A Role for Role-Based Monitoring in the Virtualization, Cloud Space
Virtualization has changed the way in which we must think about security. First, it has merged the traditionally separate roles of networking, storage and server management -- disrupting well-established processes based on separation of duties. Second, it has collapsed configurations of servers, switches, networks and storage into one system, effectively concentrating all of the risk into one platform, creating a system that is "too big to fail."
Network security assessment: Internal testing relies on various tools
While it is important to test the exterior of your network, an attacker may already be inside. The attacker could be a disgruntled employee or an outsider using services located behind-the-firewall and perimeter security defenses. If you are considering testing your internal security controls, there are several things you need to review, among them the types of internal tests, the testing techniques you may want to employ and the importance of testing employees
Conway's Game of Life - A rule framework and implementation
Conway's game of life is however not only fascinating to look at but is of theoretic interest for mathematics physics, philosophy, economy and many other scientific fields. E.g. it is one of the most famous examples of cellular automata which has become a popular topic to study in computability theory. See Wikipedia for a more in depth article about Conway's game of life,
JavaScript Best Practices
As a web developer who has concentrated on back-end coding in C# and front-end look and feel via HTML and CSS, my skills in JavaScript evolved over time instead of by conscious effort. While this is not uncommon, it can allow for some bad habits to be formed. This set of best practices is my way of taking a step back and addressing JavaScript as a first-class language, with both good parts and bad parts.
Security Manager's Journal: A little housecleaning
VPN configuration has always been a point of contention between the security, desktop and network teams. Our current VPN client is deployed in a split tunneling mode. When someone is using the VPN client, only resources on our network are forced to go through the encrypted VPN tunnel. Everything else, such as webmail, social media and personal file storage like Dropbox, is routed through the user's local Internet connection.
Microsoft uses OpenFlow SDN for network monitoring and analysis
The OpenFlow-based tap aggregation system, called Distributed Ethernet Monitoring (DEMON) Appliance, is an alternative to expensive network packet brokers -- the specialized appliances that aggregate network taps and SPAN ports. Microsoft Principal Network Architect Rich Groves presented DEMON at the Open Networking Summit Tuesday.
Making a business case for data storage and backup
Focus the business case on what really adds value. But, when it comes to data, what is valuable? And, just because data is available, does that mean we need it or will use it? I start with two critical, value-based questions: What decisions would you like to make?; and What data do you need in order to make those decisions?
Under New Business Demands, CIOs Can't Cling to Old BI
CIOs must grapple with the fact that the business must be involved in building out IT since he can no longer have tight centralized control of all technology. Organizations have many different applications sprouting up, from visual discovery tools and business analytics that are also becoming part of the growing use of cloud computing.
9 Fallacies of Java Performance
Java performance has the reputation of being something of a Dark Art. Partly this is due to the sophistication of the platform, which makes it hard to reason about in many cases. However, there has historically also been a trend for Java performance techniques to consist of a body of folk wisdom rather than applied statistics and empirical reasoning. In this article, I hope to address some of the most egregious of these technical fairytales.
Anti-virus Software is Dead…Really?
The study leveraged data from over a billion systems worldwide and it turns out that systems that do not have up-to-date AV are 5.5 times more likely to be infected with malware than systems that are protected. It’s also noteworthy that almost 270 million systems worldwide did not have up-to-date AV installed in the second half of 2012; many people that could be benefiting from the protection that AV offers, are not.
Quote for the day:
"The excitement of learning separates youth from old age. As long as you're learning you're not old." -- Rosalyn S. Yalow
Virtualization has changed the way in which we must think about security. First, it has merged the traditionally separate roles of networking, storage and server management -- disrupting well-established processes based on separation of duties. Second, it has collapsed configurations of servers, switches, networks and storage into one system, effectively concentrating all of the risk into one platform, creating a system that is "too big to fail."
Network security assessment: Internal testing relies on various tools
While it is important to test the exterior of your network, an attacker may already be inside. The attacker could be a disgruntled employee or an outsider using services located behind-the-firewall and perimeter security defenses. If you are considering testing your internal security controls, there are several things you need to review, among them the types of internal tests, the testing techniques you may want to employ and the importance of testing employees
Conway's Game of Life - A rule framework and implementation
Conway's game of life is however not only fascinating to look at but is of theoretic interest for mathematics physics, philosophy, economy and many other scientific fields. E.g. it is one of the most famous examples of cellular automata which has become a popular topic to study in computability theory. See Wikipedia for a more in depth article about Conway's game of life,
JavaScript Best Practices
As a web developer who has concentrated on back-end coding in C# and front-end look and feel via HTML and CSS, my skills in JavaScript evolved over time instead of by conscious effort. While this is not uncommon, it can allow for some bad habits to be formed. This set of best practices is my way of taking a step back and addressing JavaScript as a first-class language, with both good parts and bad parts.
Security Manager's Journal: A little housecleaning
VPN configuration has always been a point of contention between the security, desktop and network teams. Our current VPN client is deployed in a split tunneling mode. When someone is using the VPN client, only resources on our network are forced to go through the encrypted VPN tunnel. Everything else, such as webmail, social media and personal file storage like Dropbox, is routed through the user's local Internet connection.
Microsoft uses OpenFlow SDN for network monitoring and analysis
The OpenFlow-based tap aggregation system, called Distributed Ethernet Monitoring (DEMON) Appliance, is an alternative to expensive network packet brokers -- the specialized appliances that aggregate network taps and SPAN ports. Microsoft Principal Network Architect Rich Groves presented DEMON at the Open Networking Summit Tuesday.
Making a business case for data storage and backup
Focus the business case on what really adds value. But, when it comes to data, what is valuable? And, just because data is available, does that mean we need it or will use it? I start with two critical, value-based questions: What decisions would you like to make?; and What data do you need in order to make those decisions?
Under New Business Demands, CIOs Can't Cling to Old BI
CIOs must grapple with the fact that the business must be involved in building out IT since he can no longer have tight centralized control of all technology. Organizations have many different applications sprouting up, from visual discovery tools and business analytics that are also becoming part of the growing use of cloud computing.
9 Fallacies of Java Performance
Java performance has the reputation of being something of a Dark Art. Partly this is due to the sophistication of the platform, which makes it hard to reason about in many cases. However, there has historically also been a trend for Java performance techniques to consist of a body of folk wisdom rather than applied statistics and empirical reasoning. In this article, I hope to address some of the most egregious of these technical fairytales.
Anti-virus Software is Dead…Really?
The study leveraged data from over a billion systems worldwide and it turns out that systems that do not have up-to-date AV are 5.5 times more likely to be infected with malware than systems that are protected. It’s also noteworthy that almost 270 million systems worldwide did not have up-to-date AV installed in the second half of 2012; many people that could be benefiting from the protection that AV offers, are not.
Quote for the day:
"The excitement of learning separates youth from old age. As long as you're learning you're not old." -- Rosalyn S. Yalow
No comments:
Post a Comment