Browsing Posts in vSecurity

Reading Time: 5 minutes During the last IT Press Tour #57, I’ve got the opportunity to learn more about an interesting swiss company: Cleondris presented by Christian Plattner (CEO and founder). They have a single product (Cleondris ONE) designed to bring Cyber Resilience for one storage product (NetApp ONTAP). So a very specific solution. Cleondris ONE gives you complete control and flexibility over your NetApp ONTAP data on-premises and in the cloud. Benefit from AI-powered threat detection, advanced ransomware protection, and robust data security. With Cleondris ONE, your data is secure and resilient, enabling your organization to quickly respond to, mitigate, […]

Reading Time: 3 minutes During the VMware Explore 2024 in Las Vegas, VMware has introduced the new VMware Cloud Foundation 9 and described some of its features. One of them was Confidential Computing with TDX: a way to provide advanced security by isolating and encrypting workloads, ensuring data integrity and privacy at the hypervisor level. But what is TDX?

Reading Time: 4 minutes IPv4 (Internet Protocol version 4) is a widely used protocol for network communication and is a core component of the TCP/IP stack. But it has some limits, one is the limit in terms of available addresses, expecially if we are talking about public IP. IPv6 (Internet Protocol version 6) was design to resolve all the limitation of IPv4. IPv6 is designated by the Internet Engineering Task Force (IETF) as the successor to IPv4 providing the following benefits:

Reading Time: 2 minutes Microsoft warned customers to patch a critical TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems (client and server) using IPv6 stack. The vulnerability is identified as CVE-2024-38063 and it’s a 9.8-out-of-10 on the CVSS severity scale. Note that, on Windows systems the IPv6 is enabled by default and, in the past, Microsoft itself has not recommend disabling IPV6: ” We do not recommend that you disable IPv6 or its components, or some Windows components may not function.” (https://support.microsoft.com/en-us/kb/929852)

Reading Time: 9 minutes Veeam Backup & Replication 12 supports different malware detection methods that works in different way and can be used together to reach different scopes. The first main diffecence is that some works inline (during the backup process on the source data) and other works with a post-processing directly on restore points saved on the repositories. For this reason also the load of those malware detection activities can be on different Veeam components, basically on the proxy servers for inline methods and the mount servers for the post-processing methods.

Reading Time: 5 minutes Lot of storage, cloud and backup solutions are promising some kind of data immutability. Of course, immutability is an important key capability, but it does not imply automatically that your solution is secure (or more secure). It can give a false sense of security if not implemented properly. When misconfigured, it is possible to delete supposedly immutable data, for example, by manipulating time/date settings on the storage device to bypass retention enforcement mechanisms.

Reading Time: 2 minutes Diffent products are implementing a security model called “four-eyes principle” (also know as the two-person rule). For example Veeam Backup & Replication (starting with v12) has the Four-Eyes Authorization feature to protect some crucial operations. But what is the four-eyes (4-eyes) principle and how does it work? First to all is nothing related to software or security but instead a way to minimize the human errors and can be appliable also to non IT activities.

© 2024-2011 vInfrastructure Blog | Disclaimer & Copyright