You’ve probably heard “nines” thrown around when talking high availability, so let’s review them to make everyone talk the same talk or IT Jibba-Jabba.
By now you’ve probably heard about a major vulnerability in the OpenSSL Project’s implementation of SSL known as Heartbleed. If you’re not familiar with SSL, it is a protocol designed to secure communication between an end-user (client) and application (server) using cryptography and keys intended to make it difficult to intercept and read protected traffic. The process of establishing that secure communication looks something like this:
Saar here, resident engineer at Myriad Supply. Today I’ll be discussing DDoS ammunition.
The FFIEC gives “recommendations” to banking institutions. This is a non-binding recommendation, and there is no law per say that says you must have DDoS protection. However, if someone suffers financial damages due to a DDoS attack on a bank, that person can hire an attorney who can then prove that the bank handled itself without due diligence in spite of government recommendations. So a reasonable judge will find the bank at fault and it would have to pay. Add a class action, and you’re looking at a pretty hefty sum. In this article for example, http://www.scmagazine.com/banks-file-class-action-against-target-and-trustwave-over-massive-breach/article/339760/, the banks are suing Target for failing to have decent security, which cost them millions replacing stolen payment cards.
Saar here, resident engineer at Myriad Supply. Today I’ll be discussing firewalls.
Saar here, resident engineer at Myriad Supply. Today I’ll be discussing the OSI Model and the 7 layers.
b. Next Generation
c. Application Layer firewalls- Palo Alto/ Juniper
d. Web application Firewalls- Mykonos now rebranded to webapp secure firewall
Let’s review some basics about the OSI model and the 7 layers: