Congress members try to grasp enormity of IoT DDoS attacks

Today I watched an interesting Energy and Commerce subcommittee hearing about “Understanding the Role of Connected Devices in Recent Cyber Attacks.” The attacks refer to when insecure IoT devices infected with Mirai malware hammered DNS provider Dyn in October.The hearing included testimony, as well as submitted prepared remarks, from Dale Drew (pdf), CSO and senior vice president of Level 3 Communications; crypto and privacy guru Bruce Schneier (pdf); and Dr. Kevin Fu (pdf), who helped shock the world years ago by saying pacemakers and implantable cardiac defibrillators were vulnerable to hackers. You can read the experts’ testimonies for specific concerns and suggestions, but this is primarily based on paraphrased commentary during the hearing.To read this article in full or to leave a comment, please click here

MikroTik RouterOS new feature – Loop Protect

 

‘Loop Protect’ – New feature in 6.37rc24

Long-time MikroTik users have been after better loop prevention mechanisms for quite a while now. Rapid STP within bridges was the only feature available up until Fall of 2016 and now MikroTik has released Rapid Spanning Tree in hardware for switched ports as well as a new Loop Protect feature that seems to serve the same function as Cisco’s Loop Guard but not utilize spanning tree to detect the loop. MikroTik’s version compares the source MAC of the loop protect frame with the MAC of the interface it is received on and if they match, it will disable the port until the timer expires and check again for the existence of a loop.

This feature was introduced in 6.37rc24 on August 31st, 2016.

LoopProtect-changelog

http://wiki.mikrotik.com/wiki/Manual:Loop_Protect

Use cases for ‘Loop Protect’

Loop protect seems to be designed more as an edge port protocol since it physically disables the port upon detection of a loop, whereas STP will leave the port physically active but logically block traffic on that path.  Some potential use cases for enabling this feature could include:

  • Edge port on a MikroTik device facing the end subscriber equipment Continue reading

MikroTik RouterOS new feature – Loop Protect

 

‘Loop Protect’ – New feature in 6.37rc24

Long-time MikroTik users have been after better loop prevention mechanisms for quite a while now. Rapid STP within bridges was the only feature available up until Fall of 2016 and now MikroTik has released Rapid Spanning Tree in hardware for switched ports as well as a new Loop Protect feature that seems to serve the same function as Cisco’s Loop Guard but not utilize spanning tree to detect the loop. MikroTik’s version compares the source MAC of the loop protect frame with the MAC of the interface it is received on and if they match, it will disable the port until the timer expires and check again for the existence of a loop.

This feature was introduced in 6.37rc24 on August 31st, 2016.

LoopProtect-changelog

http://wiki.mikrotik.com/wiki/Manual:Loop_Protect

Use cases for ‘Loop Protect’

Loop protect seems to be designed more as an edge port protocol since it physically disables the port upon detection of a loop, whereas STP will leave the port physically active but logically block traffic on that path.  Some potential use cases for enabling this feature could include:

  • Edge port on a MikroTik device facing the end subscriber equipment Continue reading

IBM: Many companies still ill-prepared for cyber attacks

When it comes to responding to cyber-attacks it seems many companies are severely lacking.A study out this week conducted by the Ponemon Institute and sponsored by Resilient an IBM company said that 66% of the 2,400 security and IT professionals they interviewed said their organization is not prepared to recover from cyberattacks.+More on Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+According to Ponemon, for the second straight year the Cyber Resilient Organization study showed that incident response challenges are hindering what the researchers called cyber resilience or what they define as the as “the alignment of prevention, detection, and response capabilities to manage, mitigate, and move on from cyberattacks.”To read this article in full or to leave a comment, please click here

IBM: Many companies still ill-prepared for cyber attacks

When it comes to responding to cyber-attacks it seems many companies are severely lacking.A study out this week conducted by the Ponemon Institute and sponsored by Resilient an IBM company said that 66% of the 2,400 security and IT professionals they interviewed said their organization is not prepared to recover from cyberattacks.+More on Network World: Cisco: Potent ransomware is targeting the enterprise at a scary rate+According to Ponemon, for the second straight year the Cyber Resilient Organization study showed that incident response challenges are hindering what the researchers called cyber resilience or what they define as the as “the alignment of prevention, detection, and response capabilities to manage, mitigate, and move on from cyberattacks.”To read this article in full or to leave a comment, please click here

