing things remain a little fuzzy. In today’s episode we’re going to look specifically at Infrastructure as Code and by the end we hope to define what it is as well as what it is not, provide some relevant examples of it in action, and clear up as much confusion as possible about what it means to network engineers.  

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post Infrastructure As Code 101 appeared first on Network Collective.

Heavy Networking 470: Why Does Networking Evolve So Slowly?

Packet Pushers host Greg Ferro found slides from a presentation he gave in 1999, and many of the points he raised are still relevant 20 years on. Why does networking take so long to change? The Packet Pushers and guests Jeremy Filliben, a CCDE trainer; and Emma Cardinal-Richards, a senior network architect; share their insights and opinions.

The post Heavy Networking 470: Why Does Networking Evolve So Slowly? appeared first on Packet Pushers.

How to set up Microsoft Teams for security and compliance

These are the security and compliance decisions you need to make when deploying Microsoft Teams.

Updated: Impact of IP Fragmentation on Tunnels and Encryption

The last bits of updated Never-Ending Story of IP Fragmentation were published a few days ago: IP fragmentation and tunnels and summary and related blog posts, RFCs and other articles.

Procella: unifying serving and analytical data at YouTube

Procella: unifying serving and analytical data at YouTube Chattopadhyay et al., VLDB’19

Academic papers aren’t usually set to music, but if they were the chorus of Queen’s “I want it all (and I want it now…)” seems appropriate here. Anchored in the primary use case of supporting Google’s YouTube business, what we’re looking at here could well be the future of data processing at Google. Well, I say the future, but “Procella has now been in production for multiple years. Today, it is deployed in over a dozen data centers and serves hundreds of billions of queries per day over tens of petabytes of data…” So maybe what we’re looking at is the future of data processing for the rest of us!

Google already has Dremel, Mesa, Photon, F1, PowerDrill, and Spanner, so why did they need yet another data processing system? Because they had too many data processing systems! ;)

Large organizations… are dealing with exploding data volume and increasing demand for data driven applications. Broadly, these can be categorized as: reporting and dashboarding, embedded statistics in pages, time-series monitoring, and ad-hoc analysis. Typically, organizations build specialized infrastructure for each Continue reading

HashiCorp Consul Service on Azure: the First Fully Managed Service Mesh

HashiCorp has launched what it calls the first fully managed service mesh, Armon Dadgar, during the kickoff of the company’s annual Consul-based approach is to manage a mix of Kubernetes and non-Kubernetes assets, either on Azure or on other clouds or from private data centers, noted

BrandPost: 5 Must-have SD-WAN Security Capabilities

As interest in Software-Defined Wide-Area Networks (SD-WAN) picks up among companies of all sizes, it’s becoming clear that one of the key drivers for the technology is security. The reason? SD-WAN lets companies deploy strong security features at the network edge and easily apply security policies throughout the network.To read this article in full, please click here

Powering Docker App: Next Steps for Cloud Native Application Bundles (CNAB)

Last year at DockerCon and Microsoft Connect, we announced the Cloud Native Application Bundle (CNAB) specification in partnership with Microsoft, HashiCorp, and Bitnami. Since then the CNAB community has grown to include Pivotal, Intel, DataDog, and others, and we are all happy to announce that the CNAB core specification has reached 1.0.

We are also announcing the formation of the CNAB project under the Joint Development Foundation, a part of the Linux Foundation that’s chartered with driving adoption of open source and standards. The CNAB specification is available at cnab.io. Docker is working hard with our partners and friends in the open source community to improve software development and operations for everyone.

Docker’s Implementation of CNAB — Docker App

Docker was one of the first to implement the CNAB specification with Docker App, our reference implementation available on GitHub. Docker App can be used to both build CNAB bundles for Docker Compose (which can then be used with any other CNAB client), and also to install, upgrade, and uninstall any other CNAB bundle.

It also forms the underpinnings of application templates in Docker Desktop Enterprise. With Docker App, we are making CNAB-compliant applications as easy to use Continue reading

Dell EMC Revs Up PowerMax Storage With NVMe-oF