OVHcloud unveils new dedicated high-grade Bare Metal Servers with Intel Xeon Gold Processors for the most intensive workloads

Posted in Commentary with tags on May 15, 2024 by itnerd

 OVHcloud, the European Cloud leader, today announces new dedicated High Grade Bare Metal servers featuring top-of-the-line Intel Xeon Gold 5th Generation processors. Further democratizing innovation, new Bare Metal servers are aimed at demanding, mission critical and sensitive workloads, such as confidential computing, HPC and virtualization. The new OVHcloud High Grade Bare Metal line benefits from Intel TDX technology as well as new built-in accelerators for added performance, all the while answering the many challenges of hyperconverged and storage infrastructures.

At the heart of the new OVHcloud HCI, SDS and STOR lines lies Intel Emerald Rapids microarchitecture. It provides more compute and faster memory while improving security. Technologies like Intel TDX stand for strengthened VM isolation offering the most straightforward path to a greater security, compliance and control for legacy apps.

New Intel Xeon Gold 5th Generation powered HGR-HCI and HGR-SDS lineup

The HGR-HCI lineup is aimed at hyperconverged infrastructures. It features Intel’s fifth generation of Xeon Gold processors in a dual-processor configuration. Starting with Intel Xeon Gold 5515+ in a 2×8 cores (2×16 threads) configuration (HGR-HCI-i1) it goes up to Intel Xeon Gold 6554S in 2×36 cores (2×72 threads) configurations (HGR-HCI-i4). Equipped with 256 GB of base DDR5 memory, all HGR-HCI-i flavors come with 2×960 GB SSD storage option that can be further customized when ordering with additional SSD capacity up to 3.84 TB.

The HGR-SDS lineup targets software defined storage infrastructures for use cases such as Database, Platform Object Storage and Big Data. The range is now equipped with Intel Xeon Gold Fifth Generation chips in a dual-processor configuration. HGR-SDS-1 Bare Metal server is powered by an Intel Xeon Gold 5515+ CPU in a 2×8 cores (2×16 threads) configuration and HGR-SDS-2 features Intel Xeon Gold 6542Y in 2×24 cores (2×48 threads) configuration. Both HGR-SDS-1 and HGR-SDS-2 are loaded with 256 GB of DDR5 memory (can be configured to up to 1.5 TB) and feature a 2x960GB based system SSD with options for SSD based storage at 3.84 TB, 7.68 TB or 15.36 TB.

The heavy storage variant of Bare Metal servers, HGR-STOR, designed for use cases such as archiving, disaster recovery and databases has also been updated. OVHcloud HGR-STOR-1 is now powered by the Intel Xeon Gold 6554S in a single processor configuration. With 36 cores and 72 threads, it comes 128 GB of DDR5 (up to 768 GB). The HGR-STOR-1 is equipped with a 2x 960 GB SSD-based storage and boasts additional storage of up to 36×22 TB SAS HDD for a whopping 792 TB in total. Customers can opt for a cache option with capacity up to 2x 15 TB to further optimize their storage performance.

Unmetered Guaranteed Bandwidth with up to 25 Gbps Private Network

OVHcloud’s new HGR-HCI-i, HGR-SDS and HGR-STOR-1 benefit from all the advantages of dedicated servers when it comes to flexibility, control, performance, and availability as well as 1 Gbps to 10 Gbps guaranteed and unmetered public bandwidth and up to 25 Gbps of unmetered private bandwidth. Through this offering, OVHcloud also provides companies with the best possible support for their workloads, environments, and ad-hoc technologies, while guaranteeing predictable pricing.

To further streamline resiliency, OVHcloud’s new HGR-HCI-i, HGR-SDS and HGR-STOR-1 servers benefit from a private network built from the ground up for redundancy. With two 25 Gbps links, the private network of those servers ensures critical applications and their data remain accessible so business operations continue uninterrupted.

