Network security vs. app security: What’s the difference, and why does it matter?

If you’re familiar with the film The NeverEnding Story, then you know that the goal of the hero, Atreyu, was to reach the boundaries of Fantasia. He’s disappointed to learn that Fantasia has no boundaries because it’s the land of human fantasy. In some ways, the land of Fantasia is like network security. Where once there existed a fortress around the perimeter of a land that needed to be protected, those boundaries have expanded, leaving security professionals scratching their heads trying to discern how best to protect the enterprise against invaders.The idea that time and resources should be invested in either network security or application security is misguided as both are equally as important to securing the enterprise. To read this article in full or to leave a comment, please click here

5 biggest cybersecurity concerns in 2016

Last year began and ended with a series of high-profile cybersecurity attacks, starting with the pilfering of 80 million Social Security records at health insurer Anthem and culminating with infiltrations at Starwood, Hilton and Hyatt hotel chains. Expect digital assaults, -- ranging from standard malware to more sophisticated, clandestine entries -- to continue on leading corporate brands in 2016, according to Raytheon's Websense business. The cybersecurity software maker, which analyzed threat data from 22,000 customers in 155 countries, says hackers will conjure attacks that target emerging technologies, such as mobile payments and top-level domains.To read this article in full or to leave a comment, please click here

Think Global, Peer Local. Peer with CloudFlare at 100 Internet Exchange Points

Internet Exchange Points (IXPs) or Network Access Points (NAPs) facilities are where networks meet, participating in what's known as peering, which interconnects various parts of the global Internet.

At CloudFlare we are dedicated to peering. So much so that we just joined our 100th Internet Exchange point!

Image courtesy of Martin Levy

What is peering?

According to Wikipedia:

“In computer networking, peering is a voluntary interconnection of administratively separate Internet networks for the purpose of exchanging traffic between the users of each network”

In reality this normally means a physical place where two different networks (they could be backbones, CDNs, mobile networks or broadband ISPs) connect their respective networks together to exchange traffic. Over the last fifteen years, there has been a major expansion in network interconnections, running parallel to the enormous expansion of the global Internet. This expansion includes new data centre facilities being developed to house network equipment. Some of those data centres have attracted massive numbers of networks, in no small part due to the thriving Internet Exchanges Points (both new and existing) that operate within them. London with the LINX and LONAP exchanges, Amsterdam with AMS-IX and NL-IX exchanges, Frankfurt with DE-CIX and ECIX exchanges Continue reading

WiFi HaLow Is Promising But Complicated

The Future Of Data Storage: Flash And Hybrid Cloud

New products of the week 1.18.2016

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Cloudmark TridentKey features: Cloudmark Trident combines threat intelligence, anomaly detection, context analysis and behavioral learning to intercept spear phishing attacks that evade current solutions. More info.To read this article in full or to leave a comment, please click here

Network Node Shutdown Is a Process, not an Event

In theory, you should shut down a network device with a well-defined procedure:

• Drain the traffic from the device;
• Verify the device is no longer forwarding traffic;
• Turn off the device.

In practice, network devices don’t have a shutdown command, and reload typically just restarts the network OS.

Multi-Machine Vagrant Environments with JSON

In this post I’d like to show you how to use a JSON-formatted data file to create and configure multi-machine Vagrant environments. This isn’t a new idea, and certainly not anything that I came up with or created. I’m simply presenting it here as an alternative option to the approach of using YAML with Vagrant for multi-machine environments (some people may prefer JSON over YAML).

If you’re unfamiliar with Vagrant, I’d start with my introduction to Vagrant. Then I’d recommend reviewing my original article on using YAML with Vagrant, followed by the updated/improved method that addresses a shortcoming with the original approach. These earlier posts will provide some basics that I’ll build on in this post.

