The Endpoint Security Continuum

My colleague Doug Cahill and I are knee deep into a research project on next-generation endpoint security.  As part of this project, we are relying on real-world experience so we’ve interviewed dozens of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) who have already deployed new types of endpoint security software.Now all of the organizations we interviewed are already running antivirus tools but day-to-day responsibilities are often delegated to an IT operations team rather than the infosec staff.  So organizations are at somewhat of a disadvantage because they delegated it to an IT generalist team.  Still, many of the organizations we’ve interviewed have turned on all of their AV’s advanced features and are still being compromised.To read this article in full or to leave a comment, please click here

Worth Reading: Standardized Models For Networking

From an operator’s perspective, one challenge with network automation is the lack of standard interfaces. In other words, it’s hard to configure a network programmatically if the details vary from device to device. Today, most operators know these differences in the form of CLI syntax. For example, the commands required to configure BGP on a Cisco device running IOS differ from the commands required to accomplish the same task on a Juniper device running Junos. -via packet pushers

The post Worth Reading: Standardized Models For Networking appeared first on 'net work.

A Patreon Architecture Short

Patreon recently snagged $30 Million in funding. It seems the model of pledging $1 for individual feature releases or code changes won't support fast enough growth. CEO Jack Conte says: We need to bring in so many people so fast. We need to keep up with hiring and keep up with making all of the things.

Since HighScalability is giving Patreon a try I've naturally wondered how it's built. Modulo some serious security issues Patreon has always worked well. So I was interested to dig up this nugget in a thread on the funding round where the Director of Engineering at Patreon shares a little about how Patreon works:

  • Server is in Python using Flask and SQLAlchemy, 
  • Runs on AWS (EC2, RDS (MySQL), and some Redis, Celery, SQS, etc. to boot). 
  • A few microservices here and there in other languages too (e.g. real time chat server with Node & Firebase)
  • Web code is written in React (with some legacy code in Angular). We tend to use Redux for the non-component pieces, but are still trying out new React-compatible libraries here and there.
  • iOS and Android code are written in Objective-C and Java, respectively. 
  • We use Realm on both platforms for Continue reading

Trojanized Android games hide malicious code inside images

Over 60 Android games hosted on Google Play had Trojan-like functionality that allowed them to download and execute malicious code hidden inside images.The rogue apps were discovered by researchers from Russian antivirus vendor Doctor Web and were reported to Google last week. The researchers dubbed the new threat Android.Xiny.19.origin.Malicious Android apps were a common occurrence on Google Play until a few years ago when Google implemented more rigorous checks. This included an automated scanner called Bouncer that used emulation and behavior-based detection.Bypassing Bouncer detection is not impossible, but is hard enough to keep most malware creators away. Most Android Trojans these days are distributed through third-party app stores, targeting users who have enabled the installation of apps from "unknown sources."To read this article in full or to leave a comment, please click here

At least some consumers are paying attention to cybersecurity

When it comes to cybersecurity, it's long been safe to assume that almost nobody is doing much of anything to protect themselves. But a new survey by credit-monitoring company Experian reveals that notion may no longer be completely accurate.While the survey of more than 1,000 U.S. adults, conducted by Edelman Berland in September 2015, reveals plenty of the kind of security holes that give professionals nightmares, it also showed that a significant number of people are now paying at least some attention to online security and privacy issues.To read this article in full or to leave a comment, please click here

Building an OpenStack home lab – Prepping the VMs

In my last post, I talked about some of the more physical aspects of my virtual home lab.  We talked about the need for nested virtualization as well as what the physical and virtual network would look like.  In this post, we’re going to look at building the VMs as well as getting the operating systems ready for the OpenStack install.  As a quick reminder, let’s take a look at what the logical lab looks like…

image
The lab will consists of 3 VMs (to start with), a controller, and two compute nodes.  Wile OpenStack can be installed on a variety of Linux operating systems, this series will be focusing on Ubuntu version 14.04.  The first thing we need to do is create a base image.  Without a base image, we’re going to be forced to install Ubuntu individually on each server which is not ideal.  So the first thing you’ll want to do is download the correct ISO and upload it to your ProxMox server. 

Note: Getting around in ProxMox is out of scope for this series.  HOWEVER – ProxMox has a rather large following on the internet which Continue reading

Configuration Management: DevOps From Ops

Configuration Management is a big category today, largely comprised of Puppet and Chef, followed by Ansible and Salt, but what is Configuration Management?  Configuration Management is, at it’s simplest, a matter of boolean states on a machine, stack, or infrastructure.  Is the Apache httpd installed on this server?  If not, install it.  Does this file […]

The post Configuration Management: DevOps From Ops appeared first on Packet Pushers.

