The term ‘Proxy’ is a contraction that comes from the middle English word
procuracy, a legal term meaning to act on behalf of another. You may have
heard of a proxy vote. Where you submit your choice and someone else votes
the ballot on your behalf.
In networking and web traffic, a proxy is a device or server that acts on
behalf of other devices. It sits between two entities and performs a service.
Proxies are hardware or software solutions that sit between the client and
the server and does something to requests and sometimes responses.
The first kind of proxy we’ll discuss is a half proxy. With a Half-Proxy, a
client will connect to the proxy and the proxy will establish the session
with the servers. The proxy will then respond back to the client with the
information. After that initial connection is set up, the rest of the traffic
with go right through the proxy... (more)
The origins of SAP GRC software goes back decades, but adoption has been
slow. But with the rigor of modern compliance regimes like SOX, coupled with
the sheer volume and complexity of online transactions, there's been an
accelerating movement away from document-centric review processes to
automation. There are a variety of SAP process control and access control
solutions that can monitor transactions, alert on potential SOD conflicts,
and facilitate remediation.
Companies implementing GRC software stick segregation of duties in IT for
IT handles the Basis administration, which implements the security model They
understand security concepts like the principle of least privilege Often,
they're the only ones who can make heads or tails of the SAP GRC software
But in reality, sticking segregation of duties in IT is asking for trouble.
Why Keep... (more)
The mad dash to connect virtually every noun to the internet or the Internet
of Things is creating a massive M2M network for all the devices, systems,
sensors and actuators to connect & communicate on the Internet.
With that, they need a communications protocol to understand each other. One
of those is Message Queue Telemetry Transport (MQTT). MQTT is a “subscribe
and publish” messaging protocol designed for lightweight machine-to-machine
(or IoT) communications.
In this episode of Lightboard Lessons, I light up how MQTT works.
IoT Ready Infrastructure IoT Effect on Applications IoT Influence on Society
What are These "Things? The Intruders of Things
Internet of @ThingsExpo, taking place June 6-8, 2017 at Javits Center, New
York City, is co-located with 20th International @CloudExpo and will feature
technical sessions from a rock star conference facult... (more)
The time of year when crystal balls get a viewing and many pundits put out
their annual predictions for the coming year. Rather than thinking up my own,
I figured I’d regurgitate what many others are expecting to happen.
8 Predictions About How the Security Industry Will Fare in 2017 – An eWeek
slideshow looking at areas like IoT, ransomware, automated attacks and the
security skills shortage in the industry. Chris Preimesberger (@editingwhiz),
who does a monthly #eweekchat on twitter, covers many of the worries facing
10 IoT Predictions for 2017 – IoT was my number 1 in The Top 10, Top 10
Predictions for 2016 and no doubt, IoT will continue to cause havoc. People
focus so much on the ‘things’ themselves rather than the risk of an
internet connection. This list discusses how IoT will grow up in 2017, how
having a service component will be key, the com... (more)
What is VDI?
Imagine not having to carry around a laptop or be sitting in a cubicle to
access your work desktop applications. Virtual desktop infrastructure (VDI)
is appealing to many different constituencies because it combines the
benefits of anywhere access with desktop support improvements.
Employees typically use a wide range of mobile devices from laptops to
tablets and from desktops to smartphones are being used. The diversity of
these mobile devices and the sheer number of them in the workplace can
overwhelm IT and strain your resources.
Desktop Virtualization centralizes sets of desktops, usually in a data center
or cloud environment, and then provide access to your employees whether they
are in the office, at home or mobile. VDI deployments virtualize user
desktops by delivering them to distinctive endpoint devices over the network
from a central locatio... (more)
We Can Work IT Out: The In-House IT and MSP Dynamic
In-house IT professionals and managed service providers (MSPs) have had an
interesting relationship over the course of IT history. Yes, they are vastly
different, but if we drew a Venn diagram of IT and the MSP, the intersection
of the two is worth exploring, particularly regarding how IT professionals
can best manage their MSPs and work harmoniously to advance the common goal
of IT performance.
