New products of the week 8.8.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Open Threat Exchange (OTX)Key features: AlienVault OTX is an open threat intelligence community where security practitioners research and share emerging threat data. Members can create private discussion groups related to specific industries, regions and threats. More info.To read this article in full or to leave a comment, please click here

New products of the week 8.8.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Open Threat Exchange (OTX)Key features: AlienVault OTX is an open threat intelligence community where security practitioners research and share emerging threat data. Members can create private discussion groups related to specific industries, regions and threats. More info.To read this article in full or to leave a comment, please click here

Wearables at the Rio 2016 Olympics

See the gadgets athletes are using at the Rio OlympicsImage by IOC/David Burnett/ContactThe 2016 Rio Olympics is finally getting underway and there'll be no shortage of tech at this year's event. Athletes use all kinds of gadgets to help them train and stay fit, from heads-up displays used by cyclists to jump trackers worn by the volleyball team. Here's the a few of the gadgets that have made it to Rio. To read this article in full or to leave a comment, please click here

Microsoft reduces Windows 10 roll-back grace period

Microsoft has reduced the I-changed-my-mind period in Windows 10 by two-thirds, cutting it from 30 days to 10, the company confirmed.Users who upgraded to Windows 10 were able to roll back to the preceding Windows as long as they did so within 30 days. To make that possible, Microsoft stored the older operating system in a special folder on the device's drive, consuming up to 5GB of storage space. After the grace period expired, the folder's contents were deleted.With last week's Anniversary Update, aka version 1607, the 30 days were reduced to 10. (Microsoft identifies its major upgrades using numerals representing year and month of the release.)To read this article in full or to leave a comment, please click here

A gentler way to hack back

The quickest way to launch the cyber equivalent of a nuclear war is for the targets of cyberattacks to try to “hack back” against their tormentors.Or, maybe not.The debate over that has raged for decades, with a majority of security experts arguing that the difficulties of attribution and the dangers of escalating retaliatory counterattacks make hacking back a losing proposition.But what if it didn’t involve trying to corrupt or destroy an attacker’s network? What if it wasn’t exactly “kinder,” but was a bit “gentler,” involving intermediate-level responses like so-called “naming and shaming” of perpetrators, or blocking access to U.S. markets of foreign companies that benefit from cyber espionage?To read this article in full or to leave a comment, please click here

5 types of toxic team members and how to handle them

How to handle toxic coworkersImage by ThinkstockThey slow you down, irritate you and sometimes they're just plain useless. You know who they are -- those toxic team members who never seem to actually contribute anything to projects or to your work environment but who have an uncanny ability to stay employed and come out of every situation smelling like the proverbial rose. "While 75 percent of employers rate team work and collaboration as "very important," most employees hate working together in teams because there's inevitably at least one person who make the experience horrible. It may not be deliberate; it may be that these folks are brilliant but just lack social skills. Whatever the case, it's detrimental to the rest of the team and the company," according to Alexander Maasik, communications specialist with workplace productivity solutions company Weekdone. Here, Maasik offers the five most common enemies of teamwork, and the best way to handle them as a leader or as a co-worker. 1. False promises Image by ThinkstockTo read this article in full or to leave a comment, please click here

How can you detect a fake ransom letter?

Pay up?Image by Flickr/Nick O’NeilIn the 2016 Executive Application & Network Security Survey, among those who have not experienced a ransom situation, the majority say they would not pay a ransom. But among the few who have experienced a ransom attack, more than half in the U.S. did not pay. One respondent indicated that paying did not guarantee that the attacker would do their part.To read this article in full or to leave a comment, please click here

How can you detect a fake ransom letter?

Pay up?Image by Flickr/Nick O’NeilIn the 2016 Executive Application & Network Security Survey, among those who have not experienced a ransom situation, the majority say they would not pay a ransom. But among the few who have experienced a ransom attack, more than half in the U.S. did not pay. One respondent indicated that paying did not guarantee that the attacker would do their part.To read this article in full or to leave a comment, please click here

Tips for scaling up a data analytics project

The U.S. Environmental Protection Agency's new chief data scientist likens the adoption of big data analytics at the agency to the early adoption of the iPhone in 2007. Those early adopters "didn't know exactly what it was, but they wanted to use it because they perceived the value," says Robin Thottungal.To read this article in full or to leave a comment, please click here(Insider Story)

How a 96-year-old company modernized its infrastructure by embracing innovation

For more than 90 years, Pitney Bowes has been helping its customers conduct physical and digital commerce worldwide. In this keynote session at the recent IT Roadmap event in New York, James Fairweather, SVP of Technology and E-commerce, talks about his company’s  investment in a digital infrastructure. This change moved across clouds, APIs, data, mobility and collaboration, as well as how they created a “culture of innovation” with developers and designers.To read this article in full or to leave a comment, please click here(Insider Story)

Delta Air Lines flights delayed by widespread computer outage

Delta said Monday morning that its flights awaiting departure were delayed because of a widespread computer outage.The airline did not provide details of the computer outage or of the number of flights affected, but said in a statement on its website that the problem had affected flights scheduled for the morning.The extent of the problem appeared to be global because the airline wrote in a number of tweets that “our systems are down everywhere.” “Flights enroute are operating normally. Delta is advising travelers to check the status of their flights this morning while the issue is being addressed,” the airline said in a brief statement.To read this article in full or to leave a comment, please click here

