Security
There are 29 entries for the tag Security
It has been a while since I wrote an installment of Load Balancing for Developers, and now I think it has been too long, but never fear, this is the grad-daddy of Load Balancing for Developers blogs, covering a useful bit of information about Application Delivery Controllers that you might want to take advantage of. For those who have joined us since my last installment, feel free to check out the entire list of blog entries (along with related blog entries) here, though I assure you that this installment, like most of the others, does not require you to have...
Every once in a while, as the number of people following me grows (thank you, each and every one), I like to revisit something that is fundamental to the high-tech industry but is often overlooked or not given the attention it deserves. This is one of those times, and the many-faceted nature of any application infrastructure is the topic. While much has changed since I last touched on this topic, much has not, leaving us in an odd inflection point. When referring to movies that involve a lot of CGI, my oldest son called it “the valley...
The complexities of life often escape a young child. The Little Man asked me the other day why I had to go work, which was both a compliment to wanting to spend time with me and an unintended backhand slap at Lori, who was going to hang out with him while I took care of business. The answer was the usual stuff, that working paid the bills, and work has its own rewards… It did not include “and I like my job”, though I do, simply because I didn’t want to imply “more than hanging out with you” to...
There has been much made in Information Technology about the military quote: “He Who Defends Everything Defends Nothing” – Originally uttered by Frederick The Great of Prussia. He has some other great quotes, check them out when you have a moment. The thing is that he was absolutely correct in a military or political context. You cannot defend every inch of ground or even the extent of a very long front with a limited supply of troops. You also cannot refuse to negotiate on all points in the political arena. The nature of modern representative government is such that the...
There has been a lot written about “IT Democratization” and how it will change the world. To some extent that is true, and I’ve previously encouraged IT management to support the process. But listening to those who see a “Bright new future” makes me realize that while we agree in principal, as always, the devil is in the details. In high school, we could take the standard lunch for a set fee or eat ala-carte’, which was essentially a short-order grill. Others could bring their own lunch, whatever they (or their parents) could pack into a bag or box. ...
(Booming voiceover voice); Are you running the same tired old network tools? Does your network staff have to administer security and load balancing for each and every application? Do you find application analysts and owners show a growing frustration with the network team’s response times due to overloading? Well get in there and fix that network! Get the tools that you need to make your network more application friendly, reduce fatigue amongst your network staff, and give application owners more control of their applications! That was, of course, a joke poking fun at both the way we run...
We’ve all had that chilling moment when the gate attendant at the airport comes over the loudspeaker, and doing her best Charlie Brown’s Teacher imitation, announces “Jursim Puzzling vlordid Netting, gollink dummole Neptune.” (This flight is in an oversold situation, we’re looking for volunteers…). While we could discuss the causes and solutions to this being an all-too-frequent event in the daily operation of airlines, for the purposes of this blog, let’s talk about the back end. The problem on the back end is, quite simply, that the plain cannot be expanded to handle the burden demanded of it. That...
This is the second part of this series talking about things you need to consider, and where cloud usage makes sense given the current state of cloud evolution. The first one, Cloud Storage, can be found here. The point of the series is to help you figure out what you can do now, and what you have to consider when moving to the cloud. This will hopefully help you to consider your options when pressure from the business or management to “do something” mounts. Once again, our definition of cloud is Infrastructure as a Service (IaaS) - “VM containers”, not...
A few years ago, a gentleman created a video showing how quickly an unpatched, unprotected Windows XP machine was infected once connected to the public Internet (the linked video is worth a watch, and is short). That video took the business community pretty much by storm, but was old news to security administrators and most systems administrators. Things have improved on the operating systems side of the house, but so have the systems, attackers, and environment for hackers, meaning things aren’t much better today. In the confines of your enterprise, that’s all cool. Whether you are deploying a...
Lori and I received the new Blackberry Smart Phones that F5 ordered for us last week, and have spent about a week familiarizing ourselves with all that has changed since our several-year-old ones came out. There is certainly a lot of change. The Social Media add-ons bundled into these phones are certainly much nicer than the ones we had installed on our older phones, texting has its own app rather than being a part of the email package, the screen is more crisp, and photo quality is light-years ahead of previous incarnations, but still doesn’t compete with high-end digital...
