It's a 'Swiss Army Knife' for federal cloud security compliance.
With the release of NSX for vSphere® 6.3, VMware has not only introduced several key security features such as Application Rule Manager and Endpoint Monitoring, which provide deep visibility into the application, and enable a rapid zero-trust deployment, but has also achieved Corporate Firewall Certification in independent testing performed by ICSA labs, a leading third-party testing and certification body and independent division of Verizon.
VMware NSX for vSphere 6.3 has been tested against an industry-accepted standard to which a consortium of firewall vendors, end users and ICSA labs contributed, and met all the requirements in the Baseline and Corporate module of the ICSA Module Firewall Certification Criteria version 4.2.
NSX is the only true micro-segmentation platform to achieve ICSA Firewall certification — with the NSX Distributed Firewall providing kernel-based, distributed stateful firewalling, and the Edge Services Gateway providing services such as North-South firewalling, NAT, DHCP, VPN, load balancing and high availability. VMware NSX provides security controls aligned to the application and enables a Zero-Trust model, independent of network topology.
The ICSA Firewall Certification criteria focus on several key firewall aspects, including stateful services, logging and persistence. ICSA also validates Continue reading
In this wiki entry disguised as a RFC 7872, “Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World” highlights IPv6 Extension Headers are effectively unusable since internet providers are dropping IPv6 fragment and failing to support Extension Headers. In IPv6, an extension header is any header that follows the initial 40 […]
The post IPv6 Extensions Are Already Dead appeared first on EtherealMind.
The post Worth Reading: GraphQL appeared first on rule 11 reader.
A company’s important applications often are subjected to random and capricious changes due to forces well beyond the control of IT or management. Events like a corporate merger or even a top programmer on an extended vacation can have an adverse impact on the performance and reliability of critical company infrastructure.
During the second day keynote at DockerCon 2017 in Austin TX, Lily Guo and Vivek Saraswat showed a simulation of how to use Docker Enterprise Edition and its application transformation tools to respond to random events that threaten to undermine the stability of their company critical service.
The demo begins as two developers are returning to work after an extended vacation. They discover that, during their absence, their CEO has unexpectedly hired an outside contract programmer to rapidly code and introduce an entire application service that they know nothing about. As they try to build the new service, however, Docker Security Scan detects that a deprecated library has been incorporated by the contractor. This library is found to have a security vulnerability which violates the company’s best practice standards. As part of Docker Enterprise Edition Advanced, Docker Security Scan automatically keeps track of code contributions and acts as a Continue reading
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Network analytics is key to helping IT proactively deliver great user experiences, but analytics for the enterprise access network is complicated. Besides the array of connectivity options, the heterogeneous mix of client devices and the different application models to accommodate, there are volumes of relevant input data that can be used, such as:
Figure 1. How network data is used today. Is this really analytics?
To read this article in full or to leave a comment, please click here