It’s time to pull the trigger on security automation

It’s likely that you already have a variety of security tools -- intrusion prevention, network access control, endpoint security, mobile device management – that come with automation capabilities designed to quickly find and stop attacks. But for a variety of perfectly good reasons, you’ve been reluctant to turn these features on. You may be worried about blocking legitimate business transactions by mistake, keeping employees from getting work done because their devices have been temporarily quarantined or risking the wrath of users when wiping remote devices. Or maybe you’ve been so swamped that you haven’t had the time to set up these automation capabilities. “It takes time and skills to tune these products effectively in order to take advantage of their automation capabilities,” says Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “Furthermore, automation usually depends upon integrating several security technologies together, which can be difficult,” Oltsik adds.To read this article in full or to leave a comment, please click here(Insider Story)

7 steps to IoT data security

As Internet of Things invades the enterprise, companies need to revamp their approach to protecting data because the old ways aren’t going to get the job done. Not in a world of 25 billion or more IoT devices connected to the Internet by 2020, as Gartner predicts. So, what are the new challenges that IoT will present? Basil Hashem, VMware The biggest change IoT brings is a new scale to an organization's data protection strategy, both in terms of diversity of devices and volume of data that is generated, according to Basil Hashem, senior director of mobile strategy at VMware.To read this article in full or to leave a comment, please click here(Insider Story)

Is Anyone Using Long-Distance VM Mobility in Production?

I had fun times participating in a discussion focused on whether it makes sense to deploy OTV+LISP in a new data center deployment. Someone quickly pointed out the elephant in the room:

How many LISP VM mobility installs has anyone on this list been involved with or heard of being successfully deployed? How many VM mobility installs in general, where the VMs go at least 1,000 miles? I'm curious as to what the success rate for that stuff is.

I think we got one semi-qualifying response, so I made it even simpler ;)

Read more ...

CCDE – Load Balancer Designs

Introduction

This post will describe different load balancer designs, the pros and cons of the designs and how they affect the forwarding of packets.

Load Sharing Vs Load Balancing

The terms load sharing and load balancing often get intermixed. An algorithm such as Cisco Express Forwarding (CEF) does load sharing of packets meaning that packets get sent on a link based on parameters such as source and destination MAC address or source and destination IP address or in some cases also the layer 4 ports in the IP packet. The CEF algorithm does not take into consideration the utilization of the link or how many flows have been assigned to each link. Load balancing on the other hand tries to utilize the links more evenly by tracking the bandwidth of the flows and assigning flows based on this information to the different links. The goal is to distribute the traffic across the links as evenly as possible. However load balancing is mostly used to distribute traffic to different servers to share the load among them.

Why Load Balancing?

What warrants the use of a load balancer? Think of a web site such as facebook.com. Imagine the number of users Continue reading

Using InfluxDB + Grafana to Display Network Statistics

I loathe MRTG graphs. They were cool in 2000, but now they’re showing their age. We have much better visualisation tools available, and we don’t need to be so aggressive with aggregating old data. I’ve been working with InfluxDB + Grafana recently. Much cooler, much more flexible. Here’s a walk-through on setting up InfluxDB + Grafana, collecting network throughput data, and displaying it.

Background – InfluxDB + Grafana

There’s three parts to this:

  • Grafana: This is our main UI. Grafana is a “…graph and dashboard builder for visualizing time series metrics.” It makes it easy to create dashboards for displaying time-series data. It works with several different data sources such as Graphite, Elasticsearch, InfluxDB, and OpenTSDB.
  • InfluxDB: This is where we store the data that Grafana displays. InfluxDB is “…an open-source distributed time series database with no external dependencies.” It’s a relatively new project, and is not quite at 1.0 yet, but it shows a lot of promise. It can be used in place of Graphite. It is very flexible, and can store events as well as time series data.
  • Influxsnmp: We need to get data from the network into InfluxDB. There are a few options for Continue reading

Despite takedown, the Dridex botnet is running again

Spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.The finding confirms that while law enforcement can claim temporary victories in fighting cybercriminal networks, it's sometimes difficult to completely shut down their operations.The U.S. Department of Justice said on Oct. 13 it was seeking the extradition of a 30-year-old Moldovan man, Andrey Ghinkul. Prosecutors allege he used Dridex malware to steal US$10 million from U.S. companies and organizations.To read this article in full or to leave a comment, please click here

Setup GNS3 Automation Network in OSX

I have been working to learn how to use Python to automate interactions with network devices.  Due to what I have in my lab and the fact that we have GNS to model Cisco Networks I started with IOS.  In order to really test out the automation scripts I have been building, I felt it …

FCC to publish weekly list of robocallers and robotexters

Don’t you hate it when you receive a spammy text message or an unwanted robocall or telemarketing call? The FCC said it received over 215,000 complaints from consumers last year, which averages out to about 590 per day. Last week, in its newest efforts to bring down the hammer on spammers, the FCC started releasing robocall and telemarketing consumer complaint data which will be updated every week; the purpose of such name/blame/shame weekly lists is “to help developers build and improve ‘do-not-disturb’ technologies that allow consumers to block or filter unwanted calls and texts.”To read this article in full or to leave a comment, please click here

FCC to publish weekly name-shame-blame list of robocallers and robotexters

Don’t you hate it when you receive a spammy text message or an unwanted robocall or telemarketing call? The FCC said it received over 215,000 complaints from consumers last year, which averages out to about 590 per day. Last week, in its newest efforts to bring down the hammer on spammers, the FCC started releasing robocall and telemarketing consumer complaint data which will be updated every week; the purpose of such name/blame/shame weekly lists is “to help developers build and improve ‘do-not-disturb’ technologies that allow consumers to block or filter unwanted calls and texts.”To read this article in full or to leave a comment, please click here

Transport Protocols

One of the early refinements in the Internet protocol model was the splitting of the original Internet protocol from a single monolithic protocol specification into the Internet Protocol (IP) and a pair of transport protocols. The Internet Protocol layer is intended to be used by the internal switches within the network to forward the packet to its intended destination, while the Transport Protocol layer is intended to be used by the source and destination systems. In this article I’d like to look at what we’ve been doing since then with these transport protocols.
1 3,250 3,251 3,252 3,253 3,254 3,819