Will Ransomware Die?

Ransomware has been one of the more prevalent security topics for past few years. Some probably think this form of digital destruction is here for the long haul. While this may be an accurate prediction, I can imagine a turn of events that would end this form of attack. To be clear, my theory is not that enterprise networks will plug every possible entry point. My prediction is that the ransomware business model COULD cease to be viable.

Let me expand on my position. For a business model to work, it has to have a monetization strategy. For ransomware, that strategy includes the victim sending money (typically bitcoin) to the attacker—trusting that they will be given the keys to decrypt their files. In this model, the victim has to trust their attacker [to do the right thing]. In and of itself, that seems to be an oxymoron and a plea in desperation.

So if these types of attacks fail to produce recovery options and gain widespread coverage, this trust is further eroded. To some degree this has already happened with Nyetya.

TALOS – New Ransomware Variant “Nyetya” Compromises Systems Worldwide

Without analyzing the key generation or key storage components, Talos believes Continue reading

Will Ransomware Die?

So if these types of attacks fail to produce recovery options and gain widespread coverage, this trust is further eroded. To some degree this has already happened with Nyetya.

TALOS – New Ransomware Variant “Nyetya” Compromises Systems Worldwide

Without analyzing the key generation or key storage components, Talos believes Continue reading

Will Ransomware Die?

So if these types of attacks fail to produce recovery options and gain widespread coverage, this trust is further eroded. To some degree this has already happened with Nyetya.

TALOS – New Ransomware Variant “Nyetya” Compromises Systems Worldwide

Without analyzing the key generation or key storage components, Talos believes Continue reading

IDG Contributor Network: Why hybrid cloud is the future of enterprise IT

As cloud computing continues to generate a huge amount of buzz and interest over its future, another phenomenon is gaining investor’s and developer’s interest with promises to upend the future of enterprise IT. Hybrid cloud tech, which has only recently come into its own, is increasingly being recognized as the cash-cow of the future. But what exactly is this tech, and is it worth all the hubbub it’s garnered?A quick look at today’s hybrid cloud tech shows that the attention it’s drawn to itself is entirely warranted; the idea behind it may not be new, but recent advancements in computing have enabled it to truly thrive in the marketplace for the first time, and it could very well be on the verge of redefining modern computing. So what exactly is the future of hybrid cloud, and how close is it to taking off?To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why hybrid cloud is the future of enterprise IT

4 Main Design Principles of Mobile Networks

4 Main, Key Design Principles of Mobile Networks – I will explain the 4 key design principles of cellular networks in plain English. In fact I should have said, cell based systems as mobile networks may not be design based on cell based architecture. Let me explain what would be the other deployment […]

The post 4 Main Design Principles of Mobile Networks appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

What’s So Bad About POSIX I/O?

POSIX I/O is almost universally agreed to be one of the most significant limitations standing in the way of I/O performance exascale system designs push 100,000 client nodes.

The desire to kill off POSIX I/O is a commonly beaten drum among high-performance computing experts, and a variety of new approaches—ranging from I/O forwarding layers, user-space I/O stacks, and completely new I/O interfaces—are bandied about as remedies to the impending exascale I/O crisis.

However, it is much less common to hear exactly why POSIX I/O is so detrimental to scalability and performance, and what needs to change to have a suitably …

What’s So Bad About POSIX I/O? was written by Nicole Hemsoth at The Next Platform.

Declarative and Imperative Automation Thinking

Event driven or workflow driven automation for the uninitiated can appear daunting. With the rise of machine learning which adds more complexity to our field, simple rule driven automation feels more in reach than it ever has. This post aims to introduce you to a viewing lens for the world of great automation.

Converting processes in to workflows can be a tough task to accomplish and whilst this is relevant, it isn’t for this post. That’s one for another day but a great talking point and one that will be addressed.

The Layer Cake

Good automation tooling offers two views of the world; one high level that you pass arbitrary data around and one that handles interface implementation, which converts the arbitrary data to meaningful contextual data. In other words, a declarative and an imperative view, the ‘what’ and the ‘how’. The dimension that exists between the two can make or break the tool. If we have to care too much about how data is passed from one layer to the other, we’re not users, we’re more co-developers and it’s a kit not a tool.

Our Layer Cake model is simple at a high level. Two layers are enough to Continue reading

10 Places to Find Free Online IT Training

These websites offer excellent resources for IT infrastructure professionals looking to expand their knowledge.

