IT certifications: Popular and valuable but not for everyone

In today’s IT profession, how important are certifications? Do you need them to do your job, stay relevant, or receive a promotion? Or is on-the-job training enough?Some IT professionals get certifications because they are required, some get them for monetary reasons, and some get them for their own personal growth. At work, it’s a big topic of discussion. Here’s my experience and what I decided.Network pros react to Cisco certification curriculum When I began my IT career as a network engineer, I was unfamiliar with certifications, but getting the CompTIA Security+ certification was a requirement for my job because of the sensitivity of my work. By getting the certification I would know more about securing networks and keeping them secure. I had to try three times before passing the exam because I had to learn how to take the test, not because I hadn’t mastered the material. That taught me to stay relaxed and reread the questions during the exam, and it taught me that persistence pays off.  Obtaining the Security+ certification gave me a level of confidence that I could obtain more certifications, so I decided to try for the CompTIA Network+ certification to increase my Continue reading

Ethics: University of Minnesota’s hostile patches

The University of Minnesota (UMN) got into trouble this week for doing a study where they have submitted deliberately vulnerable patches into open-source projects, in order to test whether hostile actors can do this to hack things. After a UMN researcher submitted a crappy patch to the Linux Kernel, kernel maintainers decided to rip out all recent UMN patches.

Both things can be true:

  • Their study was an important contribution to the field of cybersecurity.
  • Their study was unethical.
It's like Nazi medical research on victims in concentration camps, or U.S. military research on unwitting soldiers. The research can simultaneously be wildly unethical but at the same time produce useful knowledge.

I'd agree that their paper is useful. I would not be able to immediately recognize their patches as adding a vulnerability -- and I'm an expert at such things.

In addition, the sorts of bugs it exploits shows a way forward in the evolution of programming languages. It's not clear that a "safe" language like Rust would be the answer. Linux kernel programming requires tracking resources in ways that Rust would consider inherently "unsafe". Instead, the C language needs to evolve with better safety features and better static Continue reading

Dell reportedly looking to unload its cloud unit

Hot on the heels of its pending spin-off of VMware, Dell is now reportedly looking to sell off its Boomi cloud business for $3 billion. Bloomberg first broke the news, citing people familiar with the matter.Dell is working with a financial adviser on the sale, sources told Bloomberg, and the idea is said to be in the early stages. One thing about Dell, it does not rush these decisions. The VMware spin-off, which has been discussed for years, started last summer and only now is coming to fruition.Boomi provides an integration platform as a service (iPaaS), which enables the connection of applications and data sources. The platform provides API, lifecycle management, and event-driven architecture features for cloud integration. Dell acquired Boomi in 2010.To read this article in full, please click here

The Hedge 80: Ian Goetz and 5G

Although there are varying opinions 5G—is it real? Is it really going to have extremely low latency? Does the disaggregation of software and hardware really matter? Is it really going to provide a lot more bandwidth? Are existing backhaul networks going to be able to handle the additional load? For network engineers in particular, the world of 5G is a foreign country with its own language, expectations, and ways of doing things.

On this episode of the Hedge, Ian Goetz joins Tom Ammon and Russ White to provide a basic overview of 5G, and inject some reality into the discussion.

download

Juniper: Managing the complexity of future networks

Juniper Networks Manoj Leelanivas Like most of its competitors, Juniper Networks is leaning hard on developing all manner of software components—from automation to intent-based networking—in order to address the changing needs of enterprise-network customers. Moving into the software realm is no small task as Juniper has to integrate products from a number of acquisitions including Mist, 128 Technologies, Apstra, and NetRounds. At the same time it continues to develop its own Junos software and invest in key open-source projects such Software for Open Networking in the Cloud (SONiC) among other undertakings. Network World talked with Manoj Leelanivas, Juniper’s executive vice president and chief product officer about the company’s software directions and how it is preparing for challenges of the future. Here is an edited version of that conversation. To read this article in full, please click here

Juniper: Managing the complexity of future networks

Juniper Networks Manoj Leelanivas Like most of its competitors, Juniper Networks is leaning hard on developing all manner of software components—from automation to intent-based networking—in order to address the changing needs of enterprise-network customers. Moving into the software realm is no small task as Juniper has to integrate products from a number of acquisitions including Mist, 128 Technologies, Apstra, and NetRounds. At the same time it continues to develop its own Junos software and invest in key open-source projects such Software for Open Networking in the Cloud (SONiC) among other undertakings. Network World talked with Manoj Leelanivas, Juniper’s executive vice president and chief product officer about the company’s software directions and how it is preparing for challenges of the future. Here is an edited version of that conversation. To read this article in full, please click here

How to Implement Network Segmentation with Zero Changes to Your Network

Across industries, network segmentation is quickly becoming a critical capability for enterprises of all sizesWhy? First, network segmentation prevents the lateral spread of threats inside the network. Second, it separates dev, test, and production environments. And lastly, it meets increasingly complex compliance requirements while enabling a Zero Trust security strategy. 

