Friday, April 17, 2015

Security, Cloud and Networking Weekly News Roundup: April 13 - 17



This week's news in cloud, networking, and security - week of April 13th: 

The PCI Security Standards Council (PCI SSC) version 1.1. of the PCI Card Production Security Requirements is now available. The updated standard includes physical and logical security measures for any organization handling credit card payments, and version 1.1 includes new requirements for firewalls, access controls, and cryptographic keys. New security requirements for payment card vendors via Net Security 

66% of manufacturers surveyed by IDC report using more than 2 applications in the public cloud. Most report moving IT operations to the cloud first, but 30 – 35% of respondents indicate operations, supply chain and logistics, sales, or engineering expect to benefit from cloud. Majority of Manufacturers Worldwide Using Public or Private Cloud via Finchannel

The Verizon 2015 Data Breach Investigations Report found 10 of the top attack patterns accounted for 96% of data breaches in 2014. The biggest attach vector (28.5%) involved point of sale (POS) systems, 19% used malware, 18% were espionage, and 10% took advantage of insider misuse.
Image via Verizon Data Breach Investigations Report 2015


Equinix announces sixth London datacentre via Business Cloud News

Nokia (NOK) plans to acquire French networking equipment-maker Alcatel-Lucent for $16.6B. The move is intended to put Nokia into the cloud services and Internet of Things markets. Nokia Announces Alcatel-Lucent Acquisition - News Roundup via the VAR Guy
  • 20 - 24 April - attending RSA Conference in San Francisco
  • 24 April - Chris Swan speaking at Commonwealth Cybersecurity Forum at 12:10 'Where is my big data: security, privacy and jurisdictions in the cloud'
  • 30 April - CloudCamp London "Containers Everywhere, what's all the fuss about?"
  • 30 April - sponsoring & hosting the Secret Service Chicago Electronic Crimes Task Force April meeting
  • 11 May - CloudCamp Chicago "Big Data"
  • 2 - 4 June - attending InfoSec London
  • 24 - 25 June - exhibiting, sponsoring & speaking at Cloud World Forum
  • 1 July AWS Summit Chicago 

Friday, April 10, 2015

Security, Cloud and Networking Weekly News Roundup: April 6 - 10

This week's news in cloud, networking, and security - week of April 6th: 

Why 2015 will be the year that the cloud comes of age via The Next Web
Image Credit: the Next Web



At this week's AWS Summit in San Francisco AWS chief Andrew Jassy announced the Elastic File System, a "file system that grows and shrinks, automatically." AWS also announced a new Machine Learning system along with 2 marketplaces for desktop applications and WorkSpaces applications. Amazon Opens ‘Marketplace’ For Apps, Talks of Stealing Enterprise Workloads via Barron's

HP announces their withdraw from public cloud this week in the New York Times article HP Comes to Terms with the Cloud. HP, which recently split into 2 companies to focus on business technology and one on consumer-facing personal computers and printers, will continue to selling servers for large enterprises and cloud companies.

Research from Accenture and Ponemon Institute examines the difference between proactive (or "leapfrog" in the report) companies and static organizations react and value security. "[Proactive] companies exceed Static companies in viewing the following features of security technologies as very important: pinpointing anomalies in network traffic; prioritizing threats, vulnerabilities and attacks; curtailing unauthorized sharing of sensitive or confidential data; and enabling adaptive perimeter controls."

The U.S. National Institutes of Health will now allow researchers to use cloud services to store and analyze data in genetics research. Cloud services must meet NIH data-use and security standards, and major cloud providers such as Amazon AWS, Microsoft, and Google already comply. The cloud scores NIH approval for gene research via Info World

Upcoming events Cohesive is hosting and attending:
  • 15 April attending the AWS Summit London at ExCel 
  • 20 - 24 April - attending RSA Conference in San Francisco
  • 30 April CloudCamp London "Containers Everywhere, what's all the fuss about?"
  • 30 April - Cohesive Sponsoring & hosting the Secret Service Chicago Electronic Crimes Task Force April meeting
  • 12 May CloudCamp Chicago "Big Data"
  • 2 - 4 June InfoSec London
  • 1 July AWS Summit Chicago 

Wednesday, April 8, 2015

VNS3 API examples #2 Snapshots

VNS3 sits at the confluence of network function virtualisation (NFV) - networks made out of software, and software defined networking (SDN) - networks configured by software. The key to that configuration is our API, which is thoroughly documented in the VNS3 3.5 API Instructions.

The aim of this blog series is to provide some practical examples of using the API to perform typical administration tasks with VNS3. Each example will be illustrated by a simple shell script.
Let your API take notes for you. Image credit: Flickr user marcoarment

Firstly some conventions


All of these scripts need to connect to the manager and make use of the API password. Each example will use a manager IP (MGRIP) of '10.0.0.10' and an API password (APIPW) set to 'pa55Word'. Please substitute the correct values in your own scripts, and note that the manager IP will generally need to be its internal IP address.

Dependencies


This script needs bash and curl to be present.

Creating and fetching a snapshot


 #!/bin/bash  
 command -v curl >/dev/null 2>&1 || { echo "This script requires curl, but it's not installed. Aborting." >&2; exit 1; }  
 MGRIP=10.0.0.10   
 APIPW=pa55Word   
 SNAPSHOTJSON=`curl -k -X POST -u api:$APIPW https://$MGRIP:8000/api/snapshots`  
 SNAPSHOTNAME=$(echo $SNAPSHOTJSON | grep -Po '"response":{.*?[^\\]"' | awk '{split($0,a,"{"); print a[2]}' )  
 curl -k -X GET -H 'Content-Type: application/json' https://api:$APIPW@$MGRIP:8000/api/snapshots/${SNAPSHOTNAME//\"} -o ${SNAPSHOTNAME//\"}  
 echo "Created and retrieved $SNAPSHOTNAME"  



View or download this script from GitHub Gist.

