Three new ways teams are using Cloudflare Access

Three new ways teams are using Cloudflare Access

Since leaving beta three weeks ago, Cloudflare Access has become our fastest-growing subscription service. Every day, more teams are using Access to leave their VPN behind and connect to applications quickly and securely from anywhere in the world.

We’ve heard from a number of teams about how they’re using Access. Each team has unique needs to consider as they move away from a VPN and to a zero trust model. In a zero trust framework, each request has to prove that a given application should trust its attempt to reach a secure tool. In this post, we’re highlighting some of the solutions that groups are using to transition to Cloudflare Access.

Solution 1: Collaborate with External Partners

Cloudflare Access integrates with popular identity providers (IdPs) so that your team can reach internal applications without adding more credentials. However, teams rarely work in isolation. They frequently rely on external partners who also need to reach shared tools.

How to grant and manage permissions with external partners poses a security risk. Just because you are working with a third-party doesn’t mean they should have credentials to your IdP. They typically need access to a handful of tools, not all of your internal Continue reading

We’re Celebrating 15 Years of Success With 15 Bootcamp Success Stories!


Since 2003 we’ve been helping IT professionals reach their career goals with help from top notch instructors and training materials. One of our most popular training resources – INE Bootcamps, continue to wow students and are a major step in the journey towards earning your certification. Thinking about signing up but aren’t sure what to expect? Take it from our current students, participating in an INE Bootcamp is the best way to ensure you’ll succeed in passing your certification exams.

CCNA Routing & Switching

I would arguably say that Keith is the best CCNA instructor in the nation. The interaction in this class is key. Listening to a lesson doesn’t ensure comprehension, so Keith offered periodic quizzes; not only did this make the course increasingly interactive but also verified your understanding of the technologies discussed.

I very much look forward to going to the CCNP bootcamps. Thank you again Keith and staff for making my learning experience a great one!
Thomas Osborne – CCNA


CCNP ROUTE

The instructor Keith is very knowledgeable, patient, and polite. He covered everything possible with the amount of time we had. I also like the format of having to take routing and switching separately.  
Continue reading

We Must Continue to Advocate Passionately and Fearlessly: An Interview with Our CEO, Kathy Brown

Late November, Kathy Brown announced that she would be stepping down as CEO of the Internet Society. While preparing for her next chapter, she reflected on her time at the Internet Society and shared her thoughts on how the Internet itself has evolved during her tenure.

The Internet Society: What are the biggest changes you’ve seen in the Internet since you joined the Internet Society?

Kathy Brown: When I joined the Internet Society nearly five years ago, there were about 3 billion people online. Since then, that number has grown by almost a billion, but, still, not everyone is connected. The Internet Society has helped bring Internet access to the hardest-to-reach places on earth, including remote regions in the Caucasus and indigenous communities in South America, but there remain twice as many people online in the developed world than in the developing world, and the digital gender gap is widening.

There’s also been a trend toward consolidation, with fewer companies controlling more and more, and the Internet getting increasingly centralized. We’ve seen governments using the Internet in good, but also bad ways, such as shutdowns, and we’ve seen criminals finding ways to exploit it.

“Kathy undertook the leadership of Continue reading

History Of Networking – Ross Callon – MPLS

Recorded in-person at the most recent meeting of the IETF, Ross Callon joins the Network Collective crew (as well as special guest Ethan Banks from Packet Pushers) to share some stories from the creation of MPLS.
Ross Callon
Guest
Ethan Banks
Guest
Russ White
Host
Donald Sharp
Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Ross Callon – MPLS appeared first on Network Collective.

