The 3 fixes needed to get the network ready for the IoT revolution

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.

Cisco estimates 50 billion devices and objects will be connected to the Internet by 2020. And that estimate may be low. If consumers count every device that draws power in their home – lamps, light bulbs, kitchen gadgets – and then factor in objects at work, there may be many more billions of connected devices by then.

But the problem is, many traditional networks are still manual, static and complex, which isn’t ideal for IoT.  To realize the promise of a hyper-connected future, three shifts must take place.

To read this article in full or to leave a comment, please click here

How the Agile Manifesto can apply to the database

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

In 2001, a bunch of people got together and wrote a manifesto on Agile software. There were two main factors that made the output suspect. First, the fact that they even called it a manifesto. Second, the manifesto had nothing to do with software. It talked about values.

For those in need of a refresher, here’s the “Manifesto for Agile Software Development:”

We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value:
-- Individuals and interactions over processes and tools
-- Working software over comprehensive documentation
-- Customer collaboration over contract negotiation
-- Responding to change over following a plan --
That is, while there is value in the items on the right, we value the items on the left more.

Somewhere along the line, we started doing daily standups, two-week sprints, maybe a little pair programming here and there. Since then our software output and productivity have sky-rocketed. Remember when we used to have an end-of-project company bug hunt? How about the integration Continue reading

Legislation seeks independent commission on security and technology

Bipartisan legislation introduced in Congress on Monday calls for creating an independent, 16-member national commission on security and technology challenges.Including its two House and Senate sponsors, the legislation has eight co-sponsors in the Senate and 16 in the House. Sen. Mark Warner (D-Va.), a member of the Senate Intelligence Committee, and House Homeland Security Chairman Michael McCaul (R-Tex.) are the principle sponsors.The commission would have two members drawn from each of the following fields: cryptography, global commerce and economics, federal law enforcement, state and local law enforcement, consumer-facing technology, enterprise technology, the intelligence community and the privacy and civil liberties community.To read this article in full or to leave a comment, please click here

Cisco Launches Hyperconverged Platform & Acquires Cloud Orchestration Startup

It's a busy day for Cisco as it launches HyperFlex, a hyperconverged infrastructure (HCI) appliance family; and announces the acquisition of CliQr Technologies, a startup that aims to make it easier to run applications across multiple cloud environments.

The post Cisco Launches Hyperconverged Platform & Acquires Cloud Orchestration Startup appeared first on Packet Pushers.

Cisco Launches Hyperconverged Platform & Acquires Cloud Orchestration Startup

It's a busy day for Cisco as it launches HyperFlex, a hyperconverged infrastructure (HCI) appliance family; and announces the acquisition of CliQr Technologies, a startup that aims to make it easier to run applications across multiple cloud environments.

The post Cisco Launches Hyperconverged Platform & Acquires Cloud Orchestration Startup appeared first on Packet Pushers.

IRS warns of nasty W-2 phishing scheme

The Internal Revenue Service has issued its second major warning about tax scams in a little over a month– this one involving a phishing email scheme that look a like a message from company executive requesting personal information from employees.The IRS said the scheme has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information to cybercriminals posing as company executives.+More on Network World: Yikes! 10,000 IRS impersonation scam calls are placed every week+To read this article in full or to leave a comment, please click here

FBI director admits mistake was made with San Bernardino iCloud reset

The director of the Federal Bureau of Investigation has conceded it was a mistake to ask San Bernardino County to reset the password of an iCloud account that had been used by gunman Syed Farook. Changing the password to the account prevented the phone from making a backup to an iCloud account, which Apple could have accessed without bypassing the encryption and security settings on the phone. "As I understand it from the experts, there was a mistake made in that 24 hours after the attack where the county, at the FBI’s request, took steps that made it impossible later to cause the phone to backup again to the iCloud," James Comey told the House Committee on the Judiciary in Washington, D.C., on Tuesday.To read this article in full or to leave a comment, please click here

CCDE – BGP Confederations

Introduction

BGP Confederations are one of two tools a network designer has to work around the full mesh requirement of iBGP. BGP confederations are defined in RFC 5065 which obsoletes RFC 3065. This is how the RFC defines BGP confederations:

This document describes an extension to BGP that may be used
to create a confederation of autonomous systems that is
represented as a single autonomous system to BGP peers
external to the confederation, thereby removing the “full mesh”
requirement. The intention of this extension is to aid in
policy administration and reduce the management complexity
of maintaining a large autonomous system.

