VPN

WireGuard is Now Available in pfSense CE

WireGuard | January 25, 2021

WireGuard is Now Available in pfSense CE
In the wake of being perhaps the most requested features for pfSense, Netgate has declared that WireGuard uphold is going to the famous open source programming for firewalls, VPNs and switches.

The advancement of a portion occupant usage of the new VPN convention for FreeBSD and pfSense has been underway for longer than a year. WireGuard was focused on FreeBSD back in November of a year ago and the convention would now be able to be saw in pfSense Community Edition (CE) 2.5.0.

Clients hoping to exploit the speed and protection benefits offered by WireGuard can download the source code from the pfSense public code vault and twofold pictures are likewise accessible for those following the 2.5.0 improvement branch update from the pfSense GUI.

Netgate additionally declared that pfSense is rebranding pfSense Factory Edition (FE) to pfSense Plus while PfSense CE will stay all things considered however. PfSense FE right now delivers with true equipment from Netgate/pfSense and is likewise accessible in cloud occasions.

As indicated by another blog entry from Netgate, while pfSense FE and pfSense CE have been firmly related for quite a while, the principle manners by which they vary are in help for extra equipment stages (Arm), uphold for Cloud Service Provider (CSP) stages (AWS and Azure) and extra design wizards.

The principal arrival of pfSense Plus (21.02) will be made accessible to all Netgate clients and it will come introduced on the entirety of the organization's machines and all new CSP accomplice commercial center cases.

Spotlight

Dental Support Organizations (DSOs) are increasing in the dental industry, with larger, geographically dispersed infrastructures becoming more commonplace. Due to the number of component practices involved in each DSO, these businesses have specific hardware and software considerations that directly affect the efficiency and profitability of their organizations. However, no matter how robust the DSO organization is, the overhead and investments associated with digital imaging software, hardware, and computing technology can significantly affect its bottom line.

Spotlight

Dental Support Organizations (DSOs) are increasing in the dental industry, with larger, geographically dispersed infrastructures becoming more commonplace. Due to the number of component practices involved in each DSO, these businesses have specific hardware and software considerations that directly affect the efficiency and profitability of their organizations. However, no matter how robust the DSO organization is, the overhead and investments associated with digital imaging software, hardware, and computing technology can significantly affect its bottom line.

