NetworkingNexus.net

Securing BGP: A Case Study (9)

There are a number of systems that have been proposed to validate (or secure) the path in BGP. To finish off this series on BGP as a case study, I only want to look at three of them. At some point in the future, I will probably write a couple of posts on what actually seems to be making it to some sort of deployment stage, but for now I just want to compare various proposals against the requirements outlined in the last post on this topic (you can find that post here). securing-bgp

The first of these systems is BGPSEC—or as it was known before it was called BGPSEC, S-BGP. I’m not going to spend a lot of time explaining how S-BGP works, as I’ve written a series of posts over at Packet Pushers on this very topic:

Part 1: Basic Operation
Part 2: Protections Offered
Part 3: Replays, Timers, and Performance
Part 4: Signatures and Performance
Part 5: Leaks

Considering S-BGP against the requirements:

Centralized versus decentralized balance:S-BGP distributes path validation information throughout the internetwork, as this information is actually contained in a new attribute carried with route advertisements. Authorization and authentication are implicitly centralized, however, with the Continue reading

Yes, a weasel knocked out the Large Hadron Collider … but, no, a weasel is not a rodent

The worst part of this mistake – other than the pain caused to innocent weasels – is that it should have been avoided, at least here. After all, as I was typing last Friday’s post about an electrocution-sparked electrical outage at the Large Hadron Collider (LHC) the question did occur to me: Is a weasel actually a rodent, as I am about to allege?Unfortunately, I failed to act upon that inquisitive impulse and the answer to the question is no, a weasel is not a rodent. And I am hearing about it from those who know better.To read this article in full or to leave a comment, please click here

Yes, a weasel knocked out the Large Hadron Collider … but, no, a weasel is not a rodent

Microsoft to begin SHA-1 crypto shutoff with Windows 10’s summer upgrade

Microsoft last week outlined the timetable it will use to drop browser support for sites that secure traffic with SHA-1 certificates, part of an Internet-wide plan to rid the Internet of the weaker encryption.With the delivery of the Windows 10 Anniversary Update -- slated to ship sometime this summer -- both Internet Explorer (IE) and Edge will stop displaying a lock icon for sites that reply on a SHA-1 certificate. That icon signals that the bits back and forth between browser and website are encrypted, and so not vulnerable to spying.To read this article in full or to leave a comment, please click here

Microsoft to begin SHA-1 crypto shutoff with Windows 10’s summer upgrade

Brocade Braces for a Disappointing Q2, Citing IP Headwinds

The macro storm is far from over.

Match security plans to your company’s ‘risk appetite’

This report from the CIO Executive Council (CEC), based on a webcast featuring Scott Angelo, CIO at K&L Gates, and Mike Plantinga, CIO at CIBC Mellon, explores CIO-level strategies for dealing with cybersecurity threats – before and after a data breach.One step the report recommends is developing a “risk appetite statement” that identifies how much the organization is willing to spend on certain security threats.The report also encourages CIOs to develop a plan for how to communicate with various stakeholders, such as the board of directors and outsiders, in case of a data breach.To learn more, download the free report, which includes a link to the full CEC webcast.To read this article in full or to leave a comment, please click here(Insider Story)

Match security plans to your company’s ‘risk appetite’

Stronger protection and more control over security settings with CloudFlare’s new cPanel plugin

CloudFlare has released a new version of our plugin for cPanel with two new features and more control over the security settings of your website.

The new plugin (v6.0) uses the latest cPanel PHP-based APIs, and is completely re-architected to make adding new features easier, allowing for more frequent updates.

We’ve always focused on making integration with CloudFlare as easy as possible. As a customer of one of our hosting partners you can quickly start using CloudFlare features and routing your website traffic through CloudFlare’s global network by clicking on the CloudFlare icon from your cPanel interface.

New features offering stronger protection

Add domains to CloudFlare through Full Zone Provisioning. A huge benefit of Full Zone Provisioning is that it enables all of CloudFlare’s protection, including DDoS mitigation, at the root domain (yourdomain.com) as well the subdomain (www.yourdomain.com).

If your website is experiencing Layer 7 DDoS attacks, you can now click on the 'Enable “I'm under attack" mode ’ button to filter out malicious traffic while allowing legitimate visitors to reach your site. When this is in place, visitors will receive a temporary page for about five seconds while we analyze the traffic to make Continue reading

Where have all the MacBooks gone at Linux conferences?

Back in 2007, I went to O’Reilly Open Source Conference (OSCON). That particular year Canonical had a mini-summit, which happened in the two days before OSCON, called Ubuntu Live.I honestly don't remember much about any of the sessions I attended all those years ago. But one memory stands out like a spotlight pointed straight at my face: almost every single laptop I saw in use at Ubuntu Live was a MacBook.Nearly every single one. Row after row of little glowing Apple logos filling every conference room. And this was at Ubuntu's first big conference—a conference filled to the brim with Linux (and Ubuntu) developers and power users.We're not talking Apple hardware running Linux, either. I made a point of asking people what they were running (or just glancing at the screens as I walked by). Were a few running Linux? Yes. A few. But the majority were running Mac OS X. The vast majority. To read this article in full or to leave a comment, please click here

The Uptake Of Broadwell Xeons Begins

Servers are still monolithic pieces of machinery and the kind of disaggregated and composable infrastructure that will eventually be the norm in the datacenter is still many years into the future. And that means organizations have to time their upgrade cycles for their clusters in a manner that is mindful of processor launches from their vendors.

