Out of the Clouds and into the weeds: Cloudflare’s approach to abuse in new products

Out of the Clouds and into the weeds: Cloudflare’s approach to abuse in new products
Out of the Clouds and into the weeds: Cloudflare’s approach to abuse in new products

In a blogpost yesterday, we addressed the principles we rely upon when faced with numerous and various requests to address the content of websites that use our services. We believe the building blocks that we provide for other people to share and access content online should be provided in a content-neutral way. We also believe that our users should understand the policies we have in place to address complaints and law enforcement requests, the type of requests we receive, and the way we respond to those requests. In this post, we do the dirty work of addressing how those principles are put into action, specifically with regard to Cloudflare’s expanding set of features and products.

Abuse reports and new products

Currently, we receive abuse reports and law enforcement requests on fewer than one percent of the more than thirteen million domains that use Cloudflare’s network. Although the reports we receive run the gamut -- from phishing, malware or other technical abuses of our network to complaints about content -- the overwhelming majority are allegations of copyright violations copyright or violations of other intellectual property rights. Most of the complaints that we receive do not identify concerns with particular Cloudflare services Continue reading

How to adopt a disruptive network technology with minimal disruption

Disruptive network technologies are great—at least until they threaten to disrupt essential everyday network services and activities. That's when it's time to consider how innovations such as SDN, SD-WAN, intent-based networking (IBN) and network functions virtualization (NFV) can be transitioned into place without losing a beat.To read this article in full, please click here

How to adopt a disruptive network technology with minimal disruption

Disruptive network technologies are great—at least until they threaten to disrupt essential everyday network services and activities. That's when it's time to consider how innovations such as SDN, SD-WAN, intent-based networking (IBN) and network functions virtualization (NFV) can be transitioned into place without losing a beat.To read this article in full, please click here

How to move to a disruptive network technology with minimal disruption

Disruptive network technologies are great—at least until they threaten to disrupt essential everyday network services and activities. That's when it's time to consider how innovations such as SDN, SD-WAN, intent-based networking (IBN) and network functions virtualization (NFV) can be transitioned into place without losing a beat.To read this article in full, please click here

How to move to a disruptive network technology with minimal disruption

Disruptive network technologies are great—at least until they threaten to disrupt essential everyday network services and activities. That's when it's time to consider how innovations such as SDN, SD-WAN, intent-based networking (IBN) and network functions virtualization (NFV) can be transitioned into place without losing a beat.To read this article in full, please click here

Introducing NSX-T 2.4 – A Landmark Release in the History of NSX

In February 2017, we introduced VMware NSX-T Data Center to the world. For years, VMware NSX for vSphere had been spearheading a network transformation journey with a software-defined, application-first approach. In the meantime, as the application landscape was changing with the arrival of public clouds and containers, NSX-T was being designed to address the evolving needs of organizations to support cloud-native applications, bare metal workloads, multi-hypervisor environments, public clouds, and now, even multiple clouds.

Today, we are excited to announce an important milestone in this journey – the NSX-T 2.4 release. This fourth release of NSX-T delivers advancements in networking, security, automation, and operational simplicity for everyone involved – from IT admins to DevOps-style teams to developers. Today, NSX-T has emerged as the clear choice for customers embracing cloud-native application development, expanding use of public cloud, and mandating automation to drive agility.

Let’s take a look at some of the new features in NSX-T 2.4:

 

Operational Simplicity: Easy to Install, Configure, Operate

What if delivering new networks and network services was as easy as spinning up a workload in AWS? In keeping with the ethos that networking can be made easier, over the past few releases, we Continue reading

More Thoughts on Vendor Lock-In and Subscriptions

Albert Siersema sent me his thoughts on lock-in and the recent tendency to sell network device (or software) subscriptions instead of boxes. A few of my comments are inline.

