IDG Contributor Network: Measuring cloud performance: A different approach needed

As Lord Kelvin almost said, "To measure is to know." But this simple dictum is surprisingly hard to follow. For it really has two meanings.The first meaning is obvious: You cannot really know about something without measuring it. If you want to know how quickly an application works, for instance, take some key functions of the application and measure how long they take. "Good performance" is defined by the function taking less time than the acceptable threshold, and poor performance is defined by the function taking more time.+ Also on Network World: Measurement is key to cloud success +To read this article in full or to leave a comment, please click here

IDG Contributor Network: Computers will soon analogize—like humans

Analogies help people understand things. Examples include such clarity as: hard drives are like closets, and defragmenting a hard drive is like cleaning a closet.They’re popular, and work for humans, but scientists are now asking whether the comparisons could also work for computers as the machines take on new roles that involve learning. Scientists at Northwestern University think so. Computers, too, will learn through analogies, they believe.Indeed, future computers are going to learn just like humans do, and that will include spontaneously using analogies to solve problems, including moral dilemmas, they say.To read this article in full or to leave a comment, please click here

EU plans $2B investment in cybersecurity research

The European Union is stumping up €450 million ($500 million) to fund research into cybersecurity -- and wants industry to contribute three times that.The EU's executive body, the European Commission, is concerned about the vulnerability of the EU economy to cyberattacks, warning in a report Tuesday that they "could undermine the digital single market and economic and social life as a whole."The $2 billion cybersecurity public-private partnership (cPPP) is intended boost cross-border research into cybersecurity, and to aid development of security products and services for the energy, health, transport and finance industries, the European Commission said Tuesday.To read this article in full or to leave a comment, please click here

10 advanced endpoint protection tools

Endpoint protectionThe days of simple endpoint protection based on traditional anti-malware tools are over. There are now advanced endpoint detection and response (EDR) tools that go beyond proactive monitoring and endpoint protection. They evaluate threats in a larger ecosystem, combining the best aspects from network intrusion detection and examining the individual process level on each computer. That is a tall order, and the 10 products tested are all very capable. However, no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. Here are capsule reviews of 10 advanced endpoint protection products (see the full review):To read this article in full or to leave a comment, please click here

Top 10 advanced endpoint protection tools

Endpoint protectionThe days of simple endpoint protection based on traditional anti-malware tools are over. There are now advanced endpoint detection and response (EDR) tools that go beyond proactive monitoring and endpoint protection. They evaluate threats in a larger ecosystem, combining the best aspects from network intrusion detection and examining the individual process level on each computer. That is a tall order, and the 10 products tested are all very capable. However, no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. Here are capsule reviews of 10 advanced endpoint protection products (see the full review):To read this article in full or to leave a comment, please click here

7 trends in advanced endpoint protection

After extensive testing of 10 advanced endpoint protection products, we have identified a series of broad industry trends:1. Virus signatures are passé. Creating a virus with a unique signature is child’s play, thanks to the nearly automated virus construction kits that have filled the internet over the past several years. Instead, many of today’s advanced endpoint protection products make use of security news feeds that report on the latest attacks such as VirusTotal.com and other reputation management services. Some, like CrowdStrike, have a long list of integrations with security and log management tools to make them more effective at spotting attack trends.To read this article in full or to leave a comment, please click here

How to buy endpoint security products

In our testing of 10 endpoint security products, we found that no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. While there is no single product that can suit all situations, endpoint configurations and IT requirements, there are a few key things to consider in your purchase:1. Going agent or agentless. A few of the products we tested don’t require endpoint agents, but the trade off is that you will need to setup LDAP or clean up your Active Directory domain and make use of network switch SNMP management and other connections to your network fabric.To read this article in full or to leave a comment, please click here(Insider Story)

10 cutting-edge tools that take endpoint security to a new level

The days of simple endpoint protection are over. Scanning and screening for malware has become a very complex process, and most traditional anti-malware tools only find a small fraction of potential infections.Nowadays there are numerous advanced endpoint detection and response (EDR) tools, all claiming to find and block the most subtle attacks, even ones that don’t leave many fingerprints.As we wrote last fall, there are two basic approaches: hunting (looking for some odd behavior) and sifting and gathering particular trends or activities (which has its roots in traditional anti-virus).To read this article in full or to leave a comment, please click here

Cutting through the IPv6 Requirements Red Tape

Few years ago a bunch of engineers agreed that the customers need a comprehensive “IPv6 Buyer’s Guide” and thus RIPE-554 was born. There are also IPv6 certification labs, US Government IPv6 profile and other initiatives. The common problem: all these things are complex.

