NetworkingNexus.net

API-based email scanning

The landscape of email security is constantly changing. One aspect that remains consistent is the reliance of email as the beginning for the majority of threat campaigns. Attackers often start with a phishing campaign to gather employee credentials which, if successful, are used to exfiltrate data, siphon money, or perform other malicious activities. This threat remains ever present even as companies transition to moving their email to the cloud using providers like Microsoft 365 or Google Workspace.

In our pursuit to help build a better Internet and tackle online threats, Cloudflare offers email security via our Area 1 product to protect all types of email inboxes - from cloud to on premise. The Area 1 product analyzes every email an organization receives and uses our threat models to assess if the message poses risk to the customer. For messages that are deemed malicious, the Area 1 platform will even prevent the email from landing in the recipient's inbox, ensuring that there is no chance for the attempted attack to be successful.

We try to provide customers with the flexibility to deploy our solution in whatever way they find easiest. Continuing in this pursuit to make our solution as turnkey as Continue reading

Zone Versioning is now generally available

Today we are announcing the general availability of Zone Versioning for enterprise customers. Zone Versioning allows you to safely manage zone configuration by versioning changes and choosing how and when to deploy those changes to defined environments of traffic. Previously announced as HTTP Applications, we have redesigned the experience based on testing and feedback to provide a seamless experience for customers looking to safely rollout configuration changes.

Problems with making configuration changes

There are two problems we have heard from customers that Zone Versioning aims to solve:

How do I test changes to my zone safely?
If I do end up making a change that impacts my traffic negatively, how can I quickly revert that change?

Customers have worked out various ways of solving these problems. For problem #1, customers will create staging zones that live on a different hostname, often taking the form staging.example.com, that they make changes on first to ensure that those changes will work when deployed to their production zone. When making more than one change this can become troublesome as they now need to keep track of all the changes made to make the exact same set of changes on the Continue reading

IT Lessons Learned from Southwest Airlines’ Winter Plight

Severe weather and outdated software systems led to an estimated $825M loss for the airline, exposing operational risks that can arise if technology is not updated.

8 hot networking technologies for 2023

Despite the challenges posed by economic turmoil, epidemics, and political upheaval, network researchers are continuing to blaze new trails in innovation, performance, management, and security. In sum, 2023 is shaping up as a year of network evolution and transformation.Here are eight network technologies you will want to pay particularly close attention to.1. Unified SASE: Addresses hybrid workforce, hybrid clouds Unified Secure Access Service Edge (SASE) tightly integrates security and networking into a single platform. The technology uses a single-pass scanning architecture combined with a unified policy that's configured via a unified console that draws from a unified data lake. "This is significant for organizations to continue to provide a consistent and assured user experience while protecting users, devices, sites, and data amid the rapidly evolving dynamics coming in 2023," says Kelly Ahuja, CEO of networking and cybersecurity firm Versa Networks.To read this article in full, please click here

8 hot networking technologies for 2023

State of LDPv6 and 6PE

One of my readers successfully deployed LDPv6 in their production network:

We are using LDPv6 since we started using MPLS with IPv6 because I was used to OSPF/OSPFv3 in dual-stack deployments, and it simply worked.

Not everyone seems to be sharing his enthusiasm:

Now some consultants tell me that they know no-one else that is using LDPv6. According to them “everyone” is using 6PE and the future of LDPv6 is not certain.

State of LDPv6 and 6PE

One of my readers successfully deployed LDPv6 in their production network:

We are using LDPv6 since we started using MPLS with IPv6 because I was used to OSPF/OSPFv3 in dual-stack deployments, and it simply worked.

Not everyone seems to be sharing his enthusiasm:

Now some consultants tell me that they know no-one else that is using LDPv6. According to them “everyone” is using 6PE and the future of LDPv6 is not certain.

Boosting CX Through Intelligent Asset Management

Implementing a robust maintenance and support strategy can guard against unplanned outages that create major problems for asset owners and operators.

IAM is the Perimeter

A colleague of mine recently quiped, "'The perimeter' in AWS is actually defined by Identity and Access Management (IAM)." After some reflection, I think my colleague is spot on.

Read the rest of this post.

Proxmox VM Bridge Port Mirror

https://codingpackets.com/blog/proxmox-vm-bridge-port-mirror

Nvidia, others promise to use new Intel Xeon processors

Intel has formally introduces its 4th Gen Intel Xeon Scalable Processors (aka Sapphire Rapids) and the Intel Max Series CPUs and GPUs, which isn’t much of a secret as we have documented the processors here already, but there are a few new features to go along with them.Those new features include a virtual machine (VM) isolation solution and an independent trust verification service to help build what it calls the “industry’s most comprehensive confidential computing portfolio.” To read this article in full, please click here

Nvidia, others promise to use new Intel Xeon processors

Ask JJX: Can ChatGPT Teach Me Wireless Security?

Happy new year, and welcome to the first edition of “Ask JJX.” I had a few questions to pick from (and I’ll try to work through as many as I can) but this inquiry quite literally made me laugh out loud. “Your book is really long. Can I just use ChatGPT to learn about wireless […]

The post Ask JJX: Can ChatGPT Teach Me Wireless Security? appeared first on Packet Pushers.

