All posts by David

New – Gigabit Connectivity Options for Amazon Direct Connect

This post was originally published on this site

AWS Direct Connect gives you the ability to create private network connections between your datacenter, office, or colocation environment and AWS. The connections start at your network and end at one of 91 AWS Direct Connect locations and can reduce your network costs, increase throughput, and deliver a more consistent experience than an Internet-based connection. In most cases you will need to work with an AWS Direct Connect Partner to get your connection set up.

As I prepared to write this post, I learned that my understanding of AWS Direct Connect was incomplete, and that the name actually encompasses three distinct models. Here’s a summary:

Dedicated Connections are available with 1 Gbps and 10 Gbps capacity. You use the AWS Management Console to request a connection, after which AWS will review your request and either follow up via email to request additional information or provision a port for your connection. Once AWS has provisioned a port for you, the remaining time to complete the connection by the AWS Direct Connect Partner will vary between days and weeks. A Dedicated Connection is a physical Ethernet port dedicated to you. Each Dedicated Connection supports up to 50 Virtual Interfaces (VIFs). To get started, read Creating a Connection.

Hosted Connections are available with 50 to 500 Mbps capacity, and connection requests are made via an AWS Direct Connect Partner. After the AWS Direct Connect Partner establishes a network circuit to your premises, capacity to AWS Direct Connect can be added or removed on demand by adding or removing Hosted Connections. Each Hosted Connection supports a single VIF; you can obtain multiple VIFs by acquiring multiple Hosted Connections. The AWS Direct Connect Partner provisions the Hosted Connection and sends you an invite, which you must accept (with a click) in order to proceed.

Hosted Virtual Interfaces are also set up via AWS Direct Connect Partners. A Hosted Virtual Interface has access to all of the available capacity on the network link between the AWS Direct Connect Partner and an AWS Direct Connect location. The network link between the AWS Direct Connect Partner and the AWS Direct Connect location is shared by multiple customers and could possibly be oversubscribed. Due to the possibility of oversubscription in the Hosted Virtual Interface model, we no longer allow new AWS Direct Connect Partner service integrations using this model and recommend that customers with workloads sensitive to network congestion use Dedicated or Hosted Connections.

Higher Capacity Hosted Connections
Today we are announcing Hosted Connections with 1, 2, 5, or 10 Gbps of capacity. These capacities will be available through a select set of AWS Direct Connect Partners who have been specifically approved by AWS. We are also working with AWS Direct Connect Partners to implement additional monitoring of the network link between the AWS Direct Connect Partners and AWS.

Most AWS Direct Connect Partners support adding or removing Hosted Connections on demand. Suppose that you archive a massive amount of data to Amazon Glacier at the end of every quarter, and that you already have a pair of resilient 10 Gbps circuits from your AWS Direct Connect Partner for use by other parts of your business. You then create a pair of resilient 1, 2, 5 or 10 Gbps Hosted Connections at the end of the quarter, upload your data to Glacier, and then delete the Hosted Connections.

You pay AWS for the port-hour charges while the Hosted Connections are in place, along with any associated data transfer charges (see the Direct Connect Pricing page for more info). Check with your AWS Direct Connect Partner for the charges associated with their services. You get a cost-effective, elastic way to move data to the cloud while creating Hosted Connections only when needed.

Available Now
The new higher capacity Hosted Connections are available through select AWS Direct Connect Partners after they are approved by AWS.

Jeff;

PS – As part of this launch, we are reducing the prices for the existing 200, 300, 400, and 500 Mbps Hosted Connection capacities by 33.3%, effective March 1, 2019.

 

Now Available: Recording of Chinese Malicious Cyber Activity Briefing

This post was originally published on this site

Original release date: March 19, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) has posted the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity. This webinar provides background and mitigation techniques on Chinese malicious cyber activity targeting managed service providers (MSPs).   

CISA encourages MSPs and their customers to view the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity and to review the page on Chinese Malicious Cyber Activity for more information.


This product is provided subject to this Notification and this Privacy & Use policy.

Special Webcast: The State of Automation/Integration Practice: Part 1 of the SANS Automation and Integration Survey – March 19, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Barbara Filkins, Matt Bromiley, Dan Cole, Stan Engelbrecht and Darren Thomas

Enterprises are striving to keep up with the current threat landscape, while continuing to rely on manual processesand struggling with a continual lack of resources, skills and budgets. Security and risk management leaders must consider what security automation and integration can do to improve the efficiency, quality and efficacy of security operations.

This first installment of a two-part webcast will begin that discussion and outline what survey respondents have defined as the current state of their efforts at security automation, integration and workflow orchestration. Attendees will hear survey results on such issues as:

  • The number of processes that are truly being automated
  • The level of automation being implemented
  • Problems in automated environments today
  • What challenges implementers face

The second webcast, held on Thursday, March 21, at 1 PM Eastern, builds on these results to look at what comes next for automation support. Click here to register for that webcast.

