0

What is Zero Trust Network Architecture (ZTNA)?

Zero Trust is a term coined by John Kindervag while he was an analyst at Forrester Research to describe a strategic framework in which nothing on the network is trusted by default – not devices, not end users, not processes. Everything must be authenticated, authorized, verified and continuously monitored.The traditional approach to security was based on the concept of “trust, but verify.” The weakness of this approach is that once someone was authenticated, they were considered trusted and could move laterally to access sensitive data and systems that should have been off-limits.Zero Trust principles change this to “never trust, always verify.” A Zero Trust architecture doesn’t aim to make a system trusted or secure, but rather to eliminate the concept of trust altogether. Zero Trust security models assume that an attacker is present in the environment at all times. Trust is never granted unconditionally or permanently, but must be continually evaluated.To read this article in full, please click here

0

What is Zero Trust Network Architecture (ZTNA)?

Zero Trust is a term coined by John Kindervag while he was an analyst at Forrester Research to describe a strategic framework in which nothing on the network is trusted by default – not devices, not end users, not processes. Everything must be authenticated, authorized, verified and continuously monitored.The traditional approach to security was based on the concept of “trust, but verify.” The weakness of this approach is that once someone was authenticated, they were considered trusted and could move laterally to access sensitive data and systems that should have been off-limits.Zero Trust principles change this to “never trust, always verify.” A Zero Trust architecture doesn’t aim to make a system trusted or secure, but rather to eliminate the concept of trust altogether. Zero Trust security models assume that an attacker is present in the environment at all times. Trust is never granted unconditionally or permanently, but must be continually evaluated.To read this article in full, please click here

0

Using the ss command on Linux to view details on sockets

The ss command is used to dump socket statistics on Linux systems. It serves as a replacement for the netstat command and is often used for troubleshooting network problems.What is a socket? To make the best use of the ss command, it’s important to understand what a socket is. A socket is a type of pseudo file (i.e., not an actual file) that represents a network connection. A socket identifies both the remote host and the port that it connects to so that data can be sent between the systems. Sockets are similar to pipes except that pipes only facilitate connections between processes on the same system where sockets work on the same or different systems. Unlike pipes, sockets also provide bidirectional communication.To read this article in full, please click here

0

Using the ss command on Linux to view details on sockets

The ss command is used to dump socket statistics on Linux systems. It serves as a replacement for the netstat command and is often used for troubleshooting network problems.What is a socket? To make the best use of the ss command, it’s important to understand what a socket is. A socket is a type of pseudo file (i.e., not an actual file) that represents a network connection. A socket identifies both the remote host and the port that it connects to so that data can be sent between the systems. Sockets are similar to pipes except that pipes only facilitate connections between processes on the same system where sockets work on the same or different systems. Unlike pipes, sockets also provide bidirectional communication.To read this article in full, please click here

0

EU Commission opens antitrust inquiry into Broadcom’s $61B VMware acquisition

A month after the UK’s Competition Market’s Authority (CMA) announced it was investigating Broadcom’s proposed acquisition of VMware, European antitrust regulators have launched its own probe into the $61 billion deal.In the US, the Federal Trade Commission (FTC) is five months into its own investigation of the deal.Meanwhile, the EU Commision said in a statement published on December 20 that it  “is particularly concerned that the transaction would allow Broadcom to restrict competition in the market for certain hardware components which interoperate with VMware's software.”To read this article in full, please click here

0

EU Commission opens antitrust inquiry into Broadcom’s $61B VMware acquisition

A month after the UK’s Competition Market’s Authority (CMA) announced it was investigating Broadcom’s proposed acquisition of VMware, European antitrust regulators have launched its own probe into the $61 billion deal.In the US, the Federal Trade Commission (FTC) is five months into its own investigation of the deal.Meanwhile, the EU Commision said in a statement published on December 20 that it  “is particularly concerned that the transaction would allow Broadcom to restrict competition in the market for certain hardware components which interoperate with VMware's software.”To read this article in full, please click here

0

Authorization Has Evolved…So What’s New and What’s Next?

While there is no one 'silver bullet solution' to access control, policy-based access control solutions provide the context critical to organizations looking to secure their information and mitigate risk.

