Monthly Archives: November 2016

  • 0

Race Your Way to Cloud Analytics with Cloud Sync

Category : NetApp

Have you been looking for a way to use the public cloud for your data analytic needs, but have been frustrated with cost and time constraints?

Join our webinar to find out how the NetApp® Cloud Sync service addresses this problem with ease and simplicity. Cloud Sync provides seamless and secure data transfer between your on-premises data center and Amazon’s Simple Storage Service (S3) while also reducing typical transfer times from hours to just minutes.

Join our webinar.

Join NetApp cloud experts as they take a closer look at how to:

  • Quickly move data from your data center to S3 and activate popular AWS services such as EMR, Redshift, and RDS
  • Quickly gain deeper insights into your enterprise data by utilizing cloud services on your data in a matter of minutes and get the results back again quickly
  • Leverage efficient data synchronization capabilities by moving only the changes from previous syncs and dramatically reducing the time and costs traditionally associated with keeping data in sync
  • Benefit from a purpose-designed secure service because your data is always kept within your own network and S3 security domain and is never accessible to a third party

Date: Wednesday, December 07, 2016

Time: 10:00 AM Pacific Standard Time

Duration: 1 hour

To learn more about the new Cloud Sync service, register now.


  • 0

The Threat is Already Within

Category : Imperva

In recent years, we have witnessed a growing number of enterprises and government agencies suffer data breaches. At the same time, we have witnessed significant growth in information security budgets. While organizations are buffing up their security layers—which is important—most of the focus is on preventing direct threats that come from outside, while detecting threats from within is neglected.

We find this troubling, since our research indicates many significant data breaches are ultimately an “inside job.” Insiders – be they employees, contractors, business associates or partners – pose the biggest risk to enterprise data since they are by definition granted trusted access to sensitive data. In conjunction with several Imperva customers we analyzed live production data that logged how users interacted with and accessed data stored in enterprise databases and file shares.

We detected insider data threat events within every single design partner we worked with, confirming suspicions that ongoing insider abuse of data goes undetected.

Based upon this analysis, we classify the “threats from within” into one of three categories —malice, negligence, and compromise.

• Malicious insiders – trusted insiders that intentionally steal data for their own purpose – are the obvious nightmare scenario. Edward Snowden1 and Chelsea Manning2  (born Bradley Manning) are the highest profile recent examples.

• Careless and negligent insiders are the second insider threat. These are people within or directly associated with the organization that do not have malicious intent. Yet they expose sensitive enterprise data due to careless behavior— usually by trying to cut corners or simplifying their daily chores.

• Compromised insiders allow “external” threats (e.g., cybercriminals or nation-states) to act with the same level of freedom as the trusted insider itself. This is because once an insider is successfully compromised – usually via credential compromise or malware – it is in fact the insider that is directly accessing sensitive data. The Sony breach3 is a classic example of a breach resulting from insider compromise.

The investigation and analysis we conducted with our design partners detected instances of all three insider threat categories. Our approach focused on early detection of the breach of the data itself, rather than preventing initial external attacks. We believe this approach proved effective for two reasons. First, it identifies both malicious and negligent breaches, which by definition will not have any associated external attack. Second, focusing on the data itself – which is the ultimate end goal of any breach – eliminates the need for attack prevention to be 100% effective (which it never is).

the-threat-is-already-within


  • 0

Cyber Defenders Must Focus on the Ends, Not the Means

Category : FireEye

Too Many Organizations Focus on the Means, Rather than the Ends

I’m sure we’re all familiar with the famous question that asks “Do the ends justify the means?”  While this question is believed to be more than two thousand years old, I believe we can learn an important information security lesson from studying it.  Over the course of my career, I have observed that in the case of the modern attacker, the answer to this question is yes.  What do I mean by this statement?  I’ll elaborate.

Let’s begin by looking at this question from a slightly different perspective — one that as security professionals, most of us can all relate to.  For those of us who have worked in security operations and incident response for a while, we’ve seen that an attacker will use whatever means are necessary to accomplish a given end.  In other words, to execute the attacker’s objectives, he or she will take whatever path will lead to success.