CASB delivers must-have protection for your SaaS apps

Cloud Access Security Brokers are products that can be described as firewall plus identity management plus anti-malware plus DLP plus encryption control/implementation plus threat management.CASB products have becoming increasingly important as enterprises look to extend their on-premises security policies to their cloud-based assets. We looked at three products -- CipherCloud, Bitglass, and Netskope. Each one takes a different, yet ingenious, approach to the task of stopping unauthorized, inappropriate, or uncontrolled cloud asset access and manipulation.+ MORE ON CASB: What is a cloud access security broker (CASB) and why do I need one? +To read this article in full or to leave a comment, please click here

What is a cloud access security broker and why do I need one?

According to analysts from Gartner and elsewhere, every enterprise with a significant cloud presence needs a cloud access security broker to protect cloud-based data. CASB products can sit either on-premises or live in the cloud, but they all have the same basic function – providing a secure gateway for data traveling to and from the cloud, particularly with respect to SaaS applications and common cloud storage services like Box or Dropbox.To read this article in full or to leave a comment, please click here(Insider Story)

General – The Future of Networking – Pete Lumbis

The next person I interviewed about the future of networking is my friend Pete Lumbis. Pete used to be the routing escalations TAC leader at Cisco and now he is working at Cumulus as a SE. Pete holds both a CCIE and a CCDE.

Daniel: The networking world is changing. What are the major changes coming up in the next few years that you think we will see?

Pete: Automation is the big thing these days. Either through APIs or abstraction tools like Ansible or Puppet. I think there will be more embracing of automation, but as a side effect I think we will have to start building networks that are more automation friendly by creating fewer exceptions and one-offs. This also touches on a larger point which is the need to build systems and networks that are less fragile. Automation is less scary when you have an architecture that can tolerate some level of failure.

Daniel: What are the major skills that people in networking need to learn to stay ahead of the curve?

Pete: Fundamentals don’t change. ARP is ARP. MAC addresses still have 48-bits. Understanding fundamentals will always be key. Beyond that it’s going to be about Continue reading

And this is why you need automation

I stumbled upon a great description of how you can go bankrupt in 45 minutes due to a manual deployment process. The most relevant part of it:

Any time your deployment process relies on humans reading and following instructions you are exposing yourself to risk. Humans make mistakes. The mistakes could be in the instructions, in the interpretation of the instructions, or in the execution of the instructions.

And no, it's not just application deployment. A similar disaster could happen in your network.

Bitfinex asks users to share losses of bitcoin theft

Bitfinex, the digital currency exchange in Hong Kong that reported a bitcoin theft last week, has decided to shave a little over 36 percent from its customers' accounts and assets to make up for losses from the hack.“Upon logging into the platform, customers will see that they have experienced a generalized loss percentage of 36.067%,” Bitfinex said in a blog post Saturday. It promised an announcement later on the details of the methodology used to arrive at the losses."This is the closest approximation to what would happen in a liquidation context," Bitfinex wrote. Customers will be issued a token labeled BFX to record their losses, though the exchange is still not clear about how it will compensate them.To read this article in full or to leave a comment, please click here

Hairpinning traffic through ASA with State Bypass

Several years ago I wrote an article about the Woes of Using an ASA as a Default Gateway. I have received a lot of feedback about this post and recently had a request for an update around ASA > 8.3. When building this scenario out with current ASA code, I found that the base NAT configuration (internet only PAT) had no bearing on the hairpin configuration. As expected, I found the same challenge around state bypass. I wanted to share a current post that demonstrates the challenges and solutions when traffic is bounced off the inside interface of the ASA.

ASA Hairping

The requirements of the configuration are as follows–

  • TestHost must be able to Telnet and Ping to Internet and PartnerHost
  • The inside interface of asav-1 must be the default gateway for TestHost
  • asav-1 is doing PAT for Internet destined traffic
  • PartnerRTR and ParnterHost have been preconfigured as shown above

The following are the base configurations for all of the devices. The configuration of asav-1 does not seem to allow communication from TestHost to PartnerHost (100.1.1.0/24 network).

TestHost Configuration

hostname TestHost
!
interface GigabitEthernet2
 description to iosvl2-1
 ip address 10.1.1.5 255.255.255.0
!
ip route 0.0. Continue reading

23% off HDMI Cloner Box for Gaming or HD Video Stream Capture, No PC needed – Deal Alert

Here's a device any gamer or video enthusiast may want to have on hand. Connect a game console, DVD, or any video source to this gadget via its HDMI input, and with the push of a button it captures and saves the video stream to any attached USB flash drive, with no PC required. Advanced hardware H.264 encoding captures your live gameplay or video playback in 1080p Full HD, while keeping the file size low and capturing speeds high. Averaging 4 out of 5 stars on Amazon from over 170 customers (read reviews), the gadget's $129.99 list price has been reduced 23% to $99.99. With the unit you'll get a free 16gb USB stick to get you started (enough for several hours of video). See the discounted cloner box now on Amazon.To read this article in full or to leave a comment, please click here

1 2,688 2,689 2,690 2,691 2,692 3,767