Blogger Drew Conry-Murray, writing in Packet Pushers, looked into the new SDN interoperability consortium based...
at the University of New Hampshire InterOperability Laboratory (UNH-IOL). The new consortium expands the school's existing lab for research on SDN switching and controller interoperability. The new SDN switching and controller project costs $20,000 to join and opens Aug. 1.
While UNH-IOL has not named consortium members, the lab counts Juniper Networks, Cisco, Brocade Communications Systems and other leading networking vendors as members. The consortium will have multiple goals such as interoperability testing for SDN switching and controllers, benchmarking for OpenFlow as well as OpenFlow, NETCONF and RESTCONF conformity.
Explore more of Conry-Murray's update from UNH-IOL.
Achieving integrity in network telemetry
Greg Ferro, writing in Ethereal Mind, mused about integrity in network telemetry. Because vendors are responsible for bearing the costs of fixing significant device problems, and because application program interfaces (APIs) run on network devices and report on their performance, vendors are incentivized to configure APIs to hide problems from users -- or to paint a rosier picture of a device's performance. Ferro draws comparisons between network vendors and Volkswagen's recent Dieselgate scandal.
Ferro reminded readers that open source isn't necessarily better, bearing plenty of risk of error and poor design, but nonetheless, transparency is valuable for business. Ferro adds that buyers should be willing to consider that any API can report false data, but that for many vendors legal liability offers few disincentives in the race for quarterly results. Customers place great trust in closed systems --only independent testing can help to validate or draw into question buyer's assumptions.
Read more from Ferro and his thoughts about network telemetry.
Federal court rescues the cloud
Terri McClure, an analyst at Enterprise Strategy Group in Milford, Mass., followed up on a significant federal court case involving the cloud. The U.S. Department of Justice took Microsoft to trial after attempting to subpoena email data from a Microsoft data center in Ireland, which Microsoft refused. In July, 2014, a judge ruled that because the data was managed and accessible from the United States, Microsoft would need to comply with the subpoena.
The recent court ruling reversed the decision from 2014, finding that the data in Ireland was beyond the reach of domestic search warrants. According to McClure, the case was a hard-fought battle with Apple, AT&T and even the American Civil Liberties Union siding with Microsoft in court -- even as the company was charged with contempt of court and risked breaking the law in both the U.S. and Ireland. In McClure's view, the case highlights the need for improved regulation in regard to the internet and data privacy.
Check out McClure's details on Microsoft's cloud case.
Delilah Trojan emerges to recruit insider threats
Avivah Litan, an analyst at Gartner, warns of the criminal recruitment of insiders through an emerging Trojan known as "Delilah." The Trojan recruits employees, contractors and other victims through extortion, social engineering or ransomware tactics. According to Diskin Advanced Technologies, a threat intelligence group, the Trojan isn't available on the black market and is still held by closed hacking groups.
The bot can be accidentally downloaded from adult and gaming websites, gathering enough personal information, often about family and workplace, to extort insiders. The bot sometimes activates the web camera to gather video and screenshots, and is typically associated with VPNs. Presently, the Trojan is still buggy and heavily reliant on human hackers who choose targets -- it often yields error messages activating the webcam or freezes monitors owing to the large volume of screenshots. Litan recommends gathering more endpoint data, particularly with TOR and VPN connections, to identify insider threats.
Read more from Litan about insider threat Trojans.
Boosting interoperability with SDN
How to distinguish internal threats
Forensics and cloud computing