0

Protecting data on Apple devices with Cloudflare and Jamf

Today we’re excited to announce Cloudflare’s partnership with Jamf to extend Cloudflare’s Zero Trust Solutions to Jamf customers. This unique offering will enable Jamf customers to easily implement network Data Loss Prevention (DLP), Remote Browser Isolation (RBI), and SaaS Tenancy Controls from Cloudflare to prevent sensitive data loss from their Apple devices.

Jamf is a leader in protecting Apple devices and ensures secure, consumer-simple technology for 71,000+ businesses, schools and hospitals. Today Jamf manages ~30 million Apple devices with MDM, and our partnership extends powerful policy capabilities into the network.

“One of the most unforgettable lines I’ve heard from an enterprise customer is their belief that ‘Apple devices are like walking USB sticks that leave through the business’s front door every day.’ It doesn’t have to be that way! We are on a mission at Jamf to help our customers achieve the security and compliance controls they need to confidently support Apple devices at scale in their complex environments. While we are doing everything we can to reach this future, we can’t do it alone. I’m thrilled to be partnering with Cloudflare to deliver a set of enterprise-grade compliance controls in a novel way that leverages our Continue reading

0

Worth Reading: Eyes Like Saucers

Gerben Wierda published a nice description of common reactions to new unicorn-dust-based technologies:

• Eyes that glaze over
• Eyes like saucers
• Eyes that narrow

He uses generative AI as an example to explain why it might be a bad idea that people in the first two categories make strategic decisions, but of course nothing ever stops people desperately believing in vendor fairy tales, including long-distance vMotion, SDN or intent-based networking.

0

Worth Reading: Eyes Like Saucers

Gerben Wierda published a nice description of common reactions to new unicorn-dust-based technologies:

• Eyes that glaze over
• Eyes like saucers
• Eyes that narrow

He uses generative AI as an example to explain why it might be a bad idea that people in the first two categories make strategic decisions, but of course nothing ever stops people desperately believing in vendor fairy tales, including long-distance vMotion, SDN or intent-based networking.

0

The Value Of Thinking And Creating On The Asymptote To Zero

The introduction of writing and agriculture were watershed events for humanity, and are forever interlinked. …

The post The Value Of Thinking And Creating On The Asymptote To Zero first appeared on The Next Platform.

The Value Of Thinking And Creating On The Asymptote To Zero was written by Timothy Prickett Morgan at The Next Platform.

0

EnGenius to release Wi-Fi 7 access point for the enterprise

Enterprise networking hardware vendor EnGenuis will release one of the first Wi-Fi 7-enabled access points for business use, the company announced this week.The ECW536 uses the Qualcomm Networking Pro 1220 chipset, and features a 4x4x4 antenna configuration. It’s got two 10Gb ethernet ports, and boasts several security enhancements, including business-class encryption protocols, RADIUS and isolated guest access.The main draw, however, is Wi-Fi 7 connectivity. Wi-Fi 7, also known as 802.11be, is the latest and greatest Wi-Fi specification, although official certification from the IEEE isn’t expected to start until the second half of 2024. The key upgrades in Wi-Fi 7 include wider channels (up to 320MHz), 4K quadrature amplitude modulation rather than 1K, and muiltilink operation, which uses multiple radio bands at the same time to serve one connection. All that adds up to a substantially increased theoretical throughput peak, at 46Gbps.To read this article in full, please click here

0

EnGenius to release Wi-Fi 7 router for the enterprise

Enterprise networking hardware vendor EnGenuis will release one of the first Wi-Fi 7-enabled routers for business use, the company announced this week.The ECW536 uses the Qualcomm Networking Pro 1220 chipset, and features a 4x4x4 antenna configuration. It’s got two 10Gb ethernet ports, and boasts several security enhancements, including business-class encryption protocols, RADIUS and isolated guest access.The main draw, however, is Wi-Fi 7 connectivity. Wi-Fi 7, also known as 802.11be, is the latest and greatest Wi-Fi specification, although official certification from the IEEE isn’t expected to start until the second half of 2024. The key upgrades in Wi-Fi 7 include wider channels (up to 320MHz), 4K quadrature amplitude modulation rather than 1K, and muiltilink operation, which uses multiple radio bands at the same time to serve one connection. All that adds up to a substantially increased theoretical throughput peak, at 46Gbps.To read this article in full, please click here

0

Hammering Out A Logical File System And A DNS For Data

Data is by its nature a messy beast, and it has only become more so as workloads have found their way out of the datacenter and into the cloud and even all the way out to the edge. …

The post Hammering Out A Logical File System And A DNS For Data first appeared on The Next Platform.

