Check yourself before you wreck yourself….
  • Published in

Check yourself before you wreck yourself…. We are amidst an ongoing transformation. One in which the benefits can outweigh the challenges, but awareness, education and following basic best practices that are embedded within daily activities are critical to protecting oneself and reducing the possibility of a breach. Copyright © 1996-2013 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences                    

Read More
More data protection thoughts on Dell and EMC [video]
  • Published in

Last week, I blogged on the combined Data Protection portfolios of Dell and EMC. 

Read More
Media Advisory: Juniper Networks to Demonstrate OpenStack Cloud Network Advancements in SDN and NFV at OpenStack Summit Tokyo 2015
  • Published in

Dateline City: SUNNYVALE, Calif. SUNNYVALE, Calif.--(BUSINESS WIRE)--Juniper Networks (NYSE:JNPR), the industry leader in network innovation, today released details about its upcoming participation at OpenStack Summit Tokyo, a bi-annual conference for developers, users and administrators of OpenStack Cloud Software. Juniper will have its Juniper Networks® Contrail and cloud networking experts available to discuss the latest requirements and innovations in automation and service orchestration to build and manage open cloud networks. Language: English Contact: Media Relations:Juniper NetworksGina Wong, +65- 6511-3574ginawong@juniper.netorFor Juniper NetworksSaori Adachi, +81 (3) 4360-9027Saori.Adachi@edelman.com Ticker Slug: Ticker: JNPR Exchange: NYSE read more                    

Read More
Rearchitecting the Enterprise: Why Now Is the Time
  • Published in

Rearchitecting the Enterprise: Why Now Is the Time Guest Blog Post by: Johna Till Johnson, CEO Nemertes Research   A few weeks ago, I wrote a paper on why it’s important for enterprise architects to focus on re-­designing and re-­architecting enterprise infrastructure—starting today.    To put it simply: things have changed. Data now lives on the cloud (public, private, or hybrid). Mobile devices are on track to outnumber wired ones. Applications are increasingly bandwidth-­?hungry and latency-­?sensitive (think video, but also virtualized devices).  The universe of security threats is expanding.  Copyright © 1996-2013 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences                    

Read More
Dell and EMC – Sanity Check

In our ESG Lab group, we have a saying: “It’s easy to prove something doesn’t work, but it’s really hard to prove something does.” Even so, I’m a little surprised at the volume of naysayers that are popping up post Dell/EMC merger announcement. Some of the things I’m hearing and reading are just plain dumb. Thus, allow me to straighten you all out. First, let’s agree Mr. Dell is not an idiot. On the contrary, he’s about 25 billion times smarter than you and I. Second, we should probably agree that Mr. Tucci is pretty smart himself. He took a ragtag bunch who appeared near the end of the customer abuse cycle, with one real product (Symmetrix), and turned it into a powerhouse that has dominated the storage world for decades, and, oh yeah, brought you VMware.

Read More
Dell and EMC - Better Together?

Recently, I sat down with Terri McClure, ESG’s mobility analyst, to discuss the implications of Dell’s acquisition of EMC from a cloud, mobility and converged/hyperconverged markets perspective.

Read More
Contrail Customers Speak Out at the OpenStack Summit

Contrail Customers Speak Out at the OpenStack Summit Tokyo, here we come!   My favorite industry event - the OpenStack Summit – is right around the corner in Tokyo, October 27-30. I love this event for two reasons. First, the amount of buzz around OpenStack and the rapid pace of change, invention, and real problem solving is completely invigorating... Copyright © 1996-2013 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences                    

Read More
Your Data Is a Strategic Asset – Treat It That Way!

Improving data backup and recovery was the second most commonly cited IT priority for 2015 among respondents surveyed by ESG for its 2015 IT spending intentions report (see Figure 1).

Read More
What Happens to RSA?

While last week’s Dell/EMC merger was certainly a blockbuster, nothing specific was mentioned about future plans for RSA Security. Michael Dell did say that there were a “number of discussions about security” during the negotiations, but apparently, no concrete plans yet. Infosec reporters have lobbed phone calls into Round Rock Texas as well as Bedford and Hopkinton, MA looking for more details, but Dell and EMC officials haven’t responded.

