Microsoft adds new security enhancements to its cloud offerings

Microsoft is adding a range of new security management and reporting features to its Office 365 and Azure cloud services as part of the company's holistic approach to enterprise security announced last year.In April, the company will release a new product called Microsoft Cloud App Security that will allow customers to gain better visibility, control and security for data hosted in cloud apps like Office 365, Box, SalesForce, ServiceNow and Ariba. The new product is based on technology from Adallom, a cloud access security broker Microsoft acquired in September.To read this article in full or to leave a comment, please click here

NANOG 66

NANOG continues to be one of the major gatherings on network operators and admins, together with the folk who work to meet the various needs of this community. Here are my reactions to some of the presentations I heard at NANOG 66, held in San Diego in February.

Report: Apple’s rushing to close iPhone hack opening after FBI decryption demand

Apple reportedly wants to take itself out of the equation when it comes to decrypting data on a criminal suspect’s iOS device. Company engineers are working on a solution that would make it impossible for Apple to help law enforcement break into an iPhone and gain access to the encrypted data contained within, according to The New York Times.The report is yet another storyline to come out of the continuing saga of Apple’s battle with the Federal Bureau of Investigation over the iPhone 5c used by San Bernardino, California shooter Syed Rizwan Farook. That iPhone, running iOS 9, is locked with a passcode and thus all data on the phone is encrypted until the device is unlocked with the proper password.To read this article in full or to leave a comment, please click here

FBI director: Apple encryption ruling could lead to more requests

If a U.S. court grants the FBI's request for Apple to help it unlock a terrorism suspect's iPhone, the case will likely open the door to many similar law enforcement requests, the agency's director said Thursday. A ruling in favor of the FBI by a California judge "will be instructive for other courts," FBI Director James Comey said during a congressional hearing. A decision in the San Bernardino mass shooting case "will guide how other courts handle similar requests," he added. Lawmakers questioned the broader impact of the FBI's request, and a judge's initial ruling in favor of the agency, during a hearing on worldwide security threats before the House of Representatives Intelligence Committee.To read this article in full or to leave a comment, please click here

CCDE – BGP Convergence

Introduction

This post will look at the steps involved in BGP convergence and how it interacts with IGP to converge.

Any network of scale will use route reflectors (RRs) so this post will focus on deployments with RRs. Networks running a full mesh will have all paths available which makes hot potato routing and fast convergence easily achievable, at the cost of scaling and management overhead. A combination of full mesh and RRs is also possible where one scenario would be to run a full mesh within a point of presence (PoP) and RRs within the pop, peering with central RRs.

BGP can be used for both internal (iBGP) and external (eBGP) peerings and convergence and timers differ depending if it’s internal or external peerings.

BGP is a path vector protocol which means that it behaves as a distance vector protocol where it can only advertise routes that are installed into the RIB. There is an exception to the rule when BGP selective route download (SRD) is used to not download routes to the RIB but still advertise the routes. BGP will by default only install one path into the RIB even if there are multiple equal candidates and it Continue reading

Verizon charts a different cloud services path

When running down the list of top cloud vendors, the name Verizon doesn't come up immediately, but the firm is looking to expand its particular brand of cloud services that complement main players like Amazon and Microsoft. It's also fending off rumors it's getting out of the cloud business. Late last year, the company denied reports it was looking to sell off its enterprise services business, which include cloud services and data centers. At the Wells Fargo Securities 2015 Technology, Media & Telecom Conference in late November, Verizon CFO Francis Shammo denied reports that his company is considering selling some of its enterprise assets after a Reuters report said just that. To read this article in full or to leave a comment, please click here

ContainerWorld2016 conference in review – Part II (Container Orchestration)




© Arun Sriraman
Picking up from Part I of ContainerWorld2016 conference in review, this post describes the various orchestration mechanisms available to manage containers. There are more than just the tree mechanisms out there to setup & manage containers but these; Kubernetes, Mesos and Docker Swarm are gaining traction and popularity. The Open Container Night Meetup (SVDevOps meetup group) although wasn't part of the conference tracks and hosted after day 1 sessions at the same venue was very informative. As part of this meetup's lightening talks, Adrian Otto provided a good in-depth comparison of the various container orchestration tools along with the roadmap for Openstack Magnum project and Carina by Rackspace.

When talking about containers and orchestration, as Adrian put it, one can think of two methods or paradigms of interacting with any system - imperative where you have complete control on how you want the system to work  along with configuration knobs accessible to you at every step and declarative where you describe the outcome and the system automates everything for you making it simple and easy but giving you less flexibility and configurability. The degree of configuration control and ease of use are two important factors that Continue reading

When Should Approximate Query Processing Be Used?

This is a guest repost by Barzan Mozafari, who is part of a new startup, www.snappydata.io, that recently launched an open source OLTP + OLAP Database built on Spark.

The growing market for Big Data has created a lot of interest around approximate query processing (AQP) as a means of achieving interactive response times (e.g., sub-second latencies) when faced with terabytes and petabytes of data. At the same time, there is a lot of misinformation about this technology and what it can or cannot do.

Having been involved in building a few academic prototypes and industrial engines for approximate query processing, I have heard many interesting statements about AQP and/or sampling techniques (from both DB vendors and end-users):

Myth #1. Sampling is only useful when you know your queries in advance
Myth #2. Sampling misses out on rare events or outliers in the data
Myth #3. AQP systems cannot handle join queries
Myth #4. It is hard for end-users to use approximate answers
Myth #5. Sampling is just like indexing
Myth #6. Sampling will break the BI tools
Myth #7. There is no point approximating if your data fits in memory

Although there is a Continue reading

Introducing VMware NSX Fundamentals LiveLesson from VMware Press

We are pleased to announce the first official video learning opportunity for VMware NSX VMware NSX Fundamentalstechnology – VMware NSX Fundamentals LiveLesson from VMware Press. This video course will provide viewers the information needed to understand NSX concepts, components and deployment options. As an added benefit, this course used the most recently version (VMware NSX 6.2) at its foundation to make sure you have the most current materials available for your reference. As it is based on NSX 6.2, the breadth of new features available are covered in detail including multi-vCenter, enhanced NSX operations tools, NSX automation and more! Continue reading

How an audit can shore up your security strategy

Information security audits are on the rise, as organizations look to not only bolster their security postures, but demonstrate their efforts to other parties such as regulators.Audits, which are measurable technical assessments of systems, applications and other IT components, can involve any number of manual and automated processes. Whether conducted by internal auditors or outside consultants, they are an effective way for companies to evaluate where they stand in terms of protecting data resources.The high-profile data breaches of recent years have forced many organizations to take a closer look at their security technologies and policies, experts say.To read this article in full or to leave a comment, please click here

Go inside a security operations center

Walk into a security operations center (SOC) and the first impression you get is of an immense war room, with large screens across the entire front wall displaying a world map and endless rows of tabular data.Analysts sit in rows facing the screens as they scrutinize streams of data on their own monitors. Most of the light comes from the wall screens, creating a cavelike atmosphere. The overall feel is one of quiet efficiency.[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ] Welcome to Alert Logic’s 24/7 security operations center in Houston, Texas. This is where Alert Logic’s analysts monitor customer applications and networks, hunting for signs of an attack or a breach. For organizations with limited budgets and a small (or not) dedicated security team, working with a managed security services provider like Alert Logic helps close the security gap.To read this article in full or to leave a comment, please click here(Insider Story)

1 3,134 3,135 3,136 3,137 3,138 3,854