Another trend in the industry is to convert support contracts into subscriptions. That is, the entrenched players seem to be focusing more on that business model (too). In the end, I feel the customer won't reap that many benefits, and you probably will end up paying more. But that's my old grumpy cynicism talking :)

While I agree with that, buying a subscription instead of owning a box (and deprecating it) also makes it easier to persuade the bean counters to switch the gear because there’s little residual value in existing boxes (and it’s easy to demonstrate total-cost-of-ownership). Like every decent sword this one has two blades ;)

Read more ...

GAN dissection: visualizing and understanding generative adversarial networks

GAN dissection: visualizing and understanding generative adversarial networks Bau et al., arXiv’18

Earlier this week we looked at visualisations to aid understanding and interpretation of RNNs, today’s paper choice gives us a fascinating look at what happens inside a GAN (generative adversarial network). In addition to the paper, the code is available on GitHub and video demonstrations can be found on the project home page.

We’re interested in GANs that generate images.

To a human observer, a well-trained GAN appears to have learned facts about the objects in the image: for example, a door can appear on a building but not on a tree. We wish to understand how a GAN represents such a structure. Do the objects emerge as pure pixel patterns without any explicit representation of objects such as doors and trees, or does the GAN contain internal variables that correspond to the objects that humans perceive? If the GAN does contain variables for doors and trees, do those variables cause the generation of those objects, or do they merely correlate? How are relationships between objects represented?

The basis for the study is three variants of Progressive GANs trained on LSUN scene datasets. To understand what’s going Continue reading

Re-Introducing VMware AppDefense, Part I – Application Security in Virtualized and Cloud Environments

This blog will be part of a series where we start off with a basic re-introduction of VMware AppDefense and then progressively get into integrations, best practices, mitigating attacks and anomaly detection with vSphere Platinum, vRealize Log Insight, AppDefense and NSX Data Center. Before we get into the meat of things, let’s level-set on a few core principles of what VMware believes to be appropriate cyber hygiene. The full white paper can be viewed here.

  1. Follow a least privileged model
    • The principle of least privilege is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function. For example, a user account created for pulling records from a database doesn’t need admin rights, while a programmer whose main function is updating lines of legacy code doesn’t need access to financial records. The principle of least privilege can also be referred to as the principle of minimal privilege (POMP) or the principle of least authority (POLA). Following the principle of least privilege is considered a best practice in information security.
    • The least privilege model works by allowing only enough access to perform the required job. In an IT environment, adhering to Continue reading

Western Digital launches SSDs for different enterprise use cases

Last week I highlighted a pair of ARM processors with very different use cases, and now the pattern repeats as Western Digital, a company synonymous with hard-disk technology, introduces a pair of SSDs for markedly different use.The Western Digital Ultrastar DC SN630 NVMe SSD and the Western Digital CL SN720 NVMe SSD both sport internally developed controller and firmware architectures, 64-layer 3D NAND technology and a NVMe interface, but that’s about where they end.To read this article in full, please click here

What to know about planning mobile edge systems (MEC)

Mobile edge computing (MEC) is a network architecture that supports compute, analytics and storage capacity at the edge of the network, and proponents say it provides substantial performance benefits for applications requiring low latency, especially IoT applications.To read this article in full, please click here(Insider Story)

Stretching GPU Database Performance With Flash Arrays

For the past decade, flash has been used as a kind of storage accelerator, sprinkled into systems here and crammed into bigger chunks there, often with hierarchical tiering software to make it all work as a go-between that sits between slower storage (or sometimes no other tier of storage) and either CPU DRAM or GPU HBM or GDDR memory.

Stretching GPU Database Performance With Flash Arrays was written by Timothy Prickett Morgan at .

Webinar: How the Internet Really Works

I’m doing a live webinar at Safari Books Online on March 15thabout the operation of the ‘net—

This live training will provide an overview of the systems, providers, and standards bodies important to the operation of the global Internet, including the Domain Name System (DNS), the routing and transport systems, standards bodies, and registrars.

You can register here.

1 1,300 1,301 1,302 1,303 1,304 3,841