Thursday, February 27, 2014

Juniper Firefly Suite: Dynamic Security for Virtual Networks

Demonstrating their commitment to network innovation, Juniper Networks introduced the FireFly Suite in mid-January. Designed to address the security challenges of enterprises and service providers, the Juniper Networks’ Firefly Suite is a set of software-based security tools for VMware and KVM. Delivering flexible, holistic security purpose-built for virtualization and cloud environments, the FireFly Suite provides robust and granular hypervisor-based protection for virtual machines (VMs) across different workloads.

The Juniper Networks’ Firefly Suite can be easily embedded throughout the virtual environment including the hypervisor itself or as VMs connected to the various virtual networks. This approach accelerates service rollout and increases application agility with highly scalable granular protection. As a result, the FireFly Suite is able to address key security challenges unique to virtualized data centers and clouds by enabling network and security administrators to dynamically deploy and scale firewall protection.

As a multi-layered virtual security solution, the Firefly Suite contains three major components:

1. FireFly Perimeter - A software-based version of the Juniper Networks SRX Series Services             Gateway. Delivers rich connectivity based on the Junos OS and features granular segmentation capabilities between zones, organizations, lines of business, user groups, and applications.

2. Junos Space Virtual Director – Running on top of the Junos Space network management platform, it is an easy-to use lifecycle management application that enables organizations to automate the provisioning and resource allocation of FireFly Perimeter VMs.

3. FireFly Host – Previously referred to as vGW Virtual Gateway, it acts as a stateful firewall between VMs and integrates security features such as intrusion detection (IDS), virtualization-specific antivirus (AV) protection, and compliance tools, with management scale.

When bundled together, the components within the Juniper Networks’ FireFly Suite comprise a single comprehensive solution that secures traffic from all directions. A future-proofed investment, customers are assured the rights to future innovation on these products with the purchase of software maintenance. Offered as both perpetual and subscription licenses, the FireFly suite provides a non-disruptive upgrade path for future scalability so that customers can continue to meet their business goals.

Thursday, February 20, 2014

Meaningful Use Stage 3: What Will it Mean for Health IT?

Meaningful Use Stage 1 began in 2011 and consisted of 25 objectives, 20 of which providers must meet to qualify for incentive payment. In August of 2012, finalized standards for Stage 2 were released and will become effective sometime in 2014. Now on Friday, February 14th, the Health IT Policy Committee will be presented with draft recommendations for Stage 3 of the Meaningful Use Electronic Health Record (EHR) Incentive Program by the ONC’s (Office of the National Coordinator for Health Information Technology) Meaningful Use Workgroup.

Prior to the Meaningful Use Workgroup’s official presentation, a consensus has already been reached on a number of ideas. However, Congress may be stepping in as clinical quality measures may not be as easy to include in digital systems as originally thought. If Congress steps in, they could potentially redesign the way in which Medicare pays and delivers incentives to physicians.
Approvals of Stage 3 will take place in March by the HIT Policy Committee and rules will be finalized in early 2015. New proposals that have emerged from the Meaningful Use Workgroup include requiring physicians and hospitals to use clinical decision support interventions based on four of six national priority areas as well as new certification criteria for EHRs like necessitating offering patients a way to request access to their records online.

Two of the major goals of Stage 3 are to support new models of care and to address national health priorities. To obtain these goals, key gaps must be fixed in EHR functionality. The CNC’s Meaningful Use Workgroup also stated that the program needs to guide the development of “mature standards” that could be widely adopted by 2017. An optional “deeming” approach to confirmation could decrease some administrative work, and is being considered for those health systems that are already achieving top clinical outcomes through health IT.


Thursday, February 13, 2014

DDoS Attacks are Increasing: How Junos DDoS Secure Can Help

According to Arbor Networks’ latest Worldwide Infrastructure Security Report, the amount of Distributed Denial of Service (DDoS) attacks on data centers has been on the rise over the past year, increasing from under 50 percent in 2012 to a shocking 70 percent in 2013. Other alarming statistics include Data Center owners reporting that more than twice the number of DDoS attacks had surpassed the total data center bandwidth compared to 2012 with ten percent reporting more than 100 attacks per month.

Not only did the number of DDoS attacks grow, but the size of the attack as well - most notably with the Spamhaus reflection attack.  This attack made people aware of the vulnerability of their datacenters, with attacks of over 100Gbps becoming increasingly common. Datacenters tend to rely on firewalls and IDS/IPS systems to take on these attacks through closing ports or filtering specific types of traffic. While this method can work in some instances, it also stops useful applications from working.

A different method that ensures availability for legitimate users and useful applications, while blocking bad traffic, is through DDoS mitigation technology. Juniper Networks offers a solution called Junos DDoS Secure, which is specifically designed to provide comprehensive DDoS protection for the data center. Junos DDoS Secure uses its unique CHARM algorithm to learn which IP addresses can be trusted, and then responds intelligently and in real time by dropping suspect or noncompliant packets when the optimum performance from critical resources starts to degrade.

Thursday, February 6, 2014

What's New in VMware vSphere Data Protection 5.5.5

In previous versions of VMware vSphere, the data protection feature was a rather rudimentary implementation that was generally considered “better than nothing” for small shops on limited budgets, but was never really considered to be a serious enterprise level backup solution. 

vSphere Data Protection (VDP) has been steadily improving, and with vSphere Data Protection 5.5.5, it has become a very credible, full-featured solution that will fulfill the needs of many small to mid-sized businesses. While vSphere Data Protection does not have all of the features of CommVault Simpana or Veeam Backup & Replication, it does protect data effectively and reliably, and for those on a tight budget, Basic VDP is already included in the price of your vSphere license. VDP Advanced, introduced in March of 2013, is available as an additional licensed product, and is licensed per processor, just like vSphere. vSphere Data protection Advanced is included with the vSphere with Operations Management Enterprise (vSOM) and Enterprise Plus acceleration kits.

What is the difference between the Basic and Advanced versions?  VDP and VDP Advanced run on a virtual appliance, and the basic version of VDP supports up to 100 virtual machines per appliance; the VDP Advanced version supports up to 400 per appliance. VDP Advanced available storage size is also quadrupled at 8TB, opposed to the 2TB storage limitation of VDP.  Both support image level backups, individual disk backups, image-level restore jobs, image-level replication jobs, direct to host recovery, detachable/remountable data partitions, and file level recovery. The Advanced version additionally supports application-level replication, ability to expand current datastore, backup to a Data Domain system, ability to restore to a granular level on Microsoft Servers and automatic backup verification. VDP Advanced also supports guest-level backups and restores of Microsoft SQL Servers, Exchange Servers, and Share Point Servers, providing for application consistent backups of these servers. 

For a small to mid-sized business seeking to protect their virtual environment without the need for more advanced features, vSphere Data Protection and vSphere Data Protection Advanced provide an efficient, reliable backup solution.