Private cloud use grows, and ZeroStack wants to help spin them up

In June, private cloud infrastructure provider ZeroStack hired David Greene as its new CEO. For those of you who have followed the networking space closely, you may recognize Greene as the chief marketing officer of a couple of companies that were pioneers in their respective industries. Most recently, he was at Aerohive, one of the first Wi-Fi vendors to embrace a completely controller-less model.Prior to that, Greene was CMO of Riverbed. Riverbed certainly wasn’t the first WAN optimization vendor, but the company was responsible for evangelizing it and making it a household term (at least among IT circles).+ Also on Network World: Public vs. private cloud: Why the public cloud is a real threat to security + Now, Greene is trying to catch another wave, as ZeroStack is one of the first companies to offer an easy-to-deploy solution that enables businesses to quickly deploy a private cloud.To read this article in full or to leave a comment, please click here

Private cloud use grows, and ZeroStack wants to help spin them up

Top 10 Networking and Security Sessions at VMworld Europe

At VMworld Europe 2016, we showed that network virtualization is mainstream and that NSX will illuminate the path to bring your data center into the future with robust security, speed, and agility.

One year later, NSX is out to show that it’s not just in the data center anymore… it’s everywhere. Beyond helping you master the data center, NSX is setting out to empower you to reign supreme over the cloud, remote and branch offices (ROBO), and even containers. To help you get there, VMworld Europe 2017 has 70+ networking and security sessions and 60+ NSX customers to share expertise and direct experience with NSX. And on top of all of that, VMware will be presenting an exciting new security product to help ensure your applications stay secure!

Check out the list of the top, not-to-be-missed networking and security sessions below. You should also explore the schedule builder on VMworld.com to reserve your spot in the top networking and security sessions as well as to discover the whole range of introductory and deep dive NSX sessions covering the entire use case spectrum.

See you in sunny Barcelona at VMworld Europe 2017!

Date	Time	Session ID	Session Title
Tues Continue reading

Why Is Cisco Pushing LISP in Enterprise Campus?

I got several questions along the lines of “why is Cisco pushing LISP instead of using EVPN in VXLAN-based Enterprise campus solutions?”

Honestly, I’m wondering that myself (and maybe I’ll get the answer in a few days @ NFD16). However, let’s start at the very beginning…

Real-time traffic visualization using Netflix Vizceral

The open source sflow-rt/vizceral project demonstrates how real-time sFlow network telemetry can be presented using Netflix Vizceral. The central dot represents the Internet (all non-local addresses). The surrounding dots represents addresses grouped into sites, data centers, buildings etc. The animated particle flows represent packet flows with colors indicating packet type: TCP/UDP shown in blue, ICMP shown in yellow, and all other traffic in red.

Click on a node to zoom in to show packets flowing up and down the protocol stack. Press the ESC key to unzoom.

The simplest way to run the software is to use the pre-built Docker image:

docker run -p 6343:6343/udp -p 8008:8008 sflow/vizceral

The Docker image also contains demo data based on Netflix's public cloud infrastructure:

docker run -e "RTPROP=-Dviz.demo=yes" -p 8008:8008 sflow/vizceral

In this case, the detailed view shows messages flowing between microservices running in the Amazon public cloud. Similar visibility could be obtained by deploying Host sFlow agents with associated modules for web and application servers and modifying sflow/vizceral to present the application transaction flows. In private data centers, sFlow support in load balancers (F5, A10) provides visibility into interactions between application tiers. See Microservices for more information on Continue reading

Delivering Dot

Since March 30, 2017, Cloudflare has been providing DNS Anycast service as additional F-Root instances under contract with ISC (the F-Root operator).

F-Root is a single IPv4 address plus a single IPv6 address which both ISC and Cloudflare announce to the global Internet as a shared Anycast. This document reviews how F-Root has performed since that date in March 2017.

The DNS root servers are an important utility provided to all clients on the Internet for free - all F root instances including those hosted on the Cloudflare network are a free service provided by both ISC and Cloudflare for public benefit. Because every online request begins with a DNS lookup, and every DNS lookup requires the retrieval of information stored on the DNS root servers, the DNS root servers plays an invaluable role to the functioning of the internet.

At Cloudflare, we were excited to work with ISC to bring greater security, speed and new software diversity to the root server system. First, the root servers, because of their crucial role, are often the subject of large scale volumetric DDoS attacks, which Cloudflare specializes in mitigating (Cloudflare is currently mitigating two concurrently ongoing DDoS attacks as we write this). Continue reading

Cisco Firepower 2140 BOQ with licensing models

As per my previous article on the new Next Generation Firewall Cisco Firepower 2100, Today I am going to talk about the hardware and the actual BOQ required for the features mentioned in the header.

I got so many requests from the people to provide the BOQ for the Cisco Firepower 2140 with AVC+IPS Licensing model. In this article I will come up with all the licensing model of Cisco Firepower 2100 Next generation firewall.

If you missed my earlier article on Cisco Firepower 2100 series Next Generation Firewalls, below is the link for your reference.

