RSA2015 Partner Spotlight - RSA Risk Based Authentication

Posted in security, f5, silva, authentication, rsa, access by psilva on April 21st, 2015

RSA Technology Consultant Josh Waterloo talks about the evolution of two-factor authentication and how risk based auth is starting to take hold. He also shows us a demo of the integration between RSA SecurID and BIG-IP APM to provide risk based, strong authentication for corporate access to sensitive information.

ps

Related

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]
Watch Now:



RSA2015 – Find F5

Posted in security, f5, video, rsa by psilva on April 20th, 2015

Sporting the crisp F5 ‘Defend the New Perimeter’ t-shirt, Peter Silva shows you how to find F5 booth 1515 at RSA 2015 in 17 paces or less. The theme this year is Change – Challenge today’s security thinking and with the mobile revolution, applications delivered from hybrid environments and the shifting perimeter, changing your security thinking today will help protect your business applications tomorrow. 

ps

Related

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]
Watch Now:



RSA 2015 - The Preview Video

Posted in security, f5, silva, video, rsa by psilva on April 16th, 2015

I give a preview of RSA 2015, running April 20 – 23 in San Francisco’s Moscone Center. F5 will showcase a number of solutions that help organizations defend against the threats to their data and protect the perimeter. Visit us in Booth 1515 to learn about solutions like our Silverline Cloud based WAF and DDoS protection, along with secure mobility, SSL Everywhere and Web Fraud Protection implementations.

Watch Now:



IoT Influence on Society

Posted in f5, silva, infrastructure, human behavior, big data, iot, sensors by psilva on April 14th, 2015

iotclipping.jpg

”Things” and the applications/services that support them are changing the way we live. Wearables in the sports and health sectors will grow to nearly 170 million devices by 2017 — an annual growth rate of 41 percent. Specific to the enterprise, if you thought the Bring Your Own Device (BYOD) craze was a headache, just wait until button cameras, smart watches, fitness trackers, and connected glasses are a daily occurrence in the office. Workplace wearables will be a huge challenge in the coming years as more devices, clothing and pretty much any 'thing' with a chip or sensor become commonplace in society.

PricewaterhouseCoopers (PwC) in The Wearable Future report found that 77% of respondents thought that a top benefit of wearable technology is the potential to make employees more productive and efficient. If the technology is simple to use and integrates with other devices, that should boost productivity and lift profits. Industries that could benefit immediately from the wearable market include:

  • Entertainment will be more 'immersive and fun'
  • Social Media gets real time updates from clothes
  • Gaming can be more visually and physically engaging
  • Advertisers will also want that space someone’s back
  • Healthcare will track vitals
  • Retail could offer “pleasant, efficient” shopping experiences

Clothing is just one example of many. Organizations will also be able to manage assets and office building more efficiently. Imagine the connected home automation today, but geared toward commercial properties. Security, HVAC, assets, lighting, employee access and so forth is all handled by sensors and monitors. Smart cities are already being built with IoT on a metropolis scale. Energy, environment, street lights, sanitation, water supply, transportation and other civic related functions are all automatically controlled by meters.

The automotive industry is also taking advantage of sensors with self-driving cars, in car Wi-Fi, seamless integration with mobile phones, car to car communications, software updates and even their own in-car apps for streaming entertainment, navigation and other connected activities.

By all accounts, everything that is a noun – a person, place or thing – at some point, will have or wear a sensor/actuator/IP-chip that gathers some sort of data and all that traffic is headed for a data center somewhere. The digital society has emerged.

ps

Related

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



What are These “Things”?

