Many US enterprises still running XcodeGhost-infected Apple apps, FireEye says

Dozens of U.S. enterprises are still using Apple mobile apps seeded with malware for a clever hacking scheme revealed last month known as XcodeGhost.The computer security firm FireEye said Tuesday it has detected that 210 enterprises that are still using infected apps, showing that the XcodeGhost malware "is a persistent security risk," according to a blog post.Last month, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, which is an application development tool from Apple.To read this article in full or to leave a comment, please click here

Speaking Notes: The Data Center Network Evolution

I will be presenting at the Cisco Connect Canada tour in Edmonton and Calgary on November 3rd and 5th, respectively. My presentation is about that three letter acronym that everyone loves to hate: SDN :-)

I will talk about SDN in general terms and describe what it really means; what we’re really doing in the network when we say that it’s “software defined”. No unicorns or fairy tales here, just engineering.

Next I’ll talk about three areas where Cisco is introducing programmability into its data center solutions:

  • Application Centric Infrastructure
  • Virtual Topology System
  • Open NX-OS

Below are the notes I made for myself while researching these topics and preparing for the presentation. At the bottom of this post is a Q&A section with some frequently asked questions.

Continue reading

How to use application-defined automation tools to successfully deploy cloud apps

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

The cost and scalability benefits of cloud computing are appealing, but cloud applications are complex. This is because they typically have multiple tiers and components that utilize numerous technologies; as a result, applications can end up scattered across a variety of execution environments. To ensure successful cloud application deployment and management, the key is to use application-defined automation tools.

To read this article in full or to leave a comment, please click here

Infor says European data stays in Europe with its ERP service

What happens in Vegas, stays in Vegas -- and, for enterprise software vendor Infor, what happens in Europe, stays in Europe.At its annual customer meeting in Paris on Tuesday, the company told European Union customers to move their data to its cloud services -- just a week after German data protection authorities told companies handling Europeans' personal information to shun U.S. service providers and keep the data at home.Infor CEO Charles Phillips said that although it's not an issue for most customers, the company can provision servers in Europe on request.To read this article in full or to leave a comment, please click here

OpenStack Summit – Tokyo – 2015 – Thursday 29th – Show Notes

It’s Thursday, it’s 9am and…straight in to sessions. No keynote today, which is no bad thing considering these days are long!

The previous two days have consumed a huge amount of hours from sessions, keynotes and side meetings, some planned and some impromptu. This event really is the place to be if you want to speak to industry figure heads representing both vendors and consumers.

It was great to wander the market place hall, with some stands really paying attention to their interpreted understanding of the enterprises and their desire to access the OpenStack technology. This ranged from companies providing optimised tower (desktop style) servers, through to IBM showing off OCP blueprinted servers, which in turn provides a standard compute architecture. Not everyone company or organisation has a server room that wants to take advantage of OpenStack, nor do they necessarily have the skill to tie the components together. Interesting approaches all round!

Miranits, Canonical and Red Hat were present, for each tip of the consumer triangle, being: instant access, guided automation and tool-box


Instant AccessFuel

Mirantis offer the easy access approach, or ‘low bar’ if that’s more familiar as an ‘easy’ term. As a set of steps: Install Continue reading

Don’t call it ‘HP Enterprise’

Hewlett Packard split into two companies yesterday: One is Hewlett Packard Enterprise, or HPE, which will sell infrastructure to enterprises. The other is HP Inc., which is the company’s printers and PC business.But whatever you do, don’t call the infrastructure business HP Enterprise.+MORE AT NETWORK WORLD: Vote! Which is the better strategy? HP splitting up, or Dell buying EMC? | HP Split up: How did we get here? +To read this article in full or to leave a comment, please click here

Reaction: DNS versus anycast

This post raises an obvious question: are techniques using DNS to “steer” traffic (such as IP geolocation) sufficient, or do you need to consider using anycast as LinkedIn did? The short answer is that DNS steering works well and is only getting better. via circleid

Matt’s article is well worth reading, but once you’re finished reading it —

It’s well worth remembering when dealing with different load balancing solutions (like most other things in life) that the right answer is, “it depends.” In this case, do you need TCP anycast, or can you use DNS based load sharing? It depends not only on how effective each one is, but also what sort of application you’re working with. Many apps designed for smart phones don’t use DNS at all, so some form of anycast or appliance based solution are all you have. Between these two, anycast is often just as viable a solution if your network is designed to handle it correctly.

In the end, all three solutions — anycast, DNS, and appliance based — are viable options. Which one you should choose just all depends.

The post Reaction: DNS versus anycast appeared first on 'net work.

Juniper disaggregates even further

Juniper Networks this week unveiled a new access switch supporting 25/50G Ethernet as well as an open version of its Junos operating system for it. Juniper says it disaggregated Junos so it can enable third-party application and service support, and enhanced programmability. Disaggregation is the industry practice of breaking the dependencies of hardware and software on each other so they can be sold independently, giving customers more choice in what they purchase and operate.To read this article in full or to leave a comment, please click here

Google researchers poke holes in Galaxy S6 Edge, show OEMs add risky code

Google's security researchers hunted for bugs in Samsung's Galaxy S6 Edge phone as part of an experiment to see how vulnerable the code that manufacturers add to Android can be. It's pretty bad.The researchers found 11 vulnerabilities in Samsung's code that could be exploited to create files with system privileges, steal the user's emails, execute code in the kernel and escalate the privilege of unprivileged applications."Overall, we found a substantial number of high-severity issues, though there were some effective security measures on the device which slowed us down," the security researchers said in a blog post. "The weak areas seemed to be device drivers and media processing. We found issues very quickly in these areas through fuzzing and code review."To read this article in full or to leave a comment, please click here

1 3,193 3,194 3,195 3,196 3,197 3,773