Be among the first to receive the associated whitepaper written by SANS Analyst Program Research Director Barbara Filkins, with advice from SANS Analyst and Incident Response Expert Matt Bromiley.

Serial port locked after Win10 Pro VM/Service restart

This post was originally published on this site

ESXi 6.7 on HP ProLiant DL380 G9 and Win10 Pro VM.

 

Physical serial port assigned to VM and works fine under control of a service. It is assigned to device /dev/char/serial/uart0.

Runs for days without a glitch.

 

If I restart the VM or the service to update a piece of code or a configuration, the serial port is not available anymore, no matter how many times I do resets.

 

To recover, I need to:

– inhibit the serial port in the VM’s Device Manager

– restart the service

– activate the serial port in the VM’s Device Manager

– restart the service again.

– then it works … until I need to restart the service another time …

 

Anyone has an idea what the cause may be … and, most importantly, what’s the solution?

 

Thanks

Analyst Webcast: Securing Your Endpoints with Carbon Black: A SANS Review of the CB Predictive Security Cloud Platform – March 18, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Dave Shackleford and Tristan Morris

Given the ever-changing threat landscape, endpoint security remains a top security priority for most organizations. The CB Predictive Security Cloud (PSC) focuses on securing endpoints by using a single lightweight agent that provides security professionals with actionable insights about cyberattacks.

Join SANS Analyst Dave Shackleford as he shares his review of PSC. Attendees at this webcast will learn how the PSC:

  • Can be used across the organization, by security analysts, incident responders, SOC analysts, and desktop admins
  • Uses behavioral analytics and big data in the cloud to prevent emerging threats
  • Helps with vulnerability assessment and compliance reporting
  • Assists in threat hunting and incident response

Register for this webcast to be among the first to receive the associated whitepaper written by SANS Analyst and cloud security course author Dave Shackleford.

New Zealand-Related Scams and Malware Campaigns

This post was originally published on this site

Original release date: March 15, 2019

In the wake of the recent New Zealand mosque shooting, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to the event.

To avoid becoming a victim of malicious activity, users and administrators should consider taking the following preventive measures:


This product is provided subject to this Notification and this Privacy & Use policy.

Analyst Webcast: How to Automate Compliance and Risk Management for Cloud Workloads – March 15, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Matt Bromiley and David Aiken

Many enterprises continue to balance the benefits of cloud services with the critical requirements of compliance, while also managing risk. In this airing of a webcast hosted by AWS with SANS on February 28, 2019, experts will explain and define various levels of compliance and outline how risk and compliance work together. We also will look at existing gaps in implementation.

The session then will turn to how to automate compliance and risk management, including with cloud security controls. What is the provider’s role and what is the cloud user’s role? Why do you need risk management, and how do you use vulnerability monitoring? SANS instructor and analyst Matt Bromiley along with AWS expert David Aiken will describe how today’s enterprises often do not realize they have native and third-party cloud services at their disposal that can give them the visibility they need to effectively deploy compliance and risk management controls.

Attendees will learn:

  • When and how to implement compliance and risk management
  • Effective strategies for compliance and risk management deployment
  • Tips for what NOT to do when implementing cloud services with compliance and risk considerations

Register now for this webcast and be among the first to receive the associated whitepaper by Matt Bromiley.

Intel Releases Security Advisories on Multiple Products

This post was originally published on this site

Original release date: March 15, 2019

Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Intel Product Security Center Advisories page, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.


This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Updates for Workstation and Horizon

This post was originally published on this site

Original release date: March 15, 2019

VMware has released security updates to address vulnerabilities affecting Workstation 14 and 15, and Horizon 6 and 7. An attacker could exploit some of these vulnerabilities to take control of an affected system.  

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0002 and VMSA-2019-0003 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Special Webcast: USBs Behaving Badly – How to Control USB Usage in Operational Networks – March 14, 2019 10:30am US/Eastern

This post was originally published on this site

Speakers: Sam Wilson and Matt Wiseman

Industrial operators have traditionally faced a difficult choice shut down use of convenient portable media like USB storage devices, or open up their network to security threats. In this Webinar, learn how companies in the Oil & Gas, Pulp & Paper, and other process industries are tightly controlling and monitoring USBs to ensure plant operations are both safe and productive. The latest behavioral USB attacks will be explained, as well as recent research revealing that nearly half (44%) of industrial sites surveyed detected and blocked at least one malicious or suspicious USB file. Walk away with scalable and efficient USB security best practices that meet industry cybersecurity standards, reduce your portable media risks, and keep your plant compliant.