Cisco snaps up Oort to bolster identity management technology

Cisco is continuing its summer buying spree with the acquisition of security startup Oort for an undisclosed amount.Oort offers an identity threat detection and response platform for enterprise security.  Founded in 2019, Oort raised $15 million in Series A funding that included money from Cisco’s venture capital arm.“With Oort’s API-driven, cloud-native, and agentless platform, they eliminate identity visibility gaps across disparate data sources, show misconfigurations, check for security vulnerabilities, and offer predictive identity analytics to proactively stop attacks,” wrote Raj Chopra, senior vice president and chief product officer for Cisco Security, in a blog about the acquisition. To read this article in full, please click here

Quickly see differences between Zone Versions with Version Comparisons

Quickly see differences between Zone Versions with Version Comparisons
Quickly see differences between Zone Versions with Version Comparisons

On the week of July 10, 2023, we launched a new capability for Zone Versioning - Version Comparisons. With Version Comparisons, you can quickly get a side by side glance of what changes were made between two versions. This makes it easier to evaluate that a new version of your zone’s configuration is correct before deploying to production.

Quickly see differences between Zone Versions with Version Comparisons

A quick recap about Zone Versioning

Zone Versioning was launched at the start of 2023 to all Cloudflare Enterprise customers and allows you to create and manage independent versions of your zone configuration. This enables you to safely configure a set of configuration changes and progressively roll out those changes together to predefined environments of traffic. Having the ability to carefully test changes in a test or staging environment before deploying them to production, can help catch configuration issues before they can have a large impact on your zone’s traffic. See the general availability announcement blog for a deeper dive on the overall capability.

Why we built Version Comparisons

Diff is a well known and often used tool by many software developers to quickly understand the difference between two files. While originally just a command line utility it is now ubiquitous across Continue reading

Subscription and Host Metric Changes in Ansible Automation Platform 2.4

What and Why?

Our customers use Ansible Automation Platform across a multitude of platforms, in a plethora of ways. Providing an accurate accounting and reporting capability is sometimes difficult across the various types of use cases we encounter.

If you have traditionally used the platform with infrequently changing or more static types of managed hosts, you’re probably pretty much covered. If however, you administer a more diverse and dynamic set of hosts, there may be occasions where you require more flexibility, when accounting for managed hosts against your purchased subscription.

That’s why in Ansible Automation Platform 2.4, we’ve introduced a new Host Metrics dashboard tab with the ability to:

  • View high level automation run details per managed host
  • The first and last time automated (this metric already existed)
  • The number of times automation has been run or attempted to be run against a host (new in 2.4)
  • The number of times a managed host has been deleted (new in 2.4)

The ability to view the number of times automation has been run on hosts is a simple but really useful metric:

  • Instantly see your most commonly automated hosts
  • See which hosts exist in Continue reading

Hedge 186: Hardware Root of Trust

The idea of a root of trust is somewhat foreign to network engineers—what is it, and why would it be important? Michael and Marcus from Hedgehog join Tom Ammon and Russ White to discuss how hardware roots of trust work, what problems they are designed to solve for network hardware, and the current state of this technology.

download

rough transcript will be supplied in a few days

Kyndryl services blitz to target AI, security, sustainability

Kyndryl Bridge has found early success with nearly 1,000 customers expected by the end of the year, and the integration platform has several new services on tap – including for AI, security and sustainability efforts – to help enterprises better manage their infrastructure resources.Announced last September, Kyndryl Bridge has roughly 60 digitally enabled services to date, and the company expects to grow that to 190 Bridge services by March 2024, according to Kyndryl CTO Antoine Shagoury.Bridge integrates all manner of management tools, intellectual property, and processes that Kyndryl has cultivated through years of delivering services – it was, after all, a division of IBM until November 2021. It then takes that centralized information and uses it to deliver as-a-service capabilities and applications that help control and manage enterprise infrastructure. It also uses AI and ML to analyze the aggregated data in real time to provide IT operations teams with the intelligence they need to keep systems running at peak performance, Kyndryl says.To read this article in full, please click here

Deploy real-time network dashboards using Docker compose


This article demonstrates how to use docker compose to quickly deploy a real-time network analytics stack that includes the sFlow-RT analytics engine, Prometheus time series database, and Grafana to create dashboards. 
git clone https://github.com/sflow-rt/prometheus-grafana.git
cd prometheus-grafana
./start.sh
Download the sflow-rt/prometheus-grafana project from GitHub on a system with Docker installed and start the containers. The start.sh script runs docker compose to bring up the containers specified in the compose.yml file, passing in user information so that the containers have correct permission to  write data files in the prometheus and grafana directories.
All the Docker images in this example are available for both x86 and ARM processors, so this stack can be deployed on Intel/AMD platforms as well as Apple M1/M2 or Raspberry Pi. Raspberry Pi 4 real-time network analytics describes how to configure a Raspberry Pi 4 to run Docker and perform real-time network analytics and is a simple way to run this stack for smaller networks.

Configure sFlow Agents in network devices to stream sFlow telemetry to the host running the analytics stack. See Getting Started for information on how to verify that sFlow telemetry is being received.