Although this famous question is traditionally asked in a moral context, that is not my purpose or place here.  Rather, if we dissect this question analytically, we find that it provides us a model we can use to improve our respective security postures.  To better understand what I’m getting at, let’s abstract security into a different model inspired by this question:  the ends and the means.

Unfortunately, in security, we focus almost entirely on the means.  Perhaps ironically, it is the ends that we should instead be focused on.  What do I mean by this?  If we go back to first principles and think about risk mitigation, it should become clearer.  Allow me to illustrate through a few examples.

Internet of Things (IoT)

We’ve all been hearing a lot lately about IoT.  There is plenty of buzz and hype surrounding IoT, and in fact, infected IoT devices have been blamed for several recent DDoS attacks.  There is no question that building security into IoT devices will remain an important topic for years to come.

I’d like to offer a different perspective when it comes to IoT.  If you’re a defender, you’re may be struggling to make sense of IoT.  You may get drive-by enquiries from management.  Or, perhaps you see IoT devices being deployed around the enterprise and are wondering what steps were taken to secure them, if any.  Perhaps you are also wondering how to include IoT under the umbrella of your existing security program.

These are all valid concerns, and I believe that, for the defender, the answers lie in focusing on the ends, rather than the means.  Compromising IoT devices is a means for an attacker.  When we shift to focusing on the ends, the questions we need to ask ourselves evolve.  What is the attacker after?  What is the risk that poses to the organizations?  For example, we may conclude that the attacker is looking to IoT as a launch point for theft of sensitive data, or perhaps for DDoS attacks against others.  In either case, focusing on the ends allows us to adapt our security program to mitigate these risks through monitoring and response.  This is something that might not have been inherently obvious to us had we remained focused on the means.

Cloud

In just about every meeting I have these days, organizations are talking about their move to the cloud.  Regardless of where a particular organization is in this process, the novelty of the cloud means that there isn’t a lot of prior security experience to build on.  That can make securing an enterprise in transition seem like a daunting task.  Until we shift our focus to the ends, that is.

When we look at the cloud as a means for an attacker to steal data, disrupt business, commit fraud, or any number of possible outcomes, our perspective shifts.  Instead of trying to protect the cloud like we protect a traditional enterprise network, we move to focusing on mitigating the risks that could result from unauthorized access to information or resources in the cloud.

Within this framework, we move to understanding how we can mitigate risk through monitoring and response.  We look to collect important telemetry data from our cloud environment and seamlessly integrate it into our existing security analytics capabilities.  We look to the endpoint to regain visibility lost in the move away from the traditional enterprise network.  We look to understand and monitor our hosted applications even better than we understood and monitored our enterprise applications.  All of this towards the goal of focusing on the ends.

Spear Phishing

It will likely surprise no one that attackers are still leveraging spear phishing as a means into an organization quite regularly.  Sometimes, people ask me why this is the case.  In my opinion, the answer is quite simple: it’s easy and it works.  Spear phishing seems to be one of the favorite ways attackers gain a foothold inside an organization for the purpose of compromising credentials, moving laterally, acquiring information, exfiltrating data, and other types of nefarious activities.

Unfortunately, all too many organizations focus on the means, rather than the ends.  This causes them to run around chasing one campaign after the next, burning many valuable analyst cycles in the process.  Am I saying we shouldn’t try to prevent or better understand spear phishing attacks?  Of course not.  By all means, we should.  But when campaigns sneak through our defenses, our attention needs to turn to the ends.

When we look at what attackers do after they use spear phishing as a means, we see that they generally use any compromised assets as a launch point to burrow deeper into the organization.  From there, they look to execute various different objectives, such as the ones I enumerated above.  Examining the problem from the perspective of the ends instructs us to focus more on detecting and eradicating the attackers before they are able to cause grave damage, and less on chasing after the latest campaigns.

There is certainly no limit to the examples we could enumerate here to illustrate the point.  No matter what the means, focusing on the ends can help us steadily mitigate risk, even in a dynamic environment.  Different types of means come and go as attackers continually adapt their tactics to accomplish their end goals and ensure their success.  The trick is to think more broadly about the risk we’re trying to mitigate, rather than getting distracted and instituting one-off policies and solutions to new means that may arise.  For an attacker, the ends always justify the means.  As defenders, we need to take a lesson from that.


