IDG Contributor Network: Attack attribution does little to improve enterprise security

After every major data breach, the security community engages in a game of whodunit and attempts to figure out what entity or nation state carried out the attack. The North Koreans were behind the Sony breach, while China carried out the attack on the Office of Personnel Management (OPM). Meanwhile, hackers linked to the Iranian government hacked a small dam in New York as well as the networks of AT&T, Bank of America and the New York Stock Exchange, among other major U.S. businesses. And now Russia is being singled out for supporting hackers who infiltrated the Democratic National Committee’s computers and disclosed sensitive files and emails.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Fixing the perception that enterprise IT is irrelevant

Continuing perception of IT being slow to innovate is reflected in a new report from consultancy Accenture. IT is no longer the body sought out by executives to perform business transformations, research has found. And IT doesn’t have the skills to adapt successfully to an as-a-service environment either.As-a-service is a term for cloud, software, tech services and so on that is delivered on-demand over the internet.+ Also on Network World: The IT skills gap is a reality, but doesn’t have to be +To read this article in full or to leave a comment, please click here

There are mobile and IoT companion documents for the CIS (Top 20) Critical Security Controls

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Most people who have anything to do with cybersecurity are familiar with the Center for Internet Security (CIS) Critical Security Controls, also commonly known as the SANS Top 20, or more simply the Controls. This list consists of a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks.Implementing the Controls is no guarantee an organization will have a bullet-proof defensive posture, but it significantly reduces both the risk that a breach will happen and the impact to the organization if such an event were to occur. What's more, theControls constitute a minimum level of security that any organization that collects or maintains personal or sensitive information should meet.To read this article in full or to leave a comment, please click here

There are mobile and IoT companion documents for the CIS (Top 20) Critical Security Controls

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  Most people who have anything to do with cybersecurity are familiar with the Center for Internet Security (CIS) Critical Security Controls, also commonly known as the SANS Top 20, or more simply the Controls. This list consists of a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks.Implementing the Controls is no guarantee an organization will have a bullet-proof defensive posture, but it significantly reduces both the risk that a breach will happen and the impact to the organization if such an event were to occur. What's more, theControls constitute a minimum level of security that any organization that collects or maintains personal or sensitive information should meet.To read this article in full or to leave a comment, please click here

Micro-segmentation with Service Insertion – NSX Securing “Anywhere” Part IV

Welcome to part 4 in the Micro-Segmentation Defined– NSX Securing “Anywhere”  blog series. Today we will cover the role of NSX as a foundational security platform through NSX Micro-segmentation with Service Insertion. Previous topics covered in this series includes

• Part I –    Micro-segmentation Defined
• Part II –  Securing Physical environments
• Part III –Operationalizing Micro-segmentation

This blog covers the following topics:

1. Defining Service Insertion
2. The Role of Service Insertion in Micro-segmentation
3. Network and Guest Introspection
4. NSX Service Insertion

Defining Service Insertion

In modern datacenters, network and compute services either have been or are being decoupled from the physical appliances on which they have traditionally run. In the past, a datacenter service required traffic to be steered through a series of such appliances in order to be serviced appropriately, through services such as firewalls, intrusion detection and prevention, and load balancing services. As infrastructure services transition from physical appliances to software functions, it becomes possible to deploy these services with greater granularity by inserting them into a specific forwarding path. Combining multiple functions in this manner is generally referred to as a service chain or service graph.

Figure 1: Two distinct service chains utilizing different functions

Once infrastructure Continue reading

IBM’s Cloud CTO: ‘We’re in this game to win’

IBM saw from the get-go that the cloud was going to cause a major disruption to its business. "We knew it was a massive opportunity for IBM, but not in a way that necessarily fit our mold," said Jim Comfort, who is now CTO for IBM Cloud. "Every dimension of our business model would change -- we knew that going in." Change they have, and there's little denying that the cloud businesses is now a ray of sunshine brightening IBM's outlook as its legacy businesses struggle. In its second-quarter earnings report last week, cloud revenue was up 30 percent for the quarter year over year, reaching $11.6 billion over the preceding 12 months. Revenue from systems hardware and operating systems software, on the other hand, was down more than 23 percent.To read this article in full or to leave a comment, please click here

CSC announces layoffs in advance of HPE merger

Computer Sciences Corp. is laying off workers as it shifts some work overseas, according to a federal application for employment benefits.A federal Trade Adjustment Act (TAA) benefit application, filed on July 14, claims "CSC merging with HP (Hewlett-Packard Enterprise) caused services to be shifted to India. This included teleworkers in the US."It says 500 workers are affected. The types of jobs are not described.In May, Hewlett-Packard Enterprise announced it would spin off its enterprise services business and merge it with CSC. This combined entity will have about $26 billion in revenue.To read this article in full or to leave a comment, please click here

Microsoft will cut 2,850 more jobs by the end of the year

Satya Nadella isn't stopping the job cuts train at Microsoft any time soon. The company revealed Thursday that 2,850 people will lose their jobs by the middle of 2017, on top of the 1,850 cuts announced earlier this year.According to a regulatory filing, those impacted will primarily be in its phone hardware business, which has already been hit hard by layoffs, and in global sales.The cuts are more fallout from Microsoft's decision to downsize its smartphone business, which it acquired from Nokia in 2015. Putting that acquisition in motion was one of the last things that former Microsoft CEO Steve Ballmer did before announcing that he would be leaving the company's top job. His successor hasn't taken the same shine to the phone hardware business that Microsoft bought.To read this article in full or to leave a comment, please click here

