How to audit external service providers

News of or firsthand experience with breaches that attackers managed to achieve using external service providers such as POS vendors reminds enterprises that the federated enterprise makes a bulletproof perimeter no longer possible.Failure to audit your providers is like neglecting to audit your internal enterprise, culminating in similar ramifications. In both cases, you can’t close holes you don’t know exist. But knowing what to audit can be the lion’s share of how to get it done right.In this fourth installment of a five part series designed to harden and remove vulnerabilities in incident response itself, CSO tips you off on what to audit inside those who conduct trade so closely with you and what resources to use.To read this article in full or to leave a comment, please click here(Insider Story)

IOS For iOS – New Cisco App Brings Network Control To iPhone

This morning Cisco announced the release of a groundbreaking new product offering complete control of a Cisco-based enterprise network using Apple’s iPhone™ platform. IOS For iOS, or IFi® (pronounced eye-Fie, kind of like WiFi but without the W) will be available in the App Store in July 2016. Cisco have described the app as bringing Cellphone Defined Networking (CDN) to busy network engineers and administrators.

Cisco Logo

What Is IOS For iOS?

The basic idea is to offer real time telemetry and full remote automation of the network so that engineers can make critical changes anywhere and anytime, reducing Mean Time To Restore (MTTR) and increasing employee satisfaction. The system requires at least one companion server to be located in a data center to perform management and automation functions on the user’s behalf. The other component of course is the app itself, which connects to the companion server as needed.

My main initial criticisms of the app are that it requires a massive 23GB (you read that correctly!) of storage on your iPhone, and–due to the screen estate needs and the CPU required for the app to run at a reasonable speed–it is only recommended for use on the iPhone Continue reading

Automating Security Group and Policy Creation with NSX REST API

As we’ve seen in many of the prior posts, VMware NSX is a powerful platform decoupling networking services from physical infrastructure. NSX effectively enables logical networking and security within a virtualized environment; this brings many of the same benefits we’re familiar with gaining from server virtualization such as flexibility, faster provisioning, better utilization of hardware, cost savings, decreased downtime, etc. One of the major benefits of the software approach that NSX brings is the ability to automate easily via REST API. In this post, we’ll take a look at a simple yet realistic use case focused around security where automation can help. Continue reading

FBI is cracking an iPhone in an Arkansas murder case

Now that it has found a way to do so for its own purposes in a California terrorism case, the FBI is helping Arkansas prosecutors break into an iPhone and iPad.This time it’s to look for evidence in a murder trial, and it’s without asking Apple for help to crack the iOS devices. Instead prosecutors in Faulkner County, Ark., asked the FBI to take a shot at it, given its recent success breaking into the phone used by a terrorist in San Bernardino, Calif., according to the Associated Press.The FBI is also helping break into an iPod related to the case, the AP says.To read this article in full or to leave a comment, please click here

The Ultimate Network Security Tool: NetSlicer

Take the direct approach to thwarting cybercriminals. Today is a great day to start.

IDG Contributor Network: Grow lunar-based solar panels to eliminate fossil-fuel reliance, says kid

Nearly 200 countries signed the fossil fuel ramp-down agreement in Paris at the end of last year. New goals are now in place to end the use of fossil fuels worldwide. No more global warming could be in the cards.Sounds good, right? Well it probably is, but there’s a slight problem: Just how are we going to power our smartphones, homes, factories, and Internets without coal and gas? That’s a lot of solar panels and windfarms needed—and needed quickly.One high school kid reckons he’s got the answer, reported Popular Science magazine a few weeks ago: Just stick a bunch of solar panels on the moon and beam the power back down to Earth by microwave.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Grow lunar-based solar panels to eliminate fossil-fuel reliance, says kid

Sounds good, right? Well it probably is, but there’s a slight problem: Just how are we going to power our smartphones, homes, factories, and Internets without coal and gas? That’s a lot of solar panels and windfarms needed—and needed quickly.

One high school kid reckons he’s got the answer, reported Popular Science magazine a few weeks ago: Just stick a bunch of solar panels on the moon and beam the power back down to Earth by microwave.