Connect to the Grafana web interface on Continue reading

Out-of-band Management – Useful Beyond Catastrophe

I was lucky enough to participate in Tech Field Day Extra at Cisco Live a couple weeks months ago. This event brings independent thought leaders together with a number of IT product vendors that were at Cisco Live to share information and opinions. I was not paid to attend, but the organizers did provide some meals while I was there. There is no expectation of providing any content, so the fact that I’m mentioning it says something. It was a great event and worth a few hours to check out the videos. Thanks to Gestalt IT for getting me involved. OpenGear was there, and it was good to see some new faces and hear some new ideas.

For those that live under a rock don’t know, OpenGear traditionally provides out-of-band (OOB) management solutions via hardware appliances that run independently of your network. They, like other vendors in that space, can connect to the cellular data network of choice and provide access to your gear when something fails (what OpenGear calls “worst day”). Over 99.9% of the time, though, you would never use your OOB devices. They’re just going to sit there doing nothing until that day that something fails Continue reading

Out-of-band Management – Useful Beyond Catastrophe

I was lucky enough to participate in Tech Field Day Extra at Cisco Live a couple weeks months ago. This event brings independent thought leaders together with a number of IT product vendors that were at Cisco Live to share information and opinions. I was not paid to attend, but the organizers did provide some meals while I was there. There is no expectation of providing any content, so the fact that I’m mentioning it says something. It was a great event and worth a few hours to check out the videos. Thanks to Gestalt IT for getting me involved. OpenGear was there, and it was good to see some new faces and hear some new ideas.

For those that live under a rock don’t know, OpenGear traditionally provides out-of-band (OOB) management solutions via hardware appliances that run independently of your network. They, like other vendors in that space, can connect to the cellular data network of choice and provide access to your gear when something fails (what OpenGear calls “worst day”). Over 99.9% of the time, though, you would never use your OOB devices. They’re just going to sit there doing nothing until that day that something fails Continue reading

Kubernetes Unpacked 030: What’s Up With WASM? – With Nigel Poulton

In this episode of Kubernetes Unpacked, Michael and Kristina catch up with with Nigel Poulton, an independent consultant, trainer, and content creator to discuss what Web Assembly (WASM) is, why it’s gaining popularity, and whether it can be the future of programming and development.

The post Kubernetes Unpacked 030: What’s Up With WASM? – With Nigel Poulton appeared first on Packet Pushers.

Microsoft jumps into competitive security service edge (SSE) arena

Microsoft is jumping into the competitive Secure Service Edge (SSE) arena with a software package aimed at protecting its Windows and Azure customers as well as other cloud-based enterprise resources.The new software is part of Microsoft’s Entra identity and network access suite, and it features two new elements – Entra Internet Access and Entra Private Access – that will control and secure access to cloud-based resources. Those two new pieces, coupled with Microsoft’s existing SaaS-focused cloud-access security broker (CASB), called Microsoft Defender for Cloud apps, comprise Microsoft's SSE package.To read this article in full, please click here

Microsoft jumps into competitive security service edge (SSE) arena

Microsoft is jumping into the competitive Secure Service Edge (SSE) arena with a software package aimed at protecting its Windows and Azure customers as well as other cloud-based enterprise resources.The new software is part of Microsoft’s Entra identity and network access suite, and it features two new elements – Entra Internet Access and Entra Private Access – that will control and secure access to cloud-based resources. Those two new pieces, coupled with Microsoft’s existing SaaS-focused cloud-access security broker (CASB), called Microsoft Defender for Cloud apps, comprise Microsoft's SSE package.To read this article in full, please click here

DLP Exact Data Match beta now available

DLP Exact Data Match beta now available
DLP Exact Data Match beta now available

The most famous data breaches–the ones that keep security practitioners up at night–involved the leak of millions of user records. Companies have lost names, addresses, email addresses, Social Security numbers, passwords, and a wealth of other sensitive information. Protecting this data is the highest priority of most security teams, yet many teams still struggle to actually detect these leaks.

Cloudflare’s Data Loss Prevention suite already includes the ability to identify sensitive data like credit card numbers, but with the volume of data being transferred every day, it can be challenging to understand which of the transactions that include sensitive data are actually problematic. We hear customers tell us, “I don’t care when one of my employees uses a personal credit card to buy something online. Tell me when one of my customers’ credit cards are leaked.”

In response, we looked for a method to distinguish between any credit card and one belonging to a specific customer. We are excited to announce the launch of our newest Data Loss Prevention feature, Exact Data Match. With Exact Data Match (EDM), customers securely tell us what data they want to protect, and then we identify, log, and block the presence or movement Continue reading

EU OKs Broadcom acquisition of VMware, with strings attached

The European Commission said that the proposed acquisition of VMware by Broadcom may go forward, thanks to an investigation that suggested that the market would not be harmed and the acquiescence to several conditions by Broadcom.The Commission, in a statement issued Wednesday, said that its investigation centered on answering the question of whether Broadcom, if it acquired VMware, would be in a position to harm the competitive balance of the marketplace in several key technology areas, including Fibre Channel host bus adapters, network interface cards, and storage adapters.The investigation found that Broadcom didn’t have a strong enough position in the NIC and storage adapter markets, but noted that the proposed merger would let Broadcom harm its only rival for FC HBAs, Marvell, by making sure that VMware’s virtualization software didn’t work well with Marvell’s hardware.To read this article in full, please click here

1 240 241 242 243 244 3,818