Hammering Out A Logical File System And A DNS For Data was written by Tobias Mann at The Next Platform.

0

Kubernetes Components: The Basics

Whether you run Kubernetes on-prem, in the cloud, or a combination of the two, one thing holds true – there is always a Control Plane element and a Worker Node element. Without them, Kubernetes wouldn’t exist. This post looks at the Control Plane and the Worker Node, including which components are in each, why each […]

The post Kubernetes Components: The Basics appeared first on Packet Pushers.

0

Assigning sudo privilege to users on Linux

The sudo command is a very important command on Linux systems. You might say that it allows users to run privileged commands without logging in as root, and that is true. However, the more important point is that it allows individuals to manage Linux systems – adding accounts, running updates, installing applications and backing up the system – without requiring these things be done using the root account. This is consistent with the policy that says root privilege should only be used as needed and that no one should simply log in as root and run all of their commands. Doing routine work using the root account is considered dangerous because any typos or commands run in the wrong location can have very serious consequences.To read this article in full, please click here

0

Assigning sudo privilege to users on Linux

The sudo command is a very important command on Linux systems. You might say that it allows users to run privileged commands without logging in as root, and that is true. However, the more important point is that it allows individuals to manage Linux systems – adding accounts, running updates, installing applications and backing up the system – without requiring these things be done using the root account. This is consistent with the policy that says root privilege should only be used as needed and that no one should simply log in as root and run all of their commands. Doing routine work using the root account is considered dangerous because any typos or commands run in the wrong location can have very serious consequences.To read this article in full, please click here

0

UK competition agency provisionally OKs Broadcom’s $6B VMware acquisition

The UK’s Competition Market Authority (CMA) has provisionally cleared Broadcom’s proposed acquisition of VMWare, paving the way for the $61 billion deal to go ahead.In November 2022, the CMA announced it was launching an in-depth investigation into the proposed deal, looking into whether the proposed merger “may be expected to result in a substantial lessening of competition within any market or markets in the United Kingdom for goods or services.”In particular, the CMA was concerned that the deal could harm the ability of Broadcom’s rivals to compete with VMware’s server virtualisation software, and if there would be a potential financial benefit to Broadcom and VMware if they were to make rival products work less well with VMware’s softwareTo read this article in full, please click here

0

UK competition agency provisionally OKs Broadcom’s $6B VMware acquisition

The UK’s Competition Market Authority (CMA) has provisionally cleared Broadcom’s proposed acquisition of VMWare, paving the way for the $61 billion deal to go ahead.In November 2022, the CMA announced it was launching an in-depth investigation into the proposed deal, looking into whether the proposed merger “may be expected to result in a substantial lessening of competition within any market or markets in the United Kingdom for goods or services.”In particular, the CMA was concerned that the deal could harm the ability of Broadcom’s rivals to compete with VMware’s server virtualisation software, and if there would be a potential financial benefit to Broadcom and VMware if they were to make rival products work less well with VMware’s softwareTo read this article in full, please click here

0

Cloudflare Zaraz steps up: general availability and new pricing

This post is also available in Deutsch, Français.

Cloudflare Zaraz has transitioned out of beta and is now generally available to all customers. It is included under the free, paid, and enterprise plans of the Cloudflare Developer Platform. Visit our docs to learn more on our different plans.

Zaraz is part of the Cloudflare Developer Platform

Cloudflare Zaraz is a solution that developers and marketers use to load third-party tools like Google Analytics 4, Facebook CAPI, TikTok, and others. With Zaraz, Cloudflare customers can easily transition to server-side data collection with just a few clicks, without the need to set up and maintain their own cloud environment or make additional changes to their website for installation. Server-side data collection, as facilitated by Zaraz, simplifies analytics reporting from the server rather than loading numerous JavaScript files on the user's browser. It's a rapidly growing trend due to browser limitations on using third-party solutions and cookies. The result is significantly faster websites, plus enhanced security and privacy on the web.

We've had Zaraz in beta mode for a year and a half now. Throughout this time, we've dedicated our efforts to meeting as many customers as we could, gathering feedback, and Continue reading

0

Day Two Cloud 203: Becoming An SRE – It’s More Than Just Software Skills

If you want to be a Site Reliability Engineer (SRE) you need strong software skills. You also have to be versed in observability, incident response, capacity planning, change management, performance, even security. But wait, there's more! Our guest on today's Day Two Cloud argues you need strong communication skills, emotional intelligence, personal resilience, and the ability to work with a team. Our guest is Amin Astaneh.

