Meraki MX – URL Filtering

Over the past few days, I’ve spent quite a bit of time looking at some of the advanced capabilities of modern Cisco Firewalls. My most recent testing was done with the Meraki MX 60 cloud managed Firewall product. What I have to say is this is the easiest to configure content filter I’ve ever seen. So I just wanted to take a moment and share what that looks like.Meraki MX Menu

As with all Meraki products, the MX is completely cloud managed. So to manage the device, and administrator must access the Meraki Dashboard. Once authenticated, it is simply necessary to choose Security Appliance then Content Filtering from the menu on the right.

Once on the content filtering page, the policy is self explanatory. The top section is for categories that should be blocked. While the box appears to be a free form entry field, clicking anywhere in the area presents a list of categories to choose from. The bottom section allows for manual whitelisting and blacklisting. To get a better idea on how the match is performed and the format requirements of the block criteria, the “Learn how URL blocking works” link may be selected.

Meraki Content Filtering Page

For those wanting to see the complete category list Continue reading

Worth Reading: Alchemy can’t save Moore’s Law

We don’t have a Moore’s Law problem so much as we have a materials science or alchemy problem. If you believe in materials science, what seems abundantly clear in listening to so many discussions about the end of scale for chip manufacturing processes is that, for whatever reason, the industry as a whole has not done enough investing to discover the new materials that will allow us to enhance or move beyond CMOS chip technology. -The Next Platform

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Alchemy can’t save Moore’s Law appeared first on 'net work.

These solar road panels could turn our world into Tron

Solar Roadways believes the road ahead should be paved with solar panels. The Idaho startup makes hexagonal solar panels that it's trying to get installed on U.S. roads. The goal is to generate enough energy to power homes and businesses, and the panels can even light up to display programmable road markings. It's a lofty idea but the company has gained some early support. Solar Roadways has completed three rounds of testing with the U.S. Department of Transportation and in 2014 it raised over $2 million on Indiegogo. The project has also caught the attention of Missouri's Department of Transportation, which will install the panels, as part of a pilot program, on a sidewalk in front of the Route 66 Welcome Center in Conway. To read this article in full or to leave a comment, please click here

A simple metadata server to run cloud images on standalone libvirt :: KVM Hypervisor

With all the interest in Cloud Computing and virtualization, the OS vendors are providing ever more easier ways to deploy VMs. Most of them now come with cloud images. This makes it really easy for users to deploy VMs with the distro of their choice on a cloud platform like OpenStack or AWS. Here are … Continue reading A simple metadata server to run cloud images on standalone libvirt :: KVM Hypervisor

Book – Unintended Features

Hi everyone,

I have some exciting news to share with you. I’ve been working on a book lately together with Russ White. It’s called Unintended Features – Thoughts on thinking and life as a network engineer. The book is partly based on blog post we have written in the past but also some unique content for the book. The outline of the book is as follows:

So you’ve decided you want to be a network engineer—or you’re already you a network engineer, and you want to be a better engineer, to rise to the top, to be among the best, to… Well, you get the idea. The question is, how do you get from where you are now to where you want to be? This short volume is designed to answer just that question.

This book tries to teach concepts not found in other writings such as thinking more about architecture and seeing patterns in technology and how to stay current in the networking industry. With the rapid pace of the networking industry it seems like we are sipping from the fire hose. How can we prevent this? Isn’t every new technology pretty much an old one with some new Continue reading

New Satana ransomware encrypts user files and master boot record

Attackers are developing an aggressive new ransomware program for Windows machines that encrypts user files as well as the computer's master boot record (MBR), leaving devices unable to load the OS.The program is dubbed Satana -- meaning "Satan" in Italian and Romanian -- and, according to researchers from security firm Malwarebytes, it is functional but still under development.Satana is the second ransomware threat affecting the MBR and seems inspired by another program, Petya, that appeared in March.To read this article in full or to leave a comment, please click here

New Satana ransomware encrypts user files and master boot record

Attackers are developing an aggressive new ransomware program for Windows machines that encrypts user files as well as the computer's master boot record (MBR), leaving devices unable to load the OS.The program is dubbed Satana -- meaning "Satan" in Italian and Romanian -- and, according to researchers from security firm Malwarebytes, it is functional but still under development.Satana is the second ransomware threat affecting the MBR and seems inspired by another program, Petya, that appeared in March.To read this article in full or to leave a comment, please click here

