Introducing thresholds in Security Event Alerting: a z-score love story

Introducing thresholds in Security Event Alerting: a z-score love story
Introducing thresholds in Security Event Alerting: a z-score love story

Today we are excited to announce thresholds for our Security Event Alerts: a new and improved way of detecting anomalous spikes of security events on your Internet properties. Previously, our calculations were based on z-score methodology alone, which was able to determine most of the significant spikes. By introducing a threshold, we are able to make alerts more accurate and only notify you when it truly matters. One can think of it as a romance between the two strategies. This is the story of how they met.

Author’s note: as an intern at Cloudflare I got to work on this project from start to finish from investigation all the way to the final product.

Once upon a time

In the beginning, there were Security Event Alerts. Security Event Alerts are notifications that are sent whenever we detect a threat to your Internet property. As the name suggests, they track the number of security events, which are requests to your application that match security rules. For example, you can configure a security rule that blocks access from certain countries. Every time a user from that country tries to access your Internet property, it will log as a security event. While a Continue reading

Intel partners for $30B fab investment in Arizona

Intel and Canada's Brookfield Asset Management have announced a deal to jointly fund up to $30 billion in investments of Intel fabrication facilities in Arizona, saving Intel a lot of money in the process.The investment follows up on a memorandum of understanding the two firms signed in February to explore finance options to help fund new Intel manufacturing sites. Brookfield will invest up to $15 billion for a 49% stake in the expansion project, while Intel will retain majority ownership and operating control of the two chip factories in Chandler, Arizona.The deal falls under what is known as the Semiconductor Co-Investment Program (SCIP), a new funding model to the capital-intensive semiconductor industry. As part of the program, Brookfield will provide Intel with a new, expanded pool of capital for manufacturing build-outs. In return, Brookfield gets a cut of the revenue stream.To read this article in full, please click here

Intel partners for $30B fab investment in Arizona

Intel and Canada's Brookfield Asset Management have announced a deal to jointly fund up to $30 billion in investments of Intel fabrication facilities in Arizona, saving Intel a lot of money in the process.The investment follows up on a memorandum of understanding the two firms signed in February to explore finance options to help fund new Intel manufacturing sites. Brookfield will invest up to $15 billion for a 49% stake in the expansion project, while Intel will retain majority ownership and operating control of the two chip factories in Chandler, Arizona.The deal falls under what is known as the Semiconductor Co-Investment Program (SCIP), a new funding model to the capital-intensive semiconductor industry. As part of the program, Brookfield will provide Intel with a new, expanded pool of capital for manufacturing build-outs. In return, Brookfield gets a cut of the revenue stream.To read this article in full, please click here

Intel partners for $30B fab investment in Arizona

Intel and Canada's Brookfield Asset Management have announced a deal to jointly fund up to $30 billion in investments of Intel fabrication facilities in Arizona, saving Intel a lot of money in the process.The investment follows up on a memorandum of understanding the two firms signed in February to explore finance options to help fund new Intel manufacturing sites. Brookfield will invest up to $15 billion for a 49% stake in the expansion project, while Intel will retain majority ownership and operating control of the two chip factories in Chandler, Arizona.The deal falls under what is known as the Semiconductor Co-Investment Program (SCIP), a new funding model to the capital-intensive semiconductor industry. As part of the program, Brookfield will provide Intel with a new, expanded pool of capital for manufacturing build-outs. In return, Brookfield gets a cut of the revenue stream.To read this article in full, please click here

Intel partners for $30B fab investment in Arizona

Intel and Canada's Brookfield Asset Management have announced a deal to jointly fund up to $30 billion in investments of Intel fabrication facilities in Arizona, saving Intel a lot of money in the process.The investment follows up on a memorandum of understanding the two firms signed in February to explore finance options to help fund new Intel manufacturing sites. Brookfield will invest up to $15 billion for a 49% stake in the expansion project, while Intel will retain majority ownership and operating control of the two chip factories in Chandler, Arizona.The deal falls under what is known as the Semiconductor Co-Investment Program (SCIP), a new funding model to the capital-intensive semiconductor industry. As part of the program, Brookfield will provide Intel with a new, expanded pool of capital for manufacturing build-outs. In return, Brookfield gets a cut of the revenue stream.To read this article in full, please click here

Announcing Project Northstar: SaaS delivered Multi-Cloud Networking and Security

Multi-cloud architectures are becoming an increasingly central part of enterprise strategies delivering applications reliably. In a VMware Digital Momentum Study of enterprise technology decision-makers, nearly 73% report they are standardizing on multi-cloud foundations to operate applications and infrastructure1.

