Cisco fortifies and simplifies its security portfolio with eye toward cloud, zero trust

Simplifying security options for enterprise customers is a daunting task, and it can be even harder in the current pandemic-driven workforce environment. But Cisco is taking steps to both streamline and bolster its security menu, according to news out of its virtual Partner Summit conference. For starters, Cisco is eliminating 50 product names and simplifying its offerings within the renamed Cisco Secure portfolio. Cisco is also reinforcing its key platforms, including its SecureX and zero trust packages. (See related story, Cisco software upgrades to simplify hybrid-cloud management, operations)To read this article in full, please click here

Cisco fortifies and simplifies its security portfolio with eye toward cloud, zero trust

Simplifying security options for enterprise customers is a daunting task, and it can be even harder in the current pandemic-driven workforce environment. But Cisco is taking steps to both streamline and bolster its security menu, according to news out of its virtual Partner Summit conference. For starters, Cisco is eliminating 50 product names and simplifying its offerings within the renamed Cisco Secure portfolio. Cisco is also reinforcing its key platforms, including its SecureX and zero trust packages. (See related story, Cisco software upgrades to simplify hybrid-cloud management, operations)To read this article in full, please click here

Setting Up Cloud Deployments Using Docker, Azure and Github Actions

A few weeks ago I shared a blog about how to use GitHub Actions with Docker, prior to that Guillaume has also shared his blog post on using Docker and ACI. I thought I would bring these two together to look at a single flow to go from your code in GitHub all the way through to deploying on ACI using our new Docker to ACI experience!

To start, let’s remember where we were with our last Github action. Last time we got to a point where our builds to master would be re-built and pushed to Docker Hub (and we used some caching to speed these up).  

name: CI to Docker Hub
 
on:
 push:
   tags:
     - "v*.*.*"
 
jobs:
 
 build:
   runs-on: ubuntu-latest
   steps:
     -
       name: Checkout
       uses: actions/checkout@v2
     -      
       name: Set up Docker Buildx
       id: buildx
       uses: docker/setup-buildx-action@v1
     -    
       name: Cache Docker layers
       uses: actions/cache@v2
       with:
         path: /tmp/.buildx-cache
         key: ${{ runner.os }}-buildx-${{ github.sha }}
         restore-keys: |
           ${{ runner.os }}-buildx-
     -
       uses: docker/login-action@v1
       with:
         username: ${{ secrets.DOCKER_USERNAME }}
         password: ${{ secrets.DOCKER_PASSWORD }}
     -
       name: Build and push
       id: docker_build
       uses: docker/build-push-action@v2
       with:
         context: ./
         file: ./Dockerfile
         builder: ${{ steps.buildx.outputs.name  Continue reading

‘Credible threat’: How to protect networks from ransomware

(Editor’s note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it’s a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.To read this article in full, please click here

‘Credible threat’: How to protect networks from ransomware

(Editor’s note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it’s a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.To read this article in full, please click here

Introducing Bot Analytics

Introducing Bot Analytics
Introducing Bot Analytics

Bots — both good and bad — are everywhere on the Internet. Roughly 40% of Internet traffic is automated. Fortunately, Cloudflare offers a tool that can detect and block unwanted bots: we call it Bot Management. This is the most recent platform in our long history of detecting bots for our customers. In fact, Cloudflare has always offered some form of bot detection. Over the past two years, our team has focused on building advanced detection engines, innovating as bots become more sophisticated, and creating new features.

Today, we are releasing Bot Analytics to help you visualize your automated traffic.

Background

It’s worth including some background for those who are new to bots.

Many websites expect human behavior. When I shop online, I behave as anyone else would: I might search for a few items, read reviews when I find something interesting, and eventually complete an order. This is expected. It is a standard use of the Internet.

Introducing Bot Analytics

Unfortunately, without protection these sites can be ripe for exploitation. Those shoes I was looking at? They are limited edition sneakers that resell for five times the price. Sneaker hoarders clamor at the chance to buy a pair (or fifty). Or perhaps Continue reading

Survey: Zero Trust benefits remote work during pandemic

(Editor’s note: An August 2020 Enterprise Management Associates survey of 252 North American and European IT professionals found that most had accelerated their adoption of Zero Trust networking framework. This article by EMA Vice President of Research Networking Shamus McGillicuddy further details the results of the “Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation” report.)The COVID-19 pandemic has prompted 60% of enterprises to accelerate their Zero Trust networking strategies. Just 15% of organizations slowed down in response to the public-health crisis, and 25% reported no effect, according to Enterprise Management Associates research.To read this article in full, please click here

Survey: Zero Trust benefits remote work during pandemic

(Editor’s note: An August 2020 Enterprise Management Associates survey of 252 North American and European IT professionals found that most had accelerated their adoption of Zero Trust networking framework. This article by EMA Vice President of Research Networking Shamus McGillicuddy further details the results of the “Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation” report.)The COVID-19 pandemic has prompted 60% of enterprises to accelerate their Zero Trust networking strategies. Just 15% of organizations slowed down in response to the public-health crisis, and 25% reported no effect, according to Enterprise Management Associates research.To read this article in full, please click here

How to modify user-account settings with usermod

There are quite a few changes you can make to user accounts on Linux systems: setting them up, deleting or disabling them, adding or removing users from secondary groups, changing usernames or UIDs, moving home directories, changing users’ shells, altering account expiration timing, and so on.One command that can make nearly all of these changes easier is usermod. The only real constraints are 1) that the accounts you intend to change must already exist on the system (this command won’t set them up from scratch), and 2) that the affected users should probably not be logged in when you make these changes.The basic syntax for the command is usermod [options] LOGIN but that options section has a lot more possibilities than you might anticipate. In addition, sudo permissions will be required for this command since superuser access is required to set up or change nearly all user account settings.To read this article in full, please click here

How to modifying user-account settings with usermod

There are quite a few changes you can make to user accounts on Linux systems: setting them up, deleting or disabling them, adding or removing users from secondary groups, changing usernames or UIDs, moving home directories, changing users’ shells, altering account expiration timing, and so on.One command that can make nearly all of these changes easier is usermod. The only real constraints are 1) that the accounts you intend to change must already exist on the system (this command won’t set them up from scratch), and 2) that the affected users should probably not be logged in when you make these changes.The basic syntax for the command is usermod [options] LOGIN but that options section has a lot more possibilities than you might anticipate. In addition, sudo permissions will be required for this command since superuser access is required to set up or change nearly all user account settings.To read this article in full, please click here

Cisco software upgrades to simplify hybrid-cloud management, operations

Cisco has upgraded some of its core software packages to help customers manage, control and automate functions in hybrid and multicloud data-center environments.With the needs of the pandemic-driven, highly distributed workforce as a backdrop, Cisco is looking to provide visibility and insights into what’s happening across customers’ cloud infrastructure. At the same time it's busting the siloed IT operations many customers have that hold back agile digital-application development, said Prashanth Shenoy, Cisco vice president of marketing. “Businesses are rethinking their IT platforms for multicloud operations, and we are providing the tools to  help them transform faster with insights and automation,” Shenoy said.To read this article in full, please click here