One Hyperscaler Gets The Jump On Skylake, Everyone Else Sidelined

Well, it could have been a lot worse. About 5.6 percent worse, if you do the math.

As we here at The Next Platform have been anticipating for quite some time, with so many stars aligning here in 2017 and a slew of server processor and GPU coprocessor announcements and deliveries expected starting in the summer and rolling into the fall, there is indeed a slowdown in the server market and one that savvy customers might be able to take advantage of. But we thought those on the bleeding edge of performance were going to wait to see what Intel,

One Hyperscaler Gets The Jump On Skylake, Everyone Else Sidelined was written by Timothy Prickett Morgan at The Next Platform.

Docker Enterprise Edition enters FIPS certification process

Security is a key pillar of the Docker Enterprise Edition (EE)  platform. From built in features automatically configured out of the box to a new secure supply chain and flexible yet secure configurations that are portable with the app from one environment to another – enabling the most secure infrastructure and applications is paramount.

In addition to all the security features, ensuring that the Docker platform is validated against widely-accepted standards and best practices is a critical aspect of our product development as this enables companies and agencies across all industries to adopt Docker containers. The most notable of these standards is that of the Federal Information Processing Standard (FIPS) Publication 140-2, which validates and approves the use of various security encryption modules within a software system.

Today, we’re pleased to announce that the Docker EE cryptography libraries are at the “in-process” phase of the FIPS 140-2 Level 1 Cryptographic Module Validation Program.

This is just one of the many initiatives Docker is driving to support agencies in the adoption of Docker and deployment of container applications in a secure and compliant manner.  In addition to starting the FIPS certification process, below are the other compliance initiatives to date:

New Lab Server & random updates

New Server:

So I just completed a purchase off eBay for a new server for my lab purposes.

For a while now I’ve been limited to 32Gb of memory on my old ESXi server, which is really more like 20Gb when my regular servers have had their share. Running a combination of different types of devices, each taking at least 4Gb of memory, doesn’t leave much room for larger labs.

I decided to go with a “real” server this time around. So I got an older Cisco UCS C200 M2 server with 2 x Xeon 5570 processors and an additional 96 Gb ram (on top of the 24 it came with). That stil leaves room for a bit of memory upgrades in the future (it supports a total of 192Gb) (had a budget on this one, so couldn’t go crazy).

Work:

Work has been crazy lately. 2 of my Team members just resigned so a lot of workload has to be shifted until we find suitable replacements. That means I’ve been working 65+ hour work weeks for a while now. Something that I dont find even remotely amusing to be honest. But I’ve been reassured that everything is being done Continue reading

4 Tips for a successful virtual network deployment

As new technologies like software defined networking, SD-WAN, cloud computing and the Internet of Things continue to grow in maturity and adoption, organizations are faced with transforming their networks to keep up with the changes.Many of these technologies involve using software to automate management of the network or to virtualize the network. Recent research from IDC suggests revenues from networking and communications software will grow from a $6 billion market in 2017 to a $12 billion by 2021.+ MORE AT NETWORK WORLD: Experts: The future of IoT will be fascinating and also potentially catastrophic +To read this article in full or to leave a comment, please click here

NSA’s EthernalBlue exploit ported to Windows 10

If you were running Windows 10, then you didn’t need to worry about your box being hit with the leaked NSA EternalBlue exploit; but things change and now researchers have ported EternalBlue to Windows 10.After the WannaCry ransomware attack, some defenders focused on building detection rules to protect against the DoublePulsar backdoor implant; but beware as RiskSense researchers completely removed DoublePulsar. They warned that DoublePulsar is a “red herring for defenders to focus on, as stealthier payload mechanisms can be crafted.”While they are not revealing all the details about the exploit chain so attackers can jump on them, they hope white hat security researchers benefit from the technical overview of the exploit process “so that new generic and targeted techniques can be developed to prevent attacks.”To read this article in full or to leave a comment, please click here

NSA’s EthernalBlue exploit ported to Windows 10

If you were running Windows 10, then you didn’t need to worry about your box being hit with the leaked NSA EternalBlue exploit; but things change and now researchers have ported EternalBlue to Windows 10.After the WannaCry ransomware attack, some defenders focused on building detection rules to protect against the DoublePulsar backdoor implant; but beware as RiskSense researchers completely removed DoublePulsar. They warned that DoublePulsar is a “red herring for defenders to focus on, as stealthier payload mechanisms can be crafted.”While they are not revealing all the details about the exploit chain so attackers can jump on them, they hope white hat security researchers benefit from the technical overview of the exploit process “so that new generic and targeted techniques can be developed to prevent attacks.”To read this article in full or to leave a comment, please click here

Worth Reading: Good Samaritans with network visibility

In a big open office 30 feet from me, a team of US Veterans speak intently on the phone to businesses large and small, issuing urgent warnings of specific cyber security threats. They call to get stubborn, confused people to take down hidden ransomware distribution sites. They call with bad news that a specific computer at the business has malware that steals login credentials. They call with good news — you can beat the bad guys this time by not sending the money — minutes before an email arrives to the business with fraudulent wire transfer instructions. —CircleID

The post Worth Reading: Good Samaritans with network visibility appeared first on rule 11 reader.

25% off Logitech K780 Multi-Device Wireless Keyboard for Computer, Phone & Tablet – Deal Alert

Rewrite the rules of desktop typing. Logitech's K780 is the type-on-everything keyboard with full-size keys and a convenient number pad. Enjoy quiet, comfortable typing, on your Windows PC or Mac, and switch typing to your phone or tablet at the touch of a button. An integrated rubber stand holds your mobile devices within reach and always at the perfect typing angle. A generous two-year battery life virtually eliminates the need to switch out batteries. The K780 typically lists for $79.99, but right now is discounted 25% to $59.99. See this deal now on Amazon.To read this article in full or to leave a comment, please click here

Counting things, a lot of different things…

Counting things, a lot of different things…

Back in April we announced Rate Limiting of requests for every Cloudflare customer. Being able to rate limit at the edge of the network has many advantages: it’s easier for customers to set up and operate, their origin servers are not bothered by excessive traffic or layer 7 attacks, the performance and memory cost of rate limiting is offloaded to the edge, and more.

In a nutshell, rate limiting works like this:

  • Customers can define one or more rate limit rules that match particular HTTP requests (failed login attempts, expensive API calls, etc.)

  • Every request that matches the rule is counted per client IP address

  • Once that counter exceeds a threshold, further requests are not allowed to reach the origin server and an error page is returned to the client instead

This is a simple yet effective protection against brute force attacks on login pages and other sorts of abusive traffic like L7 DoS attacks.

Doing this with possibly millions of domains and even more millions of rules immediately becomes a bit more complicated. This article is a look at how we implemented a rate limiter able to run quickly and accurately at the edge of the network which Continue reading

1 2,026 2,027 2,028 2,029 2,030 3,840