Spoofing ICMP Redirects for Fun and Profit

Security researches found another ICMP redirect SNAFU: a malicious wireless client can send redirects on behalf of the access point redirecting another client’s traffic to itself.

I’m pretty sure the same trick works on any layer-2 technology; the sad part of this particular story is that the spoofed ICMP packet traverses the access point, which could figure out what’s going on and drop the packet. Unfortunately, most of the access points the researchers tested were unable to do that due to limitations in the NPUs (a fancier word for SmartNIC) they were using.

Keep reading

Spoofing ICMP Redirects for Fun and Profit

Security researches found another ICMP redirect SNAFU: a malicious wireless client can send redirects on behalf of the access point redirecting another client’s traffic to itself.

I’m pretty sure the same trick works on any layer-2 technology; the sad part of this particular story is that the spoofed ICMP packet traverses the access point, which could figure out what’s going on and drop the packet. Unfortunately, most of the access points the researchers tested were unable to do that due to limitations in the NPUs (a fancier word for SmartNIC) they were using.

Keep reading

Prisma Access Outperforms Against Cobalt Strike Attacks

The following sponsored blog post was written by Anupam Upadhyaya at Palo Alto Networks. We thank Palo Alto Networks for being a sponsor. Palo Alto Networks is the leading vendor in preventing Cobalt Strike C2 communication and blocked 99.2% of tested attacks, with the next leading vendor blocking only 17% of attacks, as cited in a […]

The post Prisma Access Outperforms Against Cobalt Strike Attacks appeared first on Packet Pushers.

No Server Recession At Lenovo And Supermicro So Far

We think that server spending is a leading indicator of economic growth or decline, and we are tracking the public companies that peddle systems to try to get a sense of how they are doing to get a better sense of what enterprises, governments, academic institutions, and other organizations separate from the hyperscalers and cloud builders, the latter of which comprise around half of server shipments and slightly less than half of server spending.

No Server Recession At Lenovo And Supermicro So Far was written by Timothy Prickett Morgan at The Next Platform.

Heavy Networking 684: What To Do With Your E-Waste?

By some estimates, 50 to 70 million tons of e-waste is generated every year, and that number is growing. When sent to landfills to be buried or burned, e-waste can leach toxic chemicals into soil and air. On today’s Heavy Networking, we’ll look at options for responsible disposal of IT gear, including repurposing it on site, reselling or donating it, and working with e-cycling companies.

Heavy Networking 684: What To Do With Your E-Waste?

By some estimates, 50 to 70 million tons of e-waste is generated every year, and that number is growing. When sent to landfills to be buried or burned, e-waste can leach toxic chemicals into soil and air. On today’s Heavy Networking, we’ll look at options for responsible disposal of IT gear, including repurposing it on site, reselling or donating it, and working with e-cycling companies.

The post Heavy Networking 684: What To Do With Your E-Waste? appeared first on Packet Pushers.

Data center colocation provider Cyxtera files for bankruptcy

Colocation provider Cyxtera Technologies has filed for Chapter 11 bankruptcy after spending the last few months trying to find a buyer or reduce its debt load. The company will now attempt to restructure through bankruptcy or perhaps a suitor will come along to buy out the company.Meanwhile, the company says it will be business as usual for its customers, but with the reorganization that comes with Chapter 11, it’s hard to say whether that will last, according to Bill Kleyman, an independent consultant to data-center companies.To read this article in full, please click here

When Making Bets on SASE, Don’t Count on Native SD-WAN Monitoring Tools for Help

The following post is by Jeremy Rossbach, Chief Technical Evangelist at Broadcom. We thank Broadcom for being a sponsor. I’ve been preaching the same thing for years: To overcome the challenges of modern network complexity and successfully transform your networks, you need modern network monitoring data. Monitor the user experience and the health of every […]

The post When Making Bets on SASE, Don’t Count on Native SD-WAN Monitoring Tools for Help appeared first on Packet Pushers.

Case study: Calico enables zero-trust security and policy automation at scale in a multi-cluster environment for Box

Box is a content cloud that helps organizations securely manage their entire content lifecycle from anywhere in the world, powering over 67% of Fortune 500 businesses. As a cloud-first SaaS, the company provides customers with an all-in-one content solution within a highly secure infrastructure, where organizations can work on any content, from projects and contracts to Federal Risk and Authorization Management Program (FedRAMP)-related content.

Box has two types of operations: cloud-managed Kubernetes clusters in hybrid, multi-cloud, and public cloud environments, and self-managed Kubernetes clusters in co-located data centers. The company runs multiple clusters with sizes of 1,000 nodes and larger. As one of the early adopters of Kubernetes, Box began using Kubernetes much before Google Kubernetes Engine (GKE) or Amazon’s Elastic Kubernetes Services (EKS) was born, and has been on the leading edge of innovation for Kubernetes in areas such as security, observability, and automation.

In collaboration with Tigera, Box shares how Calico helped the company achieve zero-trust security and policy automation at scale in a multi-cluster environment.