Data Protection and Sustainability

The new OVHcloud HGR-HCI-i, HGR-SDS and HGR-STOR-1 Bare Metal servers also benefit from OVHcloud’s well-known expertise in infrastructure, offering a trusted cloud in environmentally friendly data centers. With the highest security and data protection standards in the form of ISO 27001 certification and HDS, customers benefit from a trusted Cloud. OVHcloud data centers take advantage of the company’s unique industrial model with a water-cooling system that contributes in a sustainable cloud allowing to reach best-in-class PUE/WUE indexes (see more data here).

Availability

Bare Metal HGR-HCI-i1 (2x8c/16t), HGR-HCI-i2 (2x16c/32t), HGR-HCI-i3 (2x24c/48t), HGR-HCI-i4 (2x36c/72t) are available for order now. Bare Metal HGR-SDS-1 (2x8x/16t) and HGR-SDS-2 (2x24c/48t) are available now. Bare Metal HGR-STOR-1 is scheduled for availability later this month.

New HGR-HCI-I, HGR-SDS and HGR-STOR are available in our data centers located in Canada, France, Germany, Poland, UK, USA and APAC.

Leave a comment »

Open Systems Receives Industry Awards for SASE Experience Platform

Posted in Commentary with tags on May 15, 2024 by itnerd

Open Systems, the leading provider of native, managed SASE solutions with a superior user experience, today announced that Open Systems SASE Experience has been selected as a winner in the Secure Access Service Edge (SASE) category of the 2024 Cybersecurity Excellence Awards, and has been named Best Solution for Secure Access Service Edge (SASE) in Cyber Defense Magazine’s Global InfoSec Awards.

Open Systems recently received TMC’s Internet Telephony SD-WAN Product of the Year award and the Globee Business Awards’ Golden Globee Award for SASE. The honors closely follow Open Systems’ recent recognition as a Leader in The Forrester Wave™: Zero Trust Edge Service Providers, Q2 2024, based on an evaluation of nine vendors in the ZTE service providers market.

Open Systems’ industry-leading SASE Experience has received numerous honors and has emerged as the solution of choice for midmarket organizations seeking secure connectivity across cloud and hybrid environments and locations, delivered as a service. It combines SD-WAN, firewall, SWG, CASB, and ZTNA into a comprehensive framework, supported through its user-intuitive customer portal, and delivered as a 24×7 managed service with unmatched customer service.

Open Systems SASE Experience revolutionizes secure access by prioritizing user experience and simplifying complex SASE solutions. It alleviates the burdens faced by CIOs managing remote and hybrid workforces, cyber threats, and digital transformation initiatives. Unlike traditional SASE solutions, Open Systems integrates seamlessly across IT and OT cloud, on-premise, and hybrid environments, ensuring easy, consistent, scalable, resilient, and agile secure access to users, applications, and data.

Open Systems prioritizes customer satisfaction, assured connectivity, business agility, and reputation through its Service Experience Promise. This commitment is upheld by the Open Systems Mission Control Operations Center, which provides proactive and preemptive support to minimize disruptions and enhance operational performance, ensuring customers receive unparalleled service and expertise.

Open Systems is a leading provider of native, managed SASE solutions that enable organizations to simply connect and secure hybrid environments to meet their business goals. Backed by our Service Experience Promise, Open Systems’ SASE Experience helps reduce risk, improve efficiency, and accelerate innovation with a comprehensive, easy-to-implement and use combination of SD-WAN and Security Service Edge delivered as a service with a superior user experience. SASE Experience combines SD-WAN, firewall, SWG, CASB, and ZTNA into a framework that supports secure connectivity across cloud and hybrid environments and locations. It provides a comprehensive SASE solution through an easy-to-use customer portal, underpinned with a unified data platform to drive future innovation, all delivered as a 24×7 managed service. To learn more about Open Systems, visit www.open-systems.com.