BrandPost: Loyal to a Fault: Why Your Current DNS May Be Exposing You to Risk

Ask seasoned IT professionals what they dislike most about their infrastructure, and they’ll answer in unison: Change. IT, network and security professionals all rely on tried-and-true products to keep the business humming along, but is doing so exposing them to new risks? This post looks at some hidden risk factors present in many of today’s DNS environments, and what enterprises should be doing now to ameliorate them.There are very few organizations more change-averse than enterprise IT professionals – especially their network and security teams. With network stability (read uptime) at the heart of their existence, reliance on known products and services can become a crutch – and a blindfold, limiting the ability to objectively consider new infrastructure solutions. As the advent of cloud came upon IT, many organizations needed to fight the ‘server-huggers’, who insisted that their sacred server or device located in the datacenter was the only way to run a specific application or perform a specific business function.To read this article in full, please click here

Eager to learn about the future of networking? Join us at FUTURE:NET 2018

We’re getting excited to welcome industry leading speakers to the stage at FUTURE:NET, an event VMware has been curating for the past three years. On Thursday, August 30th, luminaries from the networking industry will speak on how containers, microservices, and platforms are changing networking.

Below is a snapshot of the agenda. To learn more about each session and our speakers, check out the website.

Emin Gun Sirer, Associate Professor at Cornell
Blockchains: The Promise and Challenges Ahead for Networking

Ryland Degnan, CTO at Netifi
RSocket: Reactive Cloud-Native Networking

May Wang, CTO at Zingbox
IoT Networking & Security

Ken Owens, VP of Digital Native Architecture at Mastercard
Container Networking

Adam Casella, Co-Founder at SnapRoute
Containerized Microservices and Networking for Cloud Native

Zaid Ali Kahn, Senior Director Global Infrastructure at LinkedIn
The Self-Healing Infrastructure: LinkedIn’s Data Center Network Journey

Marco Palladino, CTO & Co-Founder at Kong
The API Management Journey from Monolith to Service Mesh

Louis Ryan, Principal Engineer at Google
Istio- A Network for Services Not Bytes

The event is almost full, but if you would like to attend, nominate yourself for an invitation here. Be sure to check back here in September for a recap of the event!

Questions? Contact Continue reading

An Update on the Docker FIPS 140-2 Compliance Initiative

Last year, we announced our pursuit of FIPS 140-2 validation of the Docker Enterprise container platform. This meant starting with the included cryptography components at the Docker Engine foundation to better address the rigorous security requirements of government agencies and others in regulated industries. Over the last year, we’ve progressed through the NIST Cryptographic Module Validation Program (CMVP), from “Implementation Under Test” to “Module In Process” and are nearing full completion of validation. Track our progress online at NIST’s CMVP website and as of this post, we are “Module In Process, Coordination”. We are anticipating full validation of Docker Engine – Enterprise in the coming months.

Recently Docker Engine – Enterprise version 18.03 was released, our first to include the FIPS 140-2 compliant modules currently undergoing validation by the NIST CMVP. These modules cover the cryptography elements in Docker Engine – Enterprise and are used when Engines are deployed standalone or with Docker Swarm enabled.

Compliance from Docker Engine to Container Platform

Additionally we are working to bring the FIPS 140-2 compliant modules into the remainder of the Docker Enterprise container platform and make this available to our customers. This will include FIPS 140-2 compliance for the private registry and management Continue reading

When it comes to IP desk phones, the secondary market is the way to go

As I sit at my desk and stare at the phone in front of me, I think back to a time when “experts” predicted desk phones would no longer be needed.Well, those experts were certainly wrong. Instead, we have several options in desk phones — so many, in fact, that you may feel you need directory assistance just to get started. You're left wondering if you should go with an old favorite or try a newer model. And you're likely concerned about Cisco's announced end-of-sale and end-of-life dates for the Cisco Unified IP Phones 7945, 7965, 7975, and 7916. Are they still a good value, and will they still be available in the secondary market?Or maybe you're wondering if you should go with the Cisco 8800 Series models that came out a few years ago that were supposed to eventually replace the whole 7900 Series. Can you afford all the bells and whistles that go with the 8800 series?To read this article in full, please click here

How the L1 Terminal Fault vulnerability affects Linux systems

Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?L1TF, L1 Terminal Fault, and Foreshadow The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.To read this article in full, please click here

How the L1 Terminal Fault vulnerability affects Linux systems

Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?L1TF, L1 Terminal Fault, and Foreshadow The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.To read this article in full, please click here

1 1,452 1,453 1,454 1,455 1,456 3,794