For IT professionals, the very utterance of the acronym "MSP" may conjure
feelings of skepticism and fearing the reaper, which doesn't need to be the
case. MSPs don't always equal outsourcing IT in its entirety. Let's explore
common scenarios where in-house IT professionals and MSPs work together,
because in these cases, in-house IT professionals need to understand how to
get the most out of these relationships and up-level... (more)
SYS-CON Events announced today that Technologic Systems Inc., an embedded
systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will
take place on June 6-8, 2017, at the Javits Center in New York City, NY.
Technologic Systems is an embedded systems company with headquarters in
Fountain Hills, Arizona. They have been in business for 32 years, helping
more than 8,000 OEM customers and building over a hundred COTS products that
have never been discontinued. Technologic Systems' product base consists of a
wide variety of off-the-shelf PC/104 single board computers,
computer-on-modules, touch panel computers, peripherals and industrial
controllers. They also offer custom configurations and design services.
Technologic Systems specializes in the ARM and X86 architectures, FPGA
IP-core design, and open-source software support based on Linux, Android, and ... (more)
Jinshu Peethambaran is a security architect currently working with Admiral
Insurance. He started his career 9 years ago, managing network security
operations and started working on F5 products about 5 years ago.
He is also a 2017 DevCentral MVP and DevCentral’s Featured Member for
March! DevCentral got a chance to talk with Jinshu about his work, life and
his dream of being 100 million miles in space.
DevCentral: Hi Jinshu, thanks for you time. You’ve been a very active
contributor to the DevCentral community. What keeps you involved?
Jinshu: DevCentral has helped me greatly over the years as I’ve worked with
F5 products, so I feel like it’s worth spending some of my time both
reading posts and helping others in the community. Searching DevCentral, I
found another approaches to solving issues, helping me to solve challenges.
Just checking the most recent questions is... (more)
The Myth of 'Mission-Critical': Irrational Thinking in Modern IT Management
By Susan Cole
I was reading an article today that discusses managing “mission-critical”
applications. I really dislike that term. It’s trite, it’s dated – even
nonsensical. It suggests that applications fall into two groups –
mission-critical, and…optional? marginal? unnecessary? one step away from
being voted off the island?
Here’s the fallacy with that view – people that run IT organizations are
smart, and they invest in stuff that matters to the business. They don’t
run apps that don’t provide value because they excel at cost-efficiency. So
the notion that relatively few apps are actually worth managing is illogical.
Even email, the poster child for apps at the bottom of the food chain, is
essential to the operation of a 21st century organization – it’s how they
Which is ... (more)
Security Trends in 2016: Securing the Internet of Things
Whenever you connect anything to the internet, there is risk involved. Just
ask the millions of IoT zombies infected with Mirai. Sure, there have been
various stories over the years about hacking thermostats, refrigerators,
cameras, pacemakers, insulin pumps and other medical devices along with cars,
homes and hotel rooms…but Mirai took it to a new level.
And it’s not the only IoT botnet out there nor are these nasty botnets
going away anytime soon. There’s a gold mine of unprotected devices out
there waiting to either have their/your info stolen or be used to flood
another website with traffic.
This is bound to compound in the years to come.
A recent Ponemon Institute report noted that an incredible 80% of IoT
applications are not tested for vulnerabilities. Let’s try that again –
only 20% of the IoT appl... (more)
The entire intent of load balancing is to create a system that virtualizes
the “service” from the physical servers that actually run that service. A
more basic definition is to balance the load across a bunch of physical
servers and make those servers look like one great big server to the outside
world. There are many reasons to do this, but the primary drivers can be
summarized as “scalability,” “high availability,” and
Scalability is the capability of dynamically, or easily, adapting to
increased load without impacting existing performance. Service virtualization
presented an interesting opportunity for scalability; if the service, or the
point of user contact, was separated from the actual servers, scaling of the
application would simply mean adding more servers or cloud resources which
would not be visible to the end user.
High Availability ... (more)