Virtualized Networking: A Case for CIOs

“The starting point of any system-wide modernization effort should be to virtualize both networks and servers.”

The author is, without a doubt, advocating virtualization as the Holy Grail of everything network and server.  While virtualization can provide many of features and benefits, it is not always a practical or desired solution. For one, virtualization is a trade-off which makes sense for certain configurations and loads. Other hardware based security, performance and features may not be possible, make sense to duplicate or virtualize. It also introduces more potential single points of failure, bottle neck and security risks.

“In the open source model, source code is made available to a worldwide community of developers to strengthen and improve capabilities, functionality and protections.  It helps to create standards to avoid vendor lock-in.  As an example, the Linux Foundation community is working to integrate cybersecurity protections into the design of the virtualized network itself, versus the “bolt-on” approaches of the past.”

Standards and lock-in. There are not standards and the reason there are no standards for virtualization is that it is not real, it is virtual, masquerading as something else with standards! Protocols are the standards and network security tools may become defacto add-ons but never standards. It may not even reduce lock-in. There are a handful of virtualization vendors compares to more hardware providers.

In short, don’t jump in based on vendor hype(r V): AT&T.

It is estimated that nearly 80 percent of federal information technology dollars are spent maintaining outdated systems. Meanwhile, two fundamental goals for any CIO are to drive system modernization and improve cybersecurity protections. Network Visualization is the way to do it.

Source: Virtualized Networking: A Case for CIOs

Advertisements

How Congress Can De-Escalate the Second Crypto War: Fund Research and Broker a Crypto Armistice

Policymakers could make progress on the problem of law-enforcement access to encrypted data with more research and a better relationship between the government and the tech community. Congress can help on both fronts.

Source: How Congress Can De-Escalate the Second Crypto War: Fund Research and Broker a Crypto Armistice

Corporate Data Collection and U.S. National Security: Expanding the Conversation in an Era of Nation State Cyber Aggression

Are we framing the conversation about corporate data collection too narrowly?

Source: Corporate Data Collection and U.S. National Security: Expanding the Conversation in an Era of Nation State Cyber Aggression

A New Wave of Censorship: Distributed Attacks on Expression and Press Freedom – Center for International Media Assistance

In both authoritarian and democratic contexts, new forms of censorship online are carried out through distributed attacks on freedom of expression that are insidiously difficult to detect, and often just as effective, if not more, than the kinds of brute force techniques by state agents that came before.

Source: A New Wave of Censorship: Distributed Attacks on Expression and Press Freedom – Center for International Media Assistance

What’s Involved in Vetting a Security Protocol: Why Ray Ozzie’s Proposal for Exceptional Access Does Not Pass Muster

Because Susan Landau is a true Architect, Ray Ozzie never was.

Ray Ozzie’s proposal for exceptional access has the virtue of being simple. But security can be subtle, and simple solutions often miss critical aspects. This one has.

Source: What’s Involved in Vetting a Security Protocol: Why Ray Ozzie’s Proposal for Exceptional Access Does Not Pass Muster