Leave a comment »

MediaSmarts partners with TikTok to Champion Online Safety: Launching a Safety Guide for Families

Posted in Commentary with tags on May 15, 2024 by itnerd

Amidst ongoing efforts to champion online safety, today MediaSmarts, the Canadian charitable organization for digital media literacy, has announced the launch of its online safety resource for parents, guardians and caregivers to navigate online spaces for their teens.

The resource was specifically designed by MediaSmarts in collaboration with TikTok to provide insights and practical advice to help foster a secure and positive online environment for teens on the app.

The guide, titled, Talking TikTok: A Family Guide is available as of May 15, 2024 on the MediaSmarts website, highlighting TikTok’s safety and privacy guidelines and features, while showcasing MediaSmarts’s best practices for digital citizenship. It equips parents and users with essential tools to make informed decisions about content sharing and prioritize the well-being of youth on the platform.

The guide can be found here: https://mediasmarts.ca/talking-tiktok-family-guide

Leave a comment »

Helsinki’s Education Division Gets Pwned Via Unpatched Remote Access Server… #Fail

Posted in Commentary with tags on May 15, 2024 by itnerd

On Monday via a press conference the City of Helsinki authorities shared details of their investigation of a data breach in its education division, which it discovered in late April of this year that is impacting 80,000 of students, guardians, and personnel.

According to the new details, an unauthorized actor gained access to a network drive after exploiting a vulnerability in a remote access server, a vulnerability that a patch was available for at the time of the attack but had not been installed.

The accessed drive contained tens of millions of files, most devoid of personally identifiable information with an “opportunity for abuse of which is not considered to be significant,” but still included usernames, email addresses, personal IDs, and physical addresses.

More concerning is the exposed drive containing information from the Educational Division:  

   “[…] fees (and the grounds thereof) for customers of early childhood education and care, sensitive information about the status of children, such as information requests by student welfare or information about the need of special support and medical certificates regarding the suspension of studies for upper secondary students, as well as the sick leave records of Education Division personnel.  We cannot rule out the possibility of the perpetrator gaining access to data of persons under a non-disclosure restriction,” read the City of Helsinki online update.

Currently, no ransomware groups have assumed responsibility for the attack and the perpetrators remain unknown.

Emily Phelps, Director, Cyware had this comment:

   “Data breaches that impact the education sector reinforce the importance of a proactive security posture that goes beyond security hygiene and traditional controls. To effectively get ahead of attackers, comprehensive threat intelligence sharing and the operationalization of this intelligence is critical.

   “Incorporating real-time threat intelligence can help organizations anticipate potential threats and take preemptive actions. By fostering a collaborative environment where information on threats is actively shared among trusted partners, entities can enhance their defensive mechanisms against sophisticated attacks.”

Dave Ratner, CEO, HYAS follows with this:

   “While patching systems in a timely manner is clearly best practices for any organization that cares about security, the reality is that it’s next to impossible to ensure that each and every patch is applied before a bad actor can take advantage of the vulnerability.  This is just one of the reasons that governments around the world are recommending Protective DNS and cyber resiliency solutions as a way of ensuring that bad actors inside the environment are stopped and shut down before damage ensues.”

This is pretty bad as the threat actor appears to have walked in through a metaphorical unlocked door to pwn the City of Helsinki. Let this be an object lesson to all that you need to make sure that you don’t make it that easy for a threat actor to pwn you.

Leave a comment »

Token’s Next-Generation Smart Ring Wins Fast Company’s 2024 World Changing Ideas Award Honors by Stopping Ransomware

Posted in Commentary with tags on May 15, 2024 by itnerd

Token, a revolutionary provider of secure, wearable authentication, today announced that its innovative Token Ring with BioTouch Secure has been honored in the Science and Technology category of Fast Company‘s 2024 World Changing Ideas Awards. Selected from over 1,300 global entries across all categories, the Token Ring ushers in a new paradigm in multi-factor authentication (MFA) and stops the ransomware attacks that are devastating organizations around the globe.

