IDG Contributor Network: Building an insider threat program that works — Part 2

Organizations attempting to implement a world-class insider threat program have learned from experience what doesn't work well (see Part I of this post). As a result, they have a better sense of what they require to prevail in today's evolving insider threat landscape.There is an emerging consensus that any world-class insider threat program must have the following three core characteristics:1. Preventive: Organizations want more than just a threat detection system that tells them an attack has already taken place. They need an early-warning system that allows them to prevent insider threat events through a comprehensive threat assessment framework that leverages all available internal and external data and produces far fewer false negatives and positives.To read this article in full or to leave a comment, please click here

Cisco ACI Multipod

Since 2.0, Multipod for ACI enables provisioning a more fault tolerant fabric comprised of multiple pods with isolated control plane protocols. Also, multipod provides more flexibility with regard to the full mesh cabling between leaf and spine switches.  When leaf switches are spread across different floors or different buildings, multipod enables provisioning multiple pods per floor or building and providing connectivity between pods through spine switches.

A new White Paper on ACI Multipod is now available

http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-737855.html?cachemode=refresh

US tech giants say they didn’t do Yahoo-style email spying

Reports of a secret Yahoo program to search through customers' incoming emails has spurred other tech companies to deny ever receiving a similar request from the U.S. government.The program, reportedly created last year through a classified U.S. order, involves Yahoo searching through hundreds of millions of user accounts at the behest of the National Security Agency or FBI.Other U.S. tech companies, including Google, Microsoft, Twitter and Facebook, denied doing anything like it. Most also said they would challenge such a request in court.Privacy advocates said the government enlisting Yahoo to assist in email monitoring would be wrong.To read this article in full or to leave a comment, please click here

US tech giants say they didn’t do Yahoo-style email spying

Reports of a secret Yahoo program to search through customers' incoming emails has spurred other tech companies to deny ever receiving a similar request from the U.S. government.The program, reportedly created last year through a classified U.S. order, involves Yahoo searching through hundreds of millions of user accounts at the behest of the National Security Agency or FBI.Other U.S. tech companies, including Google, Microsoft, Twitter and Facebook, denied doing anything like it. Most also said they would challenge such a request in court.Privacy advocates said the government enlisting Yahoo to assist in email monitoring would be wrong.To read this article in full or to leave a comment, please click here

Five questions about taking Google’s new phones to work

Google unveiled a massive strategic shift on Tuesday, announcing that it is officially getting into the business of designing and releasing its own smartphones. The Pixel and Pixel XL, announced at a special event in San Francisco, are the company's first forays into that market after working with outside manufacturers for several years to produce its Nexus line of devices. The phones are snazzy gizmos packed with some of the latest features that Google could come up with, like a new intelligent assistant and a high-quality camera. It feels like one of the best Android smartphones on the market and could be a serious contender to take on Apple's iPhone, especially for people looking to purchase a flagship smartphone.To read this article in full or to leave a comment, please click here

OpenConfig, RESTCONF, and Automated Cable Verification at iNOG9

Last week I was in Dublin for business which just so happened to overlap with iNOG9, which was last Wednesday. As luck would have it, I had the opportunity to speak at iNOG9 about network automation.

You can watch the video if you want to see the presentation, but the three mini demos I gave were:

  1. Cable verification on Juniper vMX devices using Ansible
  2. Automating BGP on IOS-XR using OpenConfig BGP models using Ansible
  3. Using Postman to explore and demo the new RESTCONF/YANG interface on IOS XE.

Few words about each.

Cable verification

Usually when the topic of network automation comes up, configuration management is assumed. It should not be as there are so many other forms and types of automation. Here I showed how we can verify cabling (via neighbors) is accurate on a Junos vMX topology. Of course, the hard part here is having the discipline to define the desired cabling topology first. Note: links for sample playbooks can be found below on the GitHub repo.

OpenConfig BGP Automation with Ansible

I built a custom Ansible module built around NETCONF (ncclient), but uses the OpenConfig YANG model for global BGP configuration. For example, this is the Continue reading

A Triple-Provider Vagrant Environment

In this post, I’d like to share with you some techniques I used to build a triple-provider Vagrant environment—that is, a Vagrant environment that will work unmodified with multiple backend providers. In this case, it will work (mostly) unmodified with AWS, VirtualBox, and the VMware provider (tested with Fusion, but should work with Workstation as well). I know this may not seem like a big deal, but it marks something of a milestone for me.

Since I first started using Vagrant a couple of years ago, I’ve—as expected—gotten better and better at leveraging this tool in a flexible way. You can see this in the evolution of the Vagrant environments found in my GitHub “learning-tools” repository, where I went from hard-coded data values to pulling data from external YAML files.

One thing I’d been shooting for was a Vagrantfile that would work with multiple backend providers without any modifications, and tonight I managed to build an environment that works with AWS, VirtualBox, and VMware Fusion. There are still a couple of hard-coded values, but the vast majority of information is pulled from an external YAML file.

Let’s take a look at the Vagrantfile that I created. Here’s Continue reading

OpenConfig, RESTCONF, and Automated Cable Verification at iNOG9

Last week I was in Dublin for business which just so happened to overlap with iNOG9, which was last Wednesday. As luck would have it, I had the opportunity to speak at iNOG9 about network automation.

