5 Takeaways from a Week at #VMWorld

vmworld2015

Another VMworld has come and gone. 23,000 people at this year’s VMWorld at the Moscone Center seemed to push the limits with standing room only at sessions and coffee in high demand, but the show was well run and the solution exchange was hopping.

I was glad to see less marketing rhetoric around private vs. public cloud, software vs. hardware, virtualized networks vs. physical networks and more focus on delivering solutions that help accelerate the deployment of workloads in ways that help customers.

Here’s a look at my 5 things that made an impression on me at this year’s show.

1. It’s a Hybrid World

A major focus (maybe the focus) of VMworld this year was what VMware calls the “Unified Hybrid Cloud.” It was good to see a strong shift from previous years where much focus was placed on defending private cloud versus public cloud. VMware is certainly taking an “inside out” strategy by focusing on their strength inside the data center and leveraging their vCloud Air public cloud services. Their ability to provide sophisticated tools for private data centers and extend that to a public resource-on-demand consumption model is certainly a strong value proposition for customers.

2. Continue reading

California assembly passes digital privacy bill

The California assembly has passed a digital privacy bill that aims to prevent government access without warrant to private electronic communications, while providing some exceptions for law enforcement in emergencies or for other public safety requirements.California is home to a large number of tech companies who face regularly requests for data on their customers from both state and federal law enforcement agencies. Twitter, for example, reported 273 requests for account information in California from January to June this year.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords The bill, which would require a judge's approval for access to a person’s private information, including data from personal electronic devices, email, digital documents, text messages and location information, had been passed in June by the state senate and will now return there for concurrence before heading to state Governor Jerry Brown for approval.To read this article in full or to leave a comment, please click here

Organizations Can Be Twice As Secure at Half the Cost

Last week at VMworld, Pat Gelsinger made a statement that got folks buzzing. During his Cyber-Security-King_Blogkeynote, he said that integrating security into the virtualization layer would result in organizations being twice as secure at half the cost. As a long-time security guy, statements like that can seem a little bold, but VMware has data, and some proven capability here in customer environments.

We contend that the virtualization layer is increasingly ubiquitous. It touches compute, network, and storage – connects apps to infrastructure – and spans data center to device. More importantly, virtualization enables alignment between the things we care about (people, apps, data) and the controls that can protect them (not just the underlying infrastructure).

Let me speak to the statement from the data center network side with some real data. VMware has a number of VMware NSX customers in production that have deployed micro-segmentation in their data centers.  Here’s what we found:

  1. 75% of data center network traffic is East-West, moving VM to VM regardless of how convoluted the path may be.
  2. Nearly all security controls look exclusively at North-South traffic, which is the traffic moving into and out of the data center; 90% of East-West traffic never Continue reading

Android porn app snaps pic of user, locks it on home screen with $500 ransom demand

Some unlucky individuals thought they had downloaded the Android app Adult Player to watch porn videos, but the app silently takes a photo of users while they use the app and then displays the image on the home screen, along with a ransom note demanding $500.Researchers from Zscaler's ThreatLab first discovered the "new mobile ransomware variant that leverages pornography to lure victims into downloading and installing it." Perhaps the desire for viewing porn is stronger than common sense, as the permissions asked to be activated as device admin. It asks for the right to monitor screen-unlock attempts and to "lock the phone or erase all the phone's data if too many incorrect passwords are typed."To read this article in full or to leave a comment, please click here

Help a refugees would enrich ourselves

This website is for those who want to share their apartment with a refuge. You don't even have to pay -- refugee organizations will pay their share of the rent. This is frankly awesome.

I grew up around refugees. Our neighbors were refugees from south Vietnam. They flew out with the fleeing American troops as the South Vietnamese government collapsed. They got onto an overloaded helicopter that had barely enough fuel to reach the aircraft carrier off the coast. That helicopter was then dumped overboard, to make room for more arriving refugees and American troops.

Because my father was a journalist reporting on El Salvadoran refugees, we became life-long friends with one of those families. She was a former education minister, he was a former businessman. It was "suggested" that she resign from government. One night, while driving home, a paramilitary roadblock stopped them. Men surrounded the car and pointed guns at them. The leader then said "wait, they've got children in the back", at which point the men put down their guns and fled. In other words, they should be dead. They fled to the United States soon after, and hid in a church basement. Since El Salvador was Continue reading

Lego Bricks and Network Operating Systems

One of the comments I got on my Lego Bricks & BFT blog post was “well, how small should those modular Lego bricks be?

The only correct answer is “It should be Lego bricks all the way down” or (more formally) “Modularity is a concept that should be applied at every level of the architecture.

Today let’s focus on how much easier the life would be if we could take apart the network operating systems instead of just watching them as glued-together Death Stars.

Read more ...