0

Handwashing Techniques to Teach Your Employees

National handwashing awareness week is an annual event celebrated in December to focus on the importance of proper hand hygiene and general health. It is designed to remind everyone that clean hands can help prevent illness, disease, and the spread of germs. Encouraging hand hygiene among your employees is essential for workplace safety. Teaching handwashing techniques can help provide an extra layer of protection, lessen the spread of germs, and show employees that you care about their health and well-being. To ensure hand hygiene at work, here’s what you should teach your employees:

Use warm water and soap when washing hands

Warm water helps to remove more dirt, oils, and germs from the skin than cold water. Employees should use hot water if it’s available and always make sure to wet their hands with clean running water before applying soap. All surfaces of the hands should be washed thoroughly, including the backs of the hands, wrists, between fingers, and under fingernails.

Scrub for at least 20 seconds

After wetting their hands with clean running water, employees should apply soap and lather up their hands while scrubbing them together in a back-and-forth motion for at least 20 seconds. This includes scrubbing Continue reading

0

One of our most requested features is here: DNS record comments and tags

Starting today, we’re adding support on all zone plans to add custom comments on your DNS records. Users on the Pro, Business and Enterprise plan will also be able to tag DNS records.

DNS records are important

DNS records play an essential role when it comes to operating a website or a web application. In general, they are used to mapping human-readable hostnames to machine-readable information, most commonly IP addresses. Besides mapping hostnames to IP addresses they also fulfill many other use cases like:

• Ensuring emails can reach your inbox, by setting up MX records.
• Avoiding email spoofing and phishing by configuring SPF, DMARC and DKIM policies as TXT records.
• Validating a TLS certificate by adding a TXT (or CNAME) record.
• Specifying allowed certificate authorities that can issue certificates on behalf of your domain by creating a CAA record.
• Validating ownership of your domain for other web services (website hosting, email hosting, web storage, etc.) - usually by creating a TXT record.
• And many more.

With all these different use cases, it is easy to forget what a particular DNS record is for and it is not always possible to derive the purpose from the name, type and Continue reading

0

Docker and PostgreSQL for Development

https://codingpackets.com/blog/docker-and-postgresql-for-development

0

Docker and PostgreSQL for Development

https://codingpackets.com/blog/docker-and-postgresql-for-development

0

How to build a service mesh with Istio and Calico

Microservices are loosely coupled software that provides flexibility and scalability to a cloud environment. However, securing this open architecture from vulnerabilities and malicious actors can be challenging without a service mesh.

This blog post will demonstrate how you can create an Istio and Calico integration to establish a service mesh that will manipulate HTTP traffic in the application layer. This Istio-Calico integration provides a unified way to write security policies interacting with applications and implement restrictions without disturbing the entire system.

What’s a service mesh?

A service mesh is a software layer that sits between the microservices that form your workload. After deploying and enabling a service mesh system for your workloads, an injector will add a sidecar container to each. These sidecars then collect and manipulate information via the rules you provide, allowing you to secure your cluster on an application level without requiring any change inside your software.

Without a service mesh, to ensure communication integrity and confidentiality between workloads, you must modify each to embed encryption methods. On top of that, gathering insight into the events that are happening in the application layer will require modifying the workload application itself, which all requires a good amount of Continue reading

0

HPE expands GreenLake private cloud offerings

HPE has announced new features for its GreenLake for Private Cloud Enterprise, including Kubernetes support and workload-optimized instances.HPE launched GreenLake for Private Cloud Enterprise in June. It's an automated private cloud offering for enterprises looking to deploy both traditional workloads and cloud-native applications inside their data centers. The service includes virtual machines, bare metal workloads, and containers, all running on GreenLake’s on-premises consumption model.Among the new services HPE announced is the option to deploy Kubernetes container services through Amazon Elastic Kubernetes Service (EKS) Anywhere. Customers can now run the same container runtimes on-premises that they use in the public cloud, with a consistent experience across both public and private clouds.To read this article in full, please click here