ICYMI: Watch this recording from the 2022 CalicoCon Cloud Native Security Summit, where Tapas Kumar Mohapatra of Box shares how Box moved into automated dependency mapping and policy generation with API Continue reading

Migration Coordinator: Approaches and Modes

Migration Coordinator is a fully supported free tool that is built into NSX Data Center to help migrate from NSX for vSphere to NSX (aka NSX-T). Migration Coordinator was first introduced in NSX-T 2.4 with a couple of modes to enable migrations. Through customer conversations over the years, we’ve worked to expand what can be done with Migration Coordinator. Today, Migration Coordinator supports over 10 different ways to migrate from NSX for vSphere to NSX.

In this blog series, we will look at the available approaches and the prep work involved with each of those approaches.  This blog series should help choose, from multiple different angles, the right mode to choose for migrating from NSX for vSphere to NSX.

  • 3 Standard Migration Modes
  • 3 Advanced Migration Modes
  • 3 More Modes Available Under User Defined Topology
  • Lastly, 2 more Modes Dedicated to Cross-VC to Federation and available on NSX Global Manager UI

Some of these modes take a cookie-cutter approach and require very little prep work to migrate while others allow you to customize the migration to suit their needs. In this blog, we will take a high level look at these modes.

Migration Coordinator Approaches

At a high Continue reading

Data center colocation provider Cyxtera files for bankruptcy

Colocation provider Cyxtera Technologies has filed for Chapter 11 bankruptcy after spending the last few months trying to find a buyer or reduce its debt load. The company will now attempt to restructure through bankruptcy or perhaps a suitor will come along to buy out the company.Meanwhile, the company says it will be business as usual for its customers, but with the reorganization that comes with Chapter 11, it’s hard to say whether that will last, according to Bill Kleyman, an independent consultant to data-center companies.To read this article in full, please click here

Intel Downplays Hybrid CPU-GPU Engines, Merges NNP Into GPU

When Intel announced its “Falcon Shores” project to build a hybrid CPU-GPU compute engine back in February 2022 that allowed the independent scaling of CPU and GPU capacity within a single socket, it looked like the chip maker was preparing to take on rivals Nvidia and AMD head on with hybrid compute motors, which Intel calls XPUs, AMD calls APUs, and Nvidia doesn’t really have if you want to be strict about what its “superchips” are and what they are not.

Intel Downplays Hybrid CPU-GPU Engines, Merges NNP Into GPU was written by Timothy Prickett Morgan at The Next Platform.

Cisco extends observability platform with formal launch at Cisco Live 2023

Too many management tools that don’t integrate well and a lack of visibility into third-party systems are among the problems enterprise IT teams face when they try to manage multivendor, distributed environments.Cisco’s Full-Stack Observably Platform is designed to collect and correlate data from application, networking, infrastructure, security, and cloud domains to provide a clear view of what’s going on across the enterprise and make it easier for enterprises to spot anomalies, preempt and address performance problems, and improve threat mitigation.To read this article in full, please click here

Ansible for Disaster Recovery

Overview

When we get into the nuts and bolts of implementing a disaster recovery (DR) plan, an important step is to evaluate the tech stack that’s hosting the critical applications. The techstack oftentimes determines the order of operations and execution needed to effect the DR. Most organizations have the following tech stack pattern for their data centers:

Each of these layers has their own SMEs (Subject Matter Experts) who will need to work in tandem to address complexities and challenges during a DR event, and create a plan to ensure business continuity.

 

Challenges in creating a disaster recovery plan

“Everybody has a plan until they get punched in the face.” - Mike Tyson

Cyber attacks, natural disasters, human error, server failure–any number of potential events can bring on the need for disaster recovery. While the risk of experiencing a disaster event won’t go away, the negative impact of such an event can be drastically minimized with the right planning.

The following is a sample SOP to recover an application during a disaster. Depending on the needs of the organization, DR procedures could be simpler or more complex than the examples shown here.  After monitoring systems have detected conditions Continue reading

Cloudflare Area 1 earns SOC 2 report

Cloudflare Area 1 earns SOC 2 report
Cloudflare Area 1 earns SOC 2 report

Cloudflare Area 1 is a cloud-native email security service that identifies and blocks attacks before they hit user inboxes, enabling more effective protection against spear phishing, Business Email Compromise (BEC), and other advanced threats. Cloudflare Area 1 is part of the Cloudflare Zero Trust platform and an essential component of a modern security and compliance strategy, helping organizations to reduce their attackers surface, detect and respond to threats faster, and improve compliance with industry regulations and security standards.

This announcement is another step in our commitment to remaining strong in our security posture.

Our SOC 2 Journey

Many customers want assurance that the sensitive information they send to us can be kept safe. One of the best ways to provide this assurance is a SOC 2 Type II report. We decided to obtain the report as it is the best way for us to demonstrate the controls we have in place to keep Cloudflare Area 1 and its infrastructure secure and available.  

Cloudflare Area 1’s SOC 2 Type II report covers a 3 month period from 1 January 2023 to 31 March 2023. Our auditors assessed the operating effectiveness of the 70 controls we’ve implemented to meet the Continue reading

1 231 232 233 234 235 3,790