Fortinet and Palo Alto Networks have been doing this for years. Both can also decrypt SSL in real time (one better than they other, but who is counting right?)
So this is a bit of a silly post. Looks like marketing to me.
It makes more sense in networking gear at first. If people could rewrite their packet forwarding engine or create something like DPDK or SRIOV for this chip. They could drop the mic. RISC usually kicks the shit out of x86 for packet forwarding.
So you think our future CXX types couldn't have used some basics in ITIL when they are younger? Certainly would have served some of them better than a logic class.
Next Gen Firewalls typically have three interesting features that changes this game. The first is Single-Sign-On tech that allows the ntwkr to use User ID (either on Active Directory, LDAP, or pulling it off 802.1x\RADIUS, or SYSLOG). That gives them an extra special group that they can then give extra perms to or bypass capabilities (maybe even with a coaching TOS screenie). There are lawyers, executives, and HRIS people that may need bypass to do investigations for the company or maybe the company just wants to treat people like adults, but in the case there is a HR issue or violation they need the logging. The second and third are the ability to hand application controls, URL Filtering, and GEO-IP reputation in the same security policy as the user Identity. This single-policy execution makes these firewalls a no-brainer to push whatever policies you need.
Now, I am of a mindset that technology should fix business problems and content filtering is a business problem. Depending on the business you are in and job description, the responsibilities change. I think the discussion is fairly moot due to lack of information on industry.
My opinions:
In the tech world leave it open but log everything
In the financial industry, GEO-IP, In-line antivirus, and application control (with SSL inspection) are key, but you have to be fairly open with the content filter (coaching pages).
In education, block everything (I keed, but not really)
etc etc etc
Centrify, Ping Identity, Bit Glass and others can provide SSO capabilities between your core infrastructure (AD) and the cloud. Some include sync tools and other provide nearly full ADFS implementations. They can also provide 2FA and other authentication mechanisms. Centrify can even give you MDM (Mobile Device Management) for 802.1x like functionality. Bit Glass can do some very cool proxying that gives you DLP style water marking of stored files on the cloud. Etc etc etc.
It isn't that TCP/IP won't scale to this but it is extremely tough to make it translate TCP/IP to consumers. A translation protocol is pretty necessary. This can be done with SDN or a made-up protocol. This still sounds like a way that Cisco wants to make itself relevant again. However, I don't see the need to bake in session with layer 3 which is seems like they are doing. It would be better to leave the OSI model as is and create something like a IP-NG implementation that would define application and device fields into the protocol (right now we only have UIDs like MAC).
I work for a hardware vendor (Fortinet) and we are currently selling our AP infrastructure like hotcakes when we partner with companies like Kiana. Imagine a WiFi sensor network that works like the ad sensors in Minority Report. So when you walk by a retailer using the free wifi and browsing we can inject an ad for a free smoothy or a discount beer (that is the evil side). The good side is that when you enter the airport we have you stored in the MAC database and we can see when you are checking in an in teh security line so if you are late for your flight they can have TSA hurry you along to get on your flight on time.
And run with it. I currently would look into Cloud control decks like OpenStack or Azure Cloud Infrastructure Standup or even some sort of CloudERP programming like Salesforce.
Any competence at all in these will easily land you a job quickly.
To expound on this idea, the best thing to do is create an org chart that you can fill in of there are consultant brought in. Classically, you will wan to pull together these disjointed sites with a single LDAP directory (eventually if not now maybe later). These directories should mimic your org chart and locations to some logical degree. Your directory structure should mimic this LDAP dir as well. This can help you create role based security, deploy/manage applications, and organize security accordingly.
Failing something sophisticated like that, rely on the OSI model - physical, datalink, network, etc.
the apprentice.
The problem here is that the children have it right. The best way to learn through electronic means is to 'gamify' it. You can build your class to be very much like an IT project. This means you can give a clear objective but allow them many ways to the end point, but ultimately, through a points/milestones/leveling system, you can have them accomplish a task.
The other thing the kids (and IT people know) is that you must allow some. cyber-loafing for some creative and personal exploration. If you want this to be useful, the teacher must make it a way for the kids to have fun and stay within the bounds of the classroom.
I say this be because my sister-in-law in Katy Texas is already doing this in her classroom with a positive feedback loop in progress.
Digital distribution is easy. The biggest problem I have seen is the artists' inability to treat it like a business venture. Therein lies the real problem.
Isn't that what it is all about? Trying to find a community that is dedicated to open source projects and finding out about the projects they are working on? Make it easy to get on their CSV and contribute.
If you don't know the actual name of the product you are actually not the one getting an of the work done. Maybe you are simply tracking hours and resources, and have an over blown sense of importance about the work you are doing. When I started in this field we had to at least be able to spell the products we were working with.
Sorry to flame bait, but I have 'worked for' and with many people like yourself that we have simply put up wIth because management knows that technical resources that can actually move the football forward don't need to waste their time with (especially if the company is resource constrained) tracking fields on a Gantt chart.
"a lobbyist close to Genentech said: 'This happens all the time. There was nothing nefarious about it.'"" | GoogleTranslator.bin -v KevinBacon > stdout
"Nothing to see here, keep moving along people, nothing to see here..."
Slashdot Mirror
Trolling
Fortinet and Palo Alto Networks have been doing this for years. Both can also decrypt SSL in real time (one better than they other, but who is counting right?) So this is a bit of a silly post. Looks like marketing to me.
