Micro-segmentation of the Epic Electronic Health Records System with VMware NSX

authors – Geoff Wilmington, Mike Lonze

Healthcare organizations are focusing more and more on securing patient data. With Healthcare breaches on the rise, penalties and fines for lost or stolen PHI and PII data is not only devastating to the patients, but to the Healthcare organization as well. The Ponemon Institute Annual Benchmark Study on Privacy & Security of Healthcare Data has shown that nearly 50 percent of Healthcare organizations, up 5 percent from a previous study, that criminal attacks are the leading cause of Healthcare breaches. [1] With breaches on the rise and Healthcare organizations feeling the pain, how can we help Healthcare start layering security approaches on their most critical business applications that contain this highly critical data?

The principle of least privilege is to provide only the necessary minimal privileges for a process, user, or program to perform a task. With NSX, we can provide a network least privilege for the applications that run on the vSphere hypervisor using a concept called Micro-segmentation. NSX places a stateful firewall at the virtual network card of every virtual machine allowing organizations to control very granularly how virtual machines communicate or don’t communicate with each Continue reading

Harnessing Data Insights To Achieve Optimal Energy Consumption

In an age of ongoing digital advancement, leaders across all industries are seeking new ways to improve workplace productivity, ensure competitive advantage, and facilitate continued growth. Success hinges on their ability to accelerate time to value, and work more efficiently and effectively than the competition. Innovation and sustainability are key.

This is particularly true for the energy, oil, and gas (EOG) sector. As the global economy progressively moves away from fossil fuels in search of renewable resources, EOG companies are challenged to operate faster and smarter than ever before. Many organizations are utilizing high performance computing (HPC) technologies in order …

Harnessing Data Insights To Achieve Optimal Energy Consumption was written by Timothy Prickett Morgan at The Next Platform.

Spock’s wise words for today’s network managers

It’s no surprise that many network engineers are also fans of Star Trek. Personally, I have been a Trekkie for as long as I can remember. One of the appealing things about Star Trek is that it pushed the limits of what’s possible. In fact, many technologies we take for granted today were previewed on Star Trek over 50 years ago. Things such as wireless communications, immersive videoconferencing and tablet computers were all used regularly on the Starship Enterprise long before we used them down on Earth.+ Also on Network World: Star Trek medical tricorder closer to becoming reality + This week, the next wave of Star Trek kicked off with “Discovery” airing on CBS. As the dawn of this new era begins, I thought it would be fun to look back at the top seven quotes from Star Trek’s most logical person, Spock, which network managers should embrace. Incidentally, I chose seven because of the Galileo 7 episode, which was Spock’s first command.To read this article in full or to leave a comment, please click here

Spock’s wise words for today’s network managers

IDG Contributor Network: Waxing or WANing

Allow me to wax poetic about software-defined wide area networking (SD-WAN):Ode to an SD-WAN I love your complexityAnd lack of deterministic behaviorI need your connectivityBut not new network layersOnly I can comprehendYour brittleness and insecurityAnd in the bitter endLike ATM fade in obscurityWhile SD-WANs are a hot topic currently, in reality, I believe that WANs will ultimately wane and give way to “wide area inter-networks." SD-WANs are already multi-network use cases (e.g. connecting branch networks to the corporate network). Right now, they are simple overlays, but over time, performance and functionality demands will require them to interact with the underlay network (and other layers). To read this article in full or to leave a comment, please click here

IDG Contributor Network: Waxing or WANing

2 options for deciding open computing standards—neither is great

How should open computing standards, such as the protocols and languages that make up much of the core of the internet, be decided on and handled? It’s not an easy question to answer. But the answer has vast and potentially severe ramifications for almost every company on the planet (at least if you rely on your website for doing any percentage of your business). A recent kerfuffle with the World Wide Web Consortium (W3C), the organization responsible for standardizing much of the web that most people use on a daily basis, has caused many to ask for the shut-down of the W3C and the creation of a new standards body. But is that actually a good idea?To read this article in full or to leave a comment, please click here

Ok, I’m Giving Ubiquiti Networks Another Chance

After quite a few discussions resulting from my Epic Evaluation: Ubiquiti ERPro-8 vs Play-Doh where (spoiler alert!) the Play-Doh™ won hands down after an exhaustive six-month test, I’ve been persuaded to give Ubiqiuti Networks (aka UBNT) another chance. Another two chances, in fact.