Multi-cloud infrastructure offers many benefits – such as the ability to scale quickly and increase reliability. By extension, multi-cloud deployments can help businesses:

  • Innovate and transform the customer experience
  • Scale and grow the business
  • Empower employee engagement and productivity

Yet, from an operational and technology perspective the multi-cloud presents a major challenge: Complexity. Rapid innovation and growth require the ability to deploy and manage workloads in any public cloud while providing the required service availability and scale. However, managing workloads and infrastructure on multiple clouds at once significantly increases the complexity of the network architecture connecting these applications and clouds. It also requires businesses to deploy complex security rules to protect lateral network traffic while having to rely on limited workload mobility and visibility and threat detection capabilities that do not scale.

Successfully adopting a multi-cloud infrastructure requires a means of taming the complexity that is inherent to multi-cloud.

Timeline Description automatically generated with low confidence

Introducing Project Northstar

We are introducing Project Northstar, a new technology preview, Continue reading

Announcing DPU-based Acceleration for NSX

We’re delighted to announce that VMware NSX can now leverage DPU-based acceleration using SmartNICs. This new implementation allows VMware customers to run NSX networking and security services on DPUs, providing accelerated NSX networking and security performance for applications that need high throughput, low latency connectivity and security. The DPU-based implementation also enhances network observability across different workload types while simultaneously increasing the host resources available to applications.

DPU-based Acceleration for NSX is a result of Project Monterey, an initiative that VMware began two years ago. VMware is delivering on Project Monterey with VMware vSphere 8, announced this week at VMware Explore. Combined with other future innovations introduced by Project Monterey, such as the ability to support VMware Cloud Foundation (VCF) networking and storage for bare-metal workloads, DPU-based NSX acceleration will free up networking and security teams and developers more than ever from depending on generic host computing resources to power operations.

Diagram Description automatically generated

Figure 1: Solution Overview

While we’ll continue to offer full support for hypervisor-based NSX architectures, the option of running NSX on a DPU offers several major advantages for industries such as financial services, healthcare, government, and telecom providers that require accelerated network performance.

What is a DPU or Continue reading

VMware, IBM expand joint options for hybrid cloud

VMware and IBM are widening the scope of their 20-year partnership to offer joint customers in regulated industries a secure path to hybrid cloud. Their plans include co-engineered cloud solutions that are aimed at helping companies in industries such as financial services, healthcare, and the public-sector to reduce the cost and risk placing mission-critical workloads in a hybrid environment.“Roughly 25% of workloads within enterprises have moved to cloud," said Hillery Hunter, an IBM Fellow and vice president and CTO of IBM Cloud. "That may be smaller than some people expect, but it’s an even lower number in regulated industries. Analysts have estimates as low as 5% to 13% for highly regulated organizations like banks. This means that modernization remains very much a timely topic."To read this article in full, please click here

VMware, IBM expand joint options for hybrid cloud

VMware and IBM are widening the scope of their 20-year partnership to offer joint customers in regulated industries a secure path to hybrid cloud. Their plans include co-engineered cloud solutions that are aimed at helping companies in industries such as financial services, healthcare, and the public-sector to reduce the cost and risk placing mission-critical workloads in a hybrid environment.“Roughly 25% of workloads within enterprises have moved to cloud," said Hillery Hunter, an IBM Fellow and vice president and CTO of IBM Cloud. "That may be smaller than some people expect, but it’s an even lower number in regulated industries. Analysts have estimates as low as 5% to 13% for highly regulated organizations like banks. This means that modernization remains very much a timely topic."To read this article in full, please click here

VMware, IBM expand joint options for hybrid cloud

VMware and IBM are widening the scope of their 20-year partnership to offer joint customers in regulated industries a secure path to hybrid cloud. Their plans include co-engineered cloud solutions that are aimed at helping companies in industries such as financial services, healthcare, and the public-sector to reduce the cost and risk placing mission-critical workloads in a hybrid environment.“Roughly 25% of workloads within enterprises have moved to cloud," said Hillery Hunter, an IBM Fellow and vice president and CTO of IBM Cloud. "That may be smaller than some people expect, but it’s an even lower number in regulated industries. Analysts have estimates as low as 5% to 13% for highly regulated organizations like banks. This means that modernization remains very much a timely topic."To read this article in full, please click here

VMware, IBM expand joint options for hybrid cloud

VMware and IBM are widening the scope of their 20-year partnership to offer joint customers in regulated industries a secure path to hybrid cloud. Their plans include co-engineered cloud solutions that are aimed at helping companies in industries such as financial services, healthcare, and the public-sector to reduce the cost and risk placing mission-critical workloads in a hybrid environment.“Roughly 25% of workloads within enterprises have moved to cloud," said Hillery Hunter, an IBM Fellow and vice president and CTO of IBM Cloud. "That may be smaller than some people expect, but it’s an even lower number in regulated industries. Analysts have estimates as low as 5% to 13% for highly regulated organizations like banks. This means that modernization remains very much a timely topic."To read this article in full, please click here

Java — A fractal of bad experiments

The title of this post is clearly a reference to the classic article PHP a fractal of bad design. I’m not saying Java is as bad as that, but that it has its own problems.

Do note that this post is mostly opinion.

And I’m not saying any language is perfect, so I’m not inviting “but what about C++’s so-and-so?”.

What I mean by “bad experiments” is that I don’t think the decisions the creators of Java were bad with the information they had at the time, but that with the benefit of hindsight they have proven to be ideas and experiments that turned out to be bad.

Ok, one more disclaimer: In some parts here I’m not being precise. I feel like I have to say that I know that, to try to reduce the anger from Java fans being upset about me critiqueing their language.

Don’t identify with a language. You are not your tool.

Too much OOP

A lot of Java’s problems come from the fact that it’s too object oriented. It behaves as if everything is axiomatically an object.

No free-standing functions allowed. So code is full of public static functions, in classes with no Continue reading

Network Break 396: T-Mobile, SpaceX Strike Internet Deal; Meta Settles Tracking Suit; Dell Notches Record Quarter

This week's Network Break podcast explores SpaceX and T-Mobile partnering to provide satellite-based Internet service (though it's going to take awhile), a new co-packaged optics switch from Broadcom, a whistleblower taking Twitter to task for poor security and a relaxed approach to spam, Dell financial results, and more tech news.

Network Break 396: T-Mobile, SpaceX Strike Internet Deal; Meta Settles Tracking Suit; Dell Notches Record Quarter

This week's Network Break podcast explores SpaceX and T-Mobile partnering to provide satellite-based Internet service (though it's going to take awhile), a new co-packaged optics switch from Broadcom, a whistleblower taking Twitter to task for poor security and a relaxed approach to spam, Dell financial results, and more tech news.

The post Network Break 396: T-Mobile, SpaceX Strike Internet Deal; Meta Settles Tracking Suit; Dell Notches Record Quarter appeared first on Packet Pushers.

Monitoring Red Hat Ansible Automation Platform on Red Hat OpenShift – The Easy Way

monitoring ansible on ocp blog

As Red Hat Ansible Automation Platform enables teams and organizations to drive their automation from across the cloud and on-premise, keeping Ansible Automation Platform healthy with the ability to monitor key metrics becomes paramount.

This blog post demonstrates how to monitor the API metrics provided by an Ansible Automation Platform environment when deployed within Red Hat OpenShift.

 

What will we use to monitor the API metrics?

Prometheus and Grafana. 

Prometheus is an open source monitoring solution for collecting and aggregating metrics. Partner Prometheus’ monitoring capabilities with Grafana, an open source solution for running data analytics and pulling up metrics in customizable dashboards, and you get a real-time visualization of metrics to track the status and health of your Ansible Automation Platform.

 

What can we expect?

Expect to be fast-tracked to a deployment of Ansible Automation Platform that is monitored by Prometheus paired with a Grafana Ansible Automation Platform dashboard showing those metrics in real time.

This blog will guide you through:

  • The deployment of Prometheus using an operator.
  • Configuring your Prometheus deployment to capture Ansible Automation Platform metrics.
  • The deployment of Grafana using an operator.
  • Configuring Grafana with a pre-built dashboard that displays the Ansible Automation Platform Continue reading

IP Infusion: EVPN-MPLS first look on GA 6.0

IP Infusion just released OcNOS version 6.0 and the release notes, as well as press release, show a focus on EVPN with an MPLS data plane. Don’t forget EVPN and VxLAN aren’t mutually exclusive, EVPN runs on and was originally designed for a MPLS data plane. I recently discussed this on a podcast EVPN doesn’t need VxLAN if you want to know more on that topic.

Lets take a look at basic EVPN-VPWS and EVPN-VPLS deployment. Since we’re looking at an MPLS data plane we will utilize ISIS-SR for MPLS. We’re utilizing ISIS-SR as it is increasingly replacing LDP and RSVP-TE for label distribution.

IGP and Label Distribution

First let’s look at the IGP setup and label distribution as everything else will be built on top of this. 

ipi-1.lab.jan1.us.ipa.net#show run int lo
interface lo
 ip address 127.0.0.1/8
 ip address 100.127.0.1/32 secondary
 ipv6 address ::1/128
 ipv6 address 2001:db8::1/128
 prefix-sid index 101
 ip router isis UNDERLAY
 ipv6 router isis UNDERLAY
!

We have to set an index to create the node-sid for this device. In this case we use 101. 

ipi-1.lab.jan1.us.ipa.net#show run segment-routing
segment-routing
  Continue reading
1 402 403 404 405 406 3,794