As more organizations use APIs in their systems, they’ve become targets for
the not-so-good-doers so API Security is something you need to take
seriously. Most APIs today use the HTTP protocol so organizations should
protect them as they would ordinary web properties.
Starting in v13, BIG-IP APM is able to act as an OAuth Client, OAuth Resource
Server and OAuth Authorization Server. In this example, we will show how to
use BIG-IP APM to act as an OAuth Resource Server protecting the API.
In our environment, we’ve published an API (api.f5se.com) and we’re
trying to get a list of departments in the HR database. The API is not
natively protected and we want APM to enable OAuth protection to this API.
First, let’s try an unauthenticated request.
You can see we get the 401 Unauthorized response which is coming from the
BIG-IP. In this instance we’re only sending 3 header... (more)
The mad dash to connect virtually every noun to the internet or the Internet
of Things is creating a massive M2M network for all the devices, systems,
sensors and actuators to connect & communicate on the Internet.
With that, they need a communications protocol to understand each other. One
of those is Message Queue Telemetry Transport (MQTT). MQTT is a “subscribe
and publish” messaging protocol designed for lightweight machine-to-machine
(or IoT) communications.
In this episode of Lightboard Lessons, I light up how MQTT works.
IoT Ready Infrastructure IoT Effect on Applications IoT Influence on Society
What are These "Things? The Intruders of Things
Internet [email protected], taking place June 6-8, 2017 at Javits Center, New
York City, is co-located with 20th [email protected] and will feature
technical sessions from a rock star conference facult... (more)
Security Trends in 2016: Securing the Internet of Things
Whenever you connect anything to the internet, there is risk involved. Just
ask the millions of IoT zombies infected with Mirai. Sure, there have been
various stories over the years about hacking thermostats, refrigerators,
cameras, pacemakers, insulin pumps and other medical devices along with cars,
homes and hotel rooms…but Mirai took it to a new level.
And it’s not the only IoT botnet out there nor are these nasty botnets
going away anytime soon. There’s a gold mine of unprotected devices out
there waiting to either have their/your info stolen or be used to flood
another website with traffic.
This is bound to compound in the years to come.
A recent Ponemon Institute report noted that an incredible 80% of IoT
applications are not tested for vulnerabilities. Let’s try that again –
only 20% of the IoT appl... (more)
A Little History
Application Delivery got its start in the form of network-based load
balancing hardware. It is the essential foundation on which Application
Delivery Controllers (ADCs) operate. The second iteration of purpose-built
load balancing (following application-based proprietary systems) materialized
in the form of network-based appliances. These are the true founding fathers
of today’s ADCs. Because these devices were application-neutral and resided
outside of the application servers themselves, they could load balance using
straightforward network techniques. In essence, these devices would present a
“virtual server” address to the outside world, and when users attempted
to connect, they would forward the connection to the most appropriate real
server doing bi-directional network address translation (NAT).
Figure 1: Network-based load balancing appliance... (more)
The Year of the (Fire) Rooster will soon be upon us and the talkative,
outspoken, frank, open, honest, and loyal Rooster could influence events in
2017. Whether you were born under the symbol or not, Roosters strive on trust
and responsibility, essential for any organization especially in these times.
2016 (Year of the Monkey) brought us a crazy year of high profile breaches, a
500% increase in ransomware, a 0-day per day and slick malware each looking
to cause havoc on all parts of society including your mobile device. The
monkey’s shenanigans exhausted many of us in 2016 and 2017 will require
some quick thinking and practical solutions to battle the ongoing,
A year ago I noted, Mobility, both the state of being and the devices we use,
will continue to grow and be an immense enabler and/or inhibitor for
organizations. Today, we are the devices... (more)
SYS-CON Events announced today that CalSoft Inc will exhibit at the 19th
International Cloud Expo, which will take place on November 1-3, 2016, at
the Santa Clara Convention Center in Santa Clara, CA.