  • 0

Defend Against the Unknown with McAfee Endpoint Threat Defense Solution

Category : McAfee

Targeted exploits. Ransomware. Explosive growth in zero-day malware. Organizations are locked in an ongoing arms race with cybercriminals— and the attackers are gaining the edge. Modern adversaries know the strategies organizations use to try to block their attacks, and they’re crafting increasingly sophisticated, targeted malware to evade defenses. They hide attacks within legitimate applications.

They delay execution. They exploit the weakest link. And they travel laterally from one endpoint to another, silently collecting information undetected.

Meanwhile, security teams are struggling just to contend with the threats they know about. They’re grappling with an expanding attack surface, as more mobile devices create new entry points into the business—even when they’re offline.

They face overwhelming complexity and noise as they juggle the myriad of alerts coming in from siloed traditional defense systems, slowing down response times and hindering investigations. All the while, they’re pressed to deliver critical business services without disruptions or slowdowns—they can’t grind productivity to a halt every time an endpoint detects something new.

The result is that more threats are slipping past defenses. They’re dwelling inside organizations for longer, re-infecting systems more frequently, and wreaking more serious damage. A shortage of IT security expertise and resources only exacerbates the problem. And many organizations are left playing catch-up, knowing they need to adapt defenses more quickly but feeling as if they’re steadily losing the race.

defend-against-the-unknown-with-mcafee-endpoint-threat-defense-solution


  • 0

Why Mobility Management is becoming more of an essential?

Category : Pulse Secure

Thursday, December 12016  |  8:309:00am PST

Welcome to Pulse Secure’s webinar series on The Six W’s of Pulse Secure! We will take you through the journey on the perfect formula for staying contemporary in the vast evolving world of Hybrid IT.

More and more people now use their mobile devices for work and play. But the convenience of BYOD also adds security, privacy, and compliance concerns to IT admins. With mobile device usage and dependability becoming the norm, mobile security is more of an importance than ever before.

The fifth webinar in our series will lead you through why Pulse Workspace, our app-agnostic container solution, allows employees to enjoy the true native user experience of their preferred mobile device for both work and life.

Attend


  • 0

Mobile Authentication Done Right: Secure Single Sign-On for Mobile Apps

Category : Mobile Iron

Native App SSO for MI Access

Cloud apps are winning the enterprise. 86% of employees in the CCS Insight’s Employee Mobile Technology Survey use mobile apps for work and the majority of these apps are cloud-based. Native mobile apps – not mobile browsers – are the primary way employees access mobile enterprise cloud services like Box, G Suite, Office 365, and Salesforce. Employees choose mobile apps for work because of the exceptional design and user experience. Purpose-built for productivity, a few swipes and clicks is all it takes to get stuff done via mobile apps. One great example is the Concur expense management app. Concur makes is extremely simple to take a photo of your receipts and, with a few clicks, you submit an expense report. No more scanning and uploading receipts. Good for employee productivity; great for employee happiness.

The App-to-Cloud Security Gap

Enterprises embracing mobile and cloud services expect the same security and single sign-on capabilities to work for their native mobile apps as with web-based accessed from a PC. However, the sandbox architecture of mobile apps prevents traditional SSO techniques from working effectively. Example: limitations when it comes to sharing authentication tokens between mobile apps, unless written by the same organization.

As a result, if an organization uses the Box app, Concur app, Outlook app, and Salesforce app, employees would need to provide the same credentials every time they logged into each app. To make matters worse, the smaller mobile form factor combined with increasingly complex password policies set by IT means that employees can easily fat-finger their passwords and potentially lock themselves out of the applications. Productivity fail.

This is understandably frustrating for users but also for IT; think of all the help desk tickets, wasted time, and lost productivity that occurs when you can’t get to the information you need when you need it. This leads employees to bypass IT, and find their own apps and services – hello, Shadow IT.

