NetworkingNexus.net

Automatically discovering API endpoints and generating schemas using machine learning

Cloudflare now automatically discovers all API endpoints and learns API schemas for all of our API Gateway customers. Customers can use these new features to enforce a positive security model on their API endpoints even if they have little-to-no information about their existing APIs today.

The first step in securing your APIs is knowing your API hostnames and endpoints. We often hear that customers are forced to start their API cataloging and management efforts with something along the lines of “we email around a spreadsheet and ask developers to list all their endpoints”.

Can you imagine the problems with this approach? Maybe you have seen them first hand. The “email and ask” approach creates a point-in-time inventory that is likely to change with the next code release. It relies on tribal knowledge that may disappear with people leaving the organization. Last but not least, it is susceptible to human error.

Even if you had an accurate API inventory collected by group effort, validating that API was being used as intended by enforcing an API schema would require even more collective knowledge to build that schema. Now, API Gateway’s new API Discovery and Schema Learning features combine to automatically Continue reading

Announcing Cloudflare Fraud Detection

The world changed when the COVID-19 pandemic began. Everything moved online to a much greater degree: school, work, and, surprisingly, fraud. Although some degree of online fraud has existed for decades, the Federal Trade Commission reported consumers lost almost $8.8 billion in fraud in 2022 (an over 400% increase since 2019) and the continuation of a disturbing trend. People continue to spend more time alone than ever before, and that time alone makes them not just more targeted, but also more vulnerable to fraud. Companies are falling victim to these trends just as much as individuals: according to PWC’s Global Economic Crime and Fraud Survey, more than half of companies with at least $10 billion in revenue experienced some sort of digital fraud.

This is a familiar story in the world of bot attacks. Cloudflare Bot Management helps customers identify the automated tools behind online fraud, but it’s important to note that not all fraud is committed by bots. If the target is valuable enough, bad actors will contract out the exploitation of online applications to real people. Security teams need to look at more than just bots to better secure online applications and tackle modern, online fraud.

First Steps in IPv6 Deployments

Even though IPv6 could buy its own beer (in US, let alone rest of the world), networking engineers still struggle with its deployment – one of the first questions I got in the ipSpace.net Design Clinic was:

We have been tasked to start IPv6 planning. Can we discuss (for enterprises like us who all of the sudden want IPv6) which design paths to take?

I did my best to answer this question and describe the basics of creating an IPv6 addressing plan. For even more details, watch the IPv6 webinars (most of them at least a few years old, but nothing changed in the IPv6 world in the meantime apart from the SRv6 madness).

First Steps in IPv6 Deployments

We have been tasked to start IPv6 planning. Can we discuss (for enterprises like us who all of the sudden want IPv6) which design paths to take?

How network pros can fight being squeezed out of cloud decisions

There's a rumbling in the cloud as network professionals increasingly seek to reclaim what they believe is their rightful place in the enterprise management hierarchy.Network knowledge is now widespread within many other IT disciplines. "This means it's now sometimes easy for other teams to assume that they know all they need to know about networking, so they don't need to bother the network team," observes Josh Stephens, CTO of multi-cloud network automation provider BackBox.Network pros have unique perspectives. When it comes to multicloud decision-making, IT, cloud, cybersecurity, and network professionals all bring different perspectives and talents to the table. "IT teams have a deep understanding of the organization's overall technology, while cloud teams have expertise in cloud-based technology solutions, and cybersecurity teams have a thorough understanding of [cloud] security risks," says Dan Dulac, vice president of solutions strategy at network infrastructure provider Extreme Networks. Combining the insights of these experts, along with network professionals, is the best way for organizations to make informed decisions about their multicloud strategy, he says.To read this article in full, please click here

How sophisticated scammers and phishers are preying on customers of Silicon Valley Bank

By now, the news about what happened at Silicon Valley Bank (SVB) leading up to its collapse and takeover by the US Federal Government is well known. The rapid speed with which the collapse took place was surprising to many and the impact on organizations, both large and small, is expected to last a while.

Unfortunately, where everyone sees a tragic situation, threat actors see opportunity. We have seen this time and again - in order to breach trust and trick unsuspecting victims, threat actors overwhelmingly use topical events as lures. These follow the news cycle or known high profile events (The Super Bowl, March Madness, Tax Day, Black Friday sales, COVID-19, and on and on), since there is a greater likelihood of users falling for messages referencing what’s top of mind at any given moment.

