New! Security Analytics provides a comprehensive view across all your traffic

New! Security Analytics provides a comprehensive view across all your traffic
New! Security Analytics provides a comprehensive view across all your traffic

An application proxying traffic through Cloudflare benefits from a wide range of easy to use security features including WAF, Bot Management and DDoS mitigation. To understand if traffic has been blocked by Cloudflare we have built a powerful Security Events dashboard that allows you to examine any mitigation events. Application owners often wonder though what happened to the rest of their traffic. Did they block all traffic that was detected as malicious?

Today, along with our announcement of the WAF Attack Score, we are also launching our new Security Analytics.

Security Analytics gives you a security lens across all of your HTTP traffic, not only mitigated requests, allowing you to focus on what matters most: traffic deemed malicious but potentially not mitigated.

Detect then mitigate

Imagine you just onboarded your application to Cloudflare and without any additional effort, each HTTP request is analyzed by the Cloudflare network. Analytics are therefore enriched with attack analysis, bot analysis and any other security signal provided by Cloudflare.

Right away, without any risk of causing false positives, you can view the entirety of your traffic to explore what is happening, when and where.

This allows you to dive straight into analyzing the results Continue reading

Stop attacks before they are known: making the Cloudflare WAF smarter

Stop attacks before they are known: making the Cloudflare WAF smarter
Stop attacks before they are known: making the Cloudflare WAF smarter

Cloudflare’s WAF helps site owners keep their application safe from attackers. It does this by analyzing traffic with the Cloudflare Managed Rules: handwritten highly specialized rules that detect and stop malicious payloads. But they have a problem: if a rule is not written for a specific attack, it will not detect it.

Today, we are solving this problem by making our WAF smarter and announcing our WAF attack scoring system in general availability.

Customers on our Enterprise Core and Advanced Security bundles will have gradual access to this new feature. All remaining Enterprise customers will gain access over the coming months.

Our WAF attack scoring system, fully complementary to our Cloudflare Managed Rules, classifies all requests using a model trained on observed true positives across the Cloudflare network, allowing you to detect (and block) evasion, bypass and new attack techniques before they are publicly known.

The problem with signature based WAFs

Attackers trying to infiltrate web applications often use known or recently disclosed payloads. The Cloudflare WAF has been built to handle these attacks very well. The Cloudflare Managed Ruleset and the Cloudflare OWASP Managed Ruleset are in fact continuously updated and aimed at protecting web applications against known Continue reading

Technology Short Take 162

Welcome to Technology Short Take #162! It’s taken me a bit longer than I would have liked to get this post assembled, but it’s finally here. Hopefully I’ve managed to find something you’ll find useful! As usual, the links below are organized by technology area/discipline, and I’ve added a little bit of commentary to some of the links where it felt necessary. Enjoy!

Networking

Security

  • Rory McCune has a series of articles on PCI compliance in containerized and Kubernetes environments. These are worth a read if security and compliance are your jam (see here, here, here, here, here, here, and here). I suspect more are in the works, so stay tuned to his site!
  • Persistent malware in ESXi hypervisor environments? Ugh! See here for more details.
  • The corny (cheesy?) food references in the title of this Continue reading

Review: S5648X-2Q4Z Switch – Part 2: MPLS

After receiving an e-mail from a newer [China based OEM], I had a chat with their founder and learned that the combination of switch silicon and software may be a good match for IPng Networks.

I got pretty enthusiastic when this new vendor claimed VxLAN, GENEVE, MPLS and GRE at 56 ports and line rate, on a really affordable budget ($4’200,- for the 56 port; and $1’650,- for the 26 port switch). This reseller is using a less known silicon vendor called [Centec], who have a lineup of ethernet silicon. In this device, the CTC8096 (GoldenGate) is used for cost effective high density 10GbE/40GbE applications paired with 4x100GbE uplink capability. This is Centec’s fourth generation, so CTC8096 inherits the feature set from L2/L3 switching to advanced data center and metro Ethernet features with innovative enhancement. The switch chip provides up to 96x10GbE ports, or 24x40GbE, or 80x10GbE + 4x100GbE ports, inheriting from its predecessors a variety of features, including L2, L3, MPLS, VXLAN, MPLS SR, and OAM/APS. Highlights features include Telemetry, Programmability, Security and traffic management, and Network time synchronization.

