Introducing SSL for SaaS

If you’re running a SaaS company, you know how important it is that your application is performant, highly available, and hardened against attack. Your customers—and your revenue stream—depend on it. Putting your app behind a solution such as Cloudflare is an obvious move for your own infrastructure, but how do you securely (and easily) extend these benefits to your customers?

If your customers interact with your app on your domain and don’t care about branding under their custom or “vanity” domain (or aren’t paying you for the ability to do so), the solution is straightforward: onboard your domain to Cloudflare and serve the app at either https://app.yourcompany.ltd or https://yourcustomer.yourcompany.ltd. But if your customers want to host your application, portal, content management solution, etc. on their own domain for improved SEO and discoverability, e.g., https://app.yourcustomer.site the solution is not so easy.

Easily extend the benefits of Cloudflare to your customers, one hostname at a time

SSL for SaaS - Process Overview

Until today, your best bet was to ask them to CNAME over to your infrastructure, have them generate a private key and CSR, send the latter to a CA for signing, and then securely provide you with the Continue reading

IDG Contributor Network: StorageOS jumps on the ‘storage for Docker’ bandwagon

As one of the earliest backers of recently shuttered vendor ClusterHQ, I’ve seen a long and torturous journey for Docker add-on vendors. Part of this is a timing issue—ClusterHQ was pretty early, and arguably burned a bunch of its hard-earned cash too early.But some of the issues are more ecosystem related. When Docker, the commercial entity behind the eponymously named open-source project, was first founded, it received massive interest from funders. Multiple funding rounds saw Docker Inc. achieve incredible valuation levels that many predicted would be problematic in the future.+ Also on Network World: 5 reasons developers love containers + That prediction would seem to have eventuated, and the recent high-profile rise of Kubernetes certainly increased the pain Docker feels. While many will be quick to point out that Docker and Kubernetes aren’t mutually exclusive, Docker’s valuation was arguably predicated on the company’s ability to expand its footprint far further into the orchestration aspects of containers. The fact that an open-source initiative came to bear, and one that has the proven track record of being directly descended from the systems that Google uses to run its own massive business, certainly put the pressure on Docker.To read this Continue reading

New FCC web portal opens for 5G experimenters

Got a fantastic, futuristic 5G wireless application you need to try out, but you need an FCC license to start testing? It’s about to get easier to get a program experimental license, thanks to a new web portal announced days ago by the FCC, in partnership with NYU and the University of Colorado Boulder.The idea is to make it simpler for research labs, universities, manufacturers and others to obtain the necessary permission to test new devices, while also ensuring that existing services aren’t impacted by testing.+ALSO ON NETWORK WORLD: Secrets of bimodal IT success: Tiger teams, skunkworks and the camel’s nose + Galaxy S8+ review: The future of Android is nowTo read this article in full or to leave a comment, please click here

Tap the power of Google’s Go language

Google's Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. It’s part of the programming language lineage that started with Tony Hoare’s Communicating Sequential Processes, and it includes Occam, Erlang, Newsqueak, and Limbo.Use canonical import paths for repositories with aliasesTo read this article in full or to leave a comment, please click here(Insider Story)

Blockchain: ‘Overhyped’ buzzword or real-deal enterprise solution?

While blockchain is among the hottest technologies in the enterprise security, data storage and file-sharing arenas, many experts question its use or even whether it's really as secure as billed.As marketplaces struggle with how best to deploy the distributed ledger technology, IT vendors are beginning to test it in their products -- in some cases, as a reaction to  customer inquiries rather than a proactive move."It's a very hot topic right now," said Zulfikar Ramzan, CTO of RSA Security, a subsidiary of the Dell EMC Infrastructure Solutions Group. "We are definitely getting a lot of inbound inquiries around blockchain and its implication within enterprise environments. I think it's driven largely by the fact that when there's a new technology out there, to some degree people want to be buzzword compliant with the latest and greatest."To read this article in full or to leave a comment, please click here

Blockchain: ‘Overhyped’ buzzword or real-deal enterprise solution?