The SVB news cycle makes for a similarly compelling topical event that threat actors can take advantage of; and it's crucial that organizations bolster their awareness campaigns and technical controls to help counter the eventual use of these tactics in upcoming attacks. It’s tragic that even as the FDIC is guaranteeing that SVB customers’ money is safe, bad actors are attempting to steal that Continue reading

DNS data shows one in 10 organizations have malware traffic on their networks

Akamai report highlights how widespread malware threats remain, noting the dangers of threats specific to DNS infrastructure.

DNS data shows one in 10 organizations have malware traffic on their networks

Akamai report highlights how widespread malware threats remain, noting the dangers of threats specific to DNS infrastructure.

SmartNIC, DPU Revenue Forecast To Grow 30% In 2023

Data Processing Unit (DPU) and SmartNIC vendors such as NVIDIA, Intel, and AMD are making a lot of noise about the ability of their adapters to offload work from CPUs and to run networking, security, and storage applications directly on a NIC inside a server. But that noise hasn’t necessarily turned into sales—at least not […]

The post SmartNIC, DPU Revenue Forecast To Grow 30% In 2023 appeared first on Packet Pushers.

HPE Aruba, Microsoft Azure, and reelyActive speed streaming of IoT data to the cloud

Aruba Networks, Microsoft Azure and open-source vendor reelyActive have teamed-up to make it easier to bring IoT device data to cloud applications.The package, Aruba IoT Transport for Azure, brings together three separate components to make it work: Aruba Access points that incorporate both Wi-Fi and IoT radios to serve mobile connectivity, connect to IoT devices, and function as embedded IT-to-IoT gateways simultaneously and securely. HPE Aruba Networking IoT Transport for Azure service that encodes IoT-device data streamed through the access points into a format compatible with Microsoft Azure IoT Hub, which centrally ingests, provisions, and manages device data. reelyActive Pareto Anywhere for Microsoft Azure a new free open-source converter that reformats IoT data and units of measurement such as temperature and power into a universal format compatible with Microsoft analytics, Power BI and other Azure applications. The tool abstracts the original data format so that the data seen by applications are intelligible, consistent streams of immediately consumable data in recognizable units of measurement. Azure applications can directly consume data from a heterogeneous mix of BLE, 800MHz and 900MHz EnOcean specialized IoT devices that plug into the USB port on HPE Aruba Networking access points without a dedicated on-premises gateway. Continue reading

DOE Wants A Hub And Spoke System Of HPC Systems

We talk about scale a lot here at The Next Platform, but there are many different aspects to this beyond lashing a bunch of nodes together and counting aggregate peak flops. …

DOE Wants A Hub And Spoke System Of HPC Systems was written by Timothy Prickett Morgan at The Next Platform.

Who’s Going To Build The UK’s Homegrown Exascale Supercomputer?

The years-long run-up to the first exascale supercomputers was really a story about the ongoing competition between the United States and China. …

Who’s Going To Build The UK’s Homegrown Exascale Supercomputer? was written by Jeffrey Burt at The Next Platform.

Roundup of high-speed networking updates from Intel, Marvell, Ranovus

The need for speed in the data center has never been greater, as data sets for AI and machine learning grow exponentially. Enterprises also need bandwidth to move increasingly large data sets, and security to protect data in transit. To that end, three vendors have announced new capabilities in the high-speed networking game. So, let’s run them down.Intel launches Agilex 7 FPGAs with F-Tile Intel has introduced its latest FPGA-based networking processor, the Agilex 7 with F-Tile. This PAM4 and NRZ dual-mode serial interface tile can deliver up to 116 Gbps and hardened 400 GbE intellectual property. This is double the bandwidth per channel of the previous generation of Intel FPGAs with reduced power consumption.To read this article in full, please click here

BrandPost: 4 Compelling Reasons SD-WAN Adoption is Growing

By Gabriel Gomane, Senior Product Marketing Manager, Aruba, a Hewlett Packard Enterprise company.Recently, organizations have increasingly adopted SD-WAN to modernize their network and streamline network connections between branch offices and headquarters. The key driver has been the acceleration of digital transformation and the move of applications to the cloud. To enable this transformation, a modernized network is critical to support multi-cloud architectures, improve security and agility. A poor network infrastructure could limit digitization efforts and prevent IT departments from aligning to strategic goals.To read this article in full, please click here

