Reactive Malicious Domain Detection (ENTRADA)

One interesting trend of the last year or two is the rising use of data analytics and ANI (Artificial Narrow Intelligence) in solving network engineering problems. Several ideas (and/or solutions) were presented this year at the IETF meeting in Seoul; this post takes a look at one of these. To lay the groundwork, botnets are often controlled through a set of domain names registered just for this purpose. In the same way, domain names are often registered just to provide a base for sending bulk mail (SPAM), phishing attacks, etc. It might be nice for registrars to make some attempt to remove such domains abused for malicious activities, but it’s difficult to know what “normal” activity might look like, or for the registrar to even track the usage of a particular domain to detect malicious activity. One of the papers presented in the Software Defined Network Research Group (SDNRG) addresses this problem directly.

The first problem is actually collecting enough information to analyze in a useful way. DNS servers, even top level domain (TLD) servers collect a huge amount of data—much more than most engineers might suspect. In fact, the DNS system is one of those vast sources of information Continue reading

GitLab ditches the public cloud

Popular developer platform GitLab has concluded that the public IaaS cloud is not an effective platform for hosting its open source file storage system with high input/output demands. So, GitLab is ditching the cloud.In a blog post explaining the decision, GitLab engineers say they’ll transition their CephFS storage tool to bare metal infrastructure that they will manage themselves. GitLab provides a platform to help teams of developers write, test and ship code. GitLab's storage issue is a prime example that not all workloads are ideally suited for the public cloud. GitLab is hardly the first company to pull an application from the public cloud; DropBox announced plans to build out its own cloud platform instead of using Amazon Web Service’s cloud earlier this year, for example. Still, many other enterprises are going all in on the cloud.To read this article in full or to leave a comment, please click here

Netgear’s Arlo Go camera makes security more mobile

In the world of networked cameras used for security situations (in home and at work), most (if not all) of the devices required an external power source as well as access to a Wi-Fi network. Netgear, through its Arlo division/brand, wants to change that with its new line of cameras that run without external power as well as LTE network support. The Arlo Go Mobile HD Security Camera (model LTE-VML4030) uses 3G and 4G LTE (via the AT&T network) for its connectivity, letting users place the cameras in areas where Wi-Fi doesn’t exist (think rural, vacation cabins, marinas, farms, etc.). The camera features quick-charge rechargeable batteries, meaning you don’t have to put them near a power outlet (although you can keep it charged via power cord if you like). For local storage of video footage, a built-in microSD card slot is available (in case Internet access is disrupted). The camera also supports two-way audio (with its built-in microphone and speaker), motion and audio detection, night vision, live viewing and weatherproofing for outdoor placement.To read this article in full or to leave a comment, please click here

Netgear’s Arlo Go camera makes security more mobile

In the world of networked cameras used for security situations (in home and at work), most (if not all) of the devices required an external power source as well as access to a Wi-Fi network. Netgear, through its Arlo division/brand, wants to change that with its new line of cameras that run without external power as well as LTE network support. The Arlo Go Mobile HD Security Camera (model LTE-VML4030) uses 3G and 4G LTE (via the AT&T network) for its connectivity, letting users place the cameras in areas where Wi-Fi doesn’t exist (think rural, vacation cabins, marinas, farms, etc.). The camera features quick-charge rechargeable batteries, meaning you don’t have to put them near a power outlet (although you can keep it charged via power cord if you like). For local storage of video footage, a built-in microSD card slot is available (in case Internet access is disrupted). The camera also supports two-way audio (with its built-in microphone and speaker), motion and audio detection, night vision, live viewing and weatherproofing for outdoor placement.To read this article in full or to leave a comment, please click here

A Deep Learning Supercomputer Approach to Cancer Research

Deep learning and machine learning are major themes at this year’s annual Supercomputing Conference (SC16), both in terms of vendors showcasing systems that are a fit for both high performance computing and machine learning, and in the revelation of new efforts to combine traditional simulations with neural networks for greater efficiency and insight.

We have already described this momentum in the context of announcements from supercomputer makers like Cray, which just unveiled a Pascal GPU-based addition to their modeling and simulation-oriented XC supercomputer line, complete with deep learning frameworks integrated into the stack. The question was, how many HPC workloads

A Deep Learning Supercomputer Approach to Cancer Research was written by Nicole Hemsoth at The Next Platform.

Shooting the supermoon

Heaven for photographers Image by ReutersFull moons are catnip for photographers under ordinary circumstances, but slap a name like supermoon on one, note that it’s the largest of the century, and the cameras will be out in full force. Here’s a selection of images provided by Reuters.New York CityImage by REUTERS/Eduardo MunozTo read this article in full or to leave a comment, please click here

Shooting the supermoon

Heaven for photographers Image by ReutersFull moons are catnip for photographers under ordinary circumstances, but slap a name like supermoon on one, note that it’s the largest of the century, and the cameras will be out in full force. Here’s a selection of images provided by Reuters.New York CityImage by REUTERS/Eduardo MunozTo read this article in full or to leave a comment, please click here

IDG Contributor Network: 2017 breach predictions: The big one is inevitable

We’ve reached that time of year where everyone in the security industry is pulling together predictions for what we expect to see over the next year, and/or slowly backing away from any imperfect predictions we might have put forth the year before.Last year, I offered up a number of predictions, but the one continuing to make huge waves in 2017 is around data integrity attacks. Quite simply, I expect that we’ll see more intricate, complex and undetected data integrity attacks and for two main reasons: financial gain and/or political manipulation.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 2017 breach predictions: The big one is inevitable