You can watch the video if you want to see the presentation, but the three mini demos I gave were:

  1. Cable verification on Juniper vMX devices using Ansible
  2. Automating BGP on IOS-XR using OpenConfig BGP models using Ansible
  3. Using Postman to explore and demo the new RESTCONF/YANG interface on IOS XE.

Few words about each.

Cable verification

Usually when the topic of network automation comes up, configuration management is assumed. It should not be as there are so many other forms and types of automation. Here I showed how we can verify cabling (via neighbors) is accurate on a Junos vMX topology. Of course, the hard part here is having the discipline to define the desired cabling topology first. Note: links for sample playbooks can be found below on the GitHub repo.

OpenConfig BGP Automation with Ansible

I built a custom Ansible module built around NETCONF (ncclient), but uses the OpenConfig YANG model for global BGP configuration. For example, this is the Continue reading

The Yahoo-email-search story is garbage

Joseph Menn (Reuters) is reporting that Yahoo! searched emails for the NSA. The details of the story are so mangled that it's impossible to say what's actually going on.

The first paragraph says this:
Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails
The second paragraph says this:
The company complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo Mail accounts
Well? Which is it? Did they "search incoming emails" or did they "scan mail accounts"? Whether we are dealing with emails in transmit, or stored on the servers, is a BFD (Big Fucking Detail) that you can't gloss over and confuse in a story like this. Whether searches are done indiscriminately across all emails, or only for specific accounts, is another BFD.

The third paragraph seems to resolve this, but it doesn't:
Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to an intelligence agency's request by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real time.
Who are these "some surveillance experts"? Why is the Continue reading

Applied Micro Finds ARM Server Footing, Reaches Higher

One of the frustrating facts about peddling any new technology is that the early adopters that discover a strategic advantage in that technology want to keep that secret all to themselves. Word of mouth and real-world use cases are big factors in the adoption of any new technology, and anything that hampers this actually causes the adoption to move slower than it otherwise might.

But eventually, despite all of the secrecy, there comes a time when the critical mass is reached and adoption proceeds apace. We have been waiting for that moment for a long time now for 64-bit ARM

Applied Micro Finds ARM Server Footing, Reaches Higher was written by Timothy Prickett Morgan at The Next Platform.

WikiLeaks plans to dump more sensitive files on US election

WikiLeaks is promising to release secret documents relating to the U.S. election, at a time when there are already questions over whether Russian hackers are feeding the site information.WikiLeaks will publish the documents "every week for the next 10 weeks" and the topics include the U.S. election, war, arms, Google, and mass surveillance, site founder Julian Assange said on Tuesday in a press conference.  All the U.S. election documents will be released before Nov. 8, when voters cast their ballots. The leaks pertain to "U.S. power factions and how they operate," Assange said. However, he denied deliberately trying to sabotage Democratic presidential candidate Hillary Clinton's election chances.To read this article in full or to leave a comment, please click here

WikiLeaks plans to dump more sensitive files on US election

WikiLeaks is promising to release secret documents relating to the U.S. election, at a time when there are already questions over whether Russian hackers are feeding the site information.WikiLeaks will publish the documents "every week for the next 10 weeks" and the topics include the U.S. election, war, arms, Google, and mass surveillance, site founder Julian Assange said on Tuesday in a press conference.  All the U.S. election documents will be released before Nov. 8, when voters cast their ballots. The leaks pertain to "U.S. power factions and how they operate," Assange said. However, he denied deliberately trying to sabotage Democratic presidential candidate Hillary Clinton's election chances.To read this article in full or to leave a comment, please click here

IBM invests $200 million in Watson IoT AI business

The venerable 105-year-old IBM may be a global company, but while it has operated important labs and offices overseas, its business units have always been headquartered in the U.S. Until December of last year, that is, when it opened the new global headquarters for the IBM Watson Internet of Things (IoT) unit in Munich, Germany. Now, faced with dramatically increasing global demand for Watson IoT solutions and services, Big Blue is doubling down on that investment.On Tuesday, IBM announced a $200 million investment in the Watson IoT headquarters, marking one of the company's largest investments in Europe in its history. The investment is part of the $3 billion IBM has earmarked to bring Watson cognitive computing to IoT. IBM says the move is a response to escalating demand from customers who are looking to transform their operations using a combination of IoT and artificial intelligence technologies.To read this article in full or to leave a comment, please click here

CIO eyes digital services in SD-WAN push

Earlier this year, Earthlink CEO Joe Eazor realized he needed a CIO to upgrade the company’s clunky legacy software and make its sales process more appealing to business customers browsing the website. Enter Jay Ferro, who led a digital transformation at the American Cancer Society (ACS) before joining EarthLink in July.Serving in a dual role as CIO and chief product officer, Ferro will also help develop and pitch peers on EarthLink’s managed network products, including a new software-defined wide area network (SD-WAN).To read this article in full or to leave a comment, please click here

CIO eyes digital services in SD-WAN push

Earlier this year, Earthlink CEO Joe Eazor realized he needed a CIO to upgrade the company’s clunky legacy software and make its sales process more appealing to business customers browsing the website. Enter Jay Ferro, who led a digital transformation at the American Cancer Society (ACS) before joining EarthLink in July.Serving in a dual role as CIO and chief product officer, Ferro will also help develop and pitch peers on EarthLink’s managed network products, including a new software-defined wide area network (SD-WAN).To read this article in full or to leave a comment, please click here

1 2,576 2,577 2,578 2,579 2,580 3,794