10 tips from the front lines of enterprise public cloud use

What have GE, Citigroup, FedEx, Bank of America, Intuit, Gap, Kaiser Permanente, Morgan Stanley and JP Morgan Chase learned from using the public cloud?A group of representatives from each of these companies has worked for the past six months with the Open Networking User Group (ONUG) to develop a whitepaper exploring challenges of using hybrid cloud. ONUG’s Hybrid Cloud Working Group (HCWG) includes not only valuable tips from their experiences using the cloud, but also a wish-list of how these enterprises would like vendors to evolve their platforms.To read this article in full or to leave a comment, please click here

IDG Contributor Network: SUSE releases SUSE Linux Enterprise 12 Service Pack 2

While I was off fighting viruses, SUSE released an update to its SUSE Linux Enterprise 12, a popular business Linux operating environment. The focus of this service pack appears to be accelerating network performance, enhancing support for SAP applications and HANA, improving support for IBM Power architecture systems and other important improvements.What SUSE has to say about this release Ten-fold increase in packet processing via software-defined networking (SDN) that combines Open vSwitch with the Data Plane Development Kit. This is a key enabler for telecom providers to efficiently implement virtual network functions. Added to SUSE Linux Enterprise’s broad hypervisor support, the integration of DPDK gives customers a complete virtualization solution for cloud and on-premise deployments. More agile support for SAP applications to ease migration to S/4HANA, accelerate deployment of SAP applications, tune SAP HANA for performance, and create a more resilient and secure SAP environment with enhanced support for SAP HANA clusters, even on geographical levels. Reduced downtime and improved I/O performance through persistent system memory applications using integrated Non-Volatile Dual In-line Memory Modules (NVDIMMs) that save data in seconds and make data immediately available on reboot. Increased ability to implement cost-effective, high-performance data analytics on IBM Power Continue reading

US lawmakers balk at call for IoT security regulations

The U.S. government needs to pass regulations mandating internet of things security measures before device vulnerabilities start killing people, a security expert told lawmakers.A massive distributed denial-of-service attack aided by IoT devices in October "was benign" because a couple of websites crashed, said Bruce Schneier, a veteran cybersecurity researcher and lecturer at Harvard University. But the next attack may be more dangerous.With cars, airplanes, thermostats, and appliances now connected to the internet, "there's real risk to life and property, real catastrophic risk," Schneier told two House of Representatives subcommittees Wednesday.To read this article in full or to leave a comment, please click here

The Story of Batching to Streaming Analytics at Optimizely

Our mission at Optimizely is to help decision makers turn data into action. This requires us to move data with speed and reliability. We track billions of user events, such as page views, clicks and custom events, on a daily basis. To provide our customers with immediate access to key business insights about their users has always been our top most priority. Because of this, we are constantly innovating on our data ingestion pipeline.

In this article we will introduce how we transformed our data ingestion pipeline from batching to streaming to provide our customers with real-time session metrics.

Motivations 

Unification. Previously, we maintained two data stores for different use cases - HBase is used for computing Experimentation metrics, whereas Druid is used for calculating Personalization results. These two systems were developed with distinctive requirements in mind:

Experimentation

Personalization

Instant event ingestion

Delayed event ingestion ok

Query latency in seconds

Query latency in subseconds

Visitor level metrics

Session level metrics

As our business requirements evolve, however, things quickly became difficult to scale. Maintaining a Druid + HBase Lambda architecture (see below) to satisfy these business needs became a technical burden for the engineering team. We need a solution that Continue reading

Cybersecurity fabric vs. a security platform: Fabric wins

The shift to digital has introduced several new technologies into businesses. Internet of Things (IoT), mobility, cloud and the like allow companies to become highly agile and move with speed.However, the increased agility businesses are realizing has come with a price, which is that the complexity of IT has never been higher. There are many implications to increased complexity, but the biggest is that securing the business has become more difficult.INSIDER: 5 ways to prepare for Internet of Things security threats Securing organizations used to be straight forward: Put up a big, expensive firewall at the sole ingress/egress point, and all was good. Today there are dozens or even hundreds of entry points created from an increase in the use of cloud services, mobile workers and consumer devices. Security must now be applied at the perimeter, but also in the data center, campus, cloud, branch offices and anywhere else the business might have assets or people.To read this article in full or to leave a comment, please click here

Worth Reading: IPv6 Inside LinkedIn

One person, or a small team, can install, configure, and manage a limited number of devices (servers, switches, routers, etc.) manually. In any large network, with hundreds or even thousands of devices, it gets more complicated, and you will want to start automating some of these functions. This is one dimension of scaling your infrastructure. And as teams grow, more and more people are doing the same work on the same devices, so it’s necessary to have tools that ensure knowledge is transmitted, changes are reviewed, etc. This is another dimension of scaling. —LinkedIn Engineering Blog

LinkedInTwitterGoogle+Facebook

The post Worth Reading: IPv6 Inside LinkedIn appeared first on 'net work.