Tigera 2023 predictions: Cloud native security and the shifting landscape in 2023

Cloud computing and the use of cloud native architectures enable unparalleled performance, flexibility, and velocity. The speed of innovation has driven significant advancements across industries, but as digitalization continues pushing applications and services to the cloud, bad actors’ intrusion techniques have also become more sophisticated. The burgeoning threat landscape is top of mind for enterprise and midmarket business and security leaders, and should lead their decision-making—from the right solutions to implement, to the right partners to engage.

Economic conditions tightening and macroeconomic forces will continue introducing challenges in the coming year, but businesses that sustainably provide value to their customers and make security a foundational aspect of their organization will thrive.

Here are some trends I anticipate for 2023:

Cloud-native inflection point

While the last few years were dominated by early adopters who thrive in the technical playgrounds of emerging technologies, 2023 will see the ‘early majority’ of mainstream users begin adopting cloud-native architectures as the market reaches an inflection point. This inflection is driven by the accelerating accessibility and usability of the tools and technologies available, as the early majority prioritizes platforms that work easily over those with advanced functions that they likely won’t use.

“Shift left” has become Continue reading

Day Two Cloud 177: IT Security Is Broken; Here’s Ideas On How To Fix It

IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective.

Day Two Cloud 177: IT Security Is Broken; Here’s Ideas On How To Fix It

The post Day Two Cloud 177: IT Security Is Broken; Here’s Ideas On How To Fix It appeared first on Packet Pushers.

Four Key Requirements for Multi-Cloud Networking Success

Enterprises that keep simplicity, unity, and automation in mind while creating a multi-cloud networking strategy will alleviate the burden on their IT teams and see the most efficient results.

Azure Host-Based Networking: vNIC Interface Architecture – Synthetic Interface and Virtual Function

Before moving to the Virtual Filtering Platform (VFP) and Accelerated Network (AccelNet) section, let’s look at the guest OS vNIC interface architecture. When we create a VM, Azure automatically attaches a virtual NIC (vNIC) to it. Each vNIC has a synthetic interface, a VMbus device, using a netvsc driver. If the Accelerated Networking (AccelNet) is disabled on a VM, all traffic flows pass over the synthetic interface to the software switch. Azure hosts servers have Mellanox/NVIDIA Single Root I/O Virtualization (SR-IOV) hardware NIC, which offers virtual instances, Virtual Function (VF), to virtual machines. When we enable AccelNet on a VM, the mlx driver is installed to vNIC. The mlx driver version depends on an SR-IOV type. The mlx driver on a vNIC initializes a new interface that connects the vNIC to an embedded switch on a hardware SR-IOV. This VF interface is then associated with the netvsc interface. Both interfaces use the same MAC address, but the IP address is only associated with the synthetic interface. When AccelNet is enabled, VM’s vNIC forwards VM data flows over the VF interface via the synthetic interface. This architecture allows In-Service Software Updates (ISSU) for SR-IOV NIC drivers.

Note! Exception traffic, a data flow with no flow entries on a UFT/GFT, is forwarded through VFP in order to create flow-action entries to UFT/GFT.

Figure 1-1: Azure Host-Based SDN Building Blocks.

Email Link Isolation: your safety net for the latest phishing attacks

Email is one of the most ubiquitous and also most exploited tools that businesses use every single day. Baiting users into clicking malicious links within an email has been a particularly long-standing tactic for the vast majority of bad actors, from the most sophisticated criminal organizations to the least experienced attackers.

Even though this is a commonly known approach to gain account access or commit fraud, users are still being tricked into clicking malicious links that, in many cases, lead to exploitation. The reason is simple: even the best trained users (and security solutions) cannot always distinguish a good link from a bad link.

On top of that, securing employees' mailboxes often results in multiple vendors, complex deployments, and a huge drain of resources.

Email Link Isolation turns Cloudflare Area 1 into the most comprehensive email security solution when it comes to protecting against phishing attacks. It rewrites links that could be exploited, keeps users vigilant by alerting them of the uncertainty around the website they’re about to visit, and protects against malware and vulnerabilities through the user-friendly Cloudflare Browser Isolation service. Also, in true Cloudflare fashion, it’s a one-click deployment.

Protecting against deceptive links

With more than a couple Continue reading

How Cloudflare CASB and DLP work together to protect your data

Cloudflare’s Cloud Access Security Broker (CASB) scans SaaS applications for misconfigurations, unauthorized user activity, shadow IT, and other data security issues. Discovered security threats are called out to IT and security administrators for timely remediation, removing the burden of endless manual checks on a long list of applications.

But Cloudflare customers revealed they want more information available to assess the risk associated with a misconfiguration. A publicly exposed intramural kickball schedule is not nearly as critical as a publicly exposed customer list, so customers want them treated differently. They asked us to identify where sensitive data is exposed, reducing their assessment and remediation time in the case of leakages and incidents. With that feedback, we recognized another opportunity to do what Cloudflare does best: combine the best parts of our products to solve customer problems.

What’s underway now is an exciting effort to provide Zero Trust users a way to get the same DLP coverage for more than just sensitive data going over the network: SaaS DLP for data stored in popular SaaS apps used by millions of organizations.

With these upcoming capabilities, customers will be able to connect their SaaS applications in just a few clicks and scan them Continue reading

« Previous 1 … 365 366 367 368 369 … 3,836 Next »