Rapid Micro-segmentation using Application Rule Manager Recommendation Engine

Customers understand the need for micro-segmentation and benefits it provides to enhance the security posture within their datacenter. However, one of the challenges for a Security admin is how to define micro-segmentation policies for applications owned and managed by application teams. This is even more challenging especially when you have tens or hundreds of unique applications in your data center, all of which use different port and protocols and resources across the cluster. The traditional manual perimeter firewall policy modeling may not be ideal and may not be able to scale for the micro-segmentation of your applications as it would be error-prone, complex and time consuming.

NSX addresses the how & where to start micro-segmentation challenge by providing the built-in tool called Application Rule Manager (ARM), to automate the application profiling and the onboarding of applications with micro-segmentation policies. NSX ARM has been part of NSX, since the NSX 6.3.0 release but here we will talk about Application Rule Manager (ARM) enhancement, Recommendation Engine, introduced as part of NSX 6.4.0 release. This enhancement allows you to do Rapid Micro-segmentation to your data center application by recommending “ready to consume” workload grouping & firewall policy rules.

To Continue reading

IDG Contributor Network: Securing the largest IoT deployments in the world, the smart electric grid

Once you remove the hype surrounding the ‘Internet of Things’, you seldom find large, real-world deployments of ‘Smart, connected things’ that forms it. You also don’t co-relate the words IoT and Electric Grid. However, the Smart Electric Grid is actually one of the largest IoT deployments, with an estimated 500 million meters installed to date. This is expected to grow to 1 billion by 2020.The smart grid infrastructure A Smart Grid is nothing but a network of electrical suppliers, which is managed by a system of digitally controlled interfaces that can dynamically alter the flow and supply of electricity in response to micro and macro changes in demand. One way to think about this complex web of systems is in layers:To read this article in full, please click here

IoT and the law of unintended consequences

You’ve probably already heard about the latest Internet of Things (IoT) security fiasco — coverage has gone far beyond the tech press into the mainstream TV news. In case you haven’t been paying attention, though, here’s the elevator pitch version:Fitness network Strava publishes a global heatmap of where users are running and working out using its services, and folks just figured out that the map includes information that could reveal the locations of military forces working out in sensitive and sometimes secret locations. One expert worried that “tracking the timing of movements on bases could provide valuable information on patrol routes or where specific personnel are deployed.”To read this article in full, please click here

IoT and the law of unintended consequences

You’ve probably already heard about the latest Internet of Things (IoT) security fiasco — coverage has gone far beyond the tech press into the mainstream TV news. In case you haven’t been paying attention, though, here’s the elevator pitch version:Fitness network Strava publishes a global heatmap of where users are running and working out using its services, and folks just figured out that the map includes information that could reveal the locations of military forces working out in sensitive and sometimes secret locations. One expert worried that “tracking the timing of movements on bases could provide valuable information on patrol routes or where specific personnel are deployed.”To read this article in full, please click here

IDG Contributor Network: Choosing ISPs for SD-WAN: don’t be pound foolish

I was in the local Best Buy the other day and overheard a conversation between a saleswoman and a father looking to buy a computer for his daughter. Apparently, the daughter is a designer, which of course requires lots of heavy graphics work. Anyway, the saleswoman was trying to explain how he should invest a little bit more in an expensive graphics card because of her work. The father wouldn’t hear of it. He wanted the least expensive machine possible.It was a mistake.Part of the art of life is knowing when and where to invest your resources for maximum return. Sometimes less is, well, less and investing a bit more really can make a difference. I know you didn’t come to this blog for self-help advice, but life’s truism has real-world implications for wide area networks and, in particular, when selecting the Internet infrastructure underlying your SD-WAN.To read this article in full, please click here

IDG Contributor Network: Choosing ISPs for SD-WAN: don’t be pound foolish

I was in the local Best Buy the other day and overheard a conversation between a saleswoman and a father looking to buy a computer for his daughter. Apparently, the daughter is a designer, which of course requires lots of heavy graphics work. Anyway, the saleswoman was trying to explain how he should invest a little bit more in an expensive graphics card because of her work. The father wouldn’t hear of it. He wanted the least expensive machine possible.It was a mistake.Part of the art of life is knowing when and where to invest your resources for maximum return. Sometimes less is, well, less and investing a bit more really can make a difference. I know you didn’t come to this blog for self-help advice, but life’s truism has real-world implications for wide area networks and, in particular, when selecting the Internet infrastructure underlying your SD-WAN.To read this article in full, please click here

Aruba v Aerohive in customer reviews

When choosing the wireless LAN gear to be used in enterprises, it's important to look at security, reliability and ease of system management, and that's exactly what a group of Aruba and Aerohive customers have done.To read this article in full, please click here(Insider Story)

History Of Networking – Paul Vixie – DNS Adoption

In a continued look at the history of DNS on the Internet, Paul Vixie joins Network Collective to talk about the adoption process of DNS.