While blockchain is among the hottest technologies in the enterprise security, data storage and file-sharing arenas, many experts question its use or even whether it's really as secure as billed.As marketplaces struggle with how best to deploy the distributed ledger technology, IT vendors are beginning to test it in their products -- in some cases, as a reaction to  customer inquiries rather than a proactive move."It's a very hot topic right now," said Zulfikar Ramzan, CTO of RSA Security, a subsidiary of the Dell EMC Infrastructure Solutions Group. "We are definitely getting a lot of inbound inquiries around blockchain and its implication within enterprise environments. I think it's driven largely by the fact that when there's a new technology out there, to some degree people want to be buzzword compliant with the latest and greatest."To read this article in full or to leave a comment, please click here

The 20 highest-paying markets for cyber security engineers

Big spendersImage by UnsplashIT security professionals are in high demand in most job markets, but some metropolitan areas are better than others when it comes to offering a top pay check. Randstat recently released its annual IT salary study, which looked at the top 45 highest paying markets in 27 states. Following are the top 20 markets for cyber security engineers, based on the medium salary reported.To read this article in full or to leave a comment, please click here

Cybersecurity companies to watch

In canvassing the security industry, CBInsights came up with a list of startups with early-to mid-stage high-momentum that have pioneering technology with the potential to transform cybersecurity. They split the companies into the following categories: Quantum Encryption, Predictive Intelligence, Deception Security, Autonomous Systems, IoT Security, Mobile Security, Automobile Security, Critical Infrastructure Security, and Cyber Insurance.CB Insights created a Company Mosaic, which uses data to track private company health, using signals including recency of financing, total raised, and investor quality. We’ve gathered this data via our machine learning technology (dubbed The Cruncher) as well as via several thousand direct submissions from firms and  individual professionals.To read this article in full or to leave a comment, please click here(Insider Story)

Cybersecurity companies to watch

In canvassing the security industry, CBInsights came up with a list of startups with early-to mid-stage high-momentum that have pioneering technology with the potential to transform cybersecurity. They split the companies into the following categories: Quantum Encryption, Predictive Intelligence, Deception Security, Autonomous Systems, IoT Security, Mobile Security, Automobile Security, Critical Infrastructure Security, and Cyber Insurance.To read this article in full or to leave a comment, please click here(Insider Story)

10 best cities for women in tech

Despite increasing media attention and awareness, the gender pay gap is widening across the U.S., according to new research from financial services research and advisory firm SmartAsset. The pay gap between men and women isn't as pronounced in tech as it is in other fields, but it still exists.To read this article in full or to leave a comment, please click here(Insider Story)

Mobile device strategies catch on among hospitals

Nearly two-thirds of hospitals now have formal mobile device strategies, a big jump from just five years ago, according to the latest survey by Spok, a healthcare communications company focusing on the acute-care sector. To a large extent, observers say, this growth reflects hospitals’ recognition that their doctors and nurses are already using or wish to use mobile devices at work.From 2012 to 2017, Spok found in its survey of more than 300 healthcare professionals, the percentage of hospitals with a documented mobile strategy increased from 34 percent to 65 percent. Forty percent of institutions have had mobility strategies for one to three years, 14 percent for three to five years, and 25 percent for more than five years. Twenty-one percent launched their strategies less than a year before they participated in the survey.To read this article in full or to leave a comment, please click here

Oracle fixes Struts and Shadow Brokers exploits in huge patch release

Oracle has released a record 299 security fixes for vulnerabilities in its products, including patches for a widely exploited vulnerability in the Apache Struts framework and a Solaris exploit supposedly used by the U.S. National Security Agency.The Struts vulnerability allows for remote code execution on Java web servers and was patched on March 6. Attackers have quickly adopted it and have used it in widespread attacks since then.Oracle uses Apache Struts 2 in several of its products, which is why Tuesday's critical patch update (CPU) fixed 25 instances of the vulnerability in Oracle Communications, Retail and Financial Services applications, as well as in the MySQL Enterprise Monitor, Oracle WebCenter Sites, Oracle WebLogic Server and the Siebel E-Billing app.To read this article in full or to leave a comment, please click here