It makes more sense in networking gear at first. If people could rewrite their packet forwarding engine or create something like DPDK or SRIOV for this chip. They could drop the mic. RISC usually kicks the shit out of x86 for packet forwarding.
So you think our future CXX types couldn't have used some basics in ITIL when they are younger? Certainly would have served some of them better than a logic class.
Next Gen Firewalls typically have three interesting features that changes this game. The first is Single-Sign-On tech that allows the ntwkr to use User ID (either on Active Directory, LDAP, or pulling it off 802.1x\RADIUS, or SYSLOG). That gives them an extra special group that they can then give extra perms to or bypass capabilities (maybe even with a coaching TOS screenie). There are lawyers, executives, and HRIS people that may need bypass to do investigations for the company or maybe the company just wants to treat people like adults, but in the case there is a HR issue or violation they need the logging. The second and third are the ability to hand application controls, URL Filtering, and GEO-IP reputation in the same security policy as the user Identity. This single-policy execution makes these firewalls a no-brainer to push whatever policies you need.
Now, I am of a mindset that technology should fix business problems and content filtering is a business problem. Depending on the business you are in and job description, the responsibilities change. I think the discussion is fairly moot due to lack of information on industry.
My opinions:
In the tech world leave it open but log everything
In the financial industry, GEO-IP, In-line antivirus, and application control (with SSL inspection) are key, but you have to be fairly open with the content filter (coaching pages).
In education, block everything (I keed, but not really)
etc etc etc
When I read Cameron's bluster? http://img2.wikia.nocookie.net...
Centrify, Ping Identity, Bit Glass and others can provide SSO capabilities between your core infrastructure (AD) and the cloud. Some include sync tools and other provide nearly full ADFS implementations. They can also provide 2FA and other authentication mechanisms. Centrify can even give you MDM (Mobile Device Management) for 802.1x like functionality. Bit Glass can do some very cool proxying that gives you DLP style water marking of stored files on the cloud. Etc etc etc.
It isn't that TCP/IP won't scale to this but it is extremely tough to make it translate TCP/IP to consumers. A translation protocol is pretty necessary. This can be done with SDN or a made-up protocol. This still sounds like a way that Cisco wants to make itself relevant again. However, I don't see the need to bake in session with layer 3 which is seems like they are doing. It would be better to leave the OSI model as is and create something like a IP-NG implementation that would define application and device fields into the protocol (right now we only have UIDs like MAC).
I work for a hardware vendor (Fortinet) and we are currently selling our AP infrastructure like hotcakes when we partner with companies like Kiana. Imagine a WiFi sensor network that works like the ad sensors in Minority Report. So when you walk by a retailer using the free wifi and browsing we can inject an ad for a free smoothy or a discount beer (that is the evil side). The good side is that when you enter the airport we have you stored in the MAC database and we can see when you are checking in an in teh security line so if you are late for your flight they can have TSA hurry you along to get on your flight on time.
It has already happened.
And run with it. I currently would look into Cloud control decks like OpenStack or Azure Cloud Infrastructure Standup or even some sort of CloudERP programming like Salesforce. Any competence at all in these will easily land you a job quickly.
It was called Greenborder and it was in the early 2ks: http://googlesystem.blogspot.c...
Getting @#@! done requires dreamers and do(ers), and even the critics.
Should some form of internet access (besides public terminals) be available to all? How would you fund it?
To expound on this idea, the best thing to do is create an org chart that you can fill in of there are consultant brought in. Classically, you will wan to pull together these disjointed sites with a single LDAP directory (eventually if not now maybe later). These directories should mimic your org chart and locations to some logical degree. Your directory structure should mimic this LDAP dir as well. This can help you create role based security, deploy/manage applications, and organize security accordingly. Failing something sophisticated like that, rely on the OSI model - physical, datalink, network, etc.
the apprentice. The problem here is that the children have it right. The best way to learn through electronic means is to 'gamify' it. You can build your class to be very much like an IT project. This means you can give a clear objective but allow them many ways to the end point, but ultimately, through a points/milestones/leveling system, you can have them accomplish a task. The other thing the kids (and IT people know) is that you must allow some. cyber-loafing for some creative and personal exploration. If you want this to be useful, the teacher must make it a way for the kids to have fun and stay within the bounds of the classroom. I say this be because my sister-in-law in Katy Texas is already doing this in her classroom with a positive feedback loop in progress.
Basic methodology of running a governmental entity or monopoly, keep information away from the riff raff.
Digital distribution is easy. The biggest problem I have seen is the artists' inability to treat it like a business venture. Therein lies the real problem.
Isn't that what it is all about? Trying to find a community that is dedicated to open source projects and finding out about the projects they are working on? Make it easy to get on their CSV and contribute.
Wall Street Journal obviously has no dog in that hunt...
If you don't know the actual name of the product you are actually not the one getting an of the work done. Maybe you are simply tracking hours and resources, and have an over blown sense of importance about the work you are doing. When I started in this field we had to at least be able to spell the products we were working with. Sorry to flame bait, but I have 'worked for' and with many people like yourself that we have simply put up wIth because management knows that technical resources that can actually move the football forward don't need to waste their time with (especially if the company is resource constrained) tracking fields on a Gantt chart.
"a lobbyist close to Genentech said: 'This happens all the time. There was nothing nefarious about it.'"" | GoogleTranslator.bin -v KevinBacon > stdout "Nothing to see here, keep moving along people, nothing to see here..."
I love Jiffy Pop!
out out damn spot?
Maybe they are already finished with those aircraft carriers I saw being built in Dalian last year.