Posted in f5, silva, infrastructure, iot, sensors by psilva on April 9th, 2015

The Internet of Things (IoT) refers to the set of devices and systems that interconnect real world sensors and actuators to the internet. This includes many different types of systems, including:

  • Mobile devices
  • Smart meters & objects
  • Wearable devices including clothing, health care implants, smartwatches, fitness devices, etc.
  • Internet connected automobiles
  • Home Automation Systems including thermostats, lighting, home security
  • Other measuring sensors for weather, traffic, ocean tides, road signals and more

These systems connect to the internet or gateway in a variety of manners including long range WiFi/Ethernet using IP protocols (tcp/udp, including cellular), short range Bluetooth low energy, short range Near Field Communications, or other types of medium range radio networks. Point to point radio links and serial lines are also used. There are many sensors that connect directly to the internet and there are others that may need specialized IoT networking hardware. Message Queue Telemetry Transport (MQTT), for instance, is a subscribe and publish messaging protocol designed for lightweight machine to machine (M2M) communications. Originally developed by IBM, is now an open standard but its primary purpose is to allow a device to send a very short message one hop to a MQ broker and to receive commands from that broker. It needs a gateway or receiver (broker) to communicate. Basically, every message is published to a location, called a topic, clients (the sensors) subscribe to various topics and when a message is published to the topic, the client/sensor gets it.

The systems themselves typically fall into a few classes of categories. The smallest devices have 8-bit embedded system on chip (SOC) controllers but no operating system; then there are ones that have a limited 32-bit architecture, like a home router, with or without a base OS and; the most capable systems have either full 32-bit or 64-bit operating platform such as a mobile phone. You might even use your mobile phone to send the data, via the internet, from the IoT device to the destined application.

Not only are we interacting with these devices, they are interacting with other machines to send specific Information, which is called Machine-to-machine technology. The M2M fabric works in conjunction with the various systems that support wearables, home networks and the widely deployed sensors. Some areas that you can focus on as IoT progresses include:

  • Focus on scale of core capabilities like DNS and availability
  • Evaluate readiness to federate access across cloud apps
  • Examine state of identity and access to manage millions of users
  • Strategize on automation for provisioning and auto-scale

According to Gartner, the Internet of Things is not a single technology but a concept with embedded sensors driving the trend, real time support and learning having a social impact and allows businesses to make situational decisions based on the sensor’s information. With that, no single architecture can address all the potential IoT device areas and requirements of each but a scalable architecture that can add or subtract resources to support a wide variety of scenarios prepares organizations for the impact IoT will have. You can check out F5's The Internet of Things-Ready Infrastructure White Paper to learn more about how an IoT–ready environment can enable service providers and enterprises to begin taking advantage of this societal shift without a wholesale rip-and-replace of existing technology.

ps

Related

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



Healthcare in the Crosshairs

Posted in security, f5, silva, identity theft, compliance, medical, healthcare by psilva on April 1st, 2015

Is Healthcare the new Target?

bullseye-target.jpg

Recently I've received a number of 'I am writing to inform you that we were the target of a sophisticated cyber attack and some of your personal information may have been accessed by the attackers..' letters for myself and my family. I especially hate the ones that start, 'To the parents of...' because my daughter has a rare genetic condition. You probably got one of these letters too since the Anthem breach could have disclosed medical records for as many as 80 million people.

Medical identity theft is big business and has become a huge target over the last few years. The attackers are not really interested in that sprained ankle or those 25 stitches from last summer. They want the personally identifiable information. Names, addresses, birthdays, and social security numbers. Stuff you can actually use to open accounts, commit insurance fraud and create fake identities - using real information. Healthcare info also goes for a premium on black market sites. One expert noted that recently that at one underground auction, a patient medical record sold for $251 while credit cards are selling at .33 cents. With all the recent retail breaches, credit cards have flooded the underground, plus they can get cancelled quickly. I also know that fraudsters are already trying to entice people with fake emails and calls regarding the breaches - I've gotten a bunch of them recently. More than ever, do not click the email link unless you're expecting something.

The interesting phenomenon for me is all the identity theft protection offerings from various credit bureaus. One breach, sign up here...another breach, sign up there. It is important to take advantage of the services to stay alert on your identity but you also have to include the very same sensitive info that was just compromised to yet another entity. I'm waiting on the breach of one of these identity protection sites. I mean the thieves must be thinking, 'well, we missed them in the medical grab but maybe we can get them through the protection app.'

According to Ponemon Institute, about 90% of healthcare organizations have reported at least one data breach over the last two years with most due to employee negligence or system flaws but more, as we've seen recently, are due to criminal behavior. Certainly, there will be more of these healthcare hiccups in the coming years especially with the push to digitize medical records. Great for patient access but a huge risk for unauthorized peeks. With the Premera breach hot on Anthem's heels, I hope providers are getting the message that the bad guys are coming for ya.

ps

Related

.

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



Lost in Translation…in Italy

Posted in security, silva, mobile, travel, train by psilva on March 26th, 2015

I've been travelling recently. To places and fields that have limited to no mobile connectivity and this can be a challenge when a challenge arises.

Immediately following Mobile World Congress in Barcelona earlier this month, my family embarked on a multi-week European vacation. After spending a couple more days in Spain, we jumped on the rail to Paris for a couple days and then on to Rome for 10 days. The Eiffel Tower along with 'I see London, I see France, I see Daddy's....' request was our daughter's and Italy was something we've wanted to do for a while. During the train ride - which was fantastic - we saw vineyards, castles, the Alps, old bunkers and tons of scenery you never get on an airplane. It's almost like eavesdropping on these remote lives as you pass by at 187 mph while they hang their clothes to dry or tend to their fields. Yes, mobile connectivity was very spotty but it was not a big deal since we were enjoying the views and had no reason to 'connect.' I even turned the phone off at various times just for the peace.

In the major cities like Paris and Rome and of you have roaming of course, you're able to connect to one of the available 3G mobile networks within that country. While not LTE, you get decent connectivity and can accomplish many of the mobile tasks that have become commonplace - email, maps, navigation, browsing and so forth. Incidentally, if you want to learn how LTE Roaming works, check out this video we did at MWC15. It is when you venture out, Griswold style, when you can get into trouble.

While in Rome, we visited many of the typical tourism destinations like The Coliseum, Pantheon, Vatican, Spanish Steps, Trevi Fountain and others. It seemed like our entire trip was going exactly as planned and we were having a wonderful time. That is, until the day we left Rome to return to Barcelona for our flight home. The real adventure was about to begin - like the last 20 minutes of a movie when you think everything is wrapped up and that last big crisis hits.

We bought, what we thought, were rail tickets from Rome back to Barcelona. They were less expensive than our inbound rail, which for some reason, didn't fire off the warning bells but we thought that since it was direct, it should be fine. We get on the train and have a nice semi-private area to stretch out and relax on the trip back. As we start the journey, everything seems great - the scenery, the company and we packed some good snacks for the ride. The conductor came through, verified our tickets and we felt like we could unwind. After a little while, we can see the Mediterranean Sea but it is on the wrong side of the train. A little concerned, I asked a uniformed staff if this was the train to Barcelona and was assured that it was. OK, maybe we go South for a few stops but turn around and head North. Seemed reasonable.

We arrive at the Pompei station and get to see Mt. Vesuvius but at this point, we start to get concerned. I find the rail staff for a second time and again asked if this is the train to Barcelona. Even adding that we're going South and wondered if it turns and goes North (up & around, etc.) at some point. Again I'm told that we are going to Barcelona. More time passes and as we get further South, connectivity gets spotty. As it goes in and out, I search, 'does the train from Rome to Barcelona go under the Mediterranean Sea?' There is the English Channel Chunnel so maybe this does the same thing? Nope. Now I'm panicked.

I find yet a third staff member and ask where are we going. It is at that point I learn that we are not headed for Barcelona Spain but Barcellona (Pozzo di Gotto) Italy. We're supposed to be on our return home flight from Spain in less than 36 hours and we're heading for Sicily. He says there is an airport in Catania and we might be able to get a flight to Barcelona. But with no connectivity, we can't see what is available and didn't want to risk arriving with no flights. I ask when is the next train back to Rome...at least get back there. We're told to get off at the next stop, San Giovanni, and we might be able to catch the overnight. Frantically, we grab our stuff, jump off and look around. Pretty grim. After a couple ups and downs of stairs with our bags, we finally make it to the ticket window. I explain that we want to go to Barcelona and the agent tells us, we just missed the train. I pull out a mobile translator and again attempt to communicate. I get frustrated, the agent gets frustrated and we're stuck. I grab a piece of paper and write SPAIN on it and his eyes finally light up but there is no path from where we are to Barcelona. It's 18:00 hours and we have less than 24 hours to reach Spain.

