IDG Contributor Network: FedRAMP: A challenging path to operational excellence for cloud providers

“The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”—FedRamp websiteThat sounds positive, but getting approved for the FedRAMP certification is far tougher than most cloud providers anticipated. In fact, few organizations are truly capable of making it through the process. As shared by an article in GCN:“Of more than 80 cloud providers who have applied to go through the FedRAMP certification, more than half are not yet ready to go through the process, according to Kathy Conrad, principal deputy associate administrator with the General Services Administration’s Office of Citizen Services and Innovative Technologies.”To read this article in full or to leave a comment, please click here

CCDE July 2016 Onsite Bootcamp in Las Vegas

I am glad to announce that next bootcamp of this year will be on July 2016 in Las Vegas , right after Cisco Live. Last day of Cisco Live will be the first day of my CCDE class. Extend your vacation 5 more days, inform your company by now, get approval and meet me there […]

The post CCDE July 2016 Onsite Bootcamp in Las Vegas appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

iPhones are about to get plugged into enterprises with Cisco’s help

Apple and Cisco Systems have fleshed out their plans to make iOS devices work better in enterprises and said the new capabilities will arrive in the fall.Voice calls on Cisco’s Spark collaboration app will act like regular phone calls, IT departments will be able to give Cisco apps priority on iOS devices, and iPhone calls will run over corporate networks. These are some of the ways the two companies’ technologies will mesh in enterprises.Cisco announced the coming features on Monday after Apple’s Worldwide Developer Conference keynote. They’ll ship in a version of Cisco Spark updated for iOS 10. Apple also touched on the news at WWDC as one of very few enterprise announcements at the show.To read this article in full or to leave a comment, please click here

iPhones are about to get plugged into enterprises with Cisco’s help

Apple and Cisco Systems have fleshed out their plans to make iOS devices work better in enterprises and said the new capabilities will arrive in the fall.Voice calls on Cisco’s Spark collaboration app will act like regular phone calls, IT departments will be able to give Cisco apps priority on iOS devices, and iPhone calls will run over corporate networks. These are some of the ways the two companies’ technologies will mesh in enterprises.Cisco announced the coming features on Monday after Apple’s Worldwide Developer Conference keynote. They’ll ship in a version of Cisco Spark updated for iOS 10. Apple also touched on the news at WWDC as one of very few enterprise announcements at the show.To read this article in full or to leave a comment, please click here

Automation, not cheap labor, is reshaping outsourcing

The offshore outsourcing of IT grew because of the cost of offshore labor. A software engineer in India is paid but a fraction of what a U.S. worker earns. Payscale puts the median salary for a senior software engineer in India at $10,000.When IT services firms bring in H-1B visa workers, these workers earn substantially more than their overseas counterparts, but often significantly less than American IT employees.This labor cost advantage has been a powerful lure for U.S. customers, but analysts see labor costs diminishing in importance. Customers want more automation, whether it's infrastructure management or business process outsourcing. IT services firms can no longer complete exclusively on lower cost labor.To read this article in full or to leave a comment, please click here

20 reasons to get excited about iOS 10

iOS 10: Major changes with every swipeImage by AppleApple’s latest iOS 10 is packed with new features, hidden functionalities, and third-party app integrations. Here are our favorite bells and whistles so far.Photos recognizes faces without being creepyImage by AppleTo read this article in full or to leave a comment, please click here

How to make security analytics work for your organization

Falling into the analytics trapImage by ThinkstockAs the latest buzzword in IT, analytics are increasingly spanning various components of IT systems. With use cases to gather analytics around data, networks and user behaviors, there are endless possibilities for utilizing this information. But, when looking to drill down this data to inform security decisions, is a massive amount of information, which could include fall positives, really that useful? To avoid falling into an analytics trap, security professionals provide suggestions for how to best configure security analytics so they drive meaningful and actionable insights for your organization.To read this article in full or to leave a comment, please click here

Skylake Xeon E3s Serve Up Cheap Flops

AMD gets a lot of credit for creating Accelerated Processing Units that merge CPUs and GPUs on a single package or on a single die, but Intel also has a line of chips Core and Xeon processors that do the same thing for workstation and server workloads. The “Skylake-H” Xeon E3-1500 v5 chips that Intel recently announced with its new Iris Pro Graphics P580 GPUs pack quite a wallop. Enough in fact that for certain kinds of floating point math on hybrid workloads that system architects should probably give them consideration as they are building out clusters to do various

Skylake Xeon E3s Serve Up Cheap Flops was written by Timothy Prickett Morgan at The Next Platform.

