Check yourself before you wreck yourself…. We are amidst an ongoing transformation. One in which the benefits can outweigh the challenges, but awareness, education and following basic best practices that are embedded within daily activities are critical to protecting oneself and reducing the possibility of a breach. Copyright © 1996-2013 Juniper Networks, Inc. All rights reserved Update preferences
Read MoreLast week, I blogged on the combined Data Protection portfolios of Dell and EMC.
Read MoreDateline City: SUNNYVALE, Calif. SUNNYVALE, Calif.--(BUSINESS WIRE)--Juniper Networks (NYSE:JNPR), the industry leader in network innovation, today released details about its upcoming participation at OpenStack Summit Tokyo, a bi-annual conference for developers, users and administrators of OpenStack Cloud Software. Juniper will have its Juniper Networks® Contrail and cloud networking experts available to discuss the latest requirements and innovations in automation and service orchestration to build and manage open cloud networks. Language: English Contact: Media Relations:Juniper NetworksGina Wong, +65- 6511-3574ginawong@juniper.netorFor Juniper NetworksSaori Adachi, +81 (3) 4360-9027Saori.Adachi@edelman.com Ticker Slug: Ticker: JNPR Exchange: NYSE read more
Read MoreRearchitecting the Enterprise: Why Now Is the Time Guest Blog Post by: Johna Till Johnson, CEO Nemertes Research A few weeks ago, I wrote a paper on why it’s important for enterprise architects to focus on re-designing and re-architecting enterprise infrastructure—starting today. To put it simply: things have changed. Data now lives on the cloud (public, private, or hybrid). Mobile devices are on track to outnumber wired ones. Applications are increasingly bandwidth-?hungry and latency-?sensitive (think video, but also virtualized devices). The universe of security threats is expanding. Copyright © 1996-2013 Juniper Networks, Inc. All rights reserved Update preferences
Read More
In our ESG Lab group, we have a saying: “It’s easy to prove something doesn’t work, but it’s really hard to prove something does.” Even so, I’m a little surprised at the volume of naysayers that are popping up post Dell/EMC merger announcement. Some of the things I’m hearing and reading are just plain dumb. Thus, allow me to straighten you all out. First, let’s agree Mr. Dell is not an idiot. On the contrary, he’s about 25 billion times smarter than you and I. Second, we should probably agree that Mr. Tucci is pretty smart himself. He took a ragtag bunch who appeared near the end of the customer abuse cycle, with one real product (Symmetrix), and turned it into a powerhouse that has dominated the storage world for decades, and, oh yeah, brought you VMware.
Read MoreRecently, I sat down with Terri McClure, ESG’s mobility analyst, to discuss the implications of Dell’s acquisition of EMC from a cloud, mobility and converged/hyperconverged markets perspective.
Read MoreContrail Customers Speak Out at the OpenStack Summit Tokyo, here we come! My favorite industry event - the OpenStack Summit – is right around the corner in Tokyo, October 27-30. I love this event for two reasons. First, the amount of buzz around OpenStack and the rapid pace of change, invention, and real problem solving is completely invigorating... Copyright © 1996-2013 Juniper Networks, Inc. All rights reserved Update preferences
Read MoreImproving data backup and recovery was the second most commonly cited IT priority for 2015 among respondents surveyed by ESG for its 2015 IT spending intentions report (see Figure 1).
Read MoreWhile last week’s Dell/EMC merger was certainly a blockbuster, nothing specific was mentioned about future plans for RSA Security. Michael Dell did say that there were a “number of discussions about security” during the negotiations, but apparently, no concrete plans yet. Infosec reporters have lobbed phone calls into Round Rock Texas as well as Bedford and Hopkinton, MA looking for more details, but Dell and EMC officials haven’t responded.
Read MoreCampus network switches aren’t updated as frequently as data center switches, but there are some compelling reasons why it may be worthwhile to upgrade now and not wait until the end of a regular refresh cycle. Practically speaking, campus networking is wireless networking, and there are more devices connecting to the network. More devices mean more bandwidth requirements, and it’s hard to figure out what BYOD devices are going to be doing, whether it’s just plain download bandwidth, a time critical application like VoIP, or a sudden surge like Apple iOS version updates. And once end-users are tied to a new way of using devices, network teams are often forced to adapt. BYOD not only means bring your own devices, but adds, “because you’re overly demanding”.
