NetworkingNexus.net

Making STIG Automation Possible: A Technical Deep Dive

Ansible architect and craft beer connoisseur Jonathan Davila played a critical role in working with our trusted security partner MindPoint Group to get our joint automated security baseline project off the ground. With our release this week of the DISA STIG for RHEL 6, we’ve immediately improved the lives of Government IT admins that struggle to ensure their systems are compliant.

Merely building the Ansible role for Red Hat Enterprise Linux 6 (And CentOS variants) STIG required more than writing and organizing a collection of playbooks. In order to ensure that the role actually achieved the remediation goal, we needed to validate and verify updates through a continuous integration testing process that leverages the DISA-provided SCAP/OVAL definitions.

You can learn more about the mechanics of how Jonathan and the MindPoint Group built the STIG Role, along with technical details about how to replicate this testing method in your own environment here.

Want to learn more about the how and why? Jonathan also penned a LinkedIn article with his own thoughts about why this is an important step in the right direction for any IT organization that’s concerned about automagically applying and validating security baselines.

Learn more about automated baseline testing.
Continue reading

Big network names oppose Title II regulations, with major exceptions

The FCC’s net neutrality decision last month that imposed stricter regulations on Internet Service Providers, under Title II of the Communications Act of 1934, has networking companies opposing each other even more fiercely than usual.The industry is split, though not evenly, between those that support the idea of stricter ISP regulation, re-imposing stricter net neutrality standards and treating the service providers more as public utilities, and those that oppose the measures.+ ALSO ON NETWORK WORLD: Microsoft's deal with Xiaomi over Windows 10 raises eyebrows | Top 11 oddball real-world tech job interview questions +To read this article in full or to leave a comment, please click here

Opera buys VPN service to help protect user privacy

Norwegian browser developer Opera Software has bought virtual private network service SurfEasy to help its users protect their privacy when accessing the Web from smartphones, tablets and computers.The acquisition of the Canadian company also appears to be the latest in the company’s strategy to expand into other products beyond the browser.SurfEasy offers applications to encrypt Internet traffic on Windows, Mac, iOS and Android devices as well as a password-protected USB plug-in that lets users browse securely from any computer or network, without leaving a trace.Opera bought SurfEasy because Internet users are increasingly looking for ways to securely access the Internet, the company said in a release announcing the deal. The financial terms of the deal were not disclosed.To read this article in full or to leave a comment, please click here

Opera buys VPN service to help protect user privacy

Huawei multiplies partnerships with software and service providers

Chinese telecommunications and networking equipment giant Huawei Technologies is partnering left, right and center at Cebit as it seeks to more firmly establish itself in Europe.Huawei derives around one-tenth of its revenue from enterprise products, with the bulk of the rest coming from mobile phones or carrier networking equipment. But the company has bigger ambitions for this segment.Germany is still a major manufacturing power, and one of the focuses of the Cebit trade show is the modernization of its industries through what the Germans call “Industry 4.0,” a move to increase interoperability and real-time monitoring in manufacturing and distribution systems.To read this article in full or to leave a comment, please click here

VCDX-NV Interview: Chris Wahl

Chris Wahl is a Senior Solutions Architect at Ahead, located in Chicago, Ill. He has more than 14 years of experience as an IT Pro. Chris originally went to school for networking, and has a bachelor’s degree in networking and communications management. More recently he’s been doing sys admin work in sys admin engineering, architecture, and data center focused projects. His certifications include VMware VCDX #104, Cisco CCNA data center and CCNP router and switch certifications for which he also teaches classes, and several other VMware, Cisco, Microsoft, and HP certifications. He is also one of the first VCDX-NV certified professionals

What excites you about network virtualization?

I spent quite a few of years managing every type of virtualized infrastructure you can imagine, ranging from very small and medium sized businesses, to a 16,000 person enterprise with over 1,000 virtual machines. In every instance, the roadblock was always the network to the point where in the large deployment that I managed, we would just plan that any network change would take three weeks even if it was just a VLAN on a port. We could pretty much guarantee that it would be about two weeks to make Continue reading

Microsoft to release lowest-priced Lumia smartphone yet

Building on the launch earlier this year of two low-cost Lumia phones, Microsoft has taken the price down even further for its latest smartphone.Also targeted at emerging markets, the Lumia 430 will be priced at US$70 before taxes, when bought without carrier subsidies, and represents Microsoft’s most affordable Lumia smartphone yet.In January, the U.S. tech giant unveiled the Lumia 435 and the Lumia 532 that are priced just a notch higher.Although limited in specs, the three phones strengthen Microsoft’s product offerings for a market segment in which low-cost Android handsets are dominant. Globally, Microsoft’s Windows Phone OS only had a 2.8 percent market share in last year’s fourth quarter, according to research firm IDC.To read this article in full or to leave a comment, please click here