Note: While talking about this post with Lori during a break, it occurred to me that you might be thinking I meant “MS Windows”. Not this time, but that gives me another blog idea… And I’ll sneak in the windows –> Windows simile somewhere, no doubt. Did you ever ponder the history of simple things like windows? Really? They evolved from open spaces to highly complex triple-paned, UV resistant, crank operated monstrosities. And yet they serve basically the same purpose today that they did when they were just openings in a wall. Early windows were for ventilation and...
Having just returned from our annual D&D tournament, this year in Las Vegas, I have role-playing on the mind, so when I read the title of Elizabeth White’s blog IBM and Cable & Wireless to Develop UK Smart Energy Cloud, I immediately thought of the AD&D Druid spell Call Lightning which gathers clouds and then emits lightning every ten minutes until it runs out. Which is kind of in line with what her blog is talking about – two companies with a history in smart energy grids getting together to make it a reality. Most striking to me...
In nature, things seek a balance that is sustainable. In the case of rivers, if there is too much pressure from water flowing, they either flood or open streams to let off the pressure. Both are technically examples of erosion, but we’re not here to discuss that particular natural process, we’re here to consider the case of a stream off a river when there is something changing the natural balance. Since I grew up around a couple of man-made lakes – some dug, some created when the mighty AuSable River was dammed, I’ll use man-made lakes as my examples, but...
There are many instances in the world where third-party verification of thoughts and ideas are just a useful thing to have. Cases where the vested interest of one party makes their opinion suspect, even if it is unbiased. For those cases we have a whole collection of organizations and corporations that will research and verify, test and certify, validate and verify, whatever, depending upon the issue and the needs of the target audience. A good example of this that I know of for the obvious reasons is gluten-free foods. There is a “certified gluten free” program in the US,...
Recently I was in a conversation where someone seriously suggested that Web Application Acceleration and WAN Optimization should be the job of developers, since they are in the code and creating the network traffic. At first I was taken aback by this suggestion. I was a manager of a small team of developers and admins when Web Application Firewalls first started to be bandied about (though I don’t think they had the fancy name then), and went through this entire discussion then. Never in my wildest dreams did I think we’d revisit it on the much grander scale mentioned....
We spent the US Holiday Thanksgiving at my Mothers’ house some 500 miles away. We love when we get the chance to see her, and there’s always someone else there. This year one of my wonderful nieces was there with husband and baby in tow. And the baby was sick. Now this is my grand-niece, so of course I wanted to spoil her a bit, but she was out of sorts with a cold and ear infection, so it was tough. The Toddler is at the age where he wants to play with little girls, but beyond tag isn’t...
The hype around cloud shows every indication of settling down, which, if you go with the Gartner Hype Cycle model means that the trough of disillusionment is yawning before you. But you don’t have to dip into the trough, if you didn’t ride up the hype hill. The thing is, that with this particular hype cycle, IT was the brakes on the hype cycle, wanting to quickly identify what Cloud could and could not do for your organization, while the business was riding the hype up. That’s good, it will serve to smooth out the trough. If you’re...
We were sitting and chatting with a fellow geek last night, and he was describing a corporate network he is familiar with. The description was like a tale from the old show “The Twilight Zone”. If it was a security vulnerability, it was present. If it was a standard and accepted security procedure, it was not present. The story got scarier by the minute, and was largely explained when the punch line was “they’ve had 200% admin turnover in the last few years.” Actually, I don’t know if it was 200%, I suspect it was higher as a percentage,...
I was pondering the weather in Northeast Wisconsin this morning, it’s gloomy and oppressively hot. Between heat and humidity, I’d say it felt more like the US’s Pacific Northwest than the Midwest. And it’s been that way all summer. We’ve been plowed under with 80+ percent humidity for months, and every once in a while the temperature dips to remind us that we’re in Wisconsin. It is the last day of August, tomorrow is September, when cool and wet is supposed to start converging upon us. It will be a relief after months of hot and humid....
There are some topics that warrant the occasional revisit as time goes on, and application security is certainly one of those. As long as we have applications being developed and deployed, it seems we will have bad guys looking to exploit them. While I do believe that the Internet, like the Old West, will eventually need to be cleaned up and a set of common rules enforced, still there will be bad-guys, some people never learn that you can’t just do whatever you want and expect to get away with it. So we need application security. At this point,...
