Ben Tomhave. Network Security Blog. Verizon Business Security Blog. Chris Hoff. So-called Next Generation Firewalls (NGFW) are those that extend “traditional port firewalls” with the added context of policy with application visibility and control to include user identity while enforcing security, compliance and productivity decisions to flows from internal users to the Internet.
NGFW, as defined, is a campus and branch solution. Campus and Branch NGFW solves the “inside-out” problem — applying policy from a number of known/identified users on the “inside” to a potentially infinite number of applications and services “outside” the firewall, generally connected to the Internet. They function generally as forward proxies with various network insertion strategies. Campus and Branch NGFW is NOT a Data Center NGFW solution. Data Center NGFW is the inverse of the “inside-out” problem. Campus and Branch NGFWs need to provide application visibility and control across potentially tens of thousands of applications, many of which are evasive. They don’t. /Hoff. Guy Kawasaki. Amazon start selling the paperback edition of my latest book, APE: Author, Publisher, Entrepreneur.
APE explains how to publish a book by breaking the process down into three stages: Author explains how to write a book. Publisher explains how to produce both ebooks and printed books.Entrepreneur explains how to market and sell your book with an emphasis on social media. You can order APE here: There are 204 Amazon reviews for it: 181 five stars, 21 four stars, and 2 three stars which averages to five stars! Here are three of the blurbs: “Nuts, bolts, and inspiration too. Seth Godin, author and founder of The Icarus Project “Guy’s book is the perfect companion on the journey of independent publishing and great reading for the millions who aspire to become authors.” Atif Rafiq, General Manager, Kindle Direct Publishing at Amazon.com “APE is easily the most comprehensive, best organized, nuts-and-bolts-useful work on self-publishing I’ve seen to date.
Steve Blank. Craig Chamberlain's Blog. Ross Anderson. Securosis. Responsibly (Heart)Bleeding By Mike Rothman Yeah, we hit on the Heartbleed vulnerability in this week’s FireStarter, but I wanted to call attention to how Akamai handled the vulnerability.
They first came out with an announcement that their networks (and their customers) were safe because their systems were already patched. You see big network service providers tend to get a heads up when stuff like this happens, and they can get a head start on patching. They were also very candid about whether they have proof of compromise: Do you have any evidence of a data breach? So kudos were due to Akamai for both explaining the issue in understandable terms, discussing their home-grown way of issuing and dealing with certs, discussing the windows of potential vulnerabilities in the window before they started patching, and owning up to the fact that they (like everyone else) have no idea what was compromised (if anything).
Then they assured customers they were protected. It’s OK to be wrong. By Rich. Robert Graham.