Welcome!


Latest Blogs from Cloud Security
I see and read a lot of IT articles almost demanding that organizations must do certain things to ensure that some piece of their infrastructure is secure, highly available, fault tolerant, agile, flexible, scalable, recoverable, cloud’able, whatever the silo needs or face the dire cir...
There are a few ‘The ______ of Our Lives’ out there: Days. Time. Moments. Love. They define who we are, where we’ve been and where we are going. And today, many of those days, times, moments and loves interact with applications. Both the apps we tap and the back end applications used t...
Once you learn the definition of shadow IT, it shouldn’t be too shocking to learn how widespread it is at companies large and small all over the world. I hate to assume, but the odds are, that you yourself have used a non-IT approved SaaS option for the same reason as everyone else, m...
It used to be called a business plan. But management-speak and a few decades of PC-fueled innovation changed that simplistic approach. Bill Gates famously entitled his first book The Road Ahead and although this didn’t officially help coin or endorse the phrase “roadmap,” it didn’t do...
Skyhigh Networks releases their second edition of the Cloud Adoption and Risk Report. As with the first edition of the report, the purpose of the report is to provide hard data on the actual use of cloud services within enterprises of all sizes. This report summarizes data from approxi...
Today PerspecSys announced the results of a survey conducted at the 2014 RSA Conference concerning the attitudes and policies of organizations towards cloud-based security. After polling 130 security professionals on the show floor of the RSA Conference, PerspecSys found that "an overw...
Disaster recovery is about being able to get your business back up and running as quick as you can after the disaster happens. Throughout this series, my teammates have focused on the Infrastructure side of the house, servers, virtual machines, etc. You can see the full series here: D...
The so-called Bring Your Own Device (BYOD) phenomenon has gone hand in hand with the consumerization of IT trend. Both of which sound like strangely disconcerting and confusing terms if taken out of context or presented to a layman or novice for the first time. Of course all we are ta...
I’ve been traveling the last few weeks shooting some videos for VMware PEX and RSA. When that happens, my browser tabs get crowded with the various stories I’m interested in but will read later. This time they all seemed to hover around Identity Theft. When I got home, in my awaiting p...
The Network Centric Operations Industry Consortium (NCOIC) has begun offering an open process that will enable governments, agencies and businesses to create and manage a secure, hybrid IT computing environment quickly and cost effectively. Known as the NCOIC Rapid Response Capability...
When considering the major benefits of modern cloud computing, the lower operational overhead of the cloud should be high on anyone’s list. But when it comes to sensitive data — such as healthcare, finance, retail or government data — security measures are needed to ensure privacy and ...
Looking back to one of my predictions for 2014, I had posited that traditional storage solutions labeled cloud will no longer fly this year, and some of the big-iron vendors will be forced to offer their wares as pay-as-you-go services. Perhaps this was stating an obvious eventuality a...
If you thought that cyber security threats were troubling in 2013, then you should brace yourself for the onslaught that's very likely in 2014. A new generation of security threats stemming from progressive business technology trends -- such as BYOD, mobility and cloud services adoptio...
Application developers are aware (you are aware, aren't you?) that when applications are scaled using most modern load balancing services that the IP address of the application requests actually belong to the load balancing service. Application developers are further aware that this me...
Crazy that this is the 20th installment of the Outtakes. We shot 10 videos this week and often, it did not go as planned. Here are our mistakes, flubs and fun.
I wrap it up from RSA 2014. Special thanks to F5’ers Mark DiMinico, Joel Moses, Ken Bocchino, Bob Blair, Corey Marshall and Michael Koyfman along with Chris Thomas of CARFAX and Jeremiah Grossman of WhiteHat Security. Also thanks to Eric, Mark, Jay, Cecile and Natasha for their camera ...
We are at it again! For the 4th year in a row, Jeremiah and I chat in our annual RSA video catch up. I get some interesting security insight from WhiteHat Security Founder & CEO Jeremiah Grossman. We touch on web vulnerabilities, mobile apps, why SQLi and XSS is still a problem for org...
While protecting employees from rogue sites and productivity hogs is critical, the employee’s ability to access SaaS applications is also critical for productivity. Sr. Global Security Solutions Architect Michael Koyfman shows how to layer SAML federated identity to Secure Web Gateway....
A lot of security-minded folks immediately pack up their bags and go home when you start talking about automating anything in the security infrastructure. Automating changes to data center firewalls, for example, seem to elicit a reaction akin not unlike that to a suggestion to putting...
Financial Services companies operate in a difficult environment. Many of their applications are absolutely vital to the proper workings of the global economy. They are one of the most heavily regulated industries in the world, and they are a constant target of hackers. Their systems ne...