Read More
5 Reasons To Upgrade Your Network Switch

Campus network switches aren’t updated as frequently as data center switches, but there are some compelling reasons why it may be worthwhile to upgrade now and not wait until the end of a regular refresh cycle. Practically speaking, campus networking is wireless networking, and there are more devices connecting to the network. More devices mean more bandwidth requirements, and it’s hard to figure out what BYOD devices are going to be doing, whether it’s just plain download bandwidth, a time critical application like VoIP, or a sudden surge like Apple iOS version updates. And once end-users are tied to a new way of using devices, network teams are often forced to adapt. BYOD not only means bring your own devices, but adds, “because you’re overly demanding”.

Read More
Signature Update #2547

Signature Update #2547 129 new signatures:HIGHHTTP: Blackhole Exploit Kit Landing Page RequestedHIGHHTTP: Bleeding Life Exploit Kit Module Call 11HIGHHTTP: Bleeding Life Exploit Kit Module Call 10HIGHHTTP: Bleeding Life Exploit Kit Module Call 9HIGHHTTP: Bleeding Life Exploit Kit Module Call 8HIGHHTTP: Bleeding Life Exploit Kit Module Call 12HIGHHTTP: Bleeding Life Exploit Kit Module Call 7HIGHHTTP: Bleeding Life Exploit Kit Module Call 6HIGHHTTP: Bleeding Life Exploit Kit Module Call 5HIGHHTTP: Bleeding Life Exploit Kit Module Call 2HIGHHTTP: Phoenix Exploit Kit Post Compromise BehaviorHIGHHTTP: Possible Exploit Kit Post Compromise StrReverse ActivityHIGHHTTP: Possible Exploit Kit Post Compromise Taskkill ActivityHIGHHTTP: SET Java Applet Load AttemptHIGHHTTP: Fake Transaction Redirect Rage To Exploit KitHIGHHTTP: Suspicious Taskkill Script StrReverseHIGHHTTP: Suspicious StrReverse ShellHIGHHTTP: Suspicious StrReverse Scripting FileSystemObjectHIGHHTTP: Multiple Exploit Kit Info.exe PayloadHIGHHTTP: Multiple Exploit Kit calc.exe Payload DetectionHIGHHTTP: Multiple Exploit Kit about.exe Payload DetectionHIGHHTTP: Multiple Exploit Kit Readme.exe PayloadHIGHHTTP: Sweet Orange Exploit Kit Landing Page 3HIGHHTTP: Sweet Orange Exploit Kit Landing Page 2HIGHHTTP: Red Dot Landing Page 1HIGHHTTP: Red Dot Executable Retrieval AttemptHIGHHTTP: Embedded Iframe RedirectionHIGHHTTP: JDB Exploit Kit Landing Page 1HIGHHTTP: JDB Exploit Kit Landing PageHIGHHTTP: Zuponcic Exploit Kit Oracle Java File DownloadHIGHHTTP: Multiple Exploit Kit Jar File DroppedHIGHHTTP: Whitehole Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Landing Page 1HIGHHTTP: Sweet Orange Exploit Kit Landing Page2HIGHHTTP: Sweet Orange Exploit Kit Landing Page1HIGHHTTP: Sweet-Orange Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Redirection PageHIGHHTTP: CritX Exploit Kit Redirection PageHIGHHTTP: IFRAMEr Injection DetectionHIGHHTTP: Nuclear Exploit Kit Landing Page 1HIGHHTTP: Private Exploit Kit Landing Page 4HIGHHTTP: Private Exploit Kit Landing Page 3HIGHHTTP: Private Exploit Kit Landing PageHIGHHTTP: Private Exploit Kit Outbound TrafficHIGHHTTP: Embedded Iframe Redirection Exploit Kit Indicator 2HIGHHTTP: IFramer Toolkit Injected Iframe Detected Specific StructureHIGHHTTP: Goon/Infinity Exploit Kit Iframe RedirectionHIGHHTTP: CritX Exploit Kit Java Exploit Request Structure 2HIGHHTTP: Kore Exploit Kit Landing Page 3HIGHHTTP: Kore Exploit Kit Landing PageHIGHHTTP: Kore Exploit Kit Successful Java ExploitHIGHHTTP: Gong Da Exploit Kit Landing Page 2HIGHHTTP: Gong Da Exploit Kit Java Exploit Requested 1HIGHHTTP: Gong Da Exploit Kit Java Exploit RequestedHIGHHTTP: IFRAMEr Tool Embedded Javascript Attack Method Specific StructureHIGHHTTP: Multiple Exploit Kit Landing PageHIGHHTTP: Multiple Exploit Kit Redirection PageHIGHHTTP: Neutrino Exploit Kit Plugin Detection PageHIGHHTTP: Blackholev2/Darkleech Exploit Kit Landing PageHIGHHTTP: Kore Exploit Kit Outbound Payload Download AttemptHIGHHTTP: Rmayana Exploit Kit Obfuscation TechniqueHIGHHTTP: Teletubbies Exploit Kit Payload Download 1HIGHHTTP: Teletubbies Exploit Kit Payload Download 9HIGHHTTP: Teletubbies Exploit Kit Payload Download 8HIGHHTTP: Teletubbies Exploit Kit Payload Download 7HIGHHTTP: Teletubbies Exploit Kit Payload Download 6HIGHHTTP: Teletubbies Exploit Kit Payload Download 5HIGHHTTP: Teletubbies Exploit Kit Payload Download 4HIGHHTTP: Teletubbies Exploit Kit Payload Download 3HIGHHTTP: Teletubbies Exploit Kit Payload DownloadHIGHHTTP: Teletubbies Exploit Kit Exploit 2HIGHHTTP: Teletubbies Exploit Kit Payload Download 2HIGHHTTP: Multiple Exploit Kit Payload about.dllHIGHHTTP: Multiple Exploit Kit Payload info.dllHIGHHTTP: Multiple Exploit Kit Payload contacts.dllHIGHHTTP: Multiple Exploit Kit Payload calc.dllHIGHHTTP: Multiple Exploit Kit Payload readme.dllHIGHHTTP: X2O Exploit Kit Landing Page 3HIGHHTTP: X2O Exploit Kit Landing PageHIGHHTTP: Embedded Iframe Redirection Exploit Kit Indicator 7HIGHHTTP: Embed

