The Unspoken Benefits of Open Networking

I have noticed a lot of very premature dismissal of a growing trend in the networking industry, which is the rise of open network operating systems. Nearly every post-announcement discussion that I hear among peers tends to sound something like this:

I am not Facebook or Google. I don’t want to install third-party software on my switches, so this “open networking” movement is not relevant to me or my organization.

I believe this sentiment is based on an incomplete understanding of all of the benefits of open networking. I’d like to bring up some additional points that aren’t being discussed as much as others, as it pertains to open network operating systems. I believe these additional benefits apply to a very large spectrum of organizations, not just the top 1% webscale companies.

This is not to say that closed-source operating systems do not have a place anymore, or that the current participants in the open networking ecosystem are perfect, or that we have anything but a long road ahead of us in this journey…my point in writing this post is simply to illuminate parts of the conversation that deserve more attention.

We discussed open operating systems in a recent video-enabled Continue reading

IDG Contributor Network: Employee data often isn’t encrypted as well as customer data, report says

Employee bank records are among the sensitive details that companies are failing to protect adequately through encryption, a recent study has uncovered. While enterprises now take customer data protection seriously, in many cases they're ignoring their workers' needs for security, according to encryption product vendor Sophos.Not always doing it Sophos says that it found almost half (47%) of the companies it surveyed had owned-up to not always encrypting employee healthcare information when it stored that data. And close to that number (43%) failed to always encrypt workers' Human Resources employee files.To read this article in full or to leave a comment, please click here

Juniper acquires packet optical company

Juniper Networks this week entered into a definitive agreement to acquire BTI Systems, a provider of cloud and metro networking systems and software to content, cloud and service providers.Terms of the acquisition were not disclosed.BTI will allow Juniper to accelerate delivery of packet optical transport systems for the data center interconnect and metro optical networking markets. The BTI products will be integrated with Juniper’s NorthStar Controller and network management features to enable end-to-end provisioning of services, said Jonathan Davidson, executive vice president and general manager, Juniper Development and Innovation, in this blog post.To read this article in full or to leave a comment, please click here

All your old-tech passwords belong to us, for just $17

Today's lesson on how the cloud can work against you, as well as for you, is about your passwords and keys, and how they're becoming useless. I've stolen a link from Mark Gibbs to help.Let's say you've been letting older security encryption methods live out their life in the pastures of your data center. CloudCracker, using massively-induced dictionary attacks, can make mincemeat from a frightening number of password key-exchange seeds.For just $17 per, CloudCracker can conveniently crack the following password seeds: WPA/WPA2, NTLM, SHA-512, MD5s, and/or MS-CHAPv2. No tears, please. And yes, cracked like an egg, a $17 egg. Certainly no one would abuse such a service, would they?To read this article in full or to leave a comment, please click here

Health insurer loses 6 hard-disk drives with records of 95,000 customers

Health insurer Centene Corp. said six hard disk drives with personal health information on 95,000 of its customers have gone missing."While we don't believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives," Centene CEO Michael Neidorff said in a statement.Centene, a Fortune 500 company that reported $16 billion in revenue in 2014, operates health plans for 2.9 million members in 21 states.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords The hard drives contained the personal health information of customers who received laboratory services from 2009 to 2015. The personal information on its customers includes their name, address, date of birth, Social Security number, member ID number and health information.To read this article in full or to leave a comment, please click here

Recap: Docker at SCALE 14x

SCALE 14x in Pasadena was a blast! With the exciting Unikernels announcement and Docker LA Meetup along with talks and workshops at the conference, there was a lot of buzz around Docker last week. Check out the slides and videos … Continued

11 cloud trends that will dominate 2016

Along with social, mobile and analytics, cloud technologies and models have earned a place as one of the core disruptors of the digital age. And while the cloud market has matured over the years, its interaction with the rapidly growing data and analytics landscape suggests there are plenty more disruptive opportunities for cloud in 2016. As 2016 gets underway, five insiders share their predictions for what 2016 holds in store for the cloud.[ Related: It’s a hybrid cloud world, and we’re all just living in it ]To read this article in full or to leave a comment, please click here

IDG Contributor Network: Protecting against the next great heist by encrypting in-transit data

Cast your mind back to the last time you were offline – not just when your connection was down, but a time when you were truly, unequivocally disconnected. That time may have been spent sending letters, physically going into a bank to make a deposit or withdrawal, and actually meeting with people to share information.Nowadays, we're far more efficient thanks to our reliance on connectivity and the network. During the past 20 years or so, information has evolved in line with the network, and become largely a digital commodity that can be sent and received with the click of a mouse. Electronic communications now cross organizations and oceans with relative ease, in volumes that seemed unfathomable during the days when postal mail was king. But all of this need for connectivity comes with a downside: criminal elements seeking to steal that data – and make no mistake, something as seemingly innocent as a personal email can be as valuable to a criminal as a bank transaction.To read this article in full or to leave a comment, please click here

What U.S. cities are most prone to malware infections, and why?

An anti-malware vendor has released a list of the 20 most infected cities around the U.S. in terms of malware, and the trend appears to be that cities not known for being technology centers are getting hit the hardest.Enigma Software, which develops the SpyHunter anti-spyware detection software, analyzed more than 25 million different infections on computers in the 150 largest cities in the U.S. and found 2015 was a big year for malware over prior years.Enigma came about its numbers via customers who have its software installed on their machines. The national average was 8.1%, meaning nationwide, but that comes from the number of infections divided by the city's entire population.To read this article in full or to leave a comment, please click here

Simple ASA to IOS VPN

Occasionally you just need a cheat sheet to configure something up. This is meant to be exactly that, a quick configuration of lan to lan IPSec between an ASA and IOS based router.

Topology

Host (for testing)

! /// Host is simply here to emulate a
! /// client on one end of the network
!
hostname Host
!
interface GigabitEthernet0/1
 description to iosv-1
 ip address 192.168.1.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1

iosv-1 (IOS IPSec Endpoint)

! /// iosv-1 is terminating one end of an IPSec Tunnel
!
hostname iosv-1
!
! /// phase 1 policy
!
crypto isakmp policy 10
 encr aes
 authentication pre-share
 group 2
!
! /// pre shared key
!
crypto isakmp key P@rtn3rNetw0rk address 3.3.3.4
!
crypto ipsec transform-set myset esp-aes esp-sha-hmac
 mode tunnel
!
crypto map mymap 10 ipsec-isakmp
 set peer 3.3.3.4
 set transform-set myset
 set reverse-route distance 10
 match address crypto
!
interface GigabitEthernet0/1
 description to Internet
 ip address 2.2.2.2 255.255.255.0
 !
 ! /// recommend to restrict inbound traffic
 ip access-group out-in in
 !
 ! /// probably a good idea to disable ip 
 ! /// unreachables on the outside interface
 no ip unreachables
 !
 ! /// if nat is  Continue reading

Security startup wages continuous war games against networks

Startup SafeBreach automatically assesses corporate networks to find out whether they offer up enough security loopholes for real-world attacks to succeed.Using software probes called simulators distributed throughout customers’ networks, SafeBreach attempts to establish connections among devices and network segments just as a hacker would do in trying to carry out malicious activity.These automated attempts are driven by the Hacker’s Playbook, a SafeBreach library of known attack methods that the simulators try in order to discover weaknesses and reveal how these vulnerabilities might be exploited to carry out successful breaches.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords So simulators might find individual weaknesses in a desktop Internet connection, a credit card database and a management platform that could be strung together to nab customer credit card data. This would be reported on a single screen.To read this article in full or to leave a comment, please click here

Startup Cybric aims to reduce time between detecting and remediating breaches

Startup Cybric is working on a cloud-based platform to help businesses find out about breaches quickly and clean them up as fast as possible.It will do that with its platform, Continuous Security Delivery Fabric that creates a clone of network elements in its cloud and runs tests against them looking for vulnerabilities. Because the work is done in the cloud, it doesn’t slow down or interfere with the business’s production network, the company says.Because multiple tests can be run in parallel in the cloud, the time it takes to find vulnerabilities is reduced, the company says. Alternatively, customers can run the Continuous Security Delivery Fabric on premises.To read this article in full or to leave a comment, please click here

Say hello to The Matrix: DARPA looks to link brains and computers

Building a high-speed brain-to-computer interface that would offer “unprecedented signal resolution and data-transfer bandwidth between the human brain and the digital world” is the goal of a new program announced by the Defence Advanced Research Projects Agency recently. The research agency’s Neural Engineering System Design (NESD) want to develop an implantable device that would “serve as a translator, converting between the electrochemical language used by neurons in the brain and the ones and zeros that constitute the language of information technology. You may recall in the sci-fi film The Matrix, protagonists were plugged into a violent virtual future world though a brain interface.To read this article in full or to leave a comment, please click here

Say hello to The Matrix: DARPA looks to link brains and computers

Building a high-speed brain-to-computer interface that would offer “unprecedented signal resolution and data-transfer bandwidth between the human brain and the digital world” is the goal of a new program announced by the Defence Advanced Research Projects Agency recently. The research agency’s Neural Engineering System Design (NESD) want to develop an implantable device that would “serve as a translator, converting between the electrochemical language used by neurons in the brain and the ones and zeros that constitute the language of information technology. You may recall in the sci-fi film The Matrix, protagonists were plugged into a violent virtual future world though a brain interface.To read this article in full or to leave a comment, please click here