Ransomware is every organization’s number one risk

Every day brings news of another major ransomware attack and the financial losses from a single attack can now exceed $1 billion. Protecting against ransomware attacks and data breaches has become the top priority of CISOs, CEOs, boards, regulators, and cyber risk insurance providers. Organizations have become easy targets for cybercriminals because most are using 20-year-old legacy MFA technology to stop cybercriminals who are using the power of generative AI and the most advanced attack methods. Next-generation MFA eliminates the risks of cybercriminals using stolen credentials, MFA prompt bombing, Sim Swapping, BYOD compromises, Adversary-in-the-Middle (AitM/MitM), and other common attack methods.

Token Ring Next-Generation MFA

Token Ring is a simple, fast, and user-friendly way to protect organizations against phishing and ransomware cyberattacks. BioTouch Secure integrates fingerprint biometrics, the most secure form of user authentication, into an attractive wearable device for the ultimate in user convenience and enterprise security. Token Ring features a capacitive fingerprint sensor for the highest level of biometric security, a large capacity secure element to safely store biometric information and user credentials, a capacitive-touch bezel for user friendly operation, and NFC and Bluetooth Low Energy communications for universal compatibility. Token Ring combines these capabilities into an appealing ring for convenience and to prevent the loss of authentication devices.

About The World Changing Ideas Awards

World Changing Ideas is one of Fast Company’s major annual awards programs and is focused on social good, seeking to elevate finished products and bold concepts that make the world better. Judges choose winners, finalists, and honorable mentions based on feasibility and the potential for impact. With the goals of awarding ingenuity and fostering innovation, Fast Company draws attention to ideas with great potential and helps them expand their reach to inspire more people to work on solving the problems that affect us all.

About Fast Company

Fast Company is the only media brand fully dedicated to the vital intersection of business, innovation, and design, engaging the most influential leaders, companies, and thinkers on the future of business. Headquartered in New York City, Fast Company is published by Mansueto Ventures LLC, along with our sister publication Inc., and can be found online at www.fastcompany.com.

Leave a comment »

CISA, FBI, DHS Release Guidance For Limited Resourced Civil Society Organizations

Posted in Commentary with tags , , on May 15, 2024 by itnerd

Yesterday in partnership with the DHS, the FBI and numerous international agencies, CISA released a joint guidance document to help civil society organizations and individuals reduce the risk of cyber intrusions and encourage software manufactures to actively commit to implementing Secure by Design practices to help protect vulnerable and high-risk communities.

   “Civil society, comprised of organizations and individuals such as– nonprofit, advocacy, cultural, faith-based, academic, think tanks, journalist, dissident, and diaspora organizations, communities involved in defending human rights and advancing democracy–are considered high-risk communities. Often these organizations and their employees are targeted by state-sponsored threat actors who seek to undermine democratic values and interests,” CISA’s release read.

Civil society organizations and individuals are encouraged to implement the following best practices as defined by CISA’s Cross-Sector Cybersecurity Performance Goals:

  • Keep software and applications updated on devices and IT infrastructure
  • Use multifactor authentications and use strong passwords
  • Audit accounts and disable unused and unnecessary accounts
  • Disable user accounts and access to organizational resources for departing staff
  • Apply the Principle of Least Privilege
  • Exercise due diligence when selecting vendors, such as cloud services and MSPs
  • Manage architecture risks
  • Implement basic cybersecurity training
  • Develop and exercise incident response and recovery plans
  • Use encryption measures to protect all communications

Software manufacturers are strongly encouraged to embrace Secure by Design principles and mitigations to improve the security posture for their customers include:

  • Vulnerability management. Working to eliminate entire classes of vulnerability in their products
  • Enabling MFA by default in all products
  • Provide logging at no additional charge and alert customers of suspicious or anomalous behavior
  • Implement alerts so customers are aware of unsafe configurations, suspicious behavior, and malware
  • Include details of a Secure by Design program in corporate financial reports.