0

Day Two Cloud 203: Becoming An SRE – It’s More Than Just Software Skills

If you want to be a Site Reliability Engineer (SRE) you need strong software skills. You also have to be versed in observability, incident response, capacity planning, change management, performance, even security. But wait, there's more! Our guest on today's Day Two Cloud argues you need strong communication skills, emotional intelligence, personal resilience, and the ability to work with a team. Our guest is Amin Astaneh.

The post Day Two Cloud 203: Becoming An SRE – It’s More Than Just Software Skills appeared first on Packet Pushers.

0

Gartner: Generative AI not yet influencing IT spending, but enterprises should plan for it

While the hype around generative AI is palpable, enterprise IT spending so far has not been impacted by it.That is one of the main takeaways from Gartner’s quarterly IT spending forecast, which finds that worldwide IT spending is projected to total $4.7 trillion in 2023, an increase of 4.3% from 2022.Data center systems spending was down slightly year-over-year, but most other enterprise spending will increase, including software, IT and communications services outlay. according to the research firm.“IT projects are shifting from a focus on external facing deliverables such as revenue and customer experience, to more inward facing efforts focused on optimization,” said John-David Lovelock, distinguished VP analyst at Gartner, in a statement.To read this article in full, please click here

0

Is Neutral Host the Killer App for Private Wireless?

A more modern approach to lowering the cost and complexity of extending cellular signals indoors is driving a new generation of private cellular wireless within the enterprise.

0

Unlocking efficiency: Harnessing the capabilities of ansible-builder 3.0

We recently announced the general availability of Red Hat Ansible Automation Platform 2.4, This blog outlines the features of execution environment builder (ansible-builder) 3.0 that was included with this latest release. 

With the introduction of Ansible Automation Platform 2, we introduced the concept of automation execution environments. A key part of enabling our customers to create, manage, and scale their automation, they are portable Ansible runtime environments which enable us to truly decouple the control and execution planes in Ansible Automation Platform. Automation execution environments replace the traditional virtual environments in Ansible Tower by providing a powerful dependency management solution. Customers can also improve their automation run efficiency, as they are lightweight Ansible runtime environments.

In general, an automation execution environment includes:

• Base UBI 8/9 image.
• A version of Python
• A version of ansible-core
• Python modules/dependencies
• Ansible Content Collections (optional)

The execution environment builder tool was built to aid in the creation of execution environments for Ansible customers and users. It provides a definition schema that is based on the above execution environment requirements.

 

Ansible-builder 3.0 enhancements

ansible-builder version 3.0 introduces some major changes in the definition schema to help customers Continue reading

0

The Arrival of Open AI Networking

Recently I attended the 50^th golden anniversary of Ethernet at the Computer History Museum. It was a reminder of how familiar and widely deployed Ethernet is and how it has evolved by orders of magnitude. Since the 1970s, it has progressed from a shared collision network at 2.95 megabits in the file/print/share era to the promise of Terabit Ethernet switching in the AI/ML era. Legacy Ethernot* alternatives such as Token Ring, FDDI, and ATM generally get subsumed by Ethernet. I believe history is going to repeat itself for AI networks.

0

AWS Advanced Networking Speciality 1.3:Considerations for encryption and authentication with load balancers (for example, TLStermination, TLS passthrough)

< MEDIUM :https://towardsaws.com/aws-advanced-networking-speciality-1-3-considerations-402e0d057dfb >

List of blogs on AWS Advanced Networking Speciality Exam — https://medium.com/@raaki-88/list/aws-advanced-network-speciality-24009c3d8474

Data Protection in ELB

AWS Shared-Responsibility Model defines how data protection applies in ELBs. It boils down to AWS protecting global infrastructure while the service consumer is more responsible for preserving the content and control over the hosted content.

Few important suggestions for accessing/Securing

• MFA for accounts
• TLS 1.2 or TLS 1.3 for AWS resource communication
• Logging with AWS CloudTrail
• Amazon Macie — Discovering and securing sensitive data in S3
• FIP140–2 — Fips Endpoint

Encryption

Encryption at rest: Server-side encryption for S3 (SSE-S3) is used for ELB access logs. ELB automatically encrypts each log file before storing it in the S3 bucket and decrypts the access log files when you access them. Each log file is encrypted with a unique key, which is encrypted with a master key that is regularly rotated.

Encryption in Transit:

HTTPS/TLS traffic can be terminated at the ELB. ELB can encrypt and decrypt the traffic instead of additional EC2 instances or current EC2 backend instances doing this TLS termination. Using ACM (AWS Certificate Continue reading