Ubiquiti Networks Logo

Ubiqitui Networks Products

As I said in the evaluation post, I was hesitant about recommending against UBNT products not least because I owned four other UBNT devices (three wireless access points and a 48-port switch). Despite being persuaded to try UBNT again, I strongly maintain my previous recommendation to avoid the ERPro-8 like a wedding invitation from Walder Frey. For the rest of the product range I’ve decided to suspend my previous “NO BUY” verdict and reserve my final judgement while I try out some new additions to my home network and see if they can restore balance to the nerd universe.

I would also like to add that while Ubiquiti’s official Support and RMA channels were no help to me whatsoever when my ERPro-8 was behaving badly, I did appreciate one employee reaching out privately and trying to help. The conclusion for now is that flash itself has indeed become irrecoverably corrupted and the device Continue reading

Announce: Briefings In Brief – A New Packet Pushers Podcast Channel

Briefings In Brief is a new podcast channel from the Packet Pushers that summarizes tech news and announcements in quick doses.

The post Announce: Briefings In Brief – A New Packet Pushers Podcast Channel appeared first on EtherealMind.

Pre-Order the New Echo, Echo Plus, or Fire TV Here – Deal Alert

The 2nd generation Echo costs just $99, and has a 2.5” downward-firing woofer and 0.6” tweeter powered by Dolby to deliver crisp vocals and dynamic bass throughout the room. You can play music from Amazon Music, Spotify, Pandora, iHeartRadio, TuneIn, and more. With Amazon Music, you can search by lyrics, time-period, or let Alexa pick the music for you. You can also listen to audiobooks from Audible, podcasts, radio stations or news briefs. Make calls, set alarms and timers, ask questions, check your calendar, weather, traffic, and sports scores, manage to-do and shopping lists, control smart home devices, and more. Multiple Echo devices around your house work together -- ask Alexa to play your favorite music on all Echo's, or different styles in different rooms. The new Echo won't ship until October 31, but if you order now and select 2-day shipping, you'll have it on your doorstep the day it's released. See it on Amazon here.To read this article in full or to leave a comment, please click here

Forrester: 3 ways IoT can drive business value

You can’t escape the IoT momentum these days. The Internet of Things is being used for everything from saving the rhino from poaching to leveraging stray dogs to fight crime. (No, really, I’m not kidding… check the links!) But even as vendors spend billions to try and grab IoT market share, it’s not always clear exactly how their business customers are supposed to actually benefit from IoT. (The challenges can be equally hard to understand). According to a thoughtful new report from Forrester, the answer lies in three fundamental business scenarios:To read this article in full or to leave a comment, please click here

3 ways IoT can drive business value

What is MP – Merge Point in MPLS Traffic Engineering ?

What is MP, Merge Point in MPLS Traffic Engineering ? Understanding Merge Point in MPLS Traffic Engineering will help you to understand the MPLS TE – Fast Reroute MP (Merge Point) is the term is used in the context of Fast Reroute. I briefly mentioned from Merge Point in the MPLS Traffic Engineering Fast Reroute Link Protection post earlier and in this […]

The post What is MP – Merge Point in MPLS Traffic Engineering ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Introducing Cloudflare Warp: Hide Behind The Edge

I work at a company whose job it is to be attacked. As I’m writing this, an automatic mitigation is fighting two ongoing DDoS attacks. Any machine that’s publicly routable on the internet today can be a vector for attack, and that’s a problem.

Today we want to turn the tables and give you a new way of exposing services to the internet without having them be directly, publicly routable. Meet Cloudflare Warp.

Introducing Cloudflare Warp: Hide Behind The Edge CC BY-SA 2.0 image by Christian Ortiz

Playing Hide and Seek with Bots and Hackers

Cloudflare internally runs about 4,000 containers that make up about 1.5K services and applications. Some of these containers need to network with other local containers, and others need to accept connections over the wire.

