Drew Conry-Murray, writing in Packet Pushers, shed light on CloudPhysics' new calculator that tallies the virtual...
machine cost in public and private clouds. In addition to assessing the current virtual machine cost, the system can compare those values to the cost of running equivalent workloads in Microsoft Azure or Amazon Web Services. Introduced this fall, the CloudPhysics virtual machine cost calculator combines on-premises software with an online service to help customers track and understand virtual infrastructure.
A virtual collector appliance runs inside VMware vCenter and vCenter API, collecting virtual-environment data every 20 seconds. Customers are offered a dashboard view that lets them get a glimpse of past performance, as well as a variety of metrics. Looking back at old data might reveal overprovisioned VMs or areas where IT departments can put off new hardware purchasing.
"CloudPhysics' premise is pretty simple: Gather as much data as possible about an organization's virtual environment, and then obsessively analyze and track that data to provide both real-time and historical information about resource usage and performance for VMs, physical servers, storage and some networking," Conry-Murray said. The calculator is available in either a software-as-a-service format or a partner edition.
Look more into Conry-Murray's assessment of the virtual machine cost calculator.
Making incident response automation and orchestration work
Jon Oltsik, an analyst with Enterprise Strategy Group Inc., in Milford, Mass., examined incident response automation and orchestration in a recent video. In most enterprises, Oltsik said he sees a typical incident response (IR) formula. Security tools generate alerts that are assessed by incident response professionals and classified as either low or high priority. High-priority threats are remediated.
ESG research indicated 28% of companies generate between 5,000 and 10,000 security alerts a month, and 21% generate up to 15,000. Up to 42% of cybersecurity respondents in a survey said they are forced to ignore a substantial number of the security alerts they receive.
That's where automation comes in, with 57% of respondents saying they are using incident response automation and orchestration. Launching vulnerability scans or generating rules for blocking suspicious IP addresses are just a few of the tasks Oltsik said can be automated. He added that IR automation should be a priority for organizations.
Explore more of Oltsik's thoughts on automating incident response.
Adding routes for Mac OS X PPTP connections
According to Ethan Banks, co-founder of Packet Pushers, when you make a successful Point-to-Point Tunneling Protocol (PPTP) connection to a remote VPN server that has built-in Mac OS X, you will probably find that you can't connect to the hosts at the other end of VPN. In this situation, connections to LANs and the internet are still possible.
Banks recommended moving the PPTP connection to the top of the list in the system preferences drop-down menu. This will connect to the client at the other end of the VPN, but will have the downside of routing all traffic through the tunnel. Banks noted that not all VPN termination devices or firewalls are configured to deal with this "hairpin routing."
In a similar situation, Banks said he sees an opportunity to end split tunneling and funnel all traffic into a single tunnel by checking OS X's routing table using netstat-rn and checking a box to send all traffic over the VPN. Banks said his preferred method is to run the /etc/ppp/ip-up executable script, which allows automation of routing commands.
Delve deeper into Banks' thoughts on PPTP connections with Mac OS X.
Calculating the costs of VMs
Timely incident response is essential
How to secure a PPTP VPN