Dave Ratner, CEO, HYAS had this to say:

   “Security by design is a good practice to implement and goes hand-in-hand with the equivalent for enterprise network design — designing for cyber resiliency.  Too often security is an after-thought; with both security by design for software engineering, and cyber resiliency design for networks and organizations, the overall design becomes foundationally secure, and that’s exactly what is needed going forward to combat the continued onslaught of new and innovative attacks and risks.

What I like about this initiative is that it is targeting a group of people who likely don’t spend a lot of time and effort to make sure that they are secure. Yet they are low hanging fruit for threat actors. Hopefully this generates results and civil society organizations and individuals are better protected as a result.

Leave a comment »

HP Teams Up With Google To Deliver The Next Generation of Communication Devices 

Posted in Commentary with tags , on May 14, 2024 by itnerd

HP has announced that they have a new partnership with Google. With more than half of meaning and intent communicated through body language versus words alone, an immersive collaboration experience plays an important role in creating authentic human connections in the evolving hybrid work framework, Project Starline is a breakthrough communications technology by Google leveraging AI, 3D imaging, and other technologies to offer a genuinely realistic meeting experience. HP’s expertise in computing, combined with investment in Poly audio and video technology, make it the right choice to deliver this new collaborative solution to the global market.

You can read all about this partnership here.

Leave a comment »

VMware Now Offering Workstation Pro And Fusion Pro For Free

Posted in Commentary with tags on May 14, 2024 by itnerd

A few days ago, I wrote about my use of virtual machines and I mentioned this:

Now, earlier on I did mention that I currently run two virtual machine software. That’s going to change as I am going to migrate to UTM for all my virtual machines. I’m doing that because since VMware has been acquired by Broadcom, their level of support has nosedived. You can take a scroll through the VMware Sub-Reddit to see the complaints about this acquisition that people have. And a lot of my clients are looking to move their enterprise level virtual machines off of the VMware platform for greener pastures like Microsoft Hyper-V, Nutanix or Citrix as a result of the chaos caused by the Broadcom acquisition. That lessens my need to run VMware’s software. Also UTM has much broader support for classic operating systems such as Windows XP and Windows 7. Which is something that VMware doesn’t offer. Thus it makes sense for me to transition to UTM. 

Well I may be rethinking this move because The Register is reporting that VMware or more accurately Broadcom who owns VMware now is going to offer Workstation Pro for PC and Fusion Pro for Mac are now going to be offered for free… For personal use. Now part of me thinks that this is a trap as this is an honour system. Meaning that if you’re some kid in their college dorm, Broadcom won’t care. But some company will likely play fast and loose with this and I can see Broadcom doing an audit and catching out a company on this front. I’m thinking this because the acquisition of VMware by Broadcom has been a clown show.

Anyway, the transition from the VMware customer portal to the Broadcom version is something that’s currently ongoing and is scheduled to end today. Assuming that happens on schedule, which given that this whole acquisition has been a clown show as mentioned previously I question if that is going be the case, I’ll be able to get a license key and test out Fusion Pro. Then I will be able to make a call as to if I should move to UTM. Right now I can’t see any of my VMware license keys in the customer portal, and I can’t make new ones to get Fusion Pro working. But let’s see if that changes.

UPDATE: Here’s the official announcement from VMware/Broadcom

UPDATE #2: I just got a chance to try updating to version 13.5.2 of VMware Fusion. It didn’t work and I am still stuck on VMware Fusion Player. I did some checking around and I found this post from the Product Manager of VMware Fusion Michael Roy who states that he is coming up with details on how to convert to Fusion Pro if you have Fusion Player installed. But the linked post walks you through how to install Fusion Pro as a new user.