Cisco Firepower 2100 Next Generation Firewalls Introduction

So lets discuss about the BOQ for all the 3 licensing model in Cisco Firepower 2100 Series Next Generation Firewalls. Before i come with the BOQ, one thing i want to tell you that with the NGFW image of the Cisco Firepower 2100 Series AVC is inbuilt feature. AVC stands for Application visibility and you can have all the management on the Firesight management console which can be either on VM or by using the dedicated appliances.

We have three licensing model and they are :

L-FPR2140T-T= This License stands for the NGIPS feature in Cisco Firepower Continue reading

Network automation best practices for DevOps

Optimizing a network for maximum efficiency almost always requires some level of automation. From provisioning resources to configuring processes and applications, network automation can improve upon the consistency of network operations while also reducing the resources needed to maintain the network. That being said, network automation can be exceedingly complex as well. Following network automation best practices is necessary to ensure that automation doesn’t interfere with or compromise the network.

Create a centralized hub for automated services

As networks grow, it can be tempting to add new services and tools one by one. Unfortunately, piecemeal additions can quickly become haphazard and difficult to maintain. Automated services should always be controlled through a single API or centralized hub, to improve upon reporting, maintenance, consistency and optimization.

Network automation suites have been developed to be robust enough that they can use the same code base for computing, networking, and storage, thereby significantly simplifying network optimization and other related processes. Ansible is one example of a network automation tool that can help you embrace DevOps as a network automation best practices, though there are many others. IT departments will find the process of automation easier to manage and maintain when filtered through a Continue reading

Hurricane Irma

Yesterday, we described how Hurricane Irma impacted several Caribbean islands, with the damage including a significant disruption to Internet access.

Source: accuweather.com

As Irma is now forecast to hit southern Florida as category 5 this weekend with gusty winds reaching up to 155mph, it is also expected that Internet infrastructure in the region will suffer.

At the time of writing, we haven’t noticed any decrease in traffic in the region of Miami despite calls to evacuate.

Resilient Data Centers

Contrary to popular belief, Internet wasn't built for the purpose of resisting a nuclear attack. That doesn't mean that datacenters aren't built to resist catastrophic events.

The Miami datacenter housing servers for Cloudflare and other Internet operators is classified as Tier IV. What does this tiering mean? As defined by the ANSI (American National Standards Institute), a Tier IV datacenter is the stringent classification in term of redundancy of the critical components of a datacenter: power and cooling. It guarantees 99.995% uptime per year, that is only 26 minutes of unavailability. Tier IV datacenters provide this level of uptime by being connected to separate power grids, allowing their customers to connect their devices to both of these grids. They Continue reading

Cisco Next Generation Firewalls : Cisco Firepower 2100 Series

Today I am going to talk about the Cisco Next Generation Firewalls named as Cisco Firepowers. Firepower is gaining the market with the best features of NGFW. Cisco uses both images of ASA and NGFW with various features.

In this article I am specifically talking about the Cisco Firepower 2100 Series. You can have two different models with the various licensing models in Cisco 2100 series firewall. One model is Cisco Firepower with ASA image where you can have the same capabilities of ASA CLI model and the other Cisco model is Cisco Firepower with NGFW image.

Let's talk about NGFW image, Cisco Firepower 2100 with NGFW image ( Next Generation Firewall) having Application visibility inbuilt and have three other licensing which will provide you the features of NGIPS ( Cisco Next-Generation Intrusion Prevention System) , AMP ( Advance Malware Protection) , Content filtering ( URL filtering ).

Fig 1.1- Cisco Firepower 2100 Series

Now If you are going to have the customer who wants the next generation firewalls, ofcourse Cisco Firepower with NGFW image is there to support you. Let me talk about the general features of Cisco Firepower 2100 Series Next Generation firewall with the Continue reading

The Tale of Windows UAC and Incompetent Programmers

The Tail of Windows UAC

Windows systems… I’m not particularly fond of them anymore. I do believe however that the introduction of UAC, while not perfect¹, was a step in the right direction.

We’re all familiar with UAC by now; introduced in Windows Vista and got better by newer versions. While the technical details are complex, the basic concept is simple enough.

Microsoft realized that no matter how much they empathize on Principle of least privilege and advise against using administrator accounts for everyday tasks², almost all users still do so anyway. On top of that, programmers not following any guidelines, use any location they deem to be fit for their application’s settings.

A solution was needed. One that would not break compatibility with older programs, while giving programmers time to adjust to the new security model. It was also needed to give the sensation of “Administrator privilege” to those users who are so damn eager to have it all the time.

So thanks to the windows users and programmers, we ended up with an overly complicated solution for an imaginary problem³.

From the very start, the new model managed to get a bad reputation. Continue reading

« Previous 1 … 1,876 1,877 1,878 1,879 1,880 … 3,808 Next »