Related News

VIRTUAL SERVER INFRASTRUCTURE

AWS Announces General Availability of Amazon EC2 Hpc6a Instances

Amazon Web Services | January 11, 2022

Amazon Web Services, Inc. (AWS) announced the general availability of Amazon Elastic Compute Cloud (Amazon EC2) Hpc6a instances, a new instance type that is purpose-built for tightly coupled high performance computing (HPC) workloads. Hpc6a instances, powered by 3rd Gen AMD EPYC processors, expand AWS’s portfolio of HPC compute options and deliver up to 65% better price performance compared to similar compute-optimized Amazon EC2 instances that customers use for HPC workloads today. Hpc6a instances make it even more cost-efficient for customers to scale HPC clusters on AWS to run their most compute-intensive workloads like genomics, computational fluid dynamics, weather forecasting, molecular dynamics, computational chemistry, financial risk modeling, computer-aided engineering, and seismic imaging. Hpc6a instances are available on demand via a low-cost, pay-as-you-go usage model with no upfront commitments. To get started with Hpc6a instances, visit aws.amazon.com/ec2/instance-types/hpc6. Organizations across numerous sectors rely on HPC to solve their most complex academic, scientific, and business problems. However, effectively using HPC is expensive because it requires the ability to process large amounts of data, which demands an abundance of compute power, fast memory and storage, and low-latency networking within HPC clusters. Some organizations build infrastructure on premises to run HPC workloads, but that involves expensive upfront capital investment, lengthy procurement cycles, ongoing management of overhead to monitor hardware and keep software up to date, and limited flexibility when the infrastructure inevitably becomes obsolete and must be upgraded. Customers across many industries run their HPC workloads in the cloud to take advantage of the superior security, scalability, and elasticity it offers. Engineers, researchers, and scientists rely on AWS to run their largest and most complex HPC workloads and choose Amazon EC2 instances with senhanced networking (e.g. C5n, R5n, M5n, and C6gn) to scale tightly coupled HPC workloads that require high levels of inter-instance communications with thousands of interdependent tasks. While the performance of these instances is sufficient for most HPC use cases, as workloads further scale to solve increasingly difficult problems, customers are looking to maximize price performance as they run HPC workloads that can grow to tens of thousands of servers on AWS. New Hpc6a instances are purpose-built to offer the best price performance for running HPC workloads at scale in the cloud. Hpc6a instances deliver up to 65% better price performance for HPC workloads to carry out complex calculations across a range of cluster sizes—up to tens of thousands of cores. Hpc6a instances are enabled with Elastic Fabric Adapter (EFA)—a network interface for Amazon EC2 instances—by default. With EFA networking, customers benefit from low latency, low jitter, and up to 100 Gbps of EFA networking bandwidth to increase operational efficiency and drive faster time-to-results for workloads that rely on inter-instance communications. Hpc6a instances are powered by 3rd Gen AMD EPYC processors that run at frequencies up to 3.6 GHz and provide 384 GB of memory. Using Hpc6a instances, customers can more cost-effectively tackle their biggest and most difficult academic, scientific, and business problems with HPC, and realize the benefits of AWS with superior price performance. By consistently innovating and creating new purpose-built Amazon EC2 instances for virtually every type of workload, AWS customers have realized huge price performance benefits for some of today’s most business-critical applications. While high performance computing has helped solve some of the most difficult problems in science, engineering, and business, effectively running HPC workloads can be cost-prohibitive for many organizations. Purpose-built for HPC workloads, Hpc6a instances now help customers realize up to 65% better price performance for their HPC clusters at virtually any scale, so they can focus on solving the biggest problems that matter to them most without the cost barriers that exist today.” David Brown, Vice President of Amazon EC2 at AWS “We are excited to continue our momentum with AWS and provide their customers with this new, powerful instance for high performance computing workloads,” said Dan McNamara, Senior Vice President and General Manager, Server Business at AMD. “AMD EPYC processors are helping customers of all sizes solve some of their biggest and most complex problems. From small universities to enterprises to large research facilities, Hpc6a instances powered by 3rd Gen AMD EPYC processors open up the world of powerful HPC performance with cloud scalability to more customers around the world.” Customers can use Hpc6a instances with AWS ParallelCluster (an open-source cluster management tool) to provision Hpc6a instances alongside other instance types, giving customers the flexibility to run different workload types optimized for different instances within the same HPC cluster. Hpc6a instances benefit from the AWS Nitro System, a collection of building blocks that offload many of the traditional virtualization functions to dedicated hardware and software to deliver high performance, high availability, and increased security while also reducing virtualization overhead. Hpc6a instances are available for purchase as On-Demand Instances or Reserved Instances, or with Savings Plans. Hpc6a instances are available in US East (Ohio) and AWS GovCloud (US-West), with availability in additional AWS Regions coming soon. Maxar partners with innovative businesses and more than 50 governments to monitor global change, deliver broadband communications, and advance space operations with capabilities in Space Infrastructure and Earth Intelligence. “Amazon EC2 Hpc6a instances are yet another exciting announcement from AWS that enables Maxar to continue to meet and exceed our customer requirements for big compute workflows—whether to accelerate the research and operations of Numerical Weather Prediction workloads or to create the world’s best, most up-to-date, and accurate digital twin models with our Maxar Precision3D product suite,” said Dan Nord, SVP and Chief Product Officer at Maxar Technologies. “Hpc6a’s AMD EPYC processors combined with the EFA networking capability provide us a 60% performance improvement over alternatives, while also being more cost efficient. This enables Maxar to strategically choose among the suite of AWS HPC cluster configurations that we’ve developed to best suit our clients’ needs while maximizing flexibility and resiliency.” DTN’s global weather station network delivers hyper-local, accurate, and real-time weather intelligence to empower organizations with actionable insights. “Our collaboration with AWS allows us to better serve our customers with high-resolution weather prediction systems that feed analytics engines,” said Lars Ewe, Chief Technology Officer at DTN. “We’re very excited to see the price performance of Hpc6a instances, and we expect this to be our go-to Amazon EC2 instance choice for HPC workloads going forward.” TotalCAE has over 20 years of experience with HPC for computer-aided engineering (CAE). TotalCAE helps eliminate IT headaches by professionally managing customers’ HPC engineering environment and engineering applications so they can focus on engineering, and not IT. “TotalCAE Platform makes it easy for CAE departments to adopt the agility and flexibility of AWS in just a few clicks for hundreds of engineering applications like Ansys Fluent, Siemens Simcenter STAR-CCM+, and Dassault Systèmes Abaqus,” said Rod Mach, President at TotalCAE. “As an AWS HPC Competency Partner, we help customers run their CAE workloads in the cloud. With HPC6a instances, we have seen up to a 30% performance boost for computational fluid dynamics workloads at a lower cost, enabling TotalCAE to offer customers industry leading price performance and scalability in the cloud.” About Amazon Web Services For over 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud offering. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 84 Availability Zones (AZs) within 26 geographic regions, with announced plans for 24 more Availability Zones and eight more AWS Regions in Australia, Canada India, Israel, New Zealand, Spain, Switzerland, and the United Arab Emirates. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. About Amazon Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth’s Most Customer-Centric Company, Earth’s Best Employer, and Earth’s Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.