To read this article in full or to leave a comment, please click here

Linux Foundation, ETSI & AT&T Combine Their Open Source Groups

Nothosauraus promises to be an open source heavyweight.

Noction releases IRP 3.4 featuring Inbound Commit Control

The post Noction releases IRP 3.4 featuring Inbound Commit Control appeared first on Noction.

Palo Alto Integration with Cisco ACI and OpenStack on Software Gone Wild

A while ago Christer Swartz explained how a Palo Alto firewall integrates with VMware NSX. In the meantime, Palo Alto announced integration with Cisco ACI and OpenStack, and it was time for another podcast with Christer deep-diving into the technical details of these integrations.

Spoiler: It’s not OpFlex. For more details, listen to Episode 53 of Software Gone Wild

Listen to the podcast

Reddit’s removal of ‘warrant canary’ could hint at US demand for its user data

Reddit has removed a notice, known as a warrant canary, from its transparency report for 2015, suggesting that it may have received a secret national security order for user data.The removal of the warrant canary is a reminder to users that their online communications could be the target of investigators.The most controversial of the orders is the National Security Letter, which gives the government the authority to compel the production of customer records held by telephone companies, Internet service providers and other electronic communications service providers.Companies, who have been asked for user data by the government, are usually served the requests under a “gag order” that prohibits them from disclosing the request for data.To read this article in full or to leave a comment, please click here

Building Web front end for Python scripts with Flask

Recently I revived my relationship with Python in an effort to beat routine tasks appearing here and there. So I started to write some pocket scripts and, luckily, was not the only one on this battlefield – my colleagues also have a bunch of useful scripts. With all those pieces of code sent in email, cloned from repos, grabbed on network shares

CloudFlare aims to block fewer legitimate Tor users

CloudFlare is tweaking its systems to make it easier for legitimate Tor users to access websites that use its network to deliver content.Tor users have complained that CloudFlare-powered websites too frequently display CAPTCHAs, a security gate designed to stop automated web bots and abuse. CAPTCHAs are the squiggly text or puzzles you have to solve to prove you're a real human.The problem is that many computers employing Tor are engaged in abusive activity, resulting in CloudFlare displaying CAPTCHAs when it detects a computer using the Tor network.Legitimate Tor users thus have a poor browsing experience given the wide use of CloudFlare's CDN.To read this article in full or to leave a comment, please click here

Carriers Do Care About MEF’s Lifecycle Service Orchestration

It’s all about on-demand Ethernet services.

What’s New at DockerCon 2016

Each year, our goal for DockerCon is to deliver the best and most unique Docker event experience possible for the Docker community. Each year, we face new challenges on how to improve on the previous DockerCon. We spend many hours … Continued

‘No viruses! Honest!’

These "free USB sticks" were left for the taking in our break room here at Network World headquarters.And, even though I’m reasonably certain I know who left them, there’s no way I’m falling for the old “No viruses! Honest!” trick. To read this article in full or to leave a comment, please click here

FCC votes for strict new broadband privacy rules

The U.S. Federal Communications Commission has taken a major step toward new regulations requiring ISPs to get customer permission before using or sharing their Web-surfing history and other personal information.The FCC voted 3-2 Thursday to approve a notice of proposed rule-making, or NPRM, the first step toward passing new regulations, over the objections of the commission's two Republicans.The proposed rules, which will now be released for public comment, require ISPs to get opt-in permission from customers if they want to use their personal information for most reasons besides marketing their own products.To read this article in full or to leave a comment, please click here

The YANG Model Coordination Group has been spending time on the inventory of those YANG models in the industry, the tooling aspects, the help with the compilation, the training & education (NETCONF, YANG, pyang), the coordination across SDOs/opensource, the model coordination with the IETF. On the tooling front, the YANG model extraction and compilation is now integrated in the IETF draft submission tool, thanks to Henrik Levkowetz. So no more excuses for producing YANG models that don’t compile. -via the IETF blog