S5624X Front

S5648X Front



After discussing basic L2, L3 and Overlay functionality in my [previous post], I left Continue reading

Intel Xeons to offer on-demand special functionality

Intel has a new program called Intel On Demand that will allow customers of its new Xeon Scalable Processors to unlock specialty processing engines for an extra fee.Intel has not disclosed what it will cost to access the On Demand features, which are activated through Intel Software Defined Silicon (SDSi), a newly added function using authentication keys to activate the additional features.For most customers, the standard Xeon core is all they need. But some may want the specialty processing engines included in the latest Xeon generation, codenamed Sapphire Rapids. The chips are available now to OEMs but will have a formal launch Jan. 10, 2023.To read this article in full, please click here

Intel Xeons to offer on-demand special functionality

Intel has a new program called Intel On Demand that will allow customers of its new Xeon Scalable Processors to unlock specialty processing engines for an extra fee.Intel has not disclosed what it will cost to access the On Demand features, which are activated through Intel Software Defined Silicon (SDSi), a newly added function using authentication keys to activate the additional features.For most customers, the standard Xeon core is all they need. But some may want the specialty processing engines included in the latest Xeon generation, codenamed Sapphire Rapids. The chips are available now to OEMs but will have a formal launch Jan. 10, 2023.To read this article in full, please click here

Gartner: Top trends to know for infrastructure and operations in 2023

Two networking technologies – secure access service edge (SASE) and wireless— lead a  list of six core trends that will impact enterprise infrastructure and operations activity in 2023, according to new research revealed by Gartner analysts at its IT Infrastructure, Operations & Cloud Strategies Conference this week.Implementing SASE, a term coined by Gartner, has been ongoing but is expected to grow substantially in the next year. Gartner forecasts that worldwide SASE spending will hit $9.2 billion in 2023, a 39% increase from 2022.To read this article in full, please click here

Gartner: Top trends to know for infrastructure and operations in 2023

Two networking technologies – secure access service edge (SASE) and wireless— lead a  list of six core trends that will impact enterprise infrastructure and operations activity in 2023, according to new research revealed by Gartner analysts at its IT Infrastructure, Operations & Cloud Strategies Conference this week.Implementing SASE, a term coined by Gartner, has been ongoing but is expected to grow substantially in the next year. Gartner forecasts that worldwide SASE spending will hit $9.2 billion in 2023, a 39% increase from 2022.To read this article in full, please click here

Asking Meaningful Questions: What Problem Are We Trying To Solve?

At some point in your career, you’ll likely participate in a project that is a technical and implementation success but is still a failure. That’s because the wrong solution was implemented. For example, after weeks or months of hard work you might successfully deploy a client-based VPN solution, but because of application latency requirements a […]

The post Asking Meaningful Questions: What Problem Are We Trying To Solve? appeared first on Packet Pushers.

SONiC builds muscle for enterprise-network service in 2023

The coming year could be a very big one for the open-source network operating system SONiC as it garners start-up support and increasing interest from major networking vendors.The Linux-based Software for Open Networking in the Cloud decouples network software from the underlying hardware and lets it run on hundreds of switches and ASICs from multiple vendors while supporting a full suite of network features such as Border Gateway Protocol (BGP), remote direct memory access (RDMA), QoS, and Ethernet/IP. It was developed and then open-sourced by Microsoft, which in April turned the project over to the Linux Foundation and its 450,000 developers. The vendor community supporting SONiC has been growing, too, and includes Dell, Arista, Nokia, Alibaba, Comcast, Cisco, Broadcom, Juniper Apstra, Edgecore, Innovium, Nvidia-Mellanox, Celetica and VMware.To read this article in full, please click here

Demo Bytes: vSphere UPT On The NVIDIA BlueField DPU

NVIDIA’s BlueField Data Processing Unit (DPU) can offload, accelerate, and isolate software applications such as networking, storage, and security from a server’s CPU. In this Demo Byte, we walk through using VMware’s vSphere UPT feature on a BlueField DPU to bring vMotion capabilities to the DPU. Our guest is Wes Kennedy, Senior Technical Marketing Engineer […]

The post Demo Bytes: vSphere UPT On The NVIDIA BlueField DPU appeared first on Packet Pushers.

ChatGPT and Creating For Yourself

I’m sure you’ve been inundated by posts about ChatGPT over the past couple of weeks. If you managed to avoid it the short version is that there is a new model from OpenAI that can write articles, create poetry, and basically answer your homework. Lots of people are testing it out for things as mundane as writing Amazon reviews or creating configurations for routers.

It’s not a universal hit though. Stack Overflow banned ChatGPT code answers because they’re almost always wrong. My own limited tests show that it can create a lot of words from a prompt that seem to sound correct but feel hollow. Many others have accused the algorithm of scraping content from others on the Internet and sampling it into answers to make it sound accurate but not the best answer to the question.

Are we ready for AI to do our writing for us? Is the era of the novelist or technical writer finished? Should we just hang up our keyboards and call it a day?

Byte-Sized Content

When I was deciding what I wanted to do with my life after college I took the GMAT to see if I could get into grad school for Continue reading

Hedge 157: Vendor Lock-in with Frank Seesink

Vendor lock-in has been an issue in networking for the entire time I’ve been working in the field—since the late 1980s. I well remember the arguments over POSIX compliance, SQL middleware standards, ADA, and packet formats. It was an issue in electronics, which is where I worked before falling into a career in computer networks, too. What does “vendor independence” really mean, and what are the ways network operators can come close to having it? Frank Seesink joins Russ White and Tom Ammon to rant about—and consider—solutions to this problem.

download

1 387 388 389 390 391 3,841