Vast Data focuses on metadata cataloging, encryption support and snapshots

Flash storage vendor Vast Data has released what it claims is its biggest software release, updating and adding new features around data catalogs that will allow enterprises to tag data with user-defined information and to query datasets that meld structured, unstructured and semi-structured data.Vast has actually announced two revisions to its software, 4.6 and 4.7. The software itself has no formal name, just a version number. Version 4.6, available now, is a major release, and 4.7, available this spring, will be a minor release, according to Steve Pruchniewski, director of product marketing at VAST. “Major feature releases are core to the product's evolution, where minor feature releases typically contain bug fixes and holdovers from previous feature releases,” Pruchniewski said.To read this article in full, please click here

Vast Data focuses on metadata cataloging, encryption support and snapshots

Is This the Age of the Network Para-Professional?

With more networks being distributed to the edge and installed remotely to support IoT, there is an emerging need for non-IT workers to locally maintain and supervise these networks.

No hassle migration from Zscaler to Cloudflare One with The Descaler Program

This post is also available in 简体中文, 日本語, Deutsch Français and Español.

Today, Cloudflare is excited to launch the Descaler Program, a frictionless path to migrate existing Zscaler customers to Cloudflare One. With this announcement, Cloudflare is making it even easier for enterprise customers to make the switch to a faster, simpler, and more agile foundation for security and network transformation.

Zscaler customers are increasingly telling us that they’re unhappy with the way in which they have to manage multiple solutions to achieve their goals and with the commercial terms they are being offered. Cloudflare One offers a larger network, a ‘single stack’ solution with no service chaining that enables innovation at an incredible rate, meaning lots of new product and feature releases.

At its core, the Descaler Program helps derisk change. It’s designed to be simple and straightforward, with technical resources to ensure a smooth transition and strategic consultation to ensure the migration achieves your organization's goals. Customers can expect to be up and running on Cloudflare One in a matter of weeks without disruption to their business operations.

What makes up the Descaler Program?

Knowledgeable people. Clear process. Like-magic technology. Getting the people, process, and Continue reading

Zero Trust security with Ping Identity and Cloudflare Access

In today's digital landscape, traditional perimeter based security models are no longer enough to protect sensitive data and applications. As cyber threats become increasingly sophisticated, it's essential to adopt a security approach that assumes that all access is unauthorized, rather than relying on network perimeter-based security.

Zero Trust is a security model that requires all users and devices to be authenticated and authorized before being granted access to applications and data. This approach offers a comprehensive security solution that is particularly effective in today's distributed and cloud-based environments. In this context, Cloudflare Access and Ping Identity offer a powerful solution for organizations looking to implement Zero Trust security controls to protect their applications and data.

Enforcing strong authentication and access controls

Web applications provide businesses with enhanced scalability, flexibility, and cost savings, but they can also create vulnerabilities that malicious actors can exploit. Ping Identity and Cloudflare Access can be used together to secure applications by enforcing strong authentication and access controls.

One of the key features of Ping Identity is its ability to provide single sign-on (SSO) capabilities, allowing users to log in once and be granted access to all applications they are authorized to use. This feature streamlines Continue reading

Scan and secure Atlassian with Cloudflare CASB

As part of Security Week, two new integrations are coming to Cloudflare CASB, one for Atlassian Confluence and the other for Atlassian Jira.

We’re excited to launch support for these two new SaaS applications (in addition to those we already support) given the reliance that we’ve seen organizations from around the world place in them for streamlined, end-to-end project management.

Let’s dive into what Cloudflare Zero Trust customers can expect from these new integrations.

CASB: Security for your SaaS apps

First, a quick recap. CASB, or Cloud Access Security Broker, is one of Cloudflare’s newer offerings, released last September to provide security operators - CISOs and security engineers - clear visibility and administrative control over the security of their SaaS apps.

Whether it’s Google Workspace, Microsoft 365, Slack, Salesforce, Box, GitHub, or Atlassian (whew!), CASB can easily connect and scan these apps for critical security issues, and provide users an exhaustive list of identified problems, organized for triage.

Scan Confluence with Cloudflare CASB

Over time, Atlassian Confluence has become the go-to collaboration platform for teams to create, organize, and share content, such as documents, notes, and meeting minutes. However, from a security perspective, Confluence's flexibility and wide Continue reading

« Previous 1 … 326 327 328 329 330 … 3,835 Next »