The other option to work around the full mesh requirement is of course route reflection.

BGP Confederation Operation and Use Case

BGP confederations work by having several sub AS or member AS that are used internally to divide the BGP domain. From the outside they all look like they are the same AS though. By breaking up the BGP domain, there will be less iBGP peerings which makes the full mesh requirements easier to handle. Do note though that it’s entirely possible to use route reflection within a member AS to combine the two technologies.

BGP confederations made a Continue reading

Review: 5 application security testing tools compared

Application security is arguably the biggest cyber threat, responsible for 90 percent of security incidents, according to the Department of Homeland Security. Yet it suffers from not-my-job syndrome, or, as SANS put it in its 2015 State of Application Security report, "Many information security engineers don’t understand software development — and most software developers don’t understand security."To read this article in full or to leave a comment, please click here(Insider Story)

As encryption debate rages, inventors of public key encryption win prestigious Turing Award

The inventors of public key cryptography have won the 2015 Turing Award, just as a contentious debate kicks off in Washington over how much protection encryption should really provide. The Association for Computing Machinery announced Tuesday that Whitfield Diffie and Martin Hellman received the ACM Turing Award for their contributions to cryptography. The two are credited with the invention of public key cryptography, which is widely used to scramble data so it can be sent securely between users and websites, and to protect information on devices like smartphones and computer hard drives. “The ability for two parties to communicate privately over a secure channel is fundamental for billions of people around the world,” ACM said in a statement.To read this article in full or to leave a comment, please click here

Crypto dream team Diffie & Hellman wins $1M “Nobel Prize of Computing”

Whitfield Diffie and Martin Hellman, whose names have been linked since their seminal paper introduced the concepts of public key encryption and digital signatures some 40 years ago, have been named winners of the 2015 ACM A.M. Turing Award (a.k.a., the "Nobel Prize of Computing").The work of MIT grad Diffie, formerly chief security officer of Sun Microsystems, and Hellman, professor emeritus of electrical engineering at Stanford University, has had a huge impact on the secure exchange of information across the Internet, the cloud and email. ACM Whitfield Diffie and Martin Hellman The annual Association for Computing Machinery prize carries a $1 million prize, with financial support from Google. Past winners have included the likes of Internet pioneer Vinton Cerf, database visionary Michael Stonebraker and recently deceased AI innovator Marvin Minsky.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Cyberattacks beginning to affect mobile service too, study says

Distributed Denial of Service (DDoS) attacks are beginning to show up as a cause of mobile phone outages, according to respondents of a survey.The Spirient-commissioned report surveyed 54 global Mobile Network Operators (MNO), polling them on their experiences with outages and service degradations. It found that DDoS attacks showed up for the first time in this year’s report. For comparison, cyberattacks didn’t surface at all the last time researcher Heavy Reading conducted the survey for Spirient in 2013.Spirient is a test and service management firm for MNOs.To read this article in full or to leave a comment, please click here

Security ‘net: Internet of Things and iPhones edition

One of my college professors has suggested that the question of whether or not Apple should help the FBI break the encryption on the iPhone used by a terrorist is an ideal diagnostic question for your view of all things privacy. There are, of course, gray area answers, like “Apple should help the FBI break the encryption in this case, but not others.” The problem is, of course, that this isn’t the simple answer it might seem. First, there are motives behind the apparent motives. Many people see Apple as just “doing what’s right to save the world.” I don’t see it that way at all. Given I’m a bit cynical (who would have guessed), I see two motives from Apple’s point of view.

First, Apple is trying to protect a marketing stance. They’ve as much as admitted this in court documents and the implied threat of suing the U.S. Government for loss of revenue if they’re forced to build a version of their O/S that will allow the FBI to break the encryption. Just Security notes—

There are other interests at stake here too. Apple has a liberty interest in not being dragooned into writing forensic Continue reading