Democrats give thumbs up to Silicon Valley

It wasn't what Michael Bloomberg said Wednesday night on the stage of the Democratic National Convention that was important to Silicon Valley. His speech was mostly generalities and attacks on Republican presidential nominee Donald Trump. It was Bloomberg's presence that was the message.Bloomberg is a strong and well-known champion for reducing barriers to highly skilled immigrants and for raising visa caps. He co-chairs the high-skilled immigration advocacy group, Partnership for a New American Economy with Disney CEO Bob Igner and other prominent business leaders. Disney laid off about 250 IT employees last year after hiring H-1B-using IT contractors.To read this article in full or to leave a comment, please click here

Best Deals of the Week – Deal Alert

Best Deals of the Week - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week. All items are highly rated, and dramatically discounted.53% off Universal Phone Mount for Bicycle and MotorcycleCurrently receiving 4.5 out of 5 stars on Amazon (read reviews), the 'Freedom' Handlebar Phone Holder from Tackform offers comprehensive protection for mounting your smartphone while riding your bike or motorcycle. The patented phone cradle provides full support for holding your phone, while providing full access to your screen and buttons while riding.  Amazon is currently showing a discount of 53% off the original list price of $39.99, allowing you to purchase the holder for just $18.99.To read this article in full or to leave a comment, please click here

Sysadmin Superheroes

Sony does well in games but smartphone business shrinks

An increase in games revenue helped Sony counter to an extent shrinking business in smartphones and the impact of earthquakes in Japan's Kumamoto region on production of the camera sensors that the company supplies to Apple and other smartphone vendors.Sony reported Friday that its revenue was down 10.8 percent to 1.61 trillion yen (US$15.73 billion) in its first quarter ended June 30, while its profit decreased by 74.3 percent year-on-year to 21.2 billion yen.The revenue of its game and network services unit grew 14.5 percent year-on-year in the quarter to 330.4 billion yen mainly because of a significant increase in PlayStation 4 software sales including sales through the network. Sales of PS4 games consoles rose to 3.5 million units from 3 million in the same quarter in the previous year.To read this article in full or to leave a comment, please click here

And this is how you build an IPv6-only data center

Tore Anderson has been talking about IPv6-only data centers (and running a production one) for years. We know Facebook decided to go down that same path… but how hard would it be to start from scratch?

Not too hard if you want to do it, know what you're doing, and are willing to do more than buy boxes from established vendors. Donatas Abraitis documented one such approach, and he's not working for a startup but a 12-year-old company. So, don't claim it's impossible ;)

WikiLeaks’ methods questioned by whistleblower Edward Snowden

Former U.S. National Security Agency contractor, Edward Snowden, has censured WikiLeaks’ release of information without proper curation.On Thursday, Snowden, who has embarrassed the U.S. government with revelations of widespread NSA surveillance, said that WikiLeaks was mistaken in not at least modestly curating the information it releases. “Democratizing information has never been more vital, and @Wikileaks has helped. But their hostility to even modest curation is a mistake,” Snowden said in a tweet. WikiLeaks shot back at Snowden that “opportunism won't earn you a pardon from Clinton & curation is not censorship of ruling party cash flows.”To read this article in full or to leave a comment, please click here

WikiLeaks’ methods questioned by whistleblower Edward Snowden

Former U.S. National Security Agency contractor, Edward Snowden, has censured WikiLeaks’ release of information without proper curation.On Thursday, Snowden, who has embarrassed the U.S. government with revelations of widespread NSA surveillance, said that WikiLeaks was mistaken in not at least modestly curating the information it releases. “Democratizing information has never been more vital, and @Wikileaks has helped. But their hostility to even modest curation is a mistake,” Snowden said in a tweet. WikiLeaks shot back at Snowden that “opportunism won't earn you a pardon from Clinton & curation is not censorship of ruling party cash flows.”To read this article in full or to leave a comment, please click here

FCoE Cheat Sheet Released

FCoE Cheat Sheet Released

Here is the FCoE Cheat Sheet however, I didn't include the configuration and troubleshooting on this cheat sheet as I thought FCoE and troubleshooting is much more sophisticated than using a cheat sheet with a few commands.

All the best and please report in case of any bug.

Click here to download FCoE Cheat Sheet

Your Docker Agenda in August

From webinars to workshops, meetups to conference talks, check out our list of events that are coming up in August!

Continue reading

Happy Infrastructure Engineers + System Administrator Appreciation Day!

To celebrate National Infrastructure Engineers and System Administrators Day, we asked the IT pros to tweet us their tips and tricks. After narrowing the submissions to five — here are the top shared life hacks in 140 characters (or less).
Continue reading

Taking the CCIE Lab in RTP

Cisco's campus in Research Triangle Park, North Carolina, is one of only two places in the United States where candidates can complete a CCIE lab exam (the other being in San Jose, California). People fly in from all over the eastern US and beyond to spend a day taking the exam. Lots of folks who've taken the exam have written up their experiences, but I haven't seen many talk at length about their time in RTP outside of Cisco's building 3.

I've lived just a few minutes away from the testing site for the past few years, and it occurred to me recently that visitors might benefit from some local knowledge.

Getting Here

Most people fly in via Raleigh-Durham International Airport (RDU). RDU is a medium-sized airport with two terminals. Most flights operate out of Terminal 2, except for Southwest Airlines, which is based in the newly-renovated Terminal 1.

As airports go, I'm a big fan of RDU. It's a very modern, clean, and well-organized facility. The interior of Terminal 2 is beautifully designed to resemble an early airplane wing and is flooded with natural light during the day. (It's also one of very few places where you can Continue reading