Established in 1998, Calsoft is a leading software product engineering
Services Company specializing in Storage, Networking, Virtualization
and Cloud business verticals. Calsoft provides End-to-End Product
Development, Quality Assurance Sustenance, Solution Engineering and
Professional Services expertise to assist customers in achieving their
product development and business goals. The company's deep domain knowledge
of Storage, Virtualization, Networking and Cloud verticals helps in
delivering high quality products and services at the right time and cost. Our
customer focused engagement models and innovative Accelerator IPs speed up
time-to-market and accelerate reve... (more)
The entire intent of load balancing is to create a system that virtualizes
the “service” from the physical servers that actually run that service. A
more basic definition is to balance the load across a bunch of physical
servers and make those servers look like one great big server to the outside
world. There are many reasons to do this, but the primary drivers can be
summarized as “scalability,” “high availability,” and
Scalability is the capability of dynamically, or easily, adapting to
increased load without impacting existing performance. Service virtualization
presented an interesting opportunity for scalability; if the service, or the
point of user contact, was separated from the actual servers, scaling of the
application would simply mean adding more servers or cloud resources which
would not be visible to the end user.
High Availability ... (more)
SYS-CON Events announced today that the 8th International Cloud Expo will
take place June 6-9, 2011, in New York City.
The International Cloud Computing Conference & Expo series is the world's
leading Cloud-focused event and is held three times a year, in New York,
Silicon Valley and in Europe. Over 600 corporate sponsors and 10,000 industry
professionals have participated in Cloud Computing Expo since its inception,
more than all other Cloud-related events put together.
Cloud Computing Expo 2011 East
Call for Papers Deadline November 30, 2010 - SUBMIT YOUR SPEAKING PROPOSAL
The four-day event will offer a rich array of sessions led by exceptional
speakers about the business and technical value of cloud computing with more
than 150 sponsors and exhibitors and over 5,000 estimated delegates from well
over 48 different countries.
Explore Cloud Expo Sponsorship &... (more)
The time of year when crystal balls get a viewing and many pundits put out
their annual predictions for the coming year. Rather than thinking up my own,
I figured I’d regurgitate what many others are expecting to happen.
8 Predictions About How the Security Industry Will Fare in 2017 – An eWeek
slideshow looking at areas like IoT, ransomware, automated attacks and the
security skills shortage in the industry. Chris Preimesberger (@editingwhiz),
who does a monthly #eweekchat on twitter, covers many of the worries facing
10 IoT Predictions for 2017 – IoT was my number 1 in The Top 10, Top 10
Predictions for 2016 and no doubt, IoT will continue to cause havoc. People
focus so much on the ‘things’ themselves rather than the risk of an
internet connection. This list discusses how IoT will grow up in 2017, how
having a service component will be key, the com... (more)
In the run-up to the next Cloud Expo, 7th Cloud Expo (November 1–4, 2010)
being held at the Santa Clara Convention Center in Silicon Valley, it's time
to give my earlier list a complete overhaul.
Here, accordingly, is an expanded list of the most active players in the
I have increased it from the 'mere' 150 I identified back in January of this
year, to 250, testimony – as if any were needed! – to the fierce and
continuing growth of the "Elastic IT" paradigm throughout the world of
Editorial note: The words in quotation marks used to describe the various
services and solutions in this round-up are in every case taken from the Web
sites of the companies themselves. Omissions to this Top 250 list should be
sent to me via Twitter (twitter.com/jg21) and I will endeavor to include them
in any future revision of this newly expanded rou... (more)
Cloud Expo® New York Early Bird Savings here!
Identities are everywhere today. Much more than just providing access and
auditing for on-premises applications and corporate desktops, organizations
are now tasked with provisioning, managing and securing identities for
applications running on-premises, in the cloud and on mobile devices. This
can be challenging - seemingly forcing many organizations down the path of
managing identities individually on an app-by-app basis or implementing
complex federated security scenarios that are difficult to maintain.
In his session at 14th Cloud Expo, Keith Mayer, Senior Technical Evangelist
at Microsoft, will discuss the streamlined identity strategies that
organizations can implement today to simplify provisioning, unify management
and increase security for applications in the Cloud era.
Explore Cloud Expo® Sponsorship & Exhibit O... (more)