SANS: 20 critical security controls you need to add

Prioritizing security measures is the first step toward accomplishing them, and the SANS Institute has created a list of the top 20 critical security controls businesses should implement.They include some obvious steps, such as getting a comprehensive inventory of all network devices and software, implementing secure hardware configurations and providing for data recovery, but also gets into areas that are less evident.+More on Network World: Gartner: IT should simplify security to fight inescapable hackers+To read this article in full or to leave a comment, please click here

Adding a Full API to PicOS

Pica8s PicOS is a Linux network OS based on Debian. This makes it easy for our customers to integrate their own tools or applications within PicOS. We are compatible with all the leading DevOps tools, such as Puppet, Chef, and Salt; and of course, we support OpenFlow.

But what if you would like to have an application on the switch itself to manipulate its data path? This is beyond the standard DevOps model and is not aligned with the traditional OpenFlow model, which uses a centralized controller.

Typically the requirement for such an application would be:
– A switch using traditional L2/L3, as well as an API to override those L2/L3 forwarding decisions.
– The API could be called on the switch itself while the application is running on the switch (that requirement would forbid a centralized OpenFlow controller).

For this use case, most network equipment vendors have an SDK (Software Development Kit) to program native applications running directly on the switch. A good example would be the Arista EOSSdk.

One big issue with those SDKs is that they are “sticky.” Once you develop your application, it only runs on the SDK provided by your vendor, Continue reading

Sponsored Post: IStreamPlanet, Close.Io, Instrumental, Location Labs, Surge, Redis Labs, Jut.Io, VoltDB, Datadog, SignalFx, InMemory.Net, VividCortex, MemSQL, Scalyr, AiScaler, AppDynamics, ManageEngine, Site24x7

Who's Hiring?

  • As a Networking & Systems Software Engineer at iStreamPlanet you’ll be driving the design and implementation of a high-throughput video distribution system. Our cloud-based approach to video streaming requires terabytes of high-definition video routed throughout the world. You will work in a highly-collaborative, agile environment that thrives on success and eats big challenges for lunch. Please apply here.

  • As a Scalable Storage Software Engineer at iStreamPlanet you’ll be driving the design and implementation of numerous storage systems including software services, analytics and video archival. Our cloud-based approach to world-wide video streaming requires performant, scalable, and reliable storage and processing of data. You will work on small, collaborative teams to solve big problems, where you can see the impact of your work on the business. Please apply here.

  • Close.io is a *profitable* fast-growing SaaS startup looking for a Lead DevOps/Infrastructure engineer to join our ~10 person team in Palo Alto or *remotely*. Come help us improve API performance, tune our databases, tighten up security, setup autoscaling, make deployments faster and safer, scale our MongoDB/Elasticsearch/MySQL/Redis data stores, setup centralized logging, instrument our app with metric collection, set up better monitoring, etc. Learn more and apply here.

  • Location Labs is Continue reading

Moving to the cloud? Willing to talk about it on Datanauts?

The Datanauts Podcast is looking for enterprise infrastructure folks who have worked on a project to migrate applications from in-house to the cloud. Interested in being a guest? Ping me -- [email protected] -- and let us know. You can be anonymous if you like, and you don't have to use your company name.

The post Moving to the cloud? Willing to talk about it on Datanauts? appeared first on Packet Pushers.

How will Dell justify its massive payout for EMC?

Dell's $67 billion acquisition of EMC stacks up as the largest technology deal in history. But if Michael Dell is gobbling up storage giant EMC in an attempt to stem the tide of movement from on-premise proprietary data centers to the cloud, it might be too little too late. Aside from merely bulking up, what exactly is Dell trying to do with EMC? If he hopes to leverage his new toy and its 83% stake in VMware to move deeper into the cloud, then this deal could end up justifying its enormous price tag. In a conference call about the deal, EMC CEO Joe Tucci reportedly claimed that being part of Dell as a private company would speed the development of cloud-based technologies.To read this article in full or to leave a comment, please click here

Announcing the Speaker LIneup For AnsibleFest San Francisco

Featuring speakers from SparkCentral, Riot Games, Blue Box, and more!

We’re happy to announce our confirmed speakers for AnsibleFest San Francisco 2015. Join us on November 19th at the InterContinental San Francisco for a day-long conference bringing together Ansible users, developers, IT professionals, and industry partners to learn more about ways automation is transforming IT.

We had a record number of submissions for this conference, and were excited to have such a dynamic pool of submissions to pick from. We took each submission, anonymized them to remove any speaker/company/product information, and sent them off to our team of Top Men and Women for blind review. We then picked out a well-rounded agenda from the highest scoring talks, and we’re happy to announce them today.

These are just some of our speakers this year. Stay tuned for additional updates in the coming weeks.

CONFIRMED SESSIONS

Deploying Microservices

Stephen Brandon, DevOps Engineer, Sparkcentral

A step back from massive monoliths and colossal clusters, we’ll take a look at managing microservices with Ansible. In this session, Stephen will demonstrate deploying services with rollback and error handling, truncating releases, and restarting processes.

Learn:

Even if you’re not in healthcare, use HIPAA to safeguard that cloud app

 If you’re thinking about migrating a highly sensitive application to the cloud, consider using HIPAA requirements as a way to vet potential providers.

Federal law requires organizations dealing with private health information to adhere to strict security guidelines defined by the Health Insurance Portability and Accountability Act (HIPAA). Given that HIPAA regulations are an excellent risk-management strategy, non-healthcare companies can use a HIPAA-compliant strategy to protect sensitive information like credit card numbers and private customer information.

HIPAA compliance requires businesses to “maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI (Electronic Personal Health Information),” but this could apply to any dataset. At a high level, here’s what you get with HIPAA compliance:

To read this article in full or to leave a comment, please click here

VMware brings Michigan to Europe to boost virtual networking

VMware is taking Michigan to Europe as it works to make networking as secure in the hybrid cloud as it can be in a private datacenter. At its VMworld Europe conference, it unveiled new features and tools to make it easier to roll applications out to its unified hybrid cloud platform, expanding the range of management functions available on its public cloud, vCloud Air, which can be linked with private clouds using vSphere. The company also previewed a new technology, Project Michigan, that can deploy a secure enterprise gateway across vCloud Air offerings, including Disaster Recovery and Dedicated Cloud services. It will support VM migration and network and policy extension with low downtime through Hybrid Cloud Manager. It can be used to spin up thousands of virtual machines with secure connectivity on demand, it said.To read this article in full or to leave a comment, please click here

Google Graveyard: What Google has killed off in 2015

Six feet deepGoogle is truly a company that has more technology and products than it can handle sometimes, and in 2015 the company with the recent name change shed a host of tools and products to enable it to focus on more pressing needs. Here’s a look back at what Google this year has offed or announced plans to off (To go back even further, check out 2014’s Google Graveyard.)To read this article in full or to leave a comment, please click here

1 3,282 3,283 3,284 3,285 3,286 3,836