With Intel dominating the server these days, its Xeon processor release dates are arguably the dominant component of the overall server cycle. But even taking this into account, there is a steady beat of demand for more computing in the datacenters of the world …

The Uptake Of Broadwell Xeons Begins was written by Timothy Prickett Morgan at The Next Platform.

Interop at 30: New technology, new missions

The Interop conference convening this week will be a far cry from the gathering of a small group of technology pioneers who sought interoperability among Internet devices 30 years ago.Then, the 1986 invitation-only TCP/IP Interoperability Conference drew representatives from 65 tech companies.The 30th version running this week in Las Vegas features a trade show with more than 160 vendors displaying their wares and where its interoperability mission ventures far outside the show’s signature InteropNet Demo Lab. This year it is focused on promoting interoperability among Internet of Things devices, a category of gear unheard of that first year.To read this article in full or to leave a comment, please click here

Interop at 30: New technology, new missions

Docker at EMC World 2016

It’s the time again, this week EMC will welcome thousands of its customers and partners for EMC World 2016 in Las Vegas. Come visit Docker with the EMC {code} team in booth #1044 to learn about Docker is transforming modern … Continued

Microsoft Flow allows apps to all work together

Microsoft has tried in the past to make apps communicate, like with Object Linking and Embedding (OLE) in the 1990s. It worked, but in a limited fashion, allowing for linking data between Word and Excel. But if you wanted to share data from non-Microsoft apps, you were out of luck.Now, however, Microsoft has come out with a service (it's not right to call it an app) called Flow, which brings the If This Then That (IFTTT) functionality of the Web to desktop apps. IFTTT is a feature for Web services that generates actions based on conditions. It's how Twitter informs you when someone follows you, likes your tweet or responds to your tweet, for example.To read this article in full or to leave a comment, please click here

IDG Contributor Network: OVH—The biggest cloud vendor no one has heard of

At the OpenStack Summit in Austin recently, one of the companies invited to keynote on the first day was a cloud, hosting and services vendor from France, OVH. Like most of the people in the room, the name OVH raised my eyebrows. I've been covering the cloud world since it existed, and I'd never come across the company. Maybe they were a new startup or something?It turns out that, far from being a new startup, OVH is a mature and expansive vendor. It's just that they're primarily involved in Europe in general, and France in particular. That looks set to change, however, and I took the opportunity to sit down with Pascal Jaillon from OVH to hear what the company is up to. The OVH product line spans traditional hosting, hosted Microsoft Exchange, domain name provisioning, and, of course, cloud.To read this article in full or to leave a comment, please click here

EMC World kicks off with cloud backup and cheaper flash arrays

EMC is going back to basics -- but for a new generation of users -- on the first day of EMC World on Monday.This year’s annual user conference will be the last for EMC as an independent company, assuming Dell's pending US$67 billion acquisition goes through later this year as planned. Michael Dell will join EMC's Chairman and CEO on stage during the Monday keynote session.But EMC’s core storage business is likely to stay much the same in the short term, because it complements Dell, said Enterprise Strategy Group analyst Mark Peters.To read this article in full or to leave a comment, please click here

Gone Fishin’

Well, not exactly Fishin', but I'll be on a month long vacation starting today. I won't be posting (much) new content, so we'll all have a break. Disappointing, I know. Please use this time for quiet contemplation and other inappropriate activities. See you on down the road...

SDxCentral’s Top 10 Articles — April 2016

Verizon’s SDN-NFV Reference Architecture document, OpenStack's latest code release, VMware & Brocade hired by SmartSky, and more.

The Rise of Threat Intelligence Gateways

According to ESG research, enterprise organizations continue to invest in all types of threat intelligence (note: I am an ESG employee). For example, 60% of organizations have had a threat intelligence program in place for more than 2 years, 69% consume 6 or more open source or commercial threat intelligence feeds as part of cybersecurity analytics efforts, and 72% of enterprises plan on increasing spending on their threat intelligence programs over the next 12 to 18 months.Why is threat intelligence gaining momentum? Security professionals know that since they can’t block every conceivable cyber-attack, they need to collect, process, and analyze all types of internal and external security data to improve their incident detection and response capabilities. Many also want to use threat intelligence more proactively for threat prevention. In fact, 36% of enterprise cybersecurity professionals say that their organizations intend to use threat intelligence feeds to automate remediation actions over the next 24 months.To read this article in full or to leave a comment, please click here

« Previous 1 … 3,010 3,011 3,012 3,013 3,014 … 3,853 Next »