Every devops engineer knows that bad things happen to good machines, and so our platform operations team tries to hide servers altogether from the internet. There are several ways to do this:

Rotate IP addresses
Deploy proxies
Create firewall rules
Configure IP tables
Limit connections by client certificate
Cross connect with an upstream provider
Configure a GRE tunnel
Authentication mechanisms like OAuth or OIDC

These can be complicated or time consuming, yet none of them are Continue reading

What is PI and PA ? Provider Independent and Provider Assigned ?

What is PI and PA ? Provider Independent and Provider Assigned ? In this post, I will explain the important considerations on PI (Provider Independent) and PA (Provider Assigned). In this post, I will explain below points : What is PI and PA ? Why PI and PA addresses are used ? […]

The post What is PI and PA ? Provider Independent and Provider Assigned ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Down the Rabbit Hole: The Making of Cloudflare Warp

In the real world, tunnels are often carved out from the mass of something bigger - a hill, the ground, but also man-made structures.

Down the Rabbit Hole: The Making of Cloudflare Warp CC BY-SA 2.0 image by Matt Brown

In an abstract sense Cloudflare Warp is similar; its connection strategy punches a hole through firewalls and NAT, and provides easy and secure passage for HTTP traffic to your origin. But the technical reality is a bit more interesting than this strained metaphor invoked by the name of similar predecessor technologies like GRE tunnels.

Relics

Generic Routing Encapsulation or GRE is a well-supported standard, commonly used to join two networks together over the public Internet, and by some CDNs to shield an origin from DDoS attacks. It forms the basis of the legacy VPN protocol PPTP.

Establishing a GRE tunnel requires configuring both ends of the tunnel to accept the other end’s packets and deciding which IP ranges should be routed through the tunnel. With this in place, an IP packet destined for any address in the configured range will be encapsulated within a GRE packet. The GRE packet is delivered directly to the other end of the tunnel, which removes the encapsulation and forwards the original Continue reading

Juniper SRX Password Recovery

I can imagine that is how I looked when I got my “new” Juniper SRX from (insert favorite auction site) …

Continue reading →

The post Juniper SRX Password Recovery appeared first on Fryguy's Blog.

IDG Contributor Network: How the hybrid cloud has made the digital transformation possible

Competition in the 21st Century economy is fierce. Consumers are more tech-savvy than ever, as we all carry around more computing power in our pockets than Neil Armstrong took to the moon—and potential customers pay attention to differentiated experiences. Increasingly for all businesses, investing in agile software development is a way to achieve that differentiation.In other words, in the 21st Century, every business is a software business.All that software that’s enabling this transformation toward digital experiences has to run somewhere, and it turns out a hybrid cloud strategy gives businesses maximum choice when it comes to what runs where.To read this article in full or to leave a comment, please click here

Upcoming Spousetivities Events

Long-time readers/followers know that my wife, Crystal, runs a program called Spousetivities. This program organizes events for spouses/partners/significant others at IT industry conferences. This fall is a particularly busy season for Crystal and Spousetivities, as she’ll be organizing events at DockerCon EU, the fall OpenStack Summit, and AWS re:Invent! Here are some details on these upcoming events.

DockerCon EU 2017

For the first time, Spousetivities will be present at DockerCon EU, taking place this year in Copenhagen, Denmark. There’s a great set of activities planned:

City tour of Copenhagen
Castle tour, including Kronborg and Frederiksborg
Food tour and Tivoli Gardens

More information is available on the Spousetivities web site; if you’d like to register for any of the events, tickets are available right now.

OpenStack Summit Sydney

Spousetivities returns to the fall OpenStack Summit, held this year in beautiful Sydney, Australia. Spousetivities is no stranger to the OpenStack Summits, having supported the OpenStack community for several years now.

Once again, Crystal has arranged a great set of activities in and around Sydney:

Picturesque tour up to the Blue Mountains
City tour of Sydney, including some beautiful hidden beaches
Hunter Valley wine tour

This blog post on the Spousetivities Continue reading

Top 3 Data Center Myths Debunked

Uptime Institute study provides a reality check about the state of enterprise data centers.

« Previous 1 … 1,894 1,895 1,896 1,897 1,898 … 3,850 Next »