While a crowd gathers behind us, we ask about a train to Milan. Luckily, there is one and it leaves in 30 minutes. We'll take it! It's an overnight and we don't arrive in Milan until 11am the next day. Down to 20 hours before our plane leaves for to LAX. Hopefully we can get on a Milan to Barcelona flight but without connectivity, there's no way of knowing. We get on the train and I start crying - not so much because we're lost in a foreign country but the relief we're finally going in the right direction. Since we can't determine our next steps, the only thing to do is attempt to rest in this little 3 bunk room. The conductors on this route helped as much they could and told us that this happens to people almost every other month. We're not alone but we're nowhere near a solution.

We finally get to Milan and immediately jump in a cab to take the 45 minute/90Euro ride to the airport. We also have some 3G connectivity and at least see there are a few flights to Barcelona but also rely on the cab driver to point us in the right direction. In addition, the connectivity is so spotty on the way that trying to book a flight becomes impossible. At the airport we find the ticket window and buy some of the last remaining tickets for the last flight to Barcelona that day. After not bathing or sleeping for two days, I still felt relieved. We just might make it. As an eerie aside, just the day before our flight path went over the same location as the crashed Germanwings plane. Our jaws dropped when we learned of the tragedy.

We land in Barcelona with 12 hours to spare. Get to our hotel, eat, shower and collapse for a few hours. Not taking any chances, we head out early, make our flight and am grateful to finally be home to tell this story. I learned a lot about geography, mobile connectivity, communication, security, and about myself. We've become so dependent on connectivity and it seems that we've become one with our mobile devices but when there is no signal and they can't help in a crisis, paper, pencils and people still matter. While harrowing, it was an amazing adventure and a fitting end to our wonderful trip.

ps

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



MWC 2015 – That’s a Wrap!

Posted in f5, silva, video, mobile, mwc by psilva on March 5th, 2015

Peter Silva wraps it up from Mobile World Congress 2015. Thanks to you for watching and thanks to our guests this week including Frank Yue, Jonathan George, Peter Nas, Ron Carovano, Richard Duncan, Misbah Mahmoodi and a very special Mahalo to F5 CEO John McAdam! Certainly a personal and professional highlight interviewing John. Also thanks to Lars, Michelle and Jonathan for their camera work – appreciate their help. Reporting from Barcelona!

ps

Related

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]
Watch Now:



MWC 2015 – The Mobile Revolution with F5 CEO John McAdam

Posted in f5, silva, video, mobile, mwc by psilva on March 4th, 2015

John McAdam, F5 President & CEO talks about what the mobile revolution means to F5. John discusses how mobile technology is driving innovation, why the need for intelligent application traffic management is critical, how F5 is in the sweet spot for the explosion of mobile data traffic and why Mobile World Congress is attracts so many executives from around the world. If you only watch one #MWC15 video, this is it!

ps

Related

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]
Watch Now:



MWC 2015 – Enhancing Subscriber’s Quality of Experience (feat Mahmoodi)

Posted in f5, silva, video, mwc by psilva on March 4th, 2015

Misbah Mahmoodi, Sr. Product Marketing Manager, does a great job explaining the service provider challenges with the exponential growth in data usage from a subscriber point of view. For mobile operators, one of the worst things that subscribers can experience on the network is when they begin to stream their favorite video, and instead of the video playing, they see that spinning wheel. Misbah talks about how service providers can gain insights into the type of services and applications subscribers are using, allowing them to plan for network capacity ensuring that they have optimal network resource utilization to handle peak demands. With F5 Policy Enforcement Manager, service providers can implement policies for specific applications to reduce network congestion.

ps

Related

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]
Watch Now:




« Older episodes ·

Quantcast