Cloudflare, CrowdStrike, and Ping Identity launch the Critical Infrastructure Defense Project

Today, in partnership with CrowdStrike and Ping Identity, Cloudflare is launching the Critical Infrastructure Defense Project (CriticalInfrastructureDefense.org). The Project was born out of conversations with cybersecurity and government experts concerned about potential retaliation to the sanctions that resulted from the Russian invasion of Ukraine.

In particular, there is a fear that critical United States infrastructure will be targeted with cyber attacks. While these attacks may target any industry, the experts we consulted with were particularly concerned about three areas that were often underprepared and could cause significant disruption: hospitals, energy, and water.

To help address that need, Cloudflare, CrowdStrike, and Ping Identity have committed under the Critical Infrastructure Defense Project to offer a broad suite of our products for free for at least the next four months to any United States-based hospital, or energy or water utility. You can learn more at: www.CriticalInfrastructureDefense.org.

We are not powerless against hackers. Organizations that have adopted a Zero Trust approach to security have been successful at mitigating even determined attacks. There are three core components to any Zero Trust security approach: 1) Network Security, 2) Endpoint Security; and 3) Identity.

Cloudflare, CrowdStrike, and Ping Identity are three of Continue reading

Dictionary : Face Mute

Gartner: SSE is SASE minus the SD-WAN

SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the “A” — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it's available from vendors listed in the report (here and here, for example).To read this article in full, please click here

Verizon Business adds VMware SD-WAN to its managed services

Verizon Business has added VMware to its global managed-SD-WAN portfolio as part of its Network as a Service (NaaS) strategy. Verizon made the announcement at the Mobile World Conference event in Barcelona.Verizon’s Managed SD-WAN is designed for hybrid-cloud environments and uses application-aware routing to make sure customer data takes the right path to its destination. This allows customers to use their private network for demanding, latency-sensitive apps while sending less critical data over public networks.VMware SD-WAN features orchestration around centralized policy, monitoring, reporting, and analytics via Verizon Enterprise Center. It also offers SD WAN gateways with controllers. VMware Gateways are points of presencelocated around the world to provide physically close, low-latency connectivity to customer edge devices.To read this article in full, please click here

Gartner: SSE is SASE minus the SD-WAN

SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the “A” — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it's available from vendors listed in the report (here and here, for example).To read this article in full, please click here

SKINCARE TRENDS; TRY EXFOLIATING GLOVES AND CLEANSERS.

Everyone wants smooth, shiny, and vibrant skin. But unfortunately, not everyone is privileged to have it. Various methods have been used to give this result and one of the popular methods is the manual use of exfoliating gloves. This trend has been acceptably used by many. It’s a very convenient and easy way to fix dry and even oily skin. It is a coarse-textured glove that could be worn by anyone for convenient use. The following about exfoliating gloves shall be considered:

• Benefits of using exfoliating gloves
• Cons of using exfoliating gloves
• How to use exfoliating gloves
• How often you should use an exfoliating glove.

Benefits of using exfoliating gloves:

Exfoliating gloves work by getting rid of the dead skin cells on your skin. The skin naturally sheds and most times, the dead cells stay on the skin and could even clog your pores. Using exfoliating gloves could help scrub out the dead cells away thereby allowing products to penetrate the skin. With consistent use, it can also increase the production of collagen leading to clearer and smoother skin and improving the overall look of your skin. It could also reduce the appearance of acne and acne scars and give Continue reading

Back to basics: Make sure VMs don’t exceed host capacity

At the agency where I work we recently bought software products that required new virtual machines, and that provided the opportunity to review some of the important basices of properly assigning the hardware memory and compute to each VM.That’s important so we stay in a failover-ready state, and in our environment, that means appropriately allocating resources of the two clustered physical hosts that run VMs for our production applications. It’s even more important now because the new software is particularly resource-intensive.What is a virtual machine? The task also provided the opportunity to review and adjust the resources assigned to all of our existing virtual servers so they, too, were properly sized.To read this article in full, please click here

Back to basics: Make sure VMs don’t exceed host capacity

At the agency where I work we recently bought software products that required new virtual machines, and that provided the opportunity to review some of the important basices of properly assigning the hardware memory and compute to each VM.That’s important so we stay in a failover-ready state, and in our environment, that means appropriately allocating resources of the two clustered physical hosts that run VMs for our production applications. It’s even more important now because the new software is particularly resource-intensive.What is a virtual machine? The task also provided the opportunity to review and adjust the resources assigned to all of our existing virtual servers so they, too, were properly sized.To read this article in full, please click here

Tier 1 Carriers Performance Report: February, 2022

The post Tier 1 Carriers Performance Report: February, 2022 appeared first on Noction.

netsim-tools Release 1.1.3

netsim-tools release 1.1.3 brings a number of goodies, including:

• OSPFv3 support on a few platforms (we’re still looking for contributors to implement OSPFv3 on other platforms)
• EIGRP implementation of common routing protocol features (router ID, passive and external interfaces)
• Configurable address family support for IS-IS, OSPF and EIGRP
• Support for /31 IPv4 P2P links
• Configurable MTU for VyOS and RouterOS

netsim-tools Release 1.1.3

netsim-tools release 1.1.3 brings a number of goodies, including:

• OSPFv3 support on a few platforms (we’re still looking for contributors to implement OSPFv3 on other platforms)
• EIGRP implementation of common routing protocol features (router ID, passive and external interfaces)
• Configurable address family support for IS-IS, OSPF and EIGRP
• Support for /31 IPv4 P2P links
• Configurable MTU for VyOS and RouterOS

If you’re building your own libvirt boxes, you might also appreciate:

Steps we’ve taken around Cloudflare’s services in Ukraine, Belarus, and Russia

At Cloudflare, we've watched in horror the Russian invasion of Ukraine. As the possibility of war looked more likely, we began to carefully monitor the situation on the ground, with the goal of keeping our employees, our customers, and our network safe.