DataStax buys DataScale, plans to launch managed cloud service

Distributed database software vendor DataStax announced today that it had completed the acquisition of DataScale, a specialist in cloud-based management services for data infrastructure, paving the way for a fully managed version of DataStax's offering in early 2017."There is a huge need for an always-on, distributed database," says Martin Van Ryswyk, executive vice president of Engineering, DataStax. "Whether you're in retail, transportation, the hotel business — everyone has to have an online presence. That has driven this need for this type of database we've built.""What happens in these technology shifts, when something gets really important and really hot at a certain time, you start to get a skills shortage," he adds.To read this article in full or to leave a comment, please click here

SWIFT has not seen its last ‘bank robbery’

A former CSO of the World Bank Treasury calls the SWIFT system outdated and open to malware attacks. Those vulnerabilities could lead to manipulation of financial transactions.SWIFT is the interbank financial messaging system for sending international money transfer instructions. The Society for Worldwide Interbank Financial Telecommunications, which the industry refers to as the SWIFT co-op maintains this system.CSO looks at the SWIFT co-op’s denial of the real issue, the cost of attacks, informed expert insights into these security flaws, how hackers are using and abusing these to their profit, and what the co-op should do to seal its messaging system to mitigate further falsifications.To read this article in full or to leave a comment, please click here

SWIFT has not seen its last ‘bank robbery’

A former CSO of the World Bank Treasury calls the SWIFT system outdated and open to malware attacks. Those vulnerabilities could lead to manipulation of financial transactions.SWIFT is the interbank financial messaging system for sending international money transfer instructions. The Society for Worldwide Interbank Financial Telecommunications, which the industry refers to as the SWIFT co-op maintains this system.CSO looks at the SWIFT co-op’s denial of the real issue, the cost of attacks, informed expert insights into these security flaws, how hackers are using and abusing these to their profit, and what the co-op should do to seal its messaging system to mitigate further falsifications.To read this article in full or to leave a comment, please click here

Beyond brainstorming: 4 cool action items hatched from Cisco ideation session

Matt Cutler, whose startup Cisco bought three years ago, found himself moving from an outfit with eight people to one with tens of thousands. He looked forward to accessing resources beyond his reach at Collaborate.com, but was wary of being able "to get stuff done" within the larger organization.One way he’s been able to get stuff done is through Cisco’s little-known Founders Forum for the entrepreneurial leaders of companies it has acquired. Passionate about the sort of modern workstyles and design thinking (and "a lot of sticky notes") he incorporated at his startup, Cutler recently volunteered to lead a break-out ideation session in an effort to extract great ideas from his peers in the Forum. That of course could be easier said than done when dealing with a large group of intelligent, highly opinionated people.To read this article in full or to leave a comment, please click here

Meet Cisco’s Founders Forum members

Cisco Talent ShowCisco has acquired 193 companies over its history, and in an effort to retain as much talent from its buyouts as possible, the company has created a Founders Forum consisting of 46 entrepreneurs who started and/or led businesses Cisco has purchased. These creative minds meet quarterly to share ideas. Here is a sampling of the members, who are listed alphabetically by acquired company name.To read this article in full or to leave a comment, please click here

Cisco Founders Forum: One creative way to keep & energize talent

The tech industry brims with examples of bright entrepreneurs who have struck it big by selling their startups and then hightailing it out of those larger companies once contractually eligible so that they can pursue their next venture.So what the heck is Matt Cutler still doing at Cisco three years after selling his mobile collaboration startup to the networking giant? Well, among other things, he’s teaching a bunch of his peers who have stayed at Cisco after having their own companies acquired -- as well as any Cisco lifers who will listen -- a thing or two about how to keep cranking out new ideas. Cisco Matt Cutler, Lead Evangelist for Cisco Cloud Collaboration Technologies, has big ideas on ideation.To read this article in full or to leave a comment, please click here

1 2,514 2,515 2,516 2,517 2,518 3,836