We’ve reached that time of year where everyone in the security industry is pulling together predictions for what we expect to see over the next year, and/or slowly backing away from any imperfect predictions we might have put forth the year before.Last year, I offered up a number of predictions, but the one continuing to make huge waves in 2017 is around data integrity attacks. Quite simply, I expect that we’ll see more intricate, complex and undetected data integrity attacks and for two main reasons: financial gain and/or political manipulation.To read this article in full or to leave a comment, please click here

F5 readies ADCs for public cloud

F5, considered the market-share leader in application delivery control (ADC), today released new versions of its flagship BIG-IP product that make it easier to use the company’s load balancer, firewall and other application delivery services not only in data centers but in the public cloud.The maturation of BIG-IP represents a broader shift among ADC vendors to embrace public cloud. Traditionally these ADC products have been optimized for applications that are hosted on infrastructure controlled by customers. As more and more applications shift to the public infrastructure as a service cloud, vendors have evolved their products to work in those environments too.To read this article in full or to leave a comment, please click here

Worth Reading: SDN versus NMS

Under the new paradigm, the standards bodies have said that it may be a long time before optical equipment has a standardized set of open protocols that can comprehensively control all possible options. Instead, carriers and vendors have agreed to support a tiered architecture where domain controllers understand specific parts of the network and a parent controller understands how all of the parts of the network fit together. —ECI

LinkedInTwitterGoogle+Facebook

The post Worth Reading: SDN versus NMS appeared first on 'net work.

OpenAI will use Microsoft’s cloud, as Azure gains more features

Microsoft's continued investment in artificial intelligence and machine learning technology is paying dividends. The company has partnered with OpenAI, a non-profit company founded earlier this year to advance the field of machine intelligence for the benefit of humanity. As part of the deal, announced Tuesday, OpenAI will use Microsoft Azure as its primary cloud provider, an important win for Microsoft as it competes with the likes of Amazon, Google, and IBM to power the next generation of intelligent applications. OpenAI is backed by the likes of Tesla CEO Elon Musk, controversial investor Peter Thiel, LinkedIn co-founder Reid Hoffman, and Y Combinator Partner Jessica Livingston. To read this article in full or to leave a comment, please click here

Expanding our Wave 2 Portfolio: Making Networks Efficient For All Devices

Any technology company today will likely tell you we are in the midst of a massive digital transformation, and in order to keep up, businesses across the globe need things to be done faster than ever before. Whether it’s making decisions, getting a new product to market or serving customers, the need for speed is vital to succeed in today’s innovation climate. This is especially true for wireless networks.

Introducing Image Signing Policy in Docker Datacenter

My colleague colleague Ying Li and I recently blogged about Securing the Software Supply Chain and drew the analogy between traditional physical supply chains and the creation, building, and deployment involved in a software supply chain. We believe that a software pipeline that can be verified at every stage is an important step in raising the security bar for all software, and we didn’t stop at simply presenting the idea.

Software Supply Chain

Integrated Content Trust and Image Signing Policy

In the recent release of Docker Datacenter,  we announced a new feature that starts to brings these security capabilities together along the software supply chain. Built on Notary, a signing infrastructure based on The Update Framework (TUF), along with Docker Content Trust (DCT), an integration of the Notary toolchain into the Docker client, DDC now allows administrators to set up signing policies that prevent untrusted content from being deployed.

In this release of DDC, the Docker Trusted Registry (DTR) now also ships with integrated Notary services. This means you’re ready to start using DCT and the new Signing Policy features out of the box! No separate server and database to install, configure and connect to the registry.

DTR replicas

Bringing it all together

Image Continue reading

Best Apple Watch deals for Black Friday 2016

With the market for smartwatches plunging this year, you'd better believe that Black Friday 2016 deals can be found on Apple Watches.Apple holds the biggest share of the market, according to IDC figures released in October, but even Apple sold far fewer of its touchscreen watches in Q3 (1.1 million vs. 3.9 million in Q3 2015).MORE: Best Black Friday 2016 deals on Apple iPhones, iPads & moreApple itself hasn't disclosed Black Friday deals yet -- it usually waits until right before Thanksgiving to do so -- but other retailers have.  The company lists watches on its site ranging in price from $269 to $1,500 (Stainless steel case with Etoupe swift leather double buckle cuff).To read this article in full or to leave a comment, please click here

Goodbye, NAC. Hello, software-defined perimeter

Those of us who’ve been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now, the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco’s network admission control (aka Cisco NAC), Microsoft’s network access protection (NAP) and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).There were lots of reasons why the industry was gaga over NAC at the time, but it really came down to two major factors: Broad adoption of WLANs. In 2006, wireless networking based upon 802.11 was transforming from a novelty to the preferred technology for network access.  I also believe laptop sales first overtook desktop computer sales around this same timeframe, so mobility was becoming an IT staple as well. Many organizations wanted a combination of NAC and 802.1X so they could implement access policies and monitor who was accessing the network. A wave of internet worms. The early 2000s produced a steady progression of internet worms, including Code Red (2001), Nimda (2001), SQL Slammer (2003), Blaster (2003), Bagel (2004), Sasser (2004), Zotob (2005), etc. These worms could easily spread Continue reading

1 2,445 2,446 2,447 2,448 2,449 3,763