With software defining everything these days, Corey Marshall, F5 Security Solution Architect, discusses F5 API’s and how they integrate with other technology solutions. He talks about iCall, iRules, iControl and iApps and where each is applicable. BIG-IP Programmability.
With the hum of a VIPRION as a backdrop, Chris Thomas, Network Manager for CARFAX, stops by F5′s RSA booth to talk about how CARFAX uses BIG-IP to secure their data, consolidate their infrastructure, and helps Chris sleep at night. CARFAX is the most trusted provider of vehicle history...
Bob Blair, F5 Sr Product Management Engineer, explains to me how to build high performance IPS architecture through the integration of F5’s and Cisco Sourcefire security solutions.
F5 Sr. Systems Architect Ken Bocchino shows me a live demonstration of how F5’s protects the fundamental elements of an application (network, DNS, SSL and HTTP) against aggressively evolving DDoS attacks. Ken is always a fun and interesting guest.
I grab Joel Moses, Director Product Management Engineering, to understand how F5 simplifies web security policy creation, protects enterprises and employees from web threats, malware, and data loss. Secure Web Gateway protects your organization by validating the integrity of users and ...
I meet with Mark DiMinico, F5 FSE, to see how F5’s new Anti-Fraud solution works. Mark shows how F5’s advanced fraud protection offers real-time security against multiple fraud threat vectors, preventing attackers from spoofing, disabling, or otherwise bypassing security checks. The...
In my 250th F5 video, I show you how to find F5 booth 1801 at the 2014 RSA Conference in San Francisco. After talking about the show theme, how F5 Synthesis can help and showing off some of the F5 trinkets, I close with a rousing, way off-key rendition of the Looney Tunes classic, This...
It is human nature to try and relate new information and new ways of doing things to something that we know, something we are familiar with. Often when we talk about the way we fit traffic onto a Plexxi mesh network, the reaction is “I know what you mean, you are doing traffic engineer...
Estimates based on reports from Google put the number of daily activations of new Android phones at 1.3 Million. Based on reported data from Apple, there are 641 new applications per day added to the App Store. According to Cisco's Visual Networking Index, mobile video now accoun...
One of the questions we hear most frequently is “how do I get my data into the cloud?” For many organizations, the benefits of expanding on-premise data storage to include hybrid cloud storage have begun to resonate, but they struggle to get started as they determine how to get move da...
Has it really been one whole year since my last post? I suspected I was near that milestone, but it’s still surprising to discover it has been so long. Blogs have a natural ebb and flow, governed by the irregular rhythms of the day job. But this was a pretty big ebb—maybe more accurate...
Not entirely unexpected, the optical capabilities in our switch have provoked questions from customers and potential customers on whether the Plexxi solution could be used to create campus, metro or even long distance multi site fabrics. The answer to that question is a resounding yes,...
The rapidly growing cloud market and the significant shifts in the voice and data services marketplace have created unprecedented challenges and opportunities for service providers. While the challenges presented to service providers are numerous and of strategic significance, in the i...
It’s not clear to me whether there is really a conclusion to a technology trend. I suppose that one trend begets another and that morphs into another. So in some sense, discussing the SDN end game is really foolish. It seems most likely that we all stop talking about SDN in another yea...
Sporting a cool DevCentral t-shirt, I show you how to find F5 booth 208 at VMware Partner Exchange 2014. The theme for PEX is Master the New Reality and F5’s Synthesis is a perfect way to master infrastructure’s new reality…the Cloud.
We get quite caught up in high level architectures at times. It is good to read some posts that focus on design and implementation and the practicality of taking higher level architectures to reality. Two of Ivan’s posts caught my eye this week. In the first, he discusses the differenc...
I've been following SSL for a long, long time. Since before the turn of the century, in fact. I devised performance tests back in the day that, on at least one system (back when PCI was still the standard method of enabling SSL hardware acceleration) actually melted circuits on the hos...
You might not know but last week was the 10 year birthday of Cabir, the first mobile malware. It spread through Bluetooth after infecting the Nokia Series 60 phones running Symbian. Also last week, Kindsight Security Labs (Alcatel-Lucent) released the results of a study (pdf) that foun...
FIS has been selected to collaborate with the Department of Homeland Security to bolster the cybersecurity infrastructure of financial transactions worldwide. The DHS intends for the partnership to share data with other federal agencies and the private sector with the goal of addressi...
Application development trends significantly impact the design of data center networks. Today there are two trends driving a variety of transformation in the network: API dominance and micro-architectures. Combined with a tendency for network operations to protect its critical infrastr...