However, it’s extremely easy to get what you want as Ron Broersma explained during his presentation at recent Slovenian IPv6 meeting. All it takes is a single paragraph in the RFP saying something along these lines:

The equipment must have the required functionality and performance in IPv6-only environment.

Problem solved (the proof is left as an exercise for the reader… or you could cheat and watch Ron’s presentation, which you should do anyway ;).

Basics: What is Ternary Content Address Memory (TCAM) ?

Note: You should read about Content Addressable Memory (CAM) before reading this post.  Today’s networking hardware operates a Layer 2, Layer 3 and Layer 4 of the OSI model. The device might switch Ethernet frames, route IP packets and implement filters based on the TCP segments. A MAC Address is always an exact match and […]

The post Basics: What is Ternary Content Address Memory (TCAM) ? appeared first on EtherealMind.

How to use VirtualBox to emulate a network

VirtualBox is an open-source virtual machine manager and hypervisor that may also be used as a network emulator. In addition to creating and managing individual virtual machines, VirtualBox can connect virtual machines together to emulate a network of computers and network appliances such as routers or servers. VirtualBox works on the major computing platforms: Windows, MacOS, and Linux.

VirtualBox network with internal networks and a NAT management network

In this post, I offer a step-by-step tutorial showing how to use the VirtualBox graphical user interface to set up a network of six devices — three routers and three PCs. This tutorial will utilize some of the advanced functions supported by VirtualBox and provide you with the skills to set up a network of virtual machines on your own personal computer.

Required knowledge

I assume you, the reader, are already familiar with the VirtualBox GUI and have used it to create and run virtual machines on your personal computer, using default settings. I also assume you have a basic understanding of Linux shell commands, which will be needed to configure the Linux operating system running on the virtual routers and PCs.

If you need to refresh your knowledge about VirtualBox, the VirtualBox website provides a detailed user manual, and Continue reading

Android full disk encryption can be brute-forced on Qualcomm-based devices

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users' data and run brute-force attacks against them.The attack was demonstrated last week by security researcher Gal Beniamini and uses two vulnerabilities patched this year in Qualcomm's implementation of the ARM CPU TrustZone.The ARM TrustZone is a hardware security module that runs its own kernel and Trusted Execution Environment independent of the main OS. On Qualcomm chips, the Trusted Execution Environment is called QSEE (Qualcomm Secure Execution Environment).The full-disk encryption feature on Android devices relies on a randomly generated key called the device encryption key (DEK). This key is itself encrypted with another key derived from the user's PIN, password or swipe pattern.To read this article in full or to leave a comment, please click here

Android full disk encryption can be brute-forced on Qualcomm-based devices

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users' data and run brute-force attacks against them.The attack was demonstrated last week by security researcher Gal Beniamini and uses two vulnerabilities patched this year in Qualcomm's implementation of the ARM CPU TrustZone.The ARM TrustZone is a hardware security module that runs its own kernel and Trusted Execution Environment independent of the main OS. On Qualcomm chips, the Trusted Execution Environment is called QSEE (Qualcomm Secure Execution Environment).The full-disk encryption feature on Android devices relies on a randomly generated key called the device encryption key (DEK). This key is itself encrypted with another key derived from the user's PIN, password or swipe pattern.To read this article in full or to leave a comment, please click here

Mobile Broadband Ecosystem

Mobile Broadband… You might have heard this term before, possibly in an ISP environment. The term has always represented a name of a department within a mobile operator or a vendor organization. It is always there in profile description for telecom professionals. It is everywhere actually when it comes to a certain ecosystem or framework that delivers Internet Service […]

The post Mobile Broadband Ecosystem appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.