Illumio takes a unique approach to adaptive security

Earlier this year, I wrote a post discussing why security needs to be adaptive. The high-profile breaches of big-name firms like Target and Bank of America, not to mention the Office of Personnel Management, have acted as a wake-up call to businesses. No matter how much money and how many people are thrown at securing the perimeter, it will not stop 100% of malicious traffic from penetrating the enterprise.Solving the security challenge continues to confound IT professionals as well. In the 2015 Network Purchase Intention Study, run jointly by ZK Research and Tech Target, we asked over 1,000 respondents globally, "What are your company’s top 3 priorities for next 12 months?" To no surprise, security came back as the No. 1 response. Another question we asked was, "What IT products are taking up more time than in previous years?" Again, security was overwhelmingly the No. 1 response. So security is a top initiative for IT, but it’s taking more and more time. Something has to change if the acceleration of breaches the industry has seen over the past few years is going to reverse course (disclosure: I am an employee of ZK Research).To read this article Continue reading

Replace your NAS with cloud storage: the 8 key requirements

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

The economics, scale, and manageability of cloud storage simply cannot be matched even by the largest enterprise datacenters.

Hyperscale cloud storage providers like AWS, Google and Azure dropped prices by up to 65% last year and promised a Moore’s Law pricing model going forward. AWS provides eleven 9’s of durability, meaning if you store 10,000 objects with Amazon S3, you can, on average, expect to incur a loss of a single object once every 10,000,000 years. Further, Amazon S3 is designed to sustain the concurrent loss of data in two facilities by storing objects on multiple devices across multiple facilities.  

To read this article in full or to leave a comment, please click here

New point-of-sale malware distributed by Andromeda botnet

Cybercriminals are casting increasingly wider nets in their search for new point-of-sale systems to infect. This appears to be the case with a new memory scraping malware program called GamaPoS that’s distributed by a large botnet known as Andromeda.GamaPoS was recently discovered by security researchers from antivirus vendor Trend Micro, who found systems infected with it inside organizations from 13 U.S. states and Vancouver, Canada.The program is written in Microsoft’s .NET, which is unusual for RAM scraping malware. These type of threats monitor the memory of point-of-sale systems for payment card data and steal it while it’s being passed from the physical card readers to the commerce applications.To read this article in full or to leave a comment, please click here

The Growing Open Networking Ecosystem

What a difference a couple of years can make. Two years ago, Cumulus Networks was a startup just coming out of stealth mode, and the open networking movement was a mere twinkle in our eyes. Since then, an ecosystem has arisen around open networking that offers customers choice not only in the networking hardware and software they run, but also in how they procure it. Now, companies of all sizes — from small shops with an IT team to the world’s largest cloud providers — are able to reap the benefits of open networking in the way that works best for them.

The expanding open networking ecosystem

Screen Shot 2015-07-16 at 8.48.52 AM

While some customers choose Cumulus Linux when shopping for a network solution, many of our customers first experience open networking as part of a broader procurement strategy. Increasingly, open networking is part of next-generation architectures designed to deliver IT as a pool of unified resources that can be managed holistically — what some people call the software-defined data center. With a growing network of partners — ranging from resellers to integrators to OEMs — customers can buy open networking from an IT provider that they know and trust.

Here are a few common Continue reading

Oculus buys gesture-control company Pebbles Interfaces

Facebook-owned Oculus VR has purchased Pebbles Interfaces, an Israeli company that develops gesture-control and motion-sensor technology.Pebbles’ technology is designed to create real-world objects in virtual reality environments. The company focuses on rendering virtual images of a person’s actual body, especially the hands and fingers. However, Pebbles noted its technology can display any body part and show details like wrinkles and contours or items held in a user’s hand.This would allow people who are using the Oculus Rift to see an image of their own hands in the display of the virtual reality headset. Other headsets use generic images of person’s body or don’t allow users to view themselves.To read this article in full or to leave a comment, please click here

EBay to sell its enterprise unit four years after buying it

EBay has reached a deal to sell its enterprise unit, a division focused on building and running online shopping sites for bricks-and-mortar retailers, for less than half than it paid four years ago.The $925 million deal, announced Thursday, will give control of eBay Enterprise to a group of private equity firms led by Sterling Partners and Permira Funds, eBay said in a press release.EBay acquired its enterprise unit, then called GSI Commerce, in June 2011, for $2.4 billion. The unit has more than 500 customers, including Dick’s Sporting Goods, American Eagle Outfitters, Abercrombie & Fitch, PetSmart, Ikea and Major League Baseball. Many of those businesses compete for online sales with eBay itself.To read this article in full or to leave a comment, please click here