IDG Contributor Network: 5 InfoSec concerns for colleges and universities

No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only to healthcare on Trend Micro’s list of the most-breached industries.With more than 500 security breaches across 320 higher education institutions since 2005, higher ed accounts for 35 percent of all breaches, according to an enlightening infographic from SysCloud.To read this article in full or to leave a comment, please click here

Is OVSDB a Control- or Management-Plane Protocol?

A while ago I discussed whether XMPP is a control- or management-plane protocol (spoiler: it depends). How about OVSDB? Here’s another question from one of my readers:

Why is Openflow considered as control plane protocol and OVSDB management plane protocol if both are relying on SDN controller? Is it because Openflow can directly modify the dataplane?

SDN controllers can use control- or management-plane protocols to get the job done.

Read more ...

Scanning for ClamAV 0day

Last week an 0day was released for ClamAV. Well, not really an 0day so much as somebody noticed idiotic features in ClamAV. So I scanned the Internet for the problem.

The feature is that the daemon listens for commands that tell it to do things like scan files. Normally, it listens only locally for such commands, but can be reconfigured to listen remotely on TCP port 3310. Some packages that include ClamAV sometimes default to this.

It's a simple protocol that consists of sending a command in clear text, like "PING", "VERSION", "SHUTDOWN", or "SCAN
So I ran masscan with the following command:

masscan 0.0.0.0/0 -p3310 --banners --hello-string[3310] VkVSU0lPTg==
Normally when you scan and address range (/0) and port (3310), you'd just see which ports are open/closed. That's not useful in this case, because it finds 2.7 million machines. Instead, you want to establish a full TCP connection. That's what the --banners option does, giving us only 38 thousand machines that successfully establish a connection. The remaining machines are large ranges on the Internet where firewalls are configured to respond with SYN-ACK, with the express purpose of frustrating port scanners.

But of those 38k machines, most are actually Continue reading

These are the top 5 productivity improvements from Apple’s WWDC

Apple kicked off its Worldwide Developers Conference Monday and announced a metric ton of new features for its products. Most of them target consumers, but there were several announcements that improve productivity and will benefit business users as well. Here are the top five:1. New Phone features The developer tools for iOS 10, due later this year, will include CallKit, a framework that lets developers of VoIP (voice over Internet Protocol) applications make it easier for iPhone and iPad users to take calls sent from communication apps.To read this article in full or to leave a comment, please click here

Google goes after SharePoint with new enterprise tools

Google isn't kidding when it says it's serious about the enterprise. The company announced a pair of new services on Monday that are aimed squarely at helping businesses access information and share it internally, similar to what Microsoft's SharePoint product offers. A new Springboard app gives employees at companies subscribed to Google Apps for Work a unified search box for finding just about anything, including files in Google Drive, emails in Gmail and contacts.The company also unveiled the beta version of a revamped Google Sites, which is aimed at letting less sophisticated users inside a business build websites that can be used to share information internally. The new Sites gives users templates and an easy to use editor. The editor is supposed to help create good-looking sites for communicating things like what a particular team is up to at a company with far-flung offices. To read this article in full or to leave a comment, please click here

Here are 5 reasons Symantec is buying Blue Coat

As cyber threats diversify and expand, anti-virus provider Symantec is doing the same. Late Sunday, the company said it would shell out $4.65 billion to acquire Web security provider Blue Coat. Here are five reasons the deal could make sense for Symantec.1. Threats are evolving, Symantec needs to as wellSymantec has been selling PC antivirus products for years but the PC market has slumped and cyber threats are getting sneakier and more malicious. Two years ago, a Symantec executive even declared that antivirus were "dead." Nowadays, dangers such as zero-day exploits and ransomware are affecting businesses and consumers alike, and antivirus products can't keep up.To read this article in full or to leave a comment, please click here

Here are 5 reasons Symantec is buying Blue Coat

As cyber threats diversify and expand, anti-virus provider Symantec is doing the same. Late Sunday, the company said it would shell out $4.65 billion to acquire Web security provider Blue Coat. Here are five reasons the deal could make sense for Symantec.1. Threats are evolving, Symantec needs to as wellSymantec has been selling PC antivirus products for years but the PC market has slumped and cyber threats are getting sneakier and more malicious. Two years ago, a Symantec executive even declared that antivirus were "dead." Nowadays, dangers such as zero-day exploits and ransomware are affecting businesses and consumers alike, and antivirus products can't keep up.To read this article in full or to leave a comment, please click here

1 2,669 2,670 2,671 2,672 2,673 3,613