Protecting truckloads of data on the information superhighway

SSL Journal

Subscribe to SSL Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SSL Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from SSL Journal
When you plan your migration to the cloud, and the cloud security best practices to secure it, there is no need to reinvent the wheel.  Here is some advice from the Fortune 500. Use these tips to learn from others’ successes and to avoid their failures – maybe their companies can...
Qualcomm announced that its subsidiary, Qualcomm Atheros, Inc., is broadening support for developers to simplify the design of products that use Wi-Fi™ to connect the Internet of Everything (IoE). Qualcomm Atheros has opened worldwide distribution channels with Arrow Electronics and CO...
The term hybrid is somewhat misleading. In the original sense of the word, it means to bring together two disparate "things" that result in some single new "thing". But technology has adapted the meaning of the word to really mean the bridging of two different technological models. For...
Encryption is widely recognized as the gold standard for protecting data privacy, but encryption is only as strong as its key management. Critical credential files such as Oracle wallet files, Java KeyStores, Secure Shell (SSH) key files, and Secure Sockets Layer (SSL) certificate file...
Despite the hype and drama surrounding the HTTP 2.0 effort, the latest version of the ubiquitous HTTP protocol is not just a marketing term. It's a real, live IETF standard that is scheduled to "go live" in November (2014). And it changes everything. There are a lot of performanc...
Anyone who has been involved with security knows there is a balance to providing both security and privacy and performance at the same time. Security is often blamed for performance woes, particularly when cryptography is involved. SSL and TLS have long addressed this balance by lev...
Infrastructure must balance between applications and the network because otherwise werewolves would cease to exist. In science we're taught that gravity is the law. As it relates to us living here on earth (I can't speak for all you displaced aliens, sorry) there are two gravitational...
In my previous post (Cloud Data, Security, Privacy & Confidentiality/ The ISV Perspective) I talked about the increasing exposure of data, the changing landscape of data confidentiality and the need to shield data rather than retreat into – largely mythical -“safe heavens” of on prem...
Working with SAP customers on the cloud has been a rich learning and myth busting experience in many ways. Contrary to popular belief, a number of SAP customers do have a strong affinity for deploying solutions via the cloud. So what are the insights from our first set of cloud custo...
A recent post on the HTTP 2.0 War beginning garnered a very relevant question regarding WebSockets and where it fits in (what might shape up to be) an epic battle. The answer to the question, “Why not consider WebSockets here?” could be easily answered with two words: HTTP headers. It...
Enterprises often frustrate developers. Why do Enterprises always seem so behind when it comes to the very latest technology? In particular, a trend we are seeing is the continued struggle to marry Enterprise authentication with the burgeoning world of REST … Continue reading ...
In this article we will list some steps you can take to make sure your Exchange Server is running as securely as possible. 1. Harden the OS We can’t stress enough how important it is to harden the OS that is hosting the Exchange Server.
In the last week or two, the security community has been abuzz with two different papers on the security of RSA keys. It turns out there are tens of thousands of RSA keys out there that are weak: they share a prime modulus with another public key, allowing both keys to be factored (i.e...
Niall Commiskey has written a really useful guide to measuring the time a Gateway takes to call a Web Service. I recommend you check it out if you're interested in
By now you’ve probably heard the term, “Cloud Wars”, though with so many fronts sometimes it’s difficult to ascertain which Cloud battles are being referenced. In The Battle for the Enterprise the reference is to cloud computing leaders making their way into the enterprise segment taki...
Amazon Web Services (AWS) has announced the beta of their new storage gateway functionality that enables access of Amazon S3 (Simple Storage Services) from your different applications using an appliance installed in your data center site. With this beta launch, Amazon joins other s...
F5 Networks on Tuesday announced that the latest release of the F5 BIG-IP product family has been certified by ICSA Labs as a network firewall, helping customers protect their public-facing websites from today’s massive cyber attacks. The newly certified solution handles eight times mo...
Before looking for a managed file transfer solution, it is important to determine how data is currently being transferred from your organization. You should find out what users and applications are performing the data transfers, where the source of the data resides, how sensitive the d...
It’s great to be fast and furious, but if your infrastructure handles like a boat you won’t be able to take advantage of its performance We recently joined the land of modernity when I had a wild urge to acquire a Wii. Any game system is pretty useless without games, so we got some of...
Advances in attacks on network security over the last few years have led to many high-profile compromises of enterprise networks and breaches of data security. A new attack is threatening to expand the potential for attackers to compromise enterprise servers and the critical data on th...