Encrypted Web and Wi-Fi at risk as RC4 attacks become more practical

There’s an old saying in the security community: Attacks always get better. The latest case where that holds true is for the aging RC4 cipher that’s still widely used to encrypt communications on the Internet.Researchers Mathy Vanhoef and Frank Piessens from the University of Leuven in Belgium devised a new attack method that can recover authentication cookies and other sensitive information from Web connections encrypted with RC4.The RC4 (Rivest Cipher 4) algorithm was designed in 1987 by renowned cryptographer Ron Rivest and remained a trade secret until 1994, when it was leaked on the Internet. Since then it has been implemented in a number of popular protocols, including SSL (Secure Socket Layer) and its successor, TLS (Transport Layer Security); the WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) wireless security standards; Microsoft’s RDP (Remote Desktop Protocol) and MPPE (Microsoft Point-to-Point Encryption), BitTorrent and others.To read this article in full or to leave a comment, please click here

Network TDD Quickstart Guide

This post gives a quick overview of how to use network Test Driven Development framework. As an example I’ll use a simplified version of a typical enterprise network with a Data Centre/HQ and a Branch office. A new branch is being added and the task is to configure routing for that branch using a TDD approach. First we’ll devise a set of TDD scenarios to be tested and then, going through each one of them, modify routing to make sure those scenarios don’t fail (a so-called red-green-refactor approach)

Continue reading

Virtually Artificial

I had the great pleasure of stumbling across the Wool trilogy of books last year. I haven’t been so touched by a book since The Passage – I must have a thing about the end of the world. The story is about a community that lives in a huge pill shaped structure (a silo) almost […]

Author information

Steven Iveson

Steven Iveson

Steven Iveson, the last of four children of the seventies, was born in London and has never been too far from a shooting, bombing or riot. He's now grateful to live in a small town in East Yorkshire in the north east of England with his wife Sam and their four children.

He's worked in the IT industry for over 20 years in a variety of roles, predominantly in data centre environments. Working with switches and routers pretty much from the start he now also has a thirst for application delivery, automation, SDN, virtualisation and related products and technologies. He's published a number of F5 Networks related books, is a regular contributor at DevCentral and was an F5 DevCentral MVP for 2014.

TwitterLinkedIn

The post Virtually Artificial appeared first on Packet Pushers Podcast and was written by Steven Continue reading

Commercializing Community

No online community with a collective identity has successfully become a large business like the segregated, follower-based communities of Facebook, Instagram, Twitter and Youtube. Strangely, it is the retailer Amazon (proprietor of acquired communities Twitch, Goodreads, IMDB and DPReview) who has the most sophisticated understanding of collective identity online communities of any modern mega-corp.

C.S. Lewis used to say that for each new book he read, he would read two old books — books written before he was born, preferably. The point to this seemingly odd reading habit was to avoid the blind spot — every age has a blind spot, a obsessive passion around which everything else must fall or be crushed. Much like ages, each profession also has a blind spot of the same sort.

Technology is no exception.

So what is the blind spot of the technology world? I would say it’s human nature. Engineers have a very bad habit of making people into manipulable objects — for instance, “the soul is software, and the body is hardware.” The analogy might be a good one, but it’s also, like most analogies, decidedly not the whole story.

This belief that we can build a community based Continue reading

The Upload: Your tech news briefing for Thursday, July 16

Qualcomm hit with antitrust probe in EuropeQualcomm is under investigation by the European Union’s antitrust authority, which suspects the company of abusing its dominant position in the market for 3G and 4G chipsets used in smartphones and tablets. The company settled similar charges in China earlier this year. In this case, the European Commission is looking into whether the company broke antitrust rules by offering financial incentives to phone manufacturers if they made it their primary chipset supplier, and whether it sold below cost to force competitors out of the market.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Thursday, July 16

Qualcomm hit with antitrust probe in EuropeQualcomm is under investigation by the European Union’s antitrust authority, which suspects the company of abusing its dominant position in the market for 3G and 4G chipsets used in smartphones and tablets. The company settled similar charges in China earlier this year. In this case, the European Commission is looking into whether the company broke antitrust rules by offering financial incentives to phone manufacturers if they made it their primary chipset supplier, and whether it sold below cost to force competitors out of the market.To read this article in full or to leave a comment, please click here

1 3,333 3,334 3,335 3,336 3,337 3,779