0

HPE expands GreenLake private cloud offerings

HPE has announced new features for its GreenLake for Private Cloud Enterprise, including Kubernetes support and workload-optimized instances.HPE launched GreenLake for Private Cloud Enterprise in June. It's an automated private cloud offering for enterprises looking to deploy both traditional workloads and cloud-native applications inside their data centers. The service includes virtual machines, bare metal workloads, and containers, all running on GreenLake’s on-premises consumption model.Among the new services HPE announced is the option to deploy Kubernetes container services through Amazon Elastic Kubernetes Service (EKS) Anywhere. Customers can now run the same container runtimes on-premises that they use in the public cloud, with a consistent experience across both public and private clouds.To read this article in full, please click here

0

More work for admins: When labor-saving management tools don’t ease workloads

If not deployed properly, today’s whiz-bang network management tools wind up making more work for network admins rather than saving them time and reducing their overload.Wait, labor saving devices don’t save labor? Not really, at least when it comes to freeing up time for more important or rewarding activities.It’s not unlike the "labor saving appliance" revolution in the American home, especially in the post-WW2 era.I’m referring, of course, to Ruth Schwartz Cowan’s classic history of technology book, More Work for Mother, which explored in depth how various supposedly labor-saving advances in household technology did not reduce the amount of time those women who kept house spent on housekeeping. On the contrary, because they mainly mechanized or automated work previously done by servants, children, or (occasionally) men, these tech advances shifted women’s efforts from organizing such work to doing it. At the same time, with some kinds of work around food preparation and clothes washing, they also brought back “in-house” work that had been effectively outsourced to commercial laundries, bakeries, etc.To read this article in full, please click here

0

More work for admins: When labor-saving management tools don’t ease workloads

If not deployed properly, today’s whiz-bang network management tools wind up making more work for network admins rather than saving them time and reducing their overload.Wait, labor saving devices don’t save labor? Not really, at least when it comes to freeing up time for more important or rewarding activities.It’s not unlike the "labor saving appliance" revolution in the American home, especially in the post-WW2 era.I’m referring, of course, to Ruth Schwartz Cowan’s classic history of technology book, More Work for Mother, which explored in depth how various supposedly labor-saving advances in household technology did not reduce the amount of time those women who kept house spent on housekeeping. On the contrary, because they mainly mechanized or automated work previously done by servants, children, or (occasionally) men, these tech advances shifted women’s efforts from organizing such work to doing it. At the same time, with some kinds of work around food preparation and clothes washing, they also brought back “in-house” work that had been effectively outsourced to commercial laundries, bakeries, etc.To read this article in full, please click here

0

Five Digital Transformation Trends for 2023

Enterprises will need to bridge operational and technology siloes to meet the needs of extremely demanding employees and customers.

0

The Top 10 Ansible Blogs of 2022

Introduction

If you're looking to brush up on the most popular Ansible information from 2022 (or just grasping at any excuse to break away from your relatives for a few minutes during the holidays), you've come to the right place. What follows are the top 10 blogs that have captured the most attention from Ansible.com readers in 2022. 

10. Introducing the Event-Driven Ansible developer preview

One of the buzzworthy announcements at AnsibleFest 2022 was Event-Driven Ansible, released as Developer Preview by Red Hat. In this blog, Joe Pisciotta, Ansible Product Manager, describes Event-Driven Ansible's integration with 3rd-party event sources and support for establishing rules using "if-then" scenarios. Discover why Event-Driven Ansible makes remediating issues simple and removes the time-consuming customization usually required with "self-healing" approaches. 

9. What's new in Ansible Automation Platform 2.3

Several new features and enhancements were announced as part of Ansible Automation Platform 2.3, such as more flexibility and control over execution nodes in automation mesh, the launch of Ansible validated content to help you get started automating operational tasks, support for LDAP with RBAC, and much more. Sean Cavanaugh, Ansible Technical Marketing Manager, outlines the capabilities of these new Continue reading

0

How to use the wall command

In this Linux tip, we’re going to look at the wall command. The name is short for “write all” and it provides a way for messages to be sent to all logged in users. On some Linux systems (like Fedora), this requires the use of sudo.

0

MEF Introduces First SASE Standard and Zero Trust Framework

The new SASE service standard accelerates managed service providers' ability to offer robust, unified network and security services with Zero Trust to enterprises.