Identity and access management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess. Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Identity and Access Management infrastructure is misaligned with security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter. The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete, so security policy enforcement decisions must be driven by identity attributes (i.e., user identity, role, device identity, location, etc.) rather than IP packet attributes. We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense. Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location. Unfortunately, there is a big problem here. The identity and access management (IAM) infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Identity and Access Management (IAM) Infrastructure is Misaligned with Security

Several CISOs I’ve spoken to over the past few years agree that identity is a new security perimeter.  The thought here is that a combination of mobile device and cloud use renders existing network perimeters obsolete so security policy enforcement decisions must be driven by identity attributes (i.e. user identity, role, device identity, location, etc.) rather than IP packet attributes.  We see this transition coming to fruition with the concept of a software-defined perimeter (SDP) and technologies such as Google BeyondCorp and Vidder PrecisionAccess.Yup, this makes sense.  Armed with identity attributes, organizations can make intelligent network access decisions on who gets access to which IT assets regardless of their location.  Unfortunately, there is a big problem here.  The IAM infrastructure was built organically over the last 10-15 years so it depends upon a morass of disconnected and fragile elements.  This situation greatly impacts security. To read this article in full or to leave a comment, please click here

Golang net package: UDP Client with Specific Source Port

Well you found it if you were looking for it. If you are using the Golang net package and need to set a specific source port for the UDP or TCP dial functions, then look no further. Why might you want to control your source port and not leave it to random selection in the range of 1024-65535? Some server software might be hardwired to listen to communications coming from a specific source port and might not respond to packets originating from any other source port on a client. With the IoT world growing rapidly, this issue bit me recently and I didn’t figure it out immediately. Maybe it’s my old school brain not being down with the kids. Who knows. Solved it in the end, so sharing here to help you!

It was late on a Saturday night

Pizza had been eaten. Pepsi was being consumed. A crazy Saturday evening one would say. Alas, a friend and I had decoded the communications of an IoT device and wanted to write some better client software. The software client happened to carry out discovery using a specific source port destined to the same port, then when the mode changed from discovery Continue reading

IDG Contributor Network: JFrog Xray provides application transparency

Applications today look different from how they looked only a few short years ago. Instead of generally monolithic architecture, modern applications take on a far more modular approach leveraging component third-party services, new ways to deploy and interactions with an increasing number of third-party systems and tools. All of this complexity makes it hard for developers, operations teams or a combination thereof to really see what is going on.For that reason, vendors are increasingly looking to offer visibility as a specific product. That is the case for JFrog, which today announced Xray, a tool that aims to deliver transparency across applications. JFrog offers software management and distribution tools. Given that it already helps organizations deploy applications and manage those applications, it is a natural progression to offer visibility across those apps.To read this article in full or to leave a comment, please click here

EIGRP Feasible Successor

One of the advantages of EIGRP Feasible Successor is that it speeds up the EIGRP. In fact, if there is a Feasible Successor in the EIGRP network, such network converges faster than OSPF or IS-IS. But what is EIGRP Feasible Successor and how can we find EIGRP Feasible Successor? Or, if there is EIGRP Feasible […]

The post EIGRP Feasible Successor appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

How Microsoft’s tricky new Windows 10 pop-up deceives you into upgrading

This morning, the unthinkable happened: My wife, an avowed PC user who long ago swore to never touch an Apple device, started shopping around for a Mac Mini. And it’s all thanks to Windows 10. Or rather, the nasty new way that Microsoft’s tricking Windows 7 and 8 users into automatically updating to Windows 10.I adore Windows 10, but I’ve long been a vocal critic of the heavy-handed tactics that Microsoft’s been using to force people into the upgrade, all to hit a goal of migrating 1 billion users to an operating system brimming with freemium services and ads. The annoying “Get Windows 10” pop-up began using deceiving malware-like tactics months ago, but it recently received an overhaul that seems purposefully designed to confuse users who have been wearily slogging through the nagging for half a year now.To read this article in full or to leave a comment, please click here

6 ways to add a second line to your smartphone

About a year ago I started a new business offering interactive "escape room" challenges in the Detroit area. Although I'd hoped to keep it strictly an online affair, with an informative website and simple ticketing system, it quickly became clear I'd need a phone line. Customers needed a way to reach me with questions, booking issues and so on.To read this article in full or to leave a comment, please click here(Insider Story)

7 programming languages we love to hate — but can’t live without

The well-meaning advice to not carry a grudge certainly didn’t come from anyone who’s wrestled with a computer for a living. Toil for anytime with the infernal logic of a programming language and you’ll know the horrors of the inky void where the worst bugs dwell.Sure, everyone loves a computer language when they first encounter it. And why wouldn’t we, with all those “hello world” examples that show how powerful the language can be in three lines of code. Programming languages are defined to be implicitly logical, but that doesn’t mean they spread logic everywhere they go. A pleasant barkeep may make the lives of everyone at the bar happier. A brave firefighter radiates bravery. But the logical mechanisms of programming languages often breed illogic, confusion, and doubt.To read this article in full or to leave a comment, please click here