Howeverhistorically network segmentation has been fraught with operational challenges and limited by platform capabilities, leading to the perception that setting up and configuring segmentation policies requires massive changes to the physical network as well as a complex, bloated, and costly deployment of physical firewall appliances. 

Not anymore. VMware takes a distributed, software-based approach to segmentation, eliminating the need to redesign your network in order to deploy security. Instead, segmentation policies are applied at the workload level through NSX Firewall, which is deployed on top of your existing VSphere 7 environments. This allows you to easily create zones in the data center where you can separate traffic by application or environment  providing the quickest and easiest way to achieve your data center segmentation Continue reading

Tech Bytes: Unifying Cloud Automation And Network Infrastructure With Gluware (Sponsored)

In this Tech Byte podcast, sponsored by Gluware, we explore the latest features and capabilities in the Gluware network automation and orchestration platform, including an API-based controller to work with SD-WAN, and Terraform integration to support infrastructure automation across public clouds.

The post Tech Bytes: Unifying Cloud Automation And Network Infrastructure With Gluware (Sponsored) appeared first on Packet Pushers.

Cloudflare obtains new ISO/IEC 27701:2019 privacy certification and what that means for you

Cloudflare obtains new ISO/IEC 27701:2019 privacy certification and what that means for you

This post is also available in French and German.

Cloudflare obtains new ISO/IEC 27701:2019 privacy certification and what that means for you

Cloudflare is one of the first organisations in our industry to have achieved ISO/IEC 27701:2019 certification, and the first web performance & security company to be certified to the new ISO privacy standard as both a data processor and controller.

Providing transparency into our privacy practices has always been a priority for us. We think it is important that we do more than talk about our commitment to privacy — we are continually looking for ways to demonstrate that commitment. For example, after we launched the Internet's fastest, privacy-first public DNS resolver, 1.1.1.1, we didn’t just publish our commitments to our public resolver users, we engaged an independent firm to make sure we were meeting our commitments, and we blogged about it, publishing their report.

Cloudflare obtains new ISO/IEC 27701:2019 privacy certification and what that means for you

Following in that tradition, today we’re excited to announce that Cloudflare has been certified to a new international privacy standard for protecting and managing the processing of personal data — ISO/IEC 27701:2019. The standard is designed such that the requirements organizations must meet to become certified are very closely aligned to the requirements in the EU’s General Data Protection Regulation (“GDPR”). So Continue reading

Deep dive into Trend Micro Deep Security integration modules

At AnsibleFest 2020, we announced the extension of our security automation initiative to support endpoint protection use cases. If you have missed it, check out the recording of the talk “Automate your endpoint protection using Ansible” on the AnsibleFest page.

Today, following this announcement we release the supported Ansible Content Collection for Trend Micro Deep Security. We will walk through several examples and describe the use cases and how we envision the Collection being used in real world scenarios.

If you want to refresh your memory about our endpoint protection support with Ansible in general, head over to the the introducing blog post Automating Endpoint Protection with Ansible.

 

About Trend Micro Deep Security

Trend Micro Deep Security is one of the latest additions to the Ansible security automation initiative. As an endpoint protection solution it secures services and applications in virtual, cloud and container environments. It provides automated security policies and consolidates the security aspects across different environments in a single platform.

 

How to install the Certified Ansible Content Collection for Trend Micro Deep Security

The Trend Micro Deep Security Collection is available to Red Hat Ansible Automation Platform customers at Automation Hub, our software-as-a-service offering on Continue reading

If You Haven’t Checked Your Backups, They Probably Aren’t Working

This is a pleasant reminder to check your backups. I don’t mean, “Hey, did the backup run last night? Yes? Then all is well.” That’s slightly better than nothing, but not really what you’re checking for. Instead, you’re determining your ability to return a system to a known state by verifying your backups regularly.

Backups are a key part of disaster recovery, where modern disasters include ransomware, catastrophic public cloud failures, and asset exposure by accidental secrets posting.

For folks in IT operations such as network engineers, systems to be concerned about include network devices such as routers, switches, firewalls, load balancers, and VPN concentrators. Public cloud network artifacts also matter. Automation systems matter, too. And don’t forget about special systems like policy engines, SDN controllers, wifi controllers, network monitoring, AAA, and…you get the idea.

Don’t confuse resiliency for backup.

When I talk about backups, I’m talking about having known good copies of crucial data that exist independently of the systems they normally live on.

  • Distributed storage is not backup.
  • A cluster is not backup.
  • An active/active application delivery system spread over geographically diverse data centers is not backup.

The points above are examples of distributed computing. Distributed computing Continue reading

1 700 701 702 703 704 3,795