Firmware exploit can defeat new Windows security features on Lenovo ThinkPads

A newly released exploit can disable the write protection of critical firmware areas in Lenovo ThinkPads and possibly laptops from other vendors as well. Many new Windows security features, like Secure Boot, Virtual Secure Mode and Credential Guard, depend on the low-level firmware being locked down.The exploit, dubbed ThinkPwn, was published earlier this week by a researcher named Dmytro Oleksiuk, who did not share it with Lenovo in advance. This makes it a zero-day exploit -- an exploit for which there is no patch available at the time of its disclosure.ThinkPwn targets a privilege escalation flaw in a Unified Extensible Firmware Interface (UEFI) driver, allowing an attacker to remove the flash write protection and to execute rogue code in the SMM (System Management Mode), a privileged operating mode of the CPU.To read this article in full or to leave a comment, please click here

Firmware exploit can defeat new Windows security features on Lenovo ThinkPads

A newly released exploit can disable the write protection of critical firmware areas in Lenovo ThinkPads and possibly laptops from other vendors as well. Many new Windows security features, like Secure Boot, Virtual Secure Mode and Credential Guard, depend on the low-level firmware being locked down.The exploit, dubbed ThinkPwn, was published earlier this week by a researcher named Dmytro Oleksiuk, who did not share it with Lenovo in advance. This makes it a zero-day exploit -- an exploit for which there is no patch available at the time of its disclosure.ThinkPwn targets a privilege escalation flaw in a Unified Extensible Firmware Interface (UEFI) driver, allowing an attacker to remove the flash write protection and to execute rogue code in the SMM (System Management Mode), a privileged operating mode of the CPU.To read this article in full or to leave a comment, please click here

Apple patents a smartphone camera kill switch

The advent of high-resolution video recording in smartphones has been a boon for fans looking for concert footage on YouTube, but the bands aren't so keen on their concerts appearing for free online before the show even ends.Of course, it also sucks to be at a concert and have your view blocked by the dozens of smartphones being held up to take pictures and video.So it seems Apple, which has been trying to cozy up to the music industry, has come up with a fix that sounds good on paper but has potential for misuse. It has been granted a patent, first filed in 2011 and refiled in 2014, that allows the iPhone camera to detect an infrared signal that will give instructions or information to the camera.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Cybersecurity: Stop the attacker’s offense, don’t do defense

Enterprises are fighting a cyber war against very sophisticated and highly organized adversaries. Yet companies still approach cybersecurity with a strictly defensive mindset. They operate under the belief that having the best defense will keep them safe from advanced adversaries. But attackers know how to break any defense, guaranteeing they’ll eventually infiltrate a company.Organizations need to approach security by thinking about how they can stop offense. How is this different from having a strong defense? When you’re stopping offense, you don’t stand on the sidelines waiting for an attacker to breach your network, hoping that the security measures you have in place will be enough to stop them.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Cybersecurity: Stop the attacker’s offense, don’t do defense

Enterprises are fighting a cyber war against very sophisticated and highly organized adversaries. Yet companies still approach cybersecurity with a strictly defensive mindset. They operate under the belief that having the best defense will keep them safe from advanced adversaries. But attackers know how to break any defense, guaranteeing they’ll eventually infiltrate a company.Organizations need to approach security by thinking about how they can stop offense. How is this different from having a strong defense? When you’re stopping offense, you don’t stand on the sidelines waiting for an attacker to breach your network, hoping that the security measures you have in place will be enough to stop them.To read this article in full or to leave a comment, please click here

Use Apache Spark? This tool can help you tap machine learning

Finding insight in oceans of data is one of enterprises' most pressing challenges, and increasingly AI is being brought in to help. Now, a new tool for Apache Spark aims to put machine learning within closer reach.Announced on Friday, Sparkling Water 2.0 is a major new update from H2O.ai that's designed to make it easier for companies using Spark to bring machine-learning algorithms into their analyses. It's essentially an API (application programming interface) that lets Spark users tap H2O's open-source artificial-intelligence platform instead of -- or alongside -- the algorithms included in Spark's own MLlib machine-learning library.To read this article in full or to leave a comment, please click here

Cato Networks offers a new model for network security as a service  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.   The advent of worker mobility and cloud computing have played havoc with the traditional network perimeter. At one time the perimeter was a well-established concept. All of our users, locations, data centers and applications were inside this zone protected by strong network security. That notion seems almost quaint today. With mobile users and data and applications in the cloud, the old perimeter has basically dissolved, leading to the development of entirely new security tools—secure web gateways, cloud access security brokers, enterprise mobility management, and so on. These new products and services augment the traditional network security stack of firewalls, anti-virus, email and web filtering, etc.To read this article in full or to leave a comment, please click here

1 2,873 2,874 2,875 2,876 2,877 3,867