Oracle fixes Struts and Shadow Brokers exploits in huge patch release

Oracle has released a record 299 security fixes for vulnerabilities in its products, including patches for a widely exploited vulnerability in the Apache Struts framework and a Solaris exploit supposedly used by the U.S. National Security Agency.The Struts vulnerability allows for remote code execution on Java web servers and was patched on March 6. Attackers have quickly adopted it and have used it in widespread attacks since then.Oracle uses Apache Struts 2 in several of its products, which is why Tuesday's critical patch update (CPU) fixed 25 instances of the vulnerability in Oracle Communications, Retail and Financial Services applications, as well as in the MySQL Enterprise Monitor, Oracle WebCenter Sites, Oracle WebLogic Server and the Siebel E-Billing app.To read this article in full or to leave a comment, please click here

Today 42% off Tom Clancy’s Ghost Recon Wildlands – (XBOX ONE, PS4) – Deal Alert

Today you'll see the price drop an extra 42% on Tom Clancy’s Ghost Recon Wildlands. Experience total freedom of choice in Tom Clancy's Ghost Recon Wildlands, the ultimate military shooter set in a massive open world setting.  The Santa Blanca drug cartel has transformed the beautiful South American country of Bolivia into a perilous narco-state, leading to lawlessness, fear, and rampant violence. With their corrosive influence growing, the cartel plagues the citizens of Bolivia but all hope is not lost. The Ghosts, an elite US Special Forces team, are tasked to combat the cartel and save the country from collapse.  See the discounted Ghost Recon Wildlands on Amazon.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Sapho makes bad enterprise software better

I’ve written a number of times about a class of software vendors that, in my view, are doing a heroic job. While these vendors aren’t philanthropists, they may as well be, helping millions of frustrated users of enterprise software worldwide reduce the pain they feel on a daily basis.You see, for anyone who is in the fortunate situation of not having to interact with enterprise software on a daily basis, your own interactions with consumer software on your mobile device might have lulled you into a false sense of security.+ Also on Network World: Enterprise software: A look forward to 2017 + The reality is enterprise software, to put it bluntly, sucks. I’m self-employed and have never worked within a large corporation, but I’ve done enough consulting within these sorts of organizations to have gained a reasonably good appreciation for just how bad these solutions are. Horrible user interfaces, difficult user experiences, generally desktop-bound, slow and inflexible—there is very little to say about traditional enterprise software that is good. And I’m not just talking about the one of two enterprise software vendors who normally bear the brunt of these criticisms. Every traditional player is, in my view, guilty Continue reading

Up and Running with oVirt 4.1 and Gluster Storage

Last month, the oVirt Project shipped version 4.1 of its open source virtualization management system. With a new release comes an update to this howto for running oVirt together with Gluster storage using a trio of servers to provide for the system's virtualization and storage needs, in a configuration that allows you to take one of the three hosts down at a time without disrupting your running VMs.

If you're looking instead for a simpler, single-machine option for trying out oVirt, your best bet is the oVirt Live ISO page. This is a LiveCD image that you can burn onto a blank CD or copy onto a USB stick to boot from and run oVirt. This is probably the fastest way to get up and running, but once you're up, this is definitely a low-performance option, and not suitable for extended use or expansion.

Read on to learn about my favorite way of running oVirt.

oVirt, Glusterized

Prerequisites

Hardware: You’ll need three machines with 16GB or more of RAM and processors with hardware virtualization extensions. Physical machines are best, but you can test oVirt using nested KVM as well. I've written this howto using VMs running on my "real" Continue reading

1 2,056 2,057 2,058 2,059 2,060 3,763