Shadow IT, fuelled by the consumerization of technology, has for the first time taken control away from IT and put the end-user in the driver seat. While this shift in control has increased anywhere, anytime productivity, it has created a new security gap. At MobileIron we have coined a term for this: the app-to-cloud security gap. A consequence of Shadow IT, the app-to-cloud security gap results when employees download corporate data onto unsecured devices or store it in cloud apps outside of IT’s protection.

Enterprises need three things to combat the app-to-cloud-security gap: 1) device trust, 2) app trust, and 3) user trust. We released MobileIron Access in April to ensure that only trusted devices and trusted apps with trusted users are allowed to access corporate information.

Introducing secure SSO for native mobile apps

MobileIron Access solves the mobile app-to-cloud security challenge using:

  1. MobileIron EMM to establish device trust – device trust is essential to keep cloud data from being stored on unregistered, insecure or non-compliant devices.
  2. MobileIron Tunnel to establish app trust – app trust is essential to keep cloud data from wandering away – be it via unmanaged native mobile apps or 3rd party cloud services.

    This is a very nuanced scenario and requires us to consider two specific risks:

    1. Sloppy Apps – this is simply an IT approved app, say Microsoft Word, being downloaded from the personal app store instead of the enterprise app store. By virtue of the app being downloaded from the public app store, IT has no control over the app or data within.
    2. Parasite Apps – this is the case when a user connects a 3rd cloud service to a corporate cloud service like Salesforce. Salesforce has a booming ecosystem of apps and services that use Salesforce APIs to provide users with custom apps and experiences. One wrong decision by a user and all of you Salesforce data ends-up in malicious hands.
  3. Integrations with IdPs – to make sure only your users are getting access to the information that are entitled too
  4. MobileIron Tunnel, our per app VPN solution. Device and application trust is delivered using MobileIron enterprise mobility management (EMM) and MobileIron Tunnel. Employee trust is delivered by integrating with an enterprise’s Identity Provider (IdP).

MobileIron Access brings together information from the MobileIron platform and IdP to provide a comprehensive solution to the Mobile App-to-Cloud security challenge. With Secure SSO for native mobile apps, Access significantly enhances the user experience improving an organization’s security hygiene while enabling user productivity.

Introducing secure SSO for native mobile apps

Today we launched enhancements to the user trust piece. MobileIron Access today became the first to deliver secure single sign-on (SSO) for native mobile apps. This makes it easier for employees to use their favorite enterprise mobile apps – without requiring them to enter corporate login credentials repeatedly and without requiring developers to wrap apps or make code changes to support SSO.

User trust – better known in technical circles as identity – is a fundamental building block of any security solution. As enterprises prepare to protect data as it moves across a range of secure and unsecure apps and devices, secure SSO for native mobile apps enhances how they can combine identity with device and app posture to make better contextual security decisions.

Secure SSO for native mobile apps builds on years of MobileIron work helping customers simplify the authentication user experience.

Looking Under the Hood

So, how does MobileIron Access with secure SSO for native mobile apps work?

Step 1: At device registration, MobileIron delivers an identity certificate and specific configurations for MobileIron Tunnel (per app VPN). This is key to establishing device and app trust.

Step 2: At app launch, the identity certificate provisioned at enrollment is presented to MobileIron Access.

Step 3: At this point, instead of handing off the authentication request to the IdP and prompting the user for credentials, Access uses the secure identity certificate to generate a SSO token for the specific cloud service

Step 4: User has secure access to cloud information on a known device via a secured app.

Remediation: If the user attempts to access cloud services via a non-compliant device or insecure app, they are presented with a customized remediation screen that walks them through the steps required to properly secure their devices and apps – no helpdesk intervention required!

This secure SSO experience can be applied to any native mobile application secured by MobileIron Access. IT gets the security it wants and employees get the experience they want, a win-win situation.


  • 0

Assessment & Authorization (A&A) for Cross Domain Solutions Webcast

Category : Forcepoint

Tue, Dec 6, 2016 2:00 PM – 3:00 PM EST

Please join us to learn more about A&A for Cross Domain Solutions on December 6th 2PM ET.