To use a JSON-formatted data file as an external data source for Vagrant, the code in the Vagrantfile looks really similar to the code you’d use for YAML:

# -*- mode: ruby -*-
# # vi: set ft=ruby :
# Specify minimum Vagrant version and Vagrant API version
Vagrant.require_version '>= 1.6.0'
VAGRANTFILE_API_VERSION = '2'
# Require JSON module
require 'json'
# Read YAML file with box details
servers = JSON.parse(File.read(File.join(File.dirname Continue reading

Anyone could pull off a LostPass phishing attack to get all your LastPass passwords

Heads-up if you use LastPass as a security research released LostPass code on GitHub that bad guys could jump on immediately and an attack could be in the wild even now. In essence, if you use LastPass then you could be tricked into handing over the keys – or master password – to your digital kingdom.The LostPass attack works best in Chrome, but if you think you could spot the phishing then think again; Sean Cassidy, CTO of cloud-based cybersecurity firm Praesidio, warned that a user would not be able to tell a difference between a LastPass message displayed in the browser and the fake LostPass message since “it’s pixel-for-pixel the same notification and login screen.”To read this article in full or to leave a comment, please click here

My Cookie Tracking Gripes

I’ve noticed recently a lot of annoying ads following me around on the Internet. Not just showing up every so often in the browser side panel, but some embedded deep within the pages I’m viewing, making them very difficult to ignore. Often the ads are for something I’ve already bought or something I’ve decided not […]

The post My Cookie Tracking Gripes appeared first on Packet Pushers.

My Cookie Tracking Gripes

I’ve noticed recently a lot of annoying ads following me around on the Internet. Not just showing up every so often in the browser side panel, but some embedded deep within the pages I’m viewing, making them very difficult to ignore. Often the ads are for something I’ve already bought or something I’ve decided not […]

The post My Cookie Tracking Gripes appeared first on Packet Pushers.

Feedback Needed! SDxCentral Mailing List – Pilot Program

Subscribers MUST READ: New email pilot program to improve our news delivery to you--important changes to delivery schedule. Give us your feedback!

LastPass phishing attack could have scooped up passwords

A relatively simple phishing attack could be used to compromise the widely used password manager LastPass, according to new research. Notifications displayed by LastPass version 4.0 in a browser window can be spoofed, tricking people into divulging their login credentials and even snatching a one-time passcode, according to Sean Cassidy, who gave a presentation at the Shmoocon conference on Saturday. Cassidy, who is CTO of Praesido Inc., notified LastPass of the issues. In a blog post, LastPass said it has made improvements that should make such an attack harder to pull off without a user knowing.To read this article in full or to leave a comment, please click here

Building an OpenStack home lab – The Lab

I’ve recently started to play around with OpenStack and decided the best way to do so would be in my home lab.  During my first attempt, I ran into quite a couple of hiccups that I thought were worth documenting.  In this post, I want to talk about the prep work I needed to do before I began the OpenStack install.

For the initial build, I wanted something simple so I opted for a 3 node build.  The logical topology looks like this…

The physical topology looks like this…

It’s one of my home lab boxes.  A 1u Supermicro with 8 gigs of RAM and a 4 core Intel Xeon (X3210) processor.  The hard drive is relatively tiny as well coming in at 200 gig.  To run all of the OpenStack nodes on 1 server, I needed a virtualization layer so I chose ProxMox (KVM) for this.

However, running a virtualized OpenStack environment presented some interesting challenges that I didn’t fully appreciate until I was almost done with the first build…

Nested Virtualization
You’re running a virtualization platform on a virtualized platform.  While this doesn’t seem like a huge deal in a home Continue reading

Some notes C in 2016

REST for Network Engineers Part 3 – Advanced Operations With UnetLab

In this post we’ll look at how to create arbitrary topologies and push configuration to Nodes in UNetlab via REST SDK. We’ll conclude by extending our sample application to create and configure a 3-node topology and enable full connectivity between all nodes.

The Schelling Game

FidSafe: A cloud service for important documents (and the price is right)

FidSafe is a new online repository for storing digital copies of your important documents such as wills, bank statements, tax returns, etc., so that “the critical files you need are available to you and your family whenever and wherever you need them, even after you’re gone.” And by “gone”  XTRAC LLC (a Fidelity Investments company), that offers FidSafe doesn’t mean that you’ve just popped out to get ice cream, they mean “gone” as in having joined the choir invisible.To read this article in full or to leave a comment, please click here

ETSI Corrals Other NFV Groups to Sync Their Work

NFV groups need to talk, says ETSI.

SDxCentral Weekly News Roundup — January 15, 2016

AT&T picks Ubuntu; Microsoft Azure slashes prices; OpenDaylight opens internships.