No matter what country you live in, if it is in any way democratic, you have seen the political trend wherein nearly everyone knows the correct solution to a given problem, but hidden agendas, partisanship, and general demagoguery get in the way of implementing that solution. In most industrialized countries, the most obvious and timely instance of this is any discussion of cutting government spending. Everyone knows that it is inevitable, the government cannot spend more than it makes forever, any more than a business or a household can, but partisanship and turf-protection always make these things move very slowly,...
Rubik’s Cube was first patented in 1974. The first book talking about a solution algorithm was published in 1981. In 2007, computers were used to deduce the smallest number of moves to solve a cube, and in 2008 that number was further reduced. That’s 34 years after it was invented. And it’s just a toy. NO! Turn it RIGHT! RIGHT! I’ve danced around this quite a bit, but time to hit it head on. The maturing of server virtualization, the growth of virtual desktops, the introduction of cloud, and deduplication of at-rest data...
BACK IN THE DAY… Years ago I wrote a piece for Network Computing Magazine about the state of Utility network security and the issues it presents. I focused largely on SCADA security, but also looked at Automated Meter Reading (AMR) and the new issues it brought to the table. That article was not without foundation, I built and lead the team that did the IT portion of the first total AMR replacement in the United States. The field was new, and we used about a dozen different systems to get complete coverage, making integration and...
The scene - Five years in the future, a boardroom of a mid-sized company with a large web presence. The VPs are assembled to hear the CIO report on the progress of the cloud computing initiative. * Jeff Digglesby, CIO of NeverSold, strode into the boardroom with the gathered VPs and C-Level executives, oozing confidence. He skipped the small talk and went straight to the business at hand. Probably because the business at hand was good news. He clicked to the first "meat" slide of his presentation. "As you all know, after years of...
The ongoing saga of everything cloud is entertaining, if nothing else. I have a couple of areas of interest that aren’t really burning up the electrons, one of them is cloud databases. Let’s face it, while “the cloud” is interesting in an application sense, for IT it is relatively useless without the ability to access databases. Normally databases housed in your internal IT department. Of course internal “private” clouds will address much of this issue, until they are readily available, we are faced with the reality that we have to find a solution we can trust to house data that...
If you’re just joining us, the first article in this series is here.
While desktop management is a volume issue – touch enough desktops and something is likely to break – Reason #2 is more about complexity. Our data centers are like the cloverleaf on a busy freeway intersection – stuff going every which direction, and no one is quite certain (though some claim to be) what causes all those collisions and slowdowns.
Simplified – and possibly more effective - Security
Yes indeed, I did say that. And I mean it. I figure that once it’s explained, even my Security friends will have...
We as an industry have this love-hate relationship with security - a necessary evil doesn't do enough to describe the growing portion of our IT budget consumed by making certain only the people we want are in, and they can only see the bits we want. And because of that, one of the first things to get hit on a downturn is security spending. It's a larger budget, it doesn't generate a cent of revenue, and frankly, it pisses most of us off. Until the breach that is. Then we want to know why that hole existed (and likely someone...
Heh. Got you reading, didn't I? The point of this blog post is short and sweet. Yesterday SANS released their list of the Top 25 Vulnerability Coding Errors (emphasis mine). Sadly, finding that to be too long for a snappy title, they got rid of that superfluous word "Vulnerability" and titled it Top 25 Most Dangerous Programming Errors. These geniuses were blindly followed by journalists, bloggers and twit-heads who chimed in on this entrancing topic. Some of these blind followers are, sadly, people I respect. One word: FAIL. These are great, the list has been a long time in...
The rest of the team is at a conference this week, and I admit that I'm running a little slow. I was supposed to be there, but a personal issue kept me home this year, and I find myself working slower than normal - perhaps because my team (and many other teams) aren't here to spur me on. Anyway, One of our NSEs (Hey Jeff!) sent me this article over at Linux Magazine, and I decided that it was much more exciting than my prepared blog topic, so I am going to run with it. Mr. Hess clearly isn't...