Assessment and Authorization (A&A) addresses the risk of operating an information system in a specific environment. A cross domain solution (CDS) provides the ability to connect networks at different classifications in a controlled manner. Performing risk management on a CDS requires more than just a standard approach to A&A due to this connection.

Join Steve Welke, Forcepoint™ (formerly Raytheon|Websense) Principal Consultant and A&A Expert, as he navigates through A&A terms, approaches, and processes as they apply to cross domain solutions.
In this webcast you will learn:

How to understand and navigate the SABI (Secret and Below Interoperability) and TSABI (Top Secret/SCI and Below Interoperability) processes;

About the latest changes to processes and documentation that impact SABI and TSABI; and a
bout current initiatives to standardize the A&A approaches and processes.

Who should attend:

Anyone who attended our last webcast: “Navigating Assessment & Authorization”
Anyone tasked with managing or participating in an A&A effort
Anyone working with cross domain, multilevel security solutions

Register


  • 0

IoT Security and the Attack of the Appliances: Tamara McCleary on the IoT in 2017

Category : Imperva

We hosted Tamara McCleary, CEO of Thulium, a social media-marketing agency on a recent Google Hangout. Also present were Nicole Banks, community manager and Nabeel Saeed, security evangelist from Imperva Incapsula. Together they discussed the state of IoT and how security issues may affect us all in the future.

McCleary says the Internet of Things (IoT) is a game changer, but it’s emerging at a time when threats against our data and systems have never been greater. Recently Botnet of Things (BoTs) have been used in large-scale attacks. We asked Christopher Elisan, principal malware scientist at RSA, what to expect.

BoTs are a compromised set of IoTs that act in unison based on a centralized command to conduct DDoS attacks. BoTs take advantage of the data they send to a network resource. For example, an appliance that sends out a daily data status to its manufacturer’s network resource can be compromised to flood that network resource by sending status updates every minute instead of every day. Appliances that can browse the Internet are also vulnerable. There are refrigerators that have a built-in tablet that gives users the ability to browse the web. If they are compromised to target specific websites, when investigators trace back the source of the DDOS attack they find appliances instead of computer systems.

IoT in 2017

“When it comes to IoT, manufacturers are preparing for an onslaught of product launches and customer engagement,” said McCleary. “And at the same time, the marketplace is going to have more security issues.”

When asked about the state of IoT in the next year McCleary had this to say, “Some analysts expect IoT growth to be higher in the enterprise market space first, at least for the next few years, because businesses are starting to really look into ways to save money and improve productivity.”

IoT security

“Security is one of the reasons why the IoT has not accelerated and proliferated as much as people had expected,” said Nabeel Saeed. “As we all know, with the addition or introduction of every new IoT connection, you have another potential point of failure or another point of compromise.”

There are currently four-to-six billion IoT devices in the marketplace, according to Saeed. “And to say security was an afterthought would be an overstatement.”

The Internet of Things presents huge opportunities in terms of how business is conducted and how we live our lives. But, says Saeed, “We need to be cognizant of the growing security challenges that come with it.”

Tamara McCleary pointed out that there are an average of 13 enterprise security breaches every single day. These breaches result in roughly 10 million records lost per day, or 420,000 every hour. This is the reason why the movement of products to market in the IoT space has been slow.

How Do We Protect Our Appliances (and Ourselves)?

“There are two challenges when it comes to securing IoT devices,” said Saeed. “The first is to make sure data traversing from the internet to the IoT device is not breached. And the second challenge is to make sure our devices are not infiltrated by nefarious code or data.”

A service that is experienced in securing data completely would be the solution. “For both ingress and egress concerns, it’s equally important to have a specialized security solution around your devices,” said Saeed. This solution would secure the central service and protect both the consumer and producer.

On the consumer side, said McCleary, changing the security settings right out of the box is important. “If you leave your device on a factory setting for password, you’re going to set yourself up for the potential of being hacked.”

When asked how to secure a network that must connect to devices with little to no security capabilities, Christopher Elisan said, “Securing the IoT means securing network communications between these devices and their intended recipient. There must be a solution that monitors, verifies and authenticates any data going into the IoT. This ensures that any data or command is coming from a trusted source such as the device’s manufacturer. The same principle applies to data going out to the intended recipient. The data should be in the right format with verified and authenticated content.”