Trend Micro’s spam traps surface more Ashley Madison fake users

There hasn't been a lack of strange things turning up in the Ashley Madison data leak.One of the latest discoveries comes from Trend Micro, which found bogus Ashley Madison profiles that used email addresses the company created solely for collecting spam samples.The email addresses are known as "honeypots," a general term for systems set up by researchers in the hope that they will be attacked. Studying the attacks can shed light on new methods used by malicious hackers.One of Trend's addresses was used for a profile describing a 33-year-old Los Angeles woman who is "sexy, aggressive" and "knows what she wants," wrote Ryan Flores, a threat research manager with Trend, in a blog post.To read this article in full or to leave a comment, please click here

WhatsApp fixes dangerous flaw in Web app

WhatsApp, the widely used messaging program, has fixed a dangerous flaw in its Web app that could be used to trick people into installing malware, according to Check Point.The flaw could affect as many as 200 million people who use WhatsApp's web interface, wrote Oded Vanunu, Check Point's group manager for security research and penetration."All an attacker needed to do to exploit the vulnerability was to send a user a seemingly innocent vCard containing malicious code," he wrote.To read this article in full or to leave a comment, please click here

Cisco ACI PowerTool

If you are frequent reader of this blog, it’s no surprise I’m focused on automation these days. It’s been primarily centered around using Python and Ansible with a little Puppet and Chef sprinkled in. I had the opportunity recently to change things up a bit using the Cisco ACI PowerTool and thought I’d share a few things about it.

First off, the ACI PowerTool is a PowerShell module that helps automate all aspects of a Cisco ACI fabric.

Second, it’s no a secret that the same rocket scientist created both the Cisco UCS and ACI object models. That said, the UCS PowerTool has been around for years and offers PowerShell modules that can be used to manage, operate, and automate Cisco UCS environments. As you may have guessed the Cisco ACI PowerTool is the same thing, but used to manage and automate Cisco ACI fabrics using PowerShell.

And as luck would have it, I’m still a Windows user, so I was able to get this up and running extremely fast. In full transparency, I haven’t spent much time with PowerShell at all before this, and it was super easy to get going, so no matter what your background, it’s worth Continue reading

Video: The real value of hybrid cloud

Public or private cloud - why choose one when you can have both?Hybrid cloud computing is the idea of connecting a private cloud that sits inside the corporate firewall to some public cloud hosted by a service provider.+MORE AT NETWORK WORLD: Can VMware survive in a post-virtualization world? +Doing so gives organizations all the benefits of both worlds: Private clouds can handle security-sensitive workloads, while the public cloud is great for apps that have varying demand of resources.But saying is easier than doing. At VMworld in San Francisco, we chatted with Cliqr’s Kurt Milnes to discuss how to overcome some of the chief challenges related to hybrid cloud computing.To read this article in full or to leave a comment, please click here

Containers key as Cisco looks to “open” data center OS

A key but quiet component of Cisco’s “open” data center operating system is the ability to build applications and microservices via Linux containers.It’s not a new capability but an increasingly important one for making – and marketing – Cisco’s NX-OS as “open,” a campaign that began in June. Open NX-OS includes object store and model driven RESTful and XML/JSON API support in the NX-API; native third-party application integration of Puppet, Chef and Ganglia, among others; a software developer’s kit for application integration; and Linux utilities support for tool integration across compute and network.To read this article in full or to leave a comment, please click here

Microsoft Edge browser gets its first critical patches

Released a little over a month ago, Microsoft's new Edge browser has gotten its first set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-05, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here

Microsoft Edge browser gets critical patches

Released a little over a month ago, Microsoft's new Edge browser has gotten a set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-095, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here

Cisco adds sFlow support to Nexus 9K series

Cisco adds support for the sFlow standard in the Cisco Nexus 9000 Series 7.0(3)I2(1) NX-OS Release. Combined with the Nexus 3000/3100 series, which have included sFlow support since NX-OS 5.0(3)U4(1),  Cisco now offers cost effective, built-in, visibility across the full spectrum of data center switches.
Cisco network engineers might not be familiar with the multi-vendor sFlow technology since it is a relatively new addition to Cisco products. The article, Cisco adds sFlow support, describes some of the key features of sFlow and contrasts them to Cisco NetFlow.
Nexus 9000 switches can be operated in NX-OS mode or ACI mode:
  • NX-OS mode includes a number of open features such as sFlow, Python, NX-API, and Bash that integrate with an open ecosystem of orchestration tools such as Puppet, Chef, CFEngine, and Ansible. "By embracing the open culture of development and operations (DevOps) and creating a more Linux-like environment in the Cisco Nexus 9000 Series, Cisco enables IT departments with strong Linux skill sets to meet business needs efficiently," Cisco Nexus 9000 Series Switches: Integrate Programmability into Your Data Center. Open APIs are becoming increasingly popular, preventing vendor lock-in, and allowing organizations to benefit from the rapidly increasing range of open hardware Continue reading
1 3,326 3,327 3,328 3,329 3,330 3,839