Closing the security loop with automated incident response

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Organizations have poured billions of dollars into cyber security detection solutions, and while they are exceptional at uncovering potential anomalies and threats, none of these products can guarantee against a breach. Consequently, the next logical step is to pair robust detection and prevention technology with equally efficient and effective operations solutions, including incident response.

 

Detection solutions are now generating an average of 10,000 alerts per day, according to a recent survey Damballa—far too many for companies to inspect and manage. Yet, security professionals are still attempting to manually separate false alarms from real threats; decide what action, if any, to take; and then perform repetitive actions like gathering data, conducting basic analysis, and generating notifications and tickets.

To read this article in full or to leave a comment, please click here

Why It’s So Hard To Find Intruders After A Network Penetration

This guest blog post is by Jason Matlof, Executive Vice President, LightCyber. We thank LightCyber for being a sponsor. LightCyber’s Magna Active Breach Detection platform is a behavior-based detection system that integrates network and endpoint context and is designed specifically to find active breaches after a threat actor has already penetrated a network. To hear […]

Author information

Drew Conry-Murray

I'm a tech journalist, editor, and content director with 17 years' experience covering the IT industry. I'm author of the book "The Symantec Guide To Home Internet Security" and co-author of the post-apocalyptic novel "Wasteland Blues," available at Amazon.

The post Why It’s So Hard To Find Intruders After A Network Penetration appeared first on Packet Pushers Podcast and was written by Drew Conry-Murray.

Four years later and CloudFlare is still doing IPv6 automatically

Over the past four years CloudFlare has helped well over two million websites join the modern web, making us one of the fastest growing providers of IPv6 web connectivity on the Internet. CloudFlare's Automatic IPv6 Gateway allows IPv4-only websites to support IPv6-only clients with zero clicks. No hardware. No software. No code changes. And no need to change your hosting provider.

alt Image by Andrew D. Ferguson

A Four Year Story

The story of IPv6 support for customers of CloudFlare is about as long as the story of CloudFlare itself. June 6th, 2011 (four years ago) was the original World IPv6 Day, and CloudFlare participated. Each year since, the global Internet community has pushed forward with additional IPv6 deployment. Now, four years later, CloudFlare is celebrating June 6th knowing that our customers are being provided with a solid IPv6 offering that requires zero configuration to enable. CloudFlare is the only global CDN that provides IPv4/IPv6 delivery of content by default and at scale.

IPv6 has been featured in our blog various times over the last four years. We have provided support for legacy logging systems to handle IPv6 addresses, provided DDoS protection on IPv6 alongside classic IPv4 address space, and provided Continue reading

Hacker turns toy into tool that can open garage doors in seconds

Owners of fixed-code garage door openers might want to consider upgrading them because a researcher has developed a technique that guesses the numbers in seconds.To showcase the new attack, which he dubbed Open Sesame, security researcher Samy Kamkar reprogrammed a children's toy designed for short-distance texting called Radica Girl Tech IM-me because it has all the needed wireless components and because "it's pink," his favorite color.With a fixed-code garage door opener, the remote control, or "clicker" always transmits the same 8 to 12-bit binary code. For a 12-bit code, there are 4,096 possible combinations -- strings of 1s and 0s.To read this article in full or to leave a comment, please click here

Five new things we know about Skylake

With the upcoming release of Intel’s Skylake chips, there’s a lot to look forward to, including faster computers, fewer ports and wireless charging. At Computex in Taipei this week Intel shed more light on the new chip technology, a much hyped successor to Intel’s family of Broadwell family of chips. Here are five things we learned:1) Skylake chips won’t be released when Windows 10 becomes commercially available on July 29, so PCs with a combination of the new OS and chip technology won’t be immediately available, said Kirk Skaugen, senior vice president and general manager of the PC Client Group at Intel, during an interview at Computex. Intel has built Skylake to work hand-in-glove with Windows 10, which among other new features offers biometric authentication that will allow a user’s fingerprint or face to replace a typed password. Skaugen declined to provide a specific release date, but Skylake could be the centerpiece announcement at the Intel Developer Forum in mid-August. PCs could follow soon after.To read this article in full or to leave a comment, please click here

5 reasons you should move your video to specialty storage

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. Video is everywhere, and growing exponentially. According to a recent report, 35 billion video ads were viewed in December, representing year-over-year growth of more than 100%. And every industry is seeing video growth, which creates a problem for data managers because video challenges storage management in four ways: Performance requirements are not served well by traditional storage architecture. Rapid video growth can overwhelm storage environments while resource utilization is masked by virtualization Use of traditional backup tools make data protection expensive and challenging Long-term data value means this is not a temporary problem If, however, you move video to specialty storage, you’ll achieve five amazing benefits:To read this article in full or to leave a comment, please click here

5 reasons you should move your video to specialty storage

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Video is everywhere, and growing exponentially. According to a recent report, 35 billion video ads were viewed in December, representing year-over-year growth of more than 100%. And every industry is seeing video growth, which creates a problem for data managers because video challenges storage management in four ways:

  1. Performance requirements are not served well by traditional storage architecture.
  2. Rapid video growth can overwhelm storage environments while resource utilization is masked by virtualization
  3. Use of traditional backup tools make data protection expensive and challenging
  4. Long-term data value means this is not a temporary problem

If, however, you move video to specialty storage, you’ll achieve five amazing benefits:

To read this article in full or to leave a comment, please click here

PlexxiPulse—Have you heard of Bimodal IT?

