Privacy And Networking: Part 1 – Why Privacy?

In the first post on a series on privacy and networking, Russ White makes the case that privacy matters not just for infosec, risk management, or compliance, but as a human right.

The post Privacy And Networking: Part 1 – Why Privacy? appeared first on Packet Pushers.

Sponsored Post: Wynter, Pinecone, Kinsta, Bridgecrew, IP2Location, StackHawk, InterviewCamp.io, Educative, Stream, Fauna, Triplebyte

Who's Hiring? 

• Wynter is looking for system administrators, engineers, and developers to join its research panel. Participate in research surveys, get paid ($90-$180/hr) for your feedback and comments. Super low key commitment, 10-15 mins per survey. Learn more and sign up.


• DevOps Engineer: At Kinsta, we set out to create the best managed hosting platform in the world. If you are an experienced DevOps Engineer who is constantly looking for ways to innovate and improve, we might just be the place for you! As Kinsta’s DevOps Engineer, you will be instrumental in making sure that our infrastructure is always on the bleeding edge of technology, remaining stable and high-performing at all times. If you love working with Linux, have a background in PHP, and have worked with cutting-edge technologies, such as Ansible and LXC, check us out and apply here.


• SysOps Engineer: As Kinsta’s SysOps Engineer, you’ll play a key role in caring for the health of our servers, preventing issues, and responding immediately to mitigate any problems in our infrastructure. If you have experience in hosting and with the WordPress stack, have worked with Ubuntu or Debian-based systems, and cutting-edge technologies, such Ansible and Continue reading

BrandPost: Overcoming Digital Transformation Challenges in Financial Services with SD-WAN

By: Gabriel Gomane, Sr Product Marketing Manager, Aruba, a Hewlett Packard Enterprise company.Whether for customers or employees, the digital transformation occurring at financial institutions has only accelerated in recent years. With that digital transformation, financial services organizations face an increasing array of networking and security challenges. These challenges include: digitization and cloud migration; the increasing percent of the workforce working from home; maintaining a modern and resilient network infrastructure; and last but certainly not least – cybersecurity risks and regulatory compliance.In response, SD-WAN has emerged as a key enabler to tackle and overcome these challenges while accelerating business growth. To illustrate how, below are five SD-WAN use cases from the financial services industry.To read this article in full, please click here

Cato adds fine-grained CASB controls to SASE platform

SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms.When employees working from home or branch locations log into SaaS services such as Office 365 or Dropbox or Salesforce, a CASB gateway can track the applications employees access, where they log in from, and sometimes even what they do when using those applications.Previously, Cato only offered limited CASB controls, enabling companies to allow or prohibit the use of particular SaaS tools, says Dave Greenfield, Cato's director of technology evangelism. Now, individual behaviors can be controlled. For example, users might be allowed to download documents from certain cloud file-sharing providers but can only upload documents to a company's preferred platform.To read this article in full, please click here

Cato adds fine-grained CASB controls to SASE platform

SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms.When employees working from home or branch locations log into SaaS services such as Office 365 or Dropbox or Salesforce, a CASB gateway can track the applications employees access, where they log in from, and sometimes even what they do when using those applications.Previously, Cato only offered limited CASB controls, enabling companies to allow or prohibit the use of particular SaaS tools, says Dave Greenfield, Cato's director of technology evangelism. Now, individual behaviors can be controlled. For example, users might be allowed to download documents from certain cloud file-sharing providers but can only upload documents to a company's preferred platform.To read this article in full, please click here

Nprobe Layer 7 Application Visibility and Optional Plugins

Nprobe includes both a NetFlow v5/v9/IPFIX probe and collector. In a probe mode, nProbe captures […]

The post Nprobe Layer 7 Application Visibility and Optional Plugins first appeared on Brezular's Blog.

Nprobe Layer 7 Application Visibility and Optional Plugins

If You Don’t Listen, Your Design Will Fail (Video)

Listening is crucial in the design phase of a project. In this video clip, Angela Andrews joined the Day Two Cloud podcast to explain why.

The post If You Don’t Listen, Your Design Will Fail (Video) appeared first on Packet Pushers.

Gartner: Worldwide IT spending to reach $4.5T in 2022

Research firm Gartner forecasts IT spending will reach nearly $4.5 trillion worldwide this year, with enterprise software, IT services, and data center systems leading the way. The projected $4.45 trillion in spending this year represents an increase of 5.1% compared with 2021.The largest growth segment is enterprise software, which is projected to grow 11% to $672 billion. However, Gartner includes the cloud market in the enterprise software market, and that's where the growth is. Read more: Gartner's top infrastructure and operations trends for 2022To read this article in full, please click here

Where have all the global network aggregators gone?

One of the key selling points of SD-WAN is the ability to use a variety of network transport options. Enterprises can select MPLS, dedicated Internet access, business broadband, or wireless broadband, for example – whatever makes the most sense, technically and economically, for each site that needs connectivity. Cultivating a mix of suppliers can allow enterprises to significantly reduce transport costs as well as improve the flexibility of their networks.The growth in SD-WAN deployments over the last four or five years created a sweet spot for Internet transport aggregators, which, frankly, had struggled to break into the enterprise market when it was dominated by traditional MPLS providers.To read this article in full, please click here

Gartner: Worldwide IT spending to reach $4.5T in 2022

Research firm Gartner forecasts IT spending will reach nearly $4.5 trillion worldwide this year, with enterprise software, IT services, and data center systems leading the way. The projected $4.45 trillion in spending this year represents an increase of 5.1% compared with 2021.The largest growth segment is enterprise software, which is projected to grow 11% to $672 billion. However, Gartner includes the cloud market in the enterprise software market, and that's where the growth is. Read more: Gartner's top infrastructure and operations trends for 2022To read this article in full, please click here

Introducing our exciting new ambassador program: Calico Big Cats

The Project Calico community is one of the most collaborative and supportive communities in the open-source space. Our community has shown great engagement through the years, which has helped us maintain and grow the project.

Thanks to our 200+ contributors from all over the world, Calico Open Source (the solution born out of the project) is powering 1.5M+ nodes daily across 166 countries. Our engineering team is committed to maintaining Calico Open Source as the leading standard for container and Kubernetes networking and security!

Given our community’s passion for Project Calico, we wanted to give its members a chance to inspire others by telling their stories. To this end, we are very excited to announce our new Calico Big Cats ambassador program!

What is Calico Big Cats?

Calico Big Cats is an ambassador program that provides a platform for our community to talk about their experiences with Calico. The goal is to help community members connect, inspire, and share common challenges and ways to overcome these challenges using Calico and other tools.

Why join Calico Big Cats?

If you have experience with Project Calico, recognize its value in the open-source networking and security domain, and are passionate about sharing Continue reading

BGP Route Reflector Myths

New networking myths are continuously popping up. Here’s a BGP one I encountered a few days ago:

You don’t need IBGP sessions between BGP route reflectors

In general, that’s clearly wrong, as illustrated by this setup:

BGP Route Reflector Myths

New networking myths are continuously popping up. Here’s a BGP one I encountered a few days ago:

You don’t need IBGP sessions between BGP route reflectors

In general, that’s clearly wrong, as illustrated by this setup:

SSH over bluetooth – cleanly

In my previous two posts I set up a login prompt on a bluetooth serial port and then switched to running SSH on it.

I explicitly did not set up an IP network over bluetooth as I want to minimize the number of configurations (e.g. IP address) and increase the chance of it working when needed.

E.g. firewall misconfiguration or Linux’s various “clever” network managers that tend to wipe out network interface configs would have more of a shared fate with the primary access method (SSH over normal network).

This post is about how to accomplish this more properly.

The problems now being solved are:

• It wasn’t entirely reliable. The rfcomm tool is pretty buggy.

• There was no authentication of the Bluetooth channel. Not as much a problem when doing SSH, but if there are passwords then there could be a man-in-the-middle attack.

• The server side had to remain discoverable forever. So anyone who scans for nearby bluetooth devices would see your servers, and would be able to connect, possibly brute forcing passwords. Not as much of a problem if running SSH with password authentication turned off, but why broadcast the name of a server if you don’t Continue reading

Controlling SaaS Costs Amid Microsoft Price Hikes

Cray’s Slingshot Interconnect Is At The Heart Of HPE’s HPC And AI Ambitions

Whenever one company buys another, every product line, every research project, and every employee is ultimately in play. …

Cray’s Slingshot Interconnect Is At The Heart Of HPE’s HPC And AI Ambitions was written by Timothy Prickett Morgan at The Next Platform.

No, a researcher didn’t find Olympics app spying on you

For the Beijing 2022 Winter Olympics, the Chinese government requires everyone to download an app onto their phone. It has many security/privacy concerns, as CitizenLab documents. However, another researcher goes further, claiming his analysis proves the app is recording all audio all the time. His analysis is fraudulent. He shows a lot of technical content that looks plausible, but nowhere does he show anything that substantiates his claims.

His "evidence" consists screenshots from reverse-engineering tools, with red arrows pointing to the suspicious bits. An example of one of these screenshots is this on:

Tech Bytes: Embedding Network Security Into Your Cloud Network (Sponsored)

Tech Bytes: Embedding Network Security Into Your Cloud Network (Sponsored)

Today on the Tech Bytes podcast we’re talk network security at scale. That is, in a cloud environment, how can you build security capabilities and features into the network while also being able to keep up with security policies, operations, compliance, and more. Our sponsor is Aviatrix, which provides multi-cloud networking software for public clouds.

The post Tech Bytes: Embedding Network Security Into Your Cloud Network (Sponsored) appeared first on Packet Pushers.