Helping protect Ukraine against cyberattacks

Attacks against the Internet in Ukraine began even before the start of the invasion. Those attacks—and the steady stream of DDoS attacks we’ve seen in the days since—prompted us to extend our services to Ukrainian government and telecom organizations at no cost in order to ensure they can continue to operate and deliver critical information to their citizens as well as to the rest of the world about what is happening to them.

Going beyond that, under Project Galileo, we are expediting onboarding of any Ukrainian entities for our full suite of protections. We are currently assisting more than sixty organizations in Ukraine and the region—with about 25% of those organizations coming aboard during the current crisis. Many of the new organizations are groups coming together to assist refugees, share vital information, or members of the Ukrainian diaspora in nearby countries looking to organize and help. Any Ukrainian organizations that are facing Continue reading

Ukraine Fallout: Connectivity and Cloud Services Access in Flux

Automation 12. Automated EVPN Customer Deployment with Ansible, NETCONF, and NetBox. 6WIND version.

Hello my friend,

We’ve been preparing this blogpost for quite a while, but for various reasons it was put on the back burner. Now we finally are bringing this back to light. We’ll go over a practical use case of automation of 6WIND configuration with Ansible and NetBox relying NETCONF.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Do I Need to Automate Everything?

The answer is, as usual: it depends. With our passion to automation, we would say: yes, definitely you should automate everything. But this is possible, only if you have unlimited resources (time, money, people). In reality, all the resources are limited and, moreover, may be even scarce. In such a case you would need to choose, where would you obtain the biggest leverage from automation. For example, some tasks are more frequent or time consuming than others. Clearly they are to be automated.

How to find them? Join our automation training and you will find that out!

We offer the Continue reading

Worth Reading: Misconceptions about Route Origin Validation

Use the email sent by Randy Bush to RIPE routing WG mailing list every time a security researcher claims a technology with no built-in security mechanism is insecure (slightly reworded to make it more generic).

Lately, I am getting flak about $SomeTechnology not providing protection from this or that malicious attack. Indeed it does not.

Worth Reading: Misconceptions about Route Origin Validation

Use the email sent by Randy Bush to RIPE routing WG mailing list every time a security researcher claims a technology with no built-in security mechanism is insecure (slightly reworded to make it more generic).

Lately, I am getting flak about $SomeTechnology not providing protection from this or that malicious attack. Indeed it does not.

Weekend Reads 030422

The notion that email security should be prioritized is emphasized during this time where more and more businesses are still working in a remote or hybrid dynamic environment.

After quizzing 8,000 job applicants and 2,250 hiring managers in the U.S., Germany, and Great Britain, researchers at Harvard Business School, working with the consultancy Accenture, discovered that many tens of millions of people are being barred from consideration for employment by résumé screening algorithms that throw out applicants who do not meet an unfeasibly large number of requirements, many of which are utterly irrelevant to the advertised job.

We developed attacks that exploit the transparency of the DNS lookups to tunnel injection payloads over DNS records. These attacks exploit two key factors. Firstly, DNS resolvers do not alter the DNS records received in lookups, so the malicious payload is preserved intact

In response to what industry observers call the second quantum revolution, Israel announced on Feb. 15 an ambitious goal to build its first quantum computer within a year.

PCIe 6.0 was announced on January 11, 2022, so at the earliest, we’re looking at PCIe 6.0 products rolling out at the end of 2022 or early 2023.

Continue reading

Worth Reading: AI Makes Animists of Us All

Erik Hoel published a wonderful article describing how he’s fighting the algorithm that is deciding whether to approve a charge on his credit card.

My credit card now has a kami. Such new technological kamis are, just like the ancient ones, fickle; sometimes blessing us, sometimes hindering us, and all we as unwilling animists can do is a modern ritual to the inarticulate fey creatures that control our inboxes and our mortgages and our insurance rates.

There are networking vendors unleashing similar “spirits” on our networks. Welcome to the brave new world ;)

Worth Reading: AI Makes Animists of Us All

Erik Hoel published a wonderful article describing how he’s fighting the algorithm that is deciding whether to approve a charge on his credit card.

My credit card now has a kami. Such new technological kamis are, just like the ancient ones, fickle; sometimes blessing us, sometimes hindering us, and all we as unwilling animists can do is a modern ritual to the inarticulate fey creatures that control our inboxes and our mortgages and our insurance rates.

There are networking vendors unleashing similar “spirits” on our networks. Welcome to the brave new world ;)

With Systems, HPE Walks The Line Between Demand And Supply

It is a tough environment for a lot of enterprises right now, and has been since the advent of the coronavirus pandemic more than two years ago. …

With Systems, HPE Walks The Line Between Demand And Supply was written by Timothy Prickett Morgan at The Next Platform.