DDoS attacks and your toaster

A distributed denial of service (DDoS) attack is a malicious attempt by a threat actor to knock down an internet-connected resource. If you are connected to the IoT through your toaster, thermostat, TV and garage door opener, a DDoS attack can cause havoc in your household.

“You might ask yourself, ‘Why would anyone want to hack me?’” said McCleary. “You have to understand that a wide net is being cast by hackers and your devices might be caught in that net. These criminals aren’t pinpointing you in particular, but they’ll send out simple script to two million IP addresses just to see which ones stick.”

The gap between IoT and software security

“With apps and software you tend to have trusted verification sources,” said Saeed. “If you buy something from the Apple store or from Google Play, these companies have dedicated resources that make sure their products aren’t compromised in any way.”

But you have to be careful with IoT, especially in your house, said Saeed. “If you don’t have proper security measures in place, you could suddenly discover that something has attached itself to your devices. And this breach could easily take over your computer or your camera.”

IoT security at a glance

There is a burden on the consumer to make sure their pass codes are strong and effective. And to help them there are standards emerging within the industry that put more emphasis on security issues.

Still security is generally not the first priority when it comes to creating some of these devices.

“It’s incredibly hard to update a vulnerable device with better safeguards once it’s already been installed,” said McCleary. “That’s why security systems cannot simply be ‘bolted on’ after it arrives from the manufacturer.”

Consumer security measures

“First and foremost,” said McCleary, “we can’t be lazy. We can’t take things out of the box and just plug and play. You absolutely have to care about security.

“It’s a little inconvenient, but it’s definitely worth the trouble. If you’ve ever been hacked before, then you realize how important it is for you to have better pass codes and more encryption involved. Take control of your own data and your own security. Don’t rely on a company to do that for you.”

Saeed agrees. “Change your password frequently,” he said. “Make sure you update the firmware of your devices because it’s created precisely to deal with security issues. You’re a lot more vulnerable to threats than you think.”

The promise of the IoT

“The Internet of Things isn’t new,” said McCleary. “There have always been systems in place that connected our devices. But now it’s affecting key, cool areas of our lives such as transportation and healthcare.”

In the past IoT was more about technology and innovation. Now, said McCleary, companies are more customer-centric. “It’s really cool to see how technology really is powered by human beings trying to help other human beings. Keep in mind that when we’re selling products or services, we’re not using machines to sell something to another machine. It’s a person selling to another person.”

“We’ve talked about security in regards to IoT, and we’ve talked about the benefits to consumers, but we have yet to talk about one of my most passionate topics and that is data and data analytics,” said Saeed. “Think about it, when you have a device that’s connected to the internet, you’re able to harvest massive amounts of data. We have the supercomputing capacity now to get really valuable insights to make better business decisions, and to understand customers better and create different products.”

Get ready for a wild ride

“I just have to say, we need to fasten our seat belts and hang on,” said McCleary. “I predict it’s going to be a wild ride for the next 10 years. We are in a position where we can create a future consciously, together, that supports human beings on this planet to have a better life.”

In conclusion, McCleary brought the talk back to why we are so fascinated by the IoT and why it fires our imagination. “I do believe that we can come together and we can create a better future for those that come after us and make our lives count. We can use our intellect and our soul and our heart and our love for people to make this a better place.”

You can watch the video of the Google Hangout for the complete Q&A with Tamara McCleary and Nabeel Saeed. Let us know if you have more questions for them.


  • 0

Does NFV Create Vendor Lock-In?

Category : Gigamon

As the buzz around network function virtualization (NFV) continues to grow, particularly within the mobile service provider market, carriers are in trials to virtualize key functions within the evolved packet core (EPC), such as the serving gateway (SGW), PDN gateway (PGW), and mobility management entity (MME).

By leveraging off-the-shelf x86 platforms for running these functions, they can de-couple the software trajectory from the hardware systems and achieve a degree of vendor independence. Well, at least in principle.

