Sunday, November 17, 2024
Latest:

Data Center

Networkworld 

GPUs are vulnerable to side-channel attacks

TH Author , ,

Computer scientists at the University of California at Riverside have found that GPUs are vulnerable to side-channel attacks, the same kinds of exploits that have impacted Intel and AMD CPUs.Two professors and two students, one a computer science doctoral student and a post-doctoral researcher, reverse-engineered a Nvidia GPU to demonstrate three attacks on both graphics and computational stacks, as well as across them. The researchers believe these are the first reported side-channel attacks on GPUs.[ Read also: What are the Meltdown and Spectre exploits? | Get regularly scheduled insights: Sign up for Network World newsletters ]
A side-channel attack is one where the attacker uses how a technology operates, in this case a GPU, rather than a bug or flaw in the code. It takes advantage of how the processor is designed and exploits it in ways the designers hadn’t thought of.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

What is Transport Layer Security (TLS)?

TH Author , , ,

Despite the goal of keeping Web communications private, flaws in the design and implementation of Transport Layer Security have led to breaches, but the latest version – TLS 1.3 – is an overhaul that strengthens and streamlines the crypto protocol.What is TLS?
TLS is a cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions. It is an IETF standard intended to prevent eavesdropping, tampering and message forgery. Common applications that employ TLS include Web browsers, instant messaging, e-mail and voice over IP.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

What to expect when the Internet gets a big security upgrade

TH Author , ,

Ready or not, the upgrade to an important Internet security operation may soon be launched.  Then again, it might not.The Internet Corporation for Assigned Names and Numbers (ICANN) will meet the week of September 17 and will likely decide whether or not to give the go ahead on its multi-year project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol – commonly known as the root zone key signing key (KSK) –  which secures the Internet’s foundational servers.RELATED: Firewall face-off for the enterprise
Changing these keys and making them stronger is an essential security step, in much the same way that regularly changing passwords is considered a practical habit by any Internet  user, ICANN says. The update will help prevent certain nefarious activities such as attackers taking control of a session and directing users to a site that for example might steal their personal information.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

VMware sharpens security focus with vSphere Platinum, ‘adaptive micro-segmentation’

TH Author ,

VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.“Our flagship VMware vSphere product now has AppDefense built right in,” VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. “Platinum will enable virtualization teams – you – to give an enormous contribution to the security profile of your enterprise.”[See our review of VMware’s vSAN 6.6 and check out IDC’s top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters]
Announced one year ago, AppDefense is VMware’s data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application’s intended state.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

While no one was looking, California passed its own GDPR

TH Author , ,

The European Union’s General Data Protection Regulation (GDPR) is widely viewed as a massively expensive and burdensome privacy regulation that can be a major headache and pitfall for American firms doing business in Europe. Many firms, including Facebook, have sought ways around the law to avoid having to deal with the burden of compliance.Well, there is no weaseling out now. Last week, with no fanfare, California Governor Jerry Brown signed into law AB375, the California Consumer Privacy Act of 2018, the California equivalent of GDPR that mirrors the EU law in many ways.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Pulse Secure VPN enhanced to better support hybrid IT environments

TH Author , , ,

The workplace is changing rapidly as employees embrace mobility, applications are in the cloud, and Internet of Things (IoT) devices are instrumented for continuous connectivity — and this is affecting how organizations must think about secure access. Regardless of the scenario, organizations want solutions that deliver better productivity for whomever (or whatever) is connecting, a consistent user experience, compliance with corporate policies and regulatory requirements, and strong end-to-end security.This is the playing field for Pulse Secure, a company that has built a broad portfolio of access products and services that are available as a unified platform. Pulse Secure has considered practically every use case and has built a range of solutions to solve the secure connectivity challenges that IT organizations face. The company claims to have more than 20,000 customers and a presence in 80 percent of global enterprises — maybe even yours.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

One in five serverless apps has a critical security vulnerability

TH Author ,

Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.Now we have “serverless” apps, which is a bit of a misnomer. They still run on a server; they just don’t have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It’s the ultimate in small server footprint and reducing server load.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco broadens Tetration security delivery with cloud, virtual buying options

TH Author , , ,

Cisco has added new cloud and virtual deployment options for customers looking to buy into its Tetration Analytics security system.Cisco’s Tetration system gathers information from hardware and software sensors and analyzes it using big-data analytics and machine learning to offer IT managers a deeper understanding of their data center resources.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
Tetration can improve enterprise security monitoring, simplify operational reliability, give customers a single tool to collect consistent security telemetry across the entire data center and analyze large volumes of data in real time.  To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

IBM tweaks its z14 mainframe to make it a better physical fit for the data center

TH Author , , ,

IBM is widening its mainframe range with some narrower models – ZR1 and Rockhopper II – that are skinny enough to fit in a standard 19-inch rack, which will answer criticisms of potential customers that the hulking z14 introduced in July 2017 too big to fit in their data centers (see photo above).In addition to new, smaller, packaging for its z14 hardware, IBM is also introducing Secure Service Container technology. This makes use of the z14’s encryption accelerator and other security capabilities to protect containerized applications from unwanted interference.[ Check out REVIEW: VMware’s vSAN 6.6 and hear IDC’s top 10 data center predictions . | Get regularly scheduled insights by signing up for Network World newsletters. ]
When IBM introduced the z14 last July, with an accelerator to make encrypting information standard practice in the data center, there was one problem: The mainframe’s two-door cabinet was far too deep and too wide to fit in standard data center aisles.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

The complexity of password complexity

TH Author , ,

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users’ passwords will all have twelve or more characters. Let’s stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.First, if you haven’t done this already, install the password quality checking library with this command:apt-get -y install libpam-pwquality

The files that contain most of the settings we’re going to look at will be:To read this article in full, please click here READ MORE HERE…

Read more