Open source job market booming

Recruiting open source talent is a top priority for IT recruiters and hiring managers in 2016. According to the 2016 Open Source Jobs Report released today by IT hiring platform Dice.com and The Linux Foundation, 65 percent of hiring managers say open source hiring will increase more than any other part of their business over the next six months, and 79 percent of hiring managers have increased incentives to hold on to their current open source professionals.To read this article in full or to leave a comment, please click here

Recruiters increasingly rely on social media to find talent

When you decide to start looking for a new job, Twitter and Facebook might be the last places you'd expect to connect with recruiters. But that's quickly becoming the reality, as more recruiters turn to social media to find viable candidates to fill open job requisitions. Alexander Mann Solutions, a talent acquisition and management service; and Social Talent, a recruiting software and analytics company, released their 2016 Global Recruiting Survey, which shed light on how some recruiters use social media in their efforts.To read this article in full or to leave a comment, please click here

Lustre to DAOS: Machine Learning on Intel’s Platform

Training a machine learning algorithm to accurately solve complex problems requires large amounts of data. The previous article discussed how scalable distributed parallel computing using a high-performance communications fabric like Intel Omni-Path Architecture (Intel OPA) is an essential part of what makes the training of deep learning on large complex datasets tractable in both the data center and within the cloud. Preparing large unstructured data sets for machine learning can be as intensive a task as the training process – especially for the file-system and storage subsystem(s). Starting (and restarting) big data training jobs using tens of thousands of clients

Lustre to DAOS: Machine Learning on Intel’s Platform was written by Nicole Hemsoth at The Next Platform.

33% off Jaybird X2 Sport Wireless Bluetooth Headphones – Deal Alert

With a regular list price of $180, the current discount makes the Jaybird X2 Sport available for just $120. Features include: Premium Bluetooth Audio For Skip-Free Music Outdoors 8 Hours of Music + Calls With Complete Remote Controls Secure Over/Under-Ear Fit Options Lifetime Sweat proof Warranty Includes Comply Premium Sport Memory Foam Ear Tips, Patented Secure-Fit Ear Fins, Friction-Fit Silicone Sport Carrying Case, Silicone Ear Tips, Charging Cable & Cord Management Clips. Jump to Amazon now for additional details, and to explore buying options.To read this article in full or to leave a comment, please click here

Intelligent systems market to be worth $2.2 trillion in 2020

There’s an old canard that if you ask market researchers about the future of a specific new technology, they’ll pretty much always tell you that it will be a $10 billion market in 10 years. Given that anything from tinker toys to tater tots seems en route to being a $10 billion market, it makes sense to take optimistic market predictions with a hefty pile of salt. But when you hear numbers at the scale of the latest report from IDC concerning intelligent connected systems—sometimes known as the Internet of Things—you have to pay attention.Trillions, with a T That’s because we’re not talking billions, tens of billions, or even hundreds of billions of dollars. We’re talking trillions, with a “t.” More than $2.2 trillion in just four years, according to IDC's Worldwide Embedded and Intelligent Systems 2015-2020 Market Forecast. Now, that is real money!To read this article in full or to leave a comment, please click here

10 more pointless (but awesome) Linux terminal tricks

10 more pointless (but awesome) Linux terminal tricksOne year ago, I put together a list of my favorite “pointless but awesome” Linux terminal tricks—filled with such classics as making a cow talk with “cowsay” and rainbow-coloring your terminal with “lolcat.”  As was correctly pointed out to me at the time, there are a lot of ridiculous (but cool) things you can do in the terminal that didn’t make that list. So, here’s round two. You’re welcome. (Note: Some of these you will need to install using apt-get, zypper or whatever package manager your Linux distribution uses.)To read this article in full or to leave a comment, please click here

Software-defined networking touches every industry segment

There’s an inside joke in the software-defined networking industry that “SDN” stands for “still done nothing.” People say that because despite the tremendous hype around SDN, many customers remain confused about what it is, how to deploy it and what the benefits are. This is particularly true in the data center where the stakes are high and any kind of mistake can cost an organization millions of dollars.About 21 months ago, Cisco launched its Application Centric Infrastructure (ACI) solution and threw its hat in the SDN ring. In practicality, ACI is a much broader solution. It uses the principles of SDNs but deals with much more than the network.To read this article in full or to leave a comment, please click here

1 2,945 2,946 2,947 2,948 2,949 3,840