Secure Sockets Layer (SSL) is the de facto standard for e-commerce security. It confronts the potential problems of unauthorized viewing of confidential information, data manipulation, data hijacking, phishing, and other insidious web site scams by encrypting sensitive data so that onl...
Stonesoft, an innovative provider of integrated network security and business continuity solutions, today announced the extended availability of the StoneGate MobileID authentication software token for five additional platforms: Apple Mac OS, iPod, iPhone, iPad and Google Android. Incl...
Watch how BIG-IP ASM v10.2 can prevent Cross-site request forgery. Shlomi Narkolayev demonstrates how to accomplish a CSRF attack and then shows how BIG-IP ASM stops it in it's tracks. The configuration of CSRF protection is literally a checkbox.
Reduce latency, extend the distance required between data-centers and enable an enhanced disaster recovery solution. This week, we shot some videos and in this one, learn how F5's WAN Optimization can enhance Oracle's Data Guard solution. I talk with Chris Akker, Solution Engineer, abo...
Learn how F5's BIG-IP LTM/APM helps in conjunction with Oracle Access Manager centralizing web application authentication and authorization services, streamline access management, and reduce infrastructure costs Watch how BIG-IP APM can reduce TCO, lower deployment risk, and streamline...
Intellectual Property is one of a company’s most precious assets and includes things like patents, inventions, designs, source code, trademarks, trade secrets and more.  These formulas, processes, practices and other inside information can differentiate your brand and give a compe...
Leostream Corporation, a developer of virtual hosted desktop software, on Monday announced enhancements to its industry-leading, vendor-neutral connection broker bringing greater support, management flexibility and branding control to hosted virtual desktop infrastructures (VDI). The m...
Leostream Corporation, a developer of virtual hosted desktop software, announced today that Portugal Telecom (PT), the largest telecommunications provider in Portugal, with additional operations in Europe, South America, Africa, and the Caribbean, has deployed theLeostream Connection B...
When New York jeweler Harry Winston donated the famous Hope Diamond to the Smithsonian Institution, he shipped the 45.52-carat gem via US mail. Email users need to be warier than Winston. Unlike rocks, email messages scatter into tiny digital signals bouncing from computer to computer,...
Nimbus Technology (www.nimbustech.co.uk), a leading infrastructure hosting and cloud computing provider, today announced the launch of the Nimbus Cloud Storage Service powered by the Mezeo Cloud Storage Platform. Developed by Mezeo Software™ (www.mezeo.com), the Mezeo Cloud Storage Pla...
Comodo has announced its new Internet browser, Comodo Dragon. Like Google Chrome, Comodo Dragon is constructed on the open-source Chromium Project browser. Dragon's enhancements increase security and protect user privacy. Comodo Dragon offers a new feature for Internet users. Websites ...
Cloud Leverage has launched enterprise-grade cloud solutions at a cost previously only available through commodity cloud offerings. At $.05 a GB per datacenter with no transfer or bandwidth charges -- Cloud Leverage offers a complete storage solution at a previously unavailable price.
There are some common XML Gateway myths that this post would like to dispel. These myths are a manifestation of vendors overwhelming the customers with the latest bells and whistles of their product without explaining to the user fundamental basic
Deutsche Post Com GmbH will offer Comodo digital certificates to its customers, including Extended Validation (EV), EV Server Gated Cryptography (SGC), and Premium SSL/Premium SSL Wildcard certificates.
Building on the continued success of the public key infrastructure (PKI) platform, Entrust is advancing the technology to bring it to new markets. With the introduction of Entrust Authority Security Manager 8.0, Entrust customers can implement one of the most trusted PKI security solut...
GoAnywhere Director Version 3.0 is now available from Linoma Software. GoAnywhere Director is an Enterprise solution for Managed File Transfers, which includes a full suite of processes to securely transfer and convert data with detailed auditing and message alerts. Using GoAnywhere Di...
Here at Layer 7 we get asked a lot about our support for REST. We actually have a lot to offer to secure, monitor and manage REST-style transactions. The truth is, although we really like SOAP and XML here at Layer 7, we also really like REST and alternative data encapsulations like JS...
Here is an interesting article by Rob Barry titled: "In SOA, cloud resources may exacerbate security and file transfers issues." It highlights significant requirements for Federated SOA especially around large file transfer using SOAP Attachments. The article makes the following intere...
I want to take a quick break from 26 Short Topics to share a bit of history you might not know about. This has nothing to do with technology, security or our awesome BIG-IP solutions but felt compelled to honor both my grandparents and service men/women everywhere today.