Tips on How to Create Filtering Policies for VMware NSX

15191_blog_header

VMWare lets customers write filtering policies for any traffic that goes into an NSX data center, exits from it, or moves between different servers inside the NSX data center. But having the ability to create these filtering rules doesn’t mean that it’s easy to actually write them, so here are some tips.

A Blueprint for Migrating Applications to VMware NSX

nsx

With VMware offering new and exciting capabilities for virtual data center owners, use this blueprint to successfully migrate and manage application connectivity on VMware NSX.

Still Using SSL? You’re No Longer Compliant with PCI

poodle-sign (1)

It’s well-known that SSL is the source of many recent vulnerabilities, including POODLE, Heartbleed, and FREAK, and the facilitator of many recent cyber-attacks. As a result, best practices recommend that companies turn off SSL and move to the far more secure TLS protocol. Other than the obvious need to move away SSL, why is this so important?

Five Common Firewall Configuration Mistakes – and How to Avoid Them

security_lock_missing

In my work I find many mistakes in firewall configurations. Here are the most common types of firewall misconfigurations that I encounter and how you can avoid them.

Tips for Managing Your External Network Connections

external connections

Last week our CTO, Professor Avishai Wool, presented a technical webinar on the do’s and don’ts for managing external connectivity to and from your network. Based on our audience poll this is clearly a very relevant issue for many enterprises, and one which can have a profound effect on security. Here are a few key issues that you should be mindful of when managing external connections.

Look at Behavior to Find the Needle in the Network

needle-in-a-haystack

Whether you know it or not, there are intruders in your network and they’re most likely leaving footprints everywhere. Some of these footprints may be larger than others, and some criminals are better at hiding their tracks while others can be very noisy. It’s the ones that are quiet that should scare you, because they…Read More

Future-Proof Security into DevOps

future proof

If you don’t think about security when you start going down the DevOps path you’re going to get caught by surprise when someone tells you that what you’re doing is insecure. At that point you’ll have to retrofit security into the process – and that’s painful.

Who’s Connecting to Your Network?

Dos and Don’ts for Managing External Connectivity

Are you really sure your external connections are secure and compliant? Are you really sure they are not inadvertently creating holes in your network and exposing your organization to cyber criminals? The Target breach – and many others like it – should at least make you double check your practices.

Top 10 Common Firewall Flaws: What You Don't Know Can Hurt You!

firewall mistakes

Do you really know what vulnerabilities currently exist in your enterprise firewalls? Your vulnerability scans are coming up clean. Your penetration tests have not revealed anything of significance. Therefore, everything’s in check, right? Not necessarily. Here are my top 10 common firewall vulnerabilities that you need to be on the lookout for.

Bringing Security into DevOps

enterprise-collaboration

Traditionally security was not part of the DevOps process. But I’m now starting to see companies begin to integrate security into the DevOps process – often now renamed DevSecOps.

Migrating Business Applications to AWS? Tips on Where to Start

cloud migration 2

I recently sat down with Avishai Wool, our CTO, and asked him for some tips for companies who are considering migrating their business applications to Amazon Web Services (AWS).

How to Use Decoy Deception for Network Protection

dwf_03_z

According to Sun Tzu to gain an advantage on your opponent you need to catch him off guard – make him believe you’re something you’re not, so that you can leverage this opportunity to your advantage. As security practitioners we should all supplement our security practices with this timed and tested decoy technique against cyber attackers.