UPDATE #3: I now have the Pro version of VMware Fusion installed. What I did is use a utility called AppCleaner to get rid of the current install of VMware Fusion Player. Then I downloaded version 13.5.2 from the Broadcom site and installed it. When you do that, you get the option to use the Pro version for personal use after the install is finished. This is pretty dumb as I should not have to delete the app to get this to work. It should simply work via an upgrade to 13.5.2. Clearly VMware or likely Broadcom didn’t have this scenario in their test plans. In any case, you won’t lose any of your virtual machines by doing this. Though you will have to go to File –> Scan For Virtual Machines to add them back.

Leave a comment »

HYAS Infosec and Carahsoft Partner To Bring Protective DNS And Advanced Adversary Infrastructure Insight to The Public Sector

Posted in Commentary with tags on May 14, 2024 by itnerd

HYAS Infosec, an adversary infrastructure platform provider that offers unparalleled visibility, protection and security against all kinds of malware and attacks, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership. Under the agreement, Carahsoft will serve as HYAS’ Master Government Aggregator®, bringing the company’s industry leading HYAS Protect protective Domain Name System (DNS) and HYAS Insight threat intelligence and investigation platforms to the Public Sector through Carahsoft’s reseller partners and NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Association of State Procurement Officials (NASPO) ValuePoint and OMNIA Partners contracts.

HYAS solutions help Government agencies align to DNS security requirements set forth by Cybersecurity Infrastructure Security Agency (CISA), National Security Agency (NSA) and Department of Defense (DoD). Considered a “must-have” by CISA and the NSA, Protective DNS is an essential component of the Public Sector’s security posture, as well as a critical element of the Cybersecurity Model Maturity Certification (CMMC) framework.

Globally recognized independent research institute AV-TEST GmbH tested HYAS Protect and found it provides exceptionally high levels of cybersecurity protection. The solution leverages intelligence and data derived from the HYAS Adversary Infrastructure Platform to uniquely analyze and correlate data points together for increased efficacy and deeper insights.

HYAS solutions include its award-winning HYAS Insight threat intelligence and investigation platform and HYAS Protect Protective DNS solution, available through Carahsoft’s SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NASPO ValuePoint Master Agreement #AR2472 and OMNIA Partners Contract #R191902. For more information, please contact the Carahsoft Team at (703) 871-8548 or HYAS@carahsoft.com; or visit the Carahsoft HYAS webpage to learn more about HYAS’ solutions.

Leave a comment »

A Very Good Reason To Upgrade To iOS 17.5 ASAP Is That It Expands Protection From Unwanted Bluetooth Trackers

Posted in Commentary with tags on May 14, 2024 by itnerd

Apple released iOS 17.5 yesterday, and one of the highlight features that iOS users should care about is the fact that it expands its ability to protect you from Bluetooth trackers. Up until yesterday, an iPhone could detect an AirTag or a FindMy compatible Bluetooth tracker. However if a threat actor used some other Bluetooth tracker, it would fly under the radar. That of course is a huge loophole. But that loophole gets closed if you update to iOS 17.5. Here’s how Apple described it in a press release issued yesterday:

With this new capability, users will now get an “[Item] Found Moving With You” alert on their device if an unknown Bluetooth tracking device is seen moving with them over time, regardless of the platform the device is paired with.

If a user gets such an alert on their iOS device, it means that someone else’s AirTag, Find My accessory, or other industry specification-compatible Bluetooth tracker is moving with them. It’s possible the tracker is attached to an item the user is borrowing, but if not, iPhone can view the tracker’s identifier, have the tracker play a sound to help locate it, and access instructions to disable it. Bluetooth tag manufacturers including Chipolo, eufy, Jio, Motorola, and Pebblebee have committed that future tags will be compatible.

In short, the functionality to find an unwanted tracker works the same way as iOS users are used to. I should also note that if you are on team Android, as long as you’re running Android 6 or higher, you’ll get this functionality as well. That way you’re protected from unwanted trackers. So if you’re an iOS user, and you haven’t updated to iOS 17.5, you might want to do it now to protect yourself from stalkers, car thieves, and other evil doers from tracking you.

Leave a comment »

« Older Entries
Newer Entries »