The script doesn't take any parameters, and saves the newly created snapshot using its date/time based name:
 $ ./snapshot.sh  
  % Total  % Received % Xferd Average Speed  Time  Time   Time Current  
                  Dload Upload  Total  Spent  Left Speed  
 100  201 100  201  0   0  160   0 0:00:01 0:00:01 --:--:--  160  
  % Total  % Received % Xferd Average Speed  Time  Time   Time Current  
                  Dload Upload  Total  Spent  Left Speed  
 100 935k 100 935k  0   0 3538k   0 --:--:-- --:--:-- --:--:-- 3556k  
 Created and retrieved "snapshot_20150318_1426685707_10.0.0.10"  

Friday, April 3, 2015

Security, Cloud and Networking Weekly News Roundup: March 30 - April 3

This week's news in cloud, networking, and security - week of March 30th: 

Amazon also announced that they are expanding CodeDeploy to include deployments on companies’ existing data center infrastructure, not just in Amazon’s AWS. Even Amazon showing interest in hybrid cloud and bridging public and private clouds. Amazon cloud adds on-premises support to its CodeDeploy continuous-delivery tool via Venture Beat

CenturyLink Cloud announced their first data center in Singapore. After the first location in Asia, the cloud provider hopes to expand in the region with data sovereignty concerns.  CenturyLink Lights up First Cloud Data Center in Asia via DataCenter Knowledge
Image via DataCenter Knowledge, by Scott Halleran/Getty Images

Amazon Web Services secured approval from the EU's data protection Article 29 Working Party. Now the AWS cloud adheres to EU requirements on international data transfers and Amazon's cloud customers can be assured that data moved to non-EU AWS regions will still be held in compliance with EU regulations. AWS, Google and Salesforce: What we learned in cloud computing this week via EIN News Desk


MarketsandMarkets reports that the U.S. cloud service broker (CSB) market will grow 55.3$ per year, from $225.4 million in 2013 to $2 billion by 2018. The global CSB market will grow from $1.6 billion in 2013 to $10.5 billion by 2018, growing 46.2 percent per year, via InfoWorld

Embrane's employees will become a part of Cisco's Insieme Business Unit focusing on the Application Centric Infrastructure (ACI) and Nexus portfolio after the announced acquisition this week. Cisco released their plan to buy Embrane, the SDN company based in Santa Clara, CA.   Cisco To Buy SDN Startup Embrane via Network Computing


Upcoming events Cohesive is hosting and attending:
  • 8 April CloudCamp Chicago FinTech
  • 15 April attending the AWS Summit London at ExCel 
  • 20 - 24 April - attending RSA Conference in San Francisco
  • 30 April CloudCamp London "Containers Everywhere, what's all the fuss about?"
  • 30 April - Cohesive Sponsoring & hosting the Secret Service Chicago Electronic Crimes Task Force April meeting
  • 2 - 4 June InfoSec London
  • 1 July AWS Summit Chicago 

Wednesday, April 1, 2015

AWS is retiring my instance, now what? How to check on service events and keep a current VNS3 configuration snapshot

AWS is retiring my instance, now what?

 

Prevent downtime and keep your configuration updated by checking your AWS service events and updating your VNS3 configuration snapshot


Check for any scheduled events with Amazon AWS. In your Amazon EC2 console, click Events to see a list of all resources and associated events. There should also be an area called Events in the EC2 Dashboard lower right side:




















So you've got some scheduled retirement? 

  • For EBS-backed VNS3 instances, simply stop and restart your instance yourself. This should help reduce unforeseen downtime. VNS3 version 3.5 and newer are EBS backed, and easier to update.
  • For instance store-based VNS3 instances* you will have to create a new instance. Launch a replacement instance from the most recent VNS3 AMI, and simply import your VNS3 configuration snapshot into your replacement instance.  That simple VNS3 snapshot includes migrate all the necessary data to convert the new instance to the exact configuration of the instance scheduled for retirement. You can terminate your old instance, or wait for it to be automatically terminated when it's retired. Need help? We can guide you.

Always have a VNS3 configuration snapshot on hand!
In case something goes wrong with your underlying VM host, you will be able to quickly get back up to speed. Best practices are to always have a current VNS3 snapshot for all running instances. For a detailed step-by-step guide for taking a snapshot of your VNS3 configuration and uploading it to the new 3.5 version, click here.

Uploading a snapshot in the new VNS3 3.5 is this easy: Upload > Submit.













Better yet, how about instant, automated snapshots? 
VNS3:ms is a single management dashboard for VNS3 networks, and is ideal for customers managing more than one VNS3 instance in an environment. It provides a complete view of all of your virtual networks, including the underlying cloud network elements like Amazon VPCs or Azure VNets.

Instance retirement and instance reboots are great times to make sure your VNS3 versions are up to date. 
While you're updating your instance, check that your VNS3 versions are up to date with the latest 3.5 security updates. The latest VNS3 versions are all EBS-backed and are much easier to update in AWS.

Upgrading is easy! Our YouTube video guide can walk you through the upgrade process with VNS3 version 3.5:




*If your instance store-backed instance passes its retirement date, it's terminated and you cannot recover the instance or any data that was stored on it. Regardless of the root device of your instance, the data on instance store volumes is lost when the instance is retired, even if they are attached to an EBS-backed instance.
**If you have a maintenance reboot pending, our understanding is that this is an instance reboot, and you will not lose your VNS3 configuration.

Share this Post

Related Posts Plugin for WordPress, Blogger...