Configuration Management: DevOps From Ops

Configuration Management is a big category today, largely comprised of Puppet and Chef, followed by Ansible and Salt, but what is Configuration Management?  Configuration Management is, at it’s simplest, a matter of boolean states on a machine, stack, or infrastructure.  Is the Apache httpd installed on this server?  If not, install it.  Does this file […]

The post Configuration Management: DevOps From Ops appeared first on Packet Pushers.

OED tools: Pushover

The problem In my last post about Linux at command I talked about notifications on my mobile. In most of my automation scripts I prefer notifications to come to my mobile instead of via email or SMS (really? in 2015?) because: it is always with me I check it thousands times a day (I know […]

SignalFx

SignalFx is an example of a cloud based analytics service. SignalFx provides a REST API for uploading metrics and a web portal that it simple to combine and trend data and build and share dashboards.

This article describes a proof of concept demonstrating how SignalFx's cloud service can be used to cost effectively monitor large scale cloud infrastructure by leveraging standard sFlow instrumentation. SignalFx offers a free 14 day trial, making it easy to evaluate solutions based on this demonstration.

The diagram shows the measurement pipeline. Standard sFlow measurements from hosts, hypervisors, virtual machines, containers, load balancers, web servers and network switches stream to the sFlow-RT real-time analytics engine. Metrics are pushed from sFlow-RT to SignalFx using the REST API.

Over 40 vendors implement the sFlow standard and compatible products are listed on sFlow.org. The open source Host sFlow agent exports standard sFlow metrics from hosts, virtual machines and containers and local services. For additional background, the Velocity conference talk provides an introduction to sFlow and case study from a large social networking site.

SignalFx's service is priced based on the number of data points that they need to store and they estimate a cost of $15 per host Continue reading

Securing BGP: A Case Study (2)

In part 1 of this series, I pointed out that there are three interesting questions we can ask about BGP security. The third question I outlined there was this: What is it we can actually prove in a packet switched network? This is the first question I want dive in too—this is a deep dive, so be prepared for a long series. :-) This question feels like it is actually asking three different things, what we might call “subquestions,” or perhaps “supporting points.” These three questions are:

  • If I send a packet to the peer I received this update from, will it actually reach the advertised destination?
  • If I send this information to this destination, will it actually reach the intended recipient?
  • If I send a packet to the peer I received this update from, will it pass through an adversary who is redirecting the traffic so they can observe it?

These are the things I can try to prove, or would like to know, in a packet switched network. Note that I want to intentionally focus on the data plane and then transfer these questions to the control plane (BGP). This is the crucial point to remember: If I Continue reading

Forget about LTE hurting Wi-Fi and think about using it in your business

Controversial technology that lets LTE networks use unlicensed spectrum could become a trusted part of the enterprise IT toolkit in a few years.So-called unlicensed LTE has come under fire ever since the news about it first broke more than a year ago. The charge: If mobile operators adapt their LTE networks to use frequencies that Wi-Fi depends on, Wi-Fi users will get squeezed out.ALSO ON NETWORK WORLD U.S. carriers stay tight-lipped on LTE-U deployments The two sides are now working together on standard tests to tell if a given unlicensed LTE radio unfairly interferes with Wi-Fi. Meanwhile, Qualcomm, the biggest cheerleader for the new technology, just got permission to try it out at Verizon Wireless facilities in Oklahoma City and Raleigh, North Carolina, the Federal Communications Commission said Friday. The industry group Wi-Fi Forward promptly declared the FCC should closely monitor the experiments.To read this article in full or to leave a comment, please click here

Why your network admins are nervous

This past summer, the White Rose Academies Trust in Leeds, England, kicked off a project that represented the first step on a journey to a software-defined networking platform -- and the move precipitated some career changes, both positive and negative, for the IT staff.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 2.1.2016

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Appcito Application Delivery System (ADS) Key features: New self-service provider-tenant portal for Enterprise Infrastructure and Application teams delivering application performance, security, visibility and analytics. Service adapters for F5 Big-IP LTM and HAProxy devices – per-application visibility and analytics. More info.To read this article in full or to leave a comment, please click here

10 of today’s really cool network & IT research projects

New enterprise and consumer network technologies are coming fast and furious these days via well-heeled startups, and yes, even more established tech players. But further back in the pipeline, in the research labs of universities and colleges around the world, that's where the really cool stuff is happening. Take a peek at some of the more intriguing projects in areas ranging from wireless to security to open source to robotics and cloud computing.UNDERWATER WIRELESS University at Buffalo and Northeastern University researchers are developing hardware and software to enable underwater telecommunications to catch up with over-the-air networks. This advancement could be a boon for search-and-rescue operations, tsunami detection, environmental monitoring and more.To read this article in full or to leave a comment, please click here

1 3,174 3,175 3,176 3,177 3,178 3,857