Paul Vixie
Guest
Russ White
Host
Donald Sharp
Host
Eyvonne Sharp
Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Paul Vixie – DNS Adoption appeared first on Network Collective.

Getting Started: LDAP Authentication in Ansible Tower

Ansible Getting Started LDAP

Next in the Getting Started series is covering the basics of configuring Red Hat Ansible Tower to allow users to log in with LDAP credentials. In this post, we'll explain a few troubleshooting tips to help narrow down problems and correct them. As long as you have a map of your LDAP tree/forest, this post should help get users logging in with their LDAP credentials.

CONFIGURATION SETTINGS

To configure your Ansible Tower for LDAP authentication, navigate to Settings (the gear icon) and to the "Configure Tower" section. The area within these configuration settings we're focusing on is "Authentication", and the sub category should be set to "LDAP".

Ansible-Getting-Started-Tower-LDAP-7

The fields that will be the primary focus are:

  • LDAP server URI
  • Bind DN and password
  • User/group searches

The other fields will allow you to refine your LDAP searches to reduce the resources used in production or map your organization.

The LDAP URI is simply the IP or hostname of your LDAP server prepended with the protocol (ldap://).


The bind DN will be a user credential and password (followed by the group and domain) with access to read the LDAP structure.

REFINING USER SEARCH

With Ansible Tower able to connect to the LDAP Continue reading

IT budgets remain tight due to cloud migration

For the third straight year, IT organizations are keeping tight control over their IT budgets, but not because of economic uncertainty. Instead, the hesitancy to spend is because of the transition to the cloud.That’s the findings from IT market research firm Computer Economics, which published the report Worldwide IT Spending and Staffing Outlook for 2018 (paywall), and it echoes a common finding that on-premises computing continues to fall out of favor as IT shops look to migrate as much work as possible to the public cloud.“Typically, before the cloud transition, companies would grow IT budgets roughly to match expected revenue growth,” said David Wagner, vice president of research for Computer Economics in a statement. “This is no longer true in regions of higher cloud adoption, such as the U.S. and Canada, where IT budgets are not keeping pace with revenue growth.”To read this article in full, please click here

IT budgets remain tight due to cloud migration

For the third straight year, IT organizations are keeping tight control over their IT budgets, but not because of economic uncertainty. Instead, the hesitancy to spend is because of the transition to the cloud.That’s the findings from IT market research firm Computer Economics, which published the report Worldwide IT Spending and Staffing Outlook for 2018 (paywall), and it echoes a common finding that on-premises computing continues to fall out of favor as IT shops look to migrate as much work as possible to the public cloud.“Typically, before the cloud transition, companies would grow IT budgets roughly to match expected revenue growth,” said David Wagner, vice president of research for Computer Economics in a statement. “This is no longer true in regions of higher cloud adoption, such as the U.S. and Canada, where IT budgets are not keeping pace with revenue growth.”To read this article in full, please click here

IDG Contributor Network: A software defined network requires reinventing IT devops

It’s common for a newly released application to have a few bugs in it. Customers may grumble, and IT service requests may increase, but life goes on and people will figure out how to work around the issues. The same cannot be said for a network software upgrade. If the network goes down, everything grinds to a halt, and service to employees and customers ceases.In the old hardware network model, an operator relied on three to four vendors to run annual or semiannual upgrades, and even that process put the network’s resiliency at risk.  As networks transition to a software model, they are supported by a myriad of best-of-breed partners and a more diverse ecosystem, increasing the frequency of updates and therefore the degree of network vulnerability. In addition, the technology implemented is less mature, resulting in greater network exposure to errors and risk.To read this article in full, please click here

IDG Contributor Network: A software defined network requires reinventing IT devops

It’s common for a newly released application to have a few bugs in it. Customers may grumble, and IT service requests may increase, but life goes on and people will figure out how to work around the issues. The same cannot be said for a network software upgrade. If the network goes down, everything grinds to a halt, and service to employees and customers ceases.In the old hardware network model, an operator relied on three to four vendors to run annual or semiannual upgrades, and even that process put the network’s resiliency at risk.  As networks transition to a software model, they are supported by a myriad of best-of-breed partners and a more diverse ecosystem, increasing the frequency of updates and therefore the degree of network vulnerability. In addition, the technology implemented is less mature, resulting in greater network exposure to errors and risk.To read this article in full, please click here

1 1,762 1,763 1,764 1,765 1,766 3,862