Read More
SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List

SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List    Juniper Networks SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List as Firewalls and VPN devices.  Certifications were with Junos 12.1X46.  The SRX1400, SRX3400, and SRX3600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package.             The Security Target for these devices is located here.             The Certification Report can be found here. The SRX100-650 and the SRX5800 and the LN1000 and LN2600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package and the IPsec Gateway VPN Extended Package.             The Security Target for these devices is located here.             The Certification Report can be found here. Listing on the NIAP PCL is required by Federal policy for many different cases.  First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (https://www.cnss.gov/policies.html)”.  CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification. NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories.  NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control. Copyright © 1996-2013 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences                    

Read More

Videos

Mickey Bresman, Co-Founder and CEO and Ran Harel, Senior Security Product Manager, both at Semperis, discuss the findings of the company’s recent Microsoft Active Directory security survey, and also explain how the Semperis Purple Knight security assessment tool not only highlights AD security gaps, but also provides recommended fixes.
Mike McAdam, Data Centre Director EMEA, and Simon Prichard, Product Strategy Manager, both at Mitsubishi Electric Europe, explain how real-time data visualisation and smart insights can help to optimise data centre power and cooling infrastructure, before discussing the wider sustainability challenges and opportunities facing the industry into the future. They also share the company’s plans to leverage its critical infrastructure expertise to expand its presence within the data centre sector.
Imply has recently launched the Polaris cloud database service. Imply’s Vice President of Product Marketing, David Wang, puts the launch in context as he details the company’s Project Shapeshift work around Apache Druid, going on to explain how today’s analytics opportunities require the very latest and best database solutions.
Nick Smith, Business Development Manager at Genetec, discusses the changing role of physical security as it impacts IT infrastructure, identifying some key trends. He also details the company’s recent Streamvault Edge launch and highlights the particular physical security challenges faced by the data centre sector.

News

A perfect storm of escalating cyber-attacks and global tech innovation, leaves 61 per cent of Chief Information Security Officers (CISO) only “fairly confident” of managing their current threat exposure.
New manufacturing capabilities in the UK ensure ability to fulfill orders more fluidly and consistently for UK and European region CPI customers and partners.
Significant 82% rise in short duration DDoS ‘Flood’ attacks, a 297% increase in OpenVPN attacks and a 29% higher risk of a repeat attack within a week.
ExtraHop has formed a landmark pan-European distribution agreement with Exclusive Networks, a specialist IT security distributor. Building on an initial 2020 partnership agreement, the pan-EMEA deal will expand distribution of Extrahop’s entire product portfolio to fourteen European territories.