The networking space is buzzing about “Bimodal IT.” Simply defined, Bimodal IT is the segmentation of application deployments into cloud (public and/or private). Ben Kepes of Forbes included the concept in a recent deep dive on enterprise IT in the cloud. The network underpinning bimodal initiatives is critical and as Kepes pointed out in his article, tough to achieve if operating a legacy network. Our own Director of Solutions Marketing, Bob Noel, agrees with Kepes and highlights the importance of scalable and agile networks in response to the piece: “Those left to run (Bimodal deployments) on the legacy infrastructure is a fantastic idea that unfortunately has an Achilles heel inhibiting success for the approach…Until there is a fundamental shift in networking, companies will struggle to support Bimodal IT.” What are your thoughts on bimodal IT? Do you agree with Kepes and Bob?

Below please find a few of our top picks for our favorite news articles of the week. Enjoy!

BetaBoston: New Hampshire tries to reclaim tech vibe
By Staff Writer
MANCHESTER, N.H. — In one corner, a guy was hunched over his laptop, working on a pitch for a smartphone app that would allow golfers to Continue reading

DARPA spends $24M to smarten-up WAN edge

Officials of Defense Advanced Research Projects Agency (DARPA) this week awarded two contracts worth a total of nearly $24 million to develop new networking and security technologies at the WAN edge.Raytheon BBN Technologies and Vencore Labs’ Applied Communication Sciences research program pretty much evenly divided the money which DARPA expects will develop technologies that “bolster the resilience of communication over IP networks solely by instantiating new capabilities in computing devices within user enclaves at the WAN edge.”To read this article in full or to leave a comment, please click here

Software-Defined Networking will be a critical enabler of the Internet of Things

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. Organizations are excited about the business value of the data that will be generated by the Internet of Things (IoT). But there’s less discussion about how to manage the devices that will make up the network, secure the data they generate and analyze it quickly enough to deliver the insights businesses need. Software defined networking (SDN) can help meet these needs. By virtualizing network components and services, they can rapidly and automatically reconfigure network devices, reroute traffic and apply authentication and access rules. All this can help speed and secure data delivery, and improve network management, for even the most remote devices.To read this article in full or to leave a comment, please click here

Software-Defined Networking will be a critical enabler of the Internet of Things

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. Organizations are excited about the business value of the data that will be generated by the Internet of Things (IoT). But there’s less discussion about how to manage the devices that will make up the network, secure the data they generate and analyze it quickly enough to deliver the insights businesses need. Software defined networking (SDN) can help meet these needs. By virtualizing network components and services, they can rapidly and automatically reconfigure network devices, reroute traffic and apply authentication and access rules. All this can help speed and secure data delivery, and improve network management, for even the most remote devices.To read this article in full or to leave a comment, please click here

Software-Defined Networking will be a critical enabler of the Internet of Things

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Organizations are excited about the business value of the data that will be generated by the Internet of Things (IoT). But there’s less discussion about how to manage the devices that will make up the network, secure the data they generate and analyze it quickly enough to deliver the insights businesses need.

Software defined networking (SDN) can help meet these needs. By virtualizing network components and services, they can rapidly and automatically reconfigure network devices, reroute traffic and apply authentication and access rules. All this can help speed and secure data delivery, and improve network management, for even the most remote devices.

To read this article in full or to leave a comment, please click here

72% of Networking Performance Statistics Are Misleading

Like my tongue-in-cheek title, performance statistics are often misleading or, at best, meaningless without context. As a savvy consumer of any networking product, you should look at performance statistics as little more than a rough indicator of how a { box | software package | interface } performed under a specific test circumstance. Hint: the tests are usually rigged.

Preparing for your Windows Server upgrade

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

f you’ve been clinging to Windows Server 2003 trying to ignore the fact that Microsoft will officially end support July 14, 2015, you’re playing with fire. One the updates stop, you’ll be exposed to troubling security and compliance risks. Take note that in 2013 alone, 37 updates were issued by Microsoft for Windows Server 2003/R2.

Yet upgrading servers is a resource challenge as well as a mindset issue. The top barrier for migration, according to a survey, is the belief that existing systems are working just fine, and many users worry about software incompatibility.

To read this article in full or to leave a comment, please click here

IF { you like this blog } THEN { donate to my annual charitable campaign }

I am raising money for the Mt. Washington Observatory (MWO), a non-profit organization engaged in weather research in New Hampshire. I am joining the 15th annual Seek The Peak fundraiser for the MWO. The idea is simple: hike to the summit, with pledgers backing the adventure. If you've gotten value from the Packet Pushers podcast or this blog, I'd appreciate it if you'd donate to my Seek the Peak campaign. For the first three networking vendors that donate $1,000 or more, I'll have my picture taken at the Mt. Washington summit sign with your wearable and thank you in a blog post here.

Breach detection: Five fatal flaws and how to avoid them

IT Security today is not about defending a (non-existent) perimeter, but about protecting the organization’s attack surface, which has changed dramatically due to the cloud, mobility, BYOD, and other advances in corporate computing that have caused fundamental shifts in network architecture and operations.

Practically speaking, it means you need to monitor what is occurring inside the firewall just as much (if not more) than what is outside trying to make its way in. Think of it as a post breach mindset based on a “1,000 points of light” model as opposed to a “moat and castle” model of defense.

In theory its evolutionary, but given the accelerated pace in which security organizations have matured, it is not necessarily an easy transition to make. Not only has the threat landscape changed, but there has been constant flux in the leadership, skills, tools and budget required.

To read this article in full or to leave a comment, please click here