Read MoreSignature Update #2547 129 new signatures:HIGHHTTP: Blackhole Exploit Kit Landing Page RequestedHIGHHTTP: Bleeding Life Exploit Kit Module Call 11HIGHHTTP: Bleeding Life Exploit Kit Module Call 10HIGHHTTP: Bleeding Life Exploit Kit Module Call 9HIGHHTTP: Bleeding Life Exploit Kit Module Call 8HIGHHTTP: Bleeding Life Exploit Kit Module Call 12HIGHHTTP: Bleeding Life Exploit Kit Module Call 7HIGHHTTP: Bleeding Life Exploit Kit Module Call 6HIGHHTTP: Bleeding Life Exploit Kit Module Call 5HIGHHTTP: Bleeding Life Exploit Kit Module Call 2HIGHHTTP: Phoenix Exploit Kit Post Compromise BehaviorHIGHHTTP: Possible Exploit Kit Post Compromise StrReverse ActivityHIGHHTTP: Possible Exploit Kit Post Compromise Taskkill ActivityHIGHHTTP: SET Java Applet Load AttemptHIGHHTTP: Fake Transaction Redirect Rage To Exploit KitHIGHHTTP: Suspicious Taskkill Script StrReverseHIGHHTTP: Suspicious StrReverse ShellHIGHHTTP: Suspicious StrReverse Scripting FileSystemObjectHIGHHTTP: Multiple Exploit Kit Info.exe PayloadHIGHHTTP: Multiple Exploit Kit calc.exe Payload DetectionHIGHHTTP: Multiple Exploit Kit about.exe Payload DetectionHIGHHTTP: Multiple Exploit Kit Readme.exe PayloadHIGHHTTP: Sweet Orange Exploit Kit Landing Page 3HIGHHTTP: Sweet Orange Exploit Kit Landing Page 2HIGHHTTP: Red Dot Landing Page 1HIGHHTTP: Red Dot Executable Retrieval AttemptHIGHHTTP: Embedded Iframe RedirectionHIGHHTTP: JDB Exploit Kit Landing Page 1HIGHHTTP: JDB Exploit Kit Landing PageHIGHHTTP: Zuponcic Exploit Kit Oracle Java File DownloadHIGHHTTP: Multiple Exploit Kit Jar File DroppedHIGHHTTP: Whitehole Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Landing Page 1HIGHHTTP: Sweet Orange Exploit Kit Landing Page2HIGHHTTP: Sweet Orange Exploit Kit Landing Page1HIGHHTTP: Sweet-Orange Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Redirection PageHIGHHTTP: CritX Exploit Kit Redirection PageHIGHHTTP: IFRAMEr Injection DetectionHIGHHTTP: Nuclear Exploit Kit Landing Page 1HIGHHTTP: Private Exploit Kit Landing Page 4HIGHHTTP: Private Exploit Kit Landing Page 3HIGHHTTP: Private Exploit Kit Landing PageHIGHHTTP: Private Exploit Kit Outbound TrafficHIGHHTTP: Embedded Iframe Redirection Exploit Kit Indicator 2HIGHHTTP: IFramer Toolkit Injected Iframe Detected Specific StructureHIGHHTTP: Goon/Infinity Exploit Kit Iframe RedirectionHIGHHTTP: CritX Exploit Kit Java Exploit Request Structure 2HIGHHTTP: Kore Exploit Kit Landing Page 3HIGHHTTP: Kore Exploit Kit Landing PageHIGHHTTP: Kore Exploit Kit Successful Java ExploitHIGHHTTP: Gong Da Exploit Kit Landing Page 2HIGHHTTP: Gong Da Exploit Kit Java Exploit Requested 1HIGHHTTP: Gong Da Exploit Kit Java Exploit RequestedHIGHHTTP: IFRAMEr Tool Embedded Javascript Attack Method Specific StructureHIGHHTTP: Multiple Exploit Kit Landing PageHIGHHTTP: Multiple Exploit Kit Redirection PageHIGHHTTP: Neutrino Exploit Kit Plugin Detection PageHIGHHTTP: Blackholev2/Darkleech Exploit Kit Landing PageHIGHHTTP: Kore Exploit Kit Outbound Payload Download AttemptHIGHHTTP: Rmayana Exploit Kit Obfuscation TechniqueHIGHHTTP: Teletubbies Exploit Kit Payload Download 1HIGHHTTP: Teletubbies Exploit Kit Payload Download 9HIGHHTTP: Teletubbies Exploit Kit Payload Download 8HIGHHTTP: Teletubbies Exploit Kit Payload Download 7HIGHHTTP: Teletubbies Exploit Kit Payload Download 6HIGHHTTP: Teletubbies Exploit Kit Payload Download 5HIGHHTTP: Teletubbies Exploit Kit Payload Download 4HIGHHTTP: Teletubbies Exploit Kit Payload Download 3HIGHHTTP: Teletubbies Exploit Kit Payload DownloadHIGHHTTP: Teletubbies Exploit Kit Exploit 2HIGHHTTP: Teletubbies Exploit Kit Payload Download 2HIGHHTTP: Multiple Exploit Kit Payload about.dllHIGHHTTP: Multiple Exploit Kit Payload info.dllHIGHHTTP: Multiple Exploit Kit Payload contacts.dllHIGHHTTP: Multiple Exploit Kit Payload calc.dllHIGHHTTP: Multiple Exploit Kit Payload readme.dllHIGHHTTP: X2O Exploit Kit Landing Page 3HIGHHTTP: X2O Exploit Kit Landing PageHIGHHTTP: Embedded Iframe Redirection Exploit Kit Indicator 7HIGHHTTP: Embed
Read MoreSRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List Juniper Networks SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List as Firewalls and VPN devices. Certifications were with Junos 12.1X46. The SRX1400, SRX3400, and SRX3600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package. The Security Target for these devices is located here. The Certification Report can be found here. The SRX100-650 and the SRX5800 and the LN1000 and LN2600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package and the IPsec Gateway VPN Extended Package. The Security Target for these devices is located here. The Certification Report can be found here. Listing on the NIAP PCL is required by Federal policy for many different cases. First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (https://www.cnss.gov/policies.html)”. CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification. NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories. NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control. Copyright © 1996-2013 Juniper Networks, Inc. All rights reserved Update preferences
Read More
