Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
PRODUCTNEWS<br />
VERSION X<br />
VERSION X<br />
VERSION X<br />
VERSION X<br />
VER<br />
WITH PRODUCT ANNOUNCEMENTS RANGING FROM THE TRIVIAL TO THE BIZARRE, THE EDITOR<br />
DISTILS THE ESSENCE OF THOSE THAT ARE OF INTEREST TO THE NETWORKING COMMUNITY<br />
As cybersecurity comes of age, so<br />
do new practices and approaches,<br />
all ultimately focused on doing<br />
more, more effectively and with finite<br />
resources. Simulating cyber risk and<br />
guiding the most effective application of<br />
resources to maximise risk reduction<br />
impact, is one such example.<br />
FireMon has released its patented Risk<br />
Analyzer technology to help its customers<br />
in just this way. The technology extends<br />
FireMon's scalable automation and<br />
analysis platform to risk vulnerability<br />
management, calculating the risk of network<br />
attack angles and scoring firewall<br />
rules to allow network managers to efficiently<br />
reduce exposure to risk.<br />
Matt Dean, Vice President of Product<br />
Management for FireMon says,<br />
"Cyberattacks start inside the network via<br />
spear phishing or other means. Many<br />
network teams have undertaken segmentation<br />
as a way to limit accessibility to<br />
their data... However, that is only effective<br />
if the implemented policies correctly<br />
control access and determine which systems<br />
are vulnerable and accessible<br />
through the segmented network. This is<br />
now a critical exercise."<br />
Risk Analyzer allows for patching systems<br />
virtually and it can re-run a complete<br />
analysis in seconds. It can then compare<br />
various patch scenarios and ensure that<br />
the safest outcome is achieved.<br />
Another important part of the evolving<br />
cyber repertoire focuses on what to do<br />
when a successful attack has been<br />
uncovered, and this can no longer be<br />
naively limited to recovery alone. In most<br />
cyberattacks, legitimate owners of compromised<br />
systems fall victim to unidentified<br />
perpetrators and they will usually<br />
agree to cooperate and help security<br />
researchers find the infection vector<br />
along with some other attacker details.<br />
It has, it seems, been a concern among<br />
forensic researchers that the need to travel<br />
long distances to collect crucial evidence,<br />
such as malware samples, can<br />
result in expensive and delayed investigations.<br />
The longer it takes for an attack to<br />
be understood, the longer it is before<br />
users are protected and the perpetrators<br />
identified. Up until now, the alternatives<br />
have either involved expensive tools and<br />
the knowledge to operate them, or the<br />
risk of contaminating or losing evidence<br />
as it's moved between computers. In<br />
response, Kaspersky Lab has developed a<br />
tool that can remotely collect vital data<br />
without risk of contamination or loss.<br />
BitScout is like a Swiss-army knife for the<br />
remote forensic investigation of live systems<br />
and it has now been made freely<br />
available for investigators to use.<br />
A new distributed architecture means<br />
that Arbor Cloud has increased its DDoS<br />
attack mitigation capacity to 8Tbps.<br />
Arbor Networks says that by distributing<br />
capacity across four times the number of<br />
scrubbing centres globally, attacks can be<br />
mitigated more quickly and closer to the<br />
source. This distributed model enables<br />
customer traffic to stay in-region and in<br />
some cases, in-country, addressing the<br />
emerging data privacy challenges for<br />
cloud service providers.<br />
It's not just the face of cyber security<br />
that is fast changing - the possibilities for<br />
storing data are growing in some very<br />
creative ways too. Described as a disruptor<br />
in software-defined block storage,<br />
Excelero has announced that its NVMesh<br />
server SAN now supports persistent container<br />
storage for hyperscale architectures,<br />
utilising Kubernetes. They claim<br />
that this is the industry's first offering to<br />
make use of pooled, redundant NVMe<br />
storage in container applications requiring<br />
persistent volumes, so that enterprises<br />
can obtain both local flash performance<br />
and container mobility, all at data<br />
centre scale.<br />
Mark Peters, Practice Director and<br />
Senior Analyst at ESG comments that,<br />
"Container users need persistent storage<br />
that is scalable enough for stateful applications,<br />
yet also offers mobility to help<br />
protect against drive or host failure. By<br />
leveraging Kubernetes with its server SAN<br />
platform, Excelero is enabling IT teams to<br />
have exactly that: containers that can<br />
have high performance storage, with<br />
both persistence and mobility."<br />
Enterprise-class storage-as-a-service<br />
(STaaS) provider Zadara Storage has<br />
expanded the availability of its VPSA<br />
Storage Array service to both Amazon<br />
6 NETWORKcomputing JULY/AUGUST 2017 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK