When managing the application delivery service of an off-the-shelf application like Microsoft Exchange, you can expect extensive support – from the application vendor, the Application Delivery Controller (ADC) vendor and all the professional forums across the Internet. QYBWBYG9DECSread more
Distributed Denial of Service (DDoS) is unique in the sense that these attacks actually consist of many legitimate individual requests. It is only the large volume of simultaneous requests that turns those legitimate requests into an attack. Consequently, one of the biggest challenges in mitigating DDoS attacks is distinguishing between malicious and legitimate traffic.read more
The performance poverty line is the plateau at which your website’s load time ceases to matter because you’ve hit close to rock bottom in terms of business metrics. If your pages are well below the performance poverty line, making them a couple of seconds faster doesn’t help your business. Here’s how to find the poverty line for your site.read more
Last night, the Wall Street Journal ran a story around the Food and Drug Administration’s (FDA) warning to makers of medical devices that the gear they’re producing is at risk of being infected with computer viruses that can endanger patients.read more
Load balancers, also known as Application Delivery Controllers (ADCs), are often being deployed with today’s enterprise and web applications. What should you look for in an ADC? What factors must you consider? What benefits should you make sure an ADC has to offer? In this post, I break down the top six pitfalls to avoid when selecting a load balancer to help guide your ADC purchasing process.read more
This past weekend, Security Week ran a byline I wrote regarding Long Term Evolution (LTE).
Although this brings the promise of relieving traffic jams for mobile operators, it also brings new security risks. As traffic generated by smartphones grow, LTE networks’ fast mobile broadband will assist handling the increased traffic.
However, mobile operators will have to learn how to handle the new threats. New Advanced Persistent Threats (APT) are emerging and mobile carriers and mobile user will find themselves struggling with similar APTs that we see at Enterprises today. For Long Term Evolution networks not to fall short on security, mobile operators must realize the increased threats from malware, fraud, distributed denial of service (DDoS) attacks and many other attacks, and adopt more comprehensive and innovative security strategies.
Although LTE, which is commonly referred as mobile network 4th generation (4G), provides a solid infrastructure to deliver advanced, content-rich applications in real-time, I discuss a few security challenges that should be addressed in order to protect the network from overload and declining quality of service.
The article can be found here. I invite you to read it, and feel free to share any comments or questions you may have for me.read more
The naïve and still common perception of DoS/DDoS attacks is that to be destructive, attacks must use brute force and generate massive traffic. Low & Slow DDoS application attacks prove otherwise. Similar to guerilla warfare tactics, Low & Slow application attacks create significant damage with minimal resources. What’s more? Detecting and preventing these attacks presents a significant challenge. The following post goes in-depth to break down why Low & Slow application level attacks are difficult to detect and mitigate.read more
While network performance challenges are often addressed by adding additional bandwidth, there are ways to yield more “good-put” (good net payload throughput) out of the same network infrastructure. In this blog post, I’ll discuss five improvements related to how a good application delivery solution can help.read more