The challenge becomes scalability. While some functions are relatively low bandwidth and do not require high-capacity and high-processing capabilities, others do. And for those functions, the allure of the x86 platform is ease of scalability and elastic provisioning capacity. But this is where things start to get a little murky.

In many cases, scaling performance in a virtualized environment requires special handling of packets—for example, when performing hypervisor and virtual switch bypass with technologies like single root input/output virtualization (SR-IOV). Typically, organizations will use specialized Network Interface Cards (NICs) accompanied by hardware acceleration or NIC-level offloading to enhance performance. But to take advantage of these technologies for acceleration and improved performance, organizations need to work with those specific cards, which, in turn, brings a certain amount of lock-in both on the software and hardware side.

In other words, once carriers deploy technologies for acceleration, they can’t simply swap out a server for any other x86-based server. Rather, they are required to stick with the same vendor that provides the hardware acceleration and NIC cards and, perhaps, even seek buy-in from that vendor to ensure their software is easily portable to the newer generations of NIC cards with hardware-assist functions.

Next, and once every ounce of performance has been extracted using NIC offload, hypervisor/kernel bypass, and other techniques, it’s time to scale out performance through multiple servers. If the network functions being virtualized are stateless, it’s a relatively easy process. However, if it’s necessary to maintain state and load balance across a scaled-out NFV solution, the process becomes a bit more complex. In this latter case, organizations will need a load balancer that can understand the protocols associated with the network functions, correlate the traffic across the various interfaces (if needed), and then intelligently load balance across the scaled-out instances of the virtualized EPC functions.

It’s a process that reminds me of the early days of e-commerce and the commercial Internet, which also began with web servers running on x86. As traffic to websites and web applications grew, those web servers and applications needed to scale.

That required traffic to be load-balanced across a scaled-out solution. For e-commerce traffic, that requires things like stateful load balancers to track sessions, and cookies, as well as sending the right traffic to the right instance of the web application or server. While this could initially be achieved with a software-based load balancer, and as traffic volumes grew, the process required a dedicated appliance that could perform a variety of tasks, including load balancing, health checks, and load re-distribution. In time, this led to dedicated load balancers with field programmable gate arrays (FPGAs) and hardware-assist functions and, ultimately, application delivery controllers.

Is the NFV world headed in that same direction? If so, who will build the load balancers for all the different virtualized network functions? If every vendor were to provide a solution with different virtualized network functions (VNFs) for load balancing in a scaled out environment, will there be vendor-specific load balancers for each virtualized EPC function?

Adding together the two scenarios (i.e., the use of specialized acceleration engines and NICs for performance improvements within the server plus the use of dedicated, stateful load-balancer appliances to distribute traffic across servers), begs the question: Could NFV be headed down a path of tighter vendor lock-in rather than vendor independence? In its current trajectory, it certainly seems so. – See more at: https://www.gigamon.com/blog/2016/11/29/nfv-create-vendor-lock/#sthash.e2H6nsex.dpuf


  • 0

The Secrets of Staying Ahead of the Bad Guys

Category : HP Security

With continued improvements in payments security through technologies such as P2PE and EMV, the PCI community has been effective at combating crime in a wide variety of traditional retail environments. As the use of stolen or fraudulent cards for in-person transactions becomes more difficult, however, criminals are increasingly shifting their focus to online activities, and the rapidly growing mobile payment sector. To stay ahead of the bad guys, merchants need solutions that are designed to reliably protect payment data within their environment, and reduce PCI scope without impacting business processes.

Join this webinar to learn why any business that wants to remove sensitive data from their databases should understand these strategies on how they can eliminate exposure to cardholder data, reduce risks and PCI audit costs. You will learn:

•How the threat landscape is evolving
•What the attackers are doing differently
•How to stay ahead of cyber thieves, while neutralizing the risk of payment data breaches
•What is necessary to secure all e-commerce and mobile transactions
•How to enable innovation and business growth while maintaining strong data protection

 
Live online Dec 6 4:00 pm United States – New York
or after on demand 60 mins
Presented by
Smrithi Konanur, Global Product Manager at HPE Security & Priyank Kumar, Sr. Product Management at HPE Security

Support