March Madness 2015: Cool apps, alternative brackets, and tools to win your pool

Sports!The 2015 NCAA tournament kicks off in earnest today, now that the play-in rounds are complete and the final 64 teams are set. There are more ways to keep up with the action now than ever before. Here are the video streaming options, mobile apps, and other tools to help you stay informed and up-to-date with the action.Obligatory streaming slideGone are the days of digging through message boards and clicking on suspicious URLs to try to find a live stream of NCAA tournament games while at work. The NCAA streams all of the action through its March Madness Live app, available on the web as well as on iOS and Android. And for those watching at work, March Madness Live has the "Boss Button," which, when clicked, opens a fake PowerPoint-style document complete with nonsense bar graphs that will make you look like you're actually being productive when your boss happens to walk by. Genius.To read this article in full or to leave a comment, please click here

New F5 Load Balancer & Volume Licensing Aim to Enhance App Delivery

F5 continues adding to its Synthesis framework.

IPv6 Cheat Sheet

Just in case you're new to IPv6 and struggle with the essentials: here's an excellent cheat sheet by Jeff Carrell… and don't forget to check the amazing Cheat Sheet Library @ packetlife.net.

Yahoo exits China, closing R&D center

Yahoo is closing its only remaining office in China and laying off between 200 and 300 employees there, news reports said on Wednesday.The moves are part of CEO Marissa Mayer’s efforts to rein in costs at the aging Internet company. Yahoo’s office in Beijing, the company’s only physical presence in mainland China, has housed an R&D center employing engineers.“We will be consolidating certain functions into fewer offices, including to our headquarters in Sunnyvale, California,” a Yahoo representative told the Wall Street Journal.To read this article in full or to leave a comment, please click here

Mandrill warns attack may have exposed some data about email

Mandrill warned customers on Wednesday that some email-related data may have been exposed after attackers tried to lasso some of its servers into a botnet.Data doesn’t appear to have been stolen, but some customers should take some security precautions, wrote Brandon Fouts, general manager of Mandrill, which is a platform for managing transactional email that is owned by The Rocket Science Group.“There’s not evidence that any customer data was queried or exported, but unfortunately we can’t completely rule out the possibility of access,” Fouts wrote in a blog post.Data that may have been exposed includes internal logs about emails sent, including sender and recipient addresses but not custom metadata or the content of messages, Fouts wrote.To read this article in full or to leave a comment, please click here

T-Mobile CEO ‘fairly confident’ net neutrality won’t kill Music Freedom

T-Mobile’s CEO says he’s confident that upcoming net neutrality rules won’t mean an end to the carrier’s “Music Freedom” promotion that allows unrestricted music streaming from certain sites.The rules, which were recently approved by the Federal Communications Commission but are not yet law, prohibit Internet providers from selectively blocking or slowing Web traffic and from offering paid traffic prioritization services. They’ve been opposed by Republican lawmakers and major telecommunications companies.John Legere said he’s still combing through the 400-page regulation, which the FCC passed after an unprecedented 4 million [m] public comments, but he doesn’t believe the service will be affected.To read this article in full or to leave a comment, please click here

T-Mobile CEO ‘fairly confident’ net neutrality won’t kill Music Freedom

T-Mobile’s CEO says he’s confident that upcoming net neutrality rules won’t mean an end to the carrier’s “Music Freedom” promotion that allows unrestricted music streaming from certain sites. The rules, which were recently approved by the Federal Communications Commission but are not yet law, prohibit Internet providers from selectively blocking or slowing Web traffic and from offering paid traffic prioritization services. They’ve been opposed by Republican lawmakers and major telecommunications companies. John Legere said he’s still combing through the 400-page regulation, which the FCC passed after an unprecedented 4 million [m] public comments, but he doesn’t believe the service will be affected.To read this article in full or to leave a comment, please click here

What ever it is, CISA isn’t cybersecurity

In the next couple months, Congress will likely pass CISA, the Cybersecurity Information Sharing Act. This is a bad police-state thing. It will do little to prevent attacks, but do a lot to increase mass surveillance.

They did not consult us security experts when drafting this bill. If they had, we would have told them the idea doesn’t really work. Companies like IBM and Dell SecureWorks already have massive “cybersecurity information sharing” systems where they hoover up large quantities of threat information from their customers. This rarely allows them to prevent attacks as the CISA bill promises.

In other words, we’ve tried the CISA experiment, and we know it doesn’t really work.

While CISA won’t prevent attacks, it will cause mass surveillance. Most of the information produced by countermeasures is in fact false-positives, triggering on innocent anomalies rather than malicious hackers. Your normal day-to-day activities on the Internet occasionally trigger these false-positives. When this information gets forwarded to law enforcement, it puts everyone in legal jeopardy. It may trigger an investigation, or it may just become evidence about you, for example, showing which porn sites you surf. It’s mass surveillance through random sampling.

That such mass surveillance is the goal Continue reading

Cumulus Networks, sFlow and data center automation

Cumulus Networks and InMon Corp have ported the open source Host sFlow agent to the upcoming Cumulus Linux 2.1 release. The Host sFlow agent already supports Linux, Windows, FreeBSD, Solaris, and AIX operating systems and KVM, Xen, XCP, XenServer, and Hyper-V hypervisors, delivering a standard set of performance metrics from switches, servers, hypervisors, virtual switches, and virtual machines – see Visibility and the software defined data center.

The Cumulus Linux platform makes it possible to run the same open source agent on switches, servers, and hypervisors – providing unified end-to-end visibility across the data center. The open networking model that Cumulus is pioneering offers exciting opportunities. Cumulus Linux allows popular open source server orchestration tools to also manage the network, and the combination of real-time, data center wide analytics with orchestration make it possible to create self-optimizing data centers.

Install and configure Host sFlow agent

The following command installs the Host sFlow agent on a Cumulus Linux switch:

sudo apt-get install hsflowd

Note: Network managers may find this command odd since it is usually not possible to install third party software on switch hardware. However, what is even more radical is that Cumulus Linux allows users to download source Continue reading

IDG Contributor Network: How your car will help control your home

AT&T is one company that is planning on consumers being able to control elements of their home from the dashboard of connected cars.AT&T says that it is planning to link its connected car and smart home products via a voice recognition-enabled dashboard control. Home security will be the principal driver of the new tech in that case. But others are also in a race to bring functioning products to market and obtain consumer acceptance.Two existing AT&T products – AT&T Digital Life, a home management system, and AT&T Drive, its connected car platform – will be merged together to create its platform.To read this article in full or to leave a comment, please click here

Ideovitra seeks to slay PC power vampires with SensyBee smart switch

There’s a vampire-slayer stalking the halls at Cebit.With SensyBee, a curvy little box that plugs into the back of a PC between the power supply and the wall outlet, turning the PC off when it is unused, Ideovitra hopes to eliminate PCs’ vampire power consumption.A typical desktop PC consumes around 200 watts when running—but still as much as 50W when in Windows 8’s “sleep” mode. Even when “turned off,” it can consume up to 20W, as the power supply and some other components remain powered up to perform functions such as wake-on-LAN, said Ideovitra’s sales manager David Chedotal.In the 6,500 hours a year that the average office PC lies unused, that vampire power consumption can add between 130 and 325 kilowatt-hours to the energy bill. At German electricity prices, that’s anywhere from €30 (US$32) to €90 wasted each year, according to Ideovitra.To read this article in full or to leave a comment, please click here

Apple Watch and its wireless tech

Apple hasn't called its upcoming Apple Watch "magical" as it did with the iPad in 2010, but its wireless components have some spellbinding features.Whether the embedded NFC (near field communication), Bluetooth and Wi-Fi elements contribute to the success of the Apple Watch sales is still an open question. Fashion and an array of apps could definitely trump the device's wireless tech.Why might the wireless tech not matter?So far, there aren't many NFC-ready point-of-sale terminals installed in the U.S. Likewise, there are relatively few hotel rooms that can be unlocked with a Bluetooth connection to the Apple Watch.MORE ON NETWORK WORLD: 12 most powerful Internet of Things companies Wi-Fi access points and hotspots seem to be everywhere, but there is disagreement over how important Wi-Fi will be on the Apple Watch.To read this article in full or to leave a comment, please click here

Vitesse, a Long-Struggling Ethernet Chipmaker, Lands a $389M Offer

It's been a hard road for Vitesse, but its Carrier Ethernet strategy has panned out.

« Previous 1 … 3,499 3,500 3,501 3,502 3,503 … 3,762 Next »