Read More

Cisco's 6 Unpatched Internal Servers Supporting Virtual Networking Service Compromised

Cisco | June 01, 2020

Cisco gave no details on exactly what, if any, damage was done as a result of the attacks, but said a "limited set of customers" was impacted. Despite this warning, Cisco placed six servers in service on May 7 that were not patched against these vulnerabilities, and the servers were immediately attacked. The vulnerabilities in SaltStack were originally uncovered by security firm F-Secure. Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities, according to a security advisory sent to customers this week. Cisco gave no details on exactly what, if any, damage was done as a result of the attacks, but said a "limited set of customers" was impacted. If exploited, these zero-day vulnerabilities potentially could have allowed an attacker to gain full remote code execution within the servers. In its Thursday advisory, Cisco states that on April 29, the Salt Open Core team informed those using the SaltStack open-source configuration management and orchestration tool about two critical-rated vulnerabilities, an authentication bypass flaw, CVE-2020-11651, and a directory traversal problem, CVE-2020-11652. Read More: Virtualized Desktop Infrastructure and Storage Solutions Driving Intel's Optane Memory & Storage Sales Despite this warning, Cisco placed six servers in service on May 7 that were not patched against these vulnerabilities, and the servers were immediately attacked, the company acknowledges. "A software component of the Cisco Virtual Internet Routing Lab service was affected by a third-party software vulnerability that was disclosed in late April. Cisco applied the patch in May, and a limited set of customers were impacted by exploitation attempts of the vulnerability," a company spokesperson tells Information Security Media Group. SaltStack Vulnerabilities The vulnerabilities in SaltStack were originally uncovered by security firm F-Secure, which describes them as allowing an attacker "to bypass all authentication and authorization controls and publish arbitrary control messages, read and write files anywhere on the 'master' server file system and steal the secret key used to authenticate to the master as root. The impact is full remote command execution as root on both the master and all minions that connect to it." SaltStack published its own advisory on April 20 and patched the vulnerabilities the following week with the release of versions 2019.2.4 and 3000.2, Alex Peay, a senior vice president at SaltStack, tells ISMG. Cisco's six servers that were compromised are used to support Internet Routing Lab Personal Edition, or VIRL-PE, and Modeling Labs Corporate Edition, or CML, a platform that enables engineers to emulate various Cisco operating systems, including IOS, IOS XR, and NX-OS, Cisco says in the advisory. The servers are: • us-1.virl.info • us-2.virl.info • us-3.virl.info • us-4.virl.info • vsm-us-1.virl.info • vsm-us-2.virl.info The exploitability of the vulnerabilities in the six servers depends upon how the products that the servers' support are enabled. The company advises those using Cisco CML and Cisco VIRL-PE software releases 1.5 and 1.6, which have the salt-master service reachable on TCP ports 4505 and 4506, to inspect the software for compromise, re-image it and then patch it with the latest update. F-Secure described the unpatched vulnerabilities as particularly easy to exploit. "We expect that any competent hacker will be able to create 100% reliable exploits for these issues in under 24 hours," F-Secure says. Attackers Looked for Easy Exploits Peay of SaltStack added that exploits immediately began to show up after the patches were released and publicized as malicious actors attempted to take advantage of the zero-day vulnerabilities before companies were able to install patches. Scott Caveza, research engineering manager at the security firm Tenable, offers a quick rundown of how threat actors use patch information to crack a system. Attackers will often review the code and look at what changes have been made in a patch or release update to determine how the fix was applied. Then working backwards, they can use this information to develop a working exploit and begin scanning and probing for targets across the internet, Scott Caveza, research engineering manager at the security firm Tenable. SaltStack went to great lengths to communicate the problem to its users and offer tools so mitigation efforts were conducted properly, Peay says. This included direct assistance for those lacking skills handling SaltStack along with a service that would scan to validate that the patches were properly applied, he adds. Some security experts question why Cisco did not immediately patch its servers when it was notified of the zero day vulnerabilities. There are management tools that can help with the automation of checking, but even that requires someone setting it up to check for a version of software on a set of servers, so in the end it's the IT person who has to do the work, Jayant Shukla, CTO and co-founder of K2 Cyber Security. Caveza of Tenable notes identifying systems that need a patch involves IT staff checking the version of SaltStack and verifying that versions 2019.2.4, 3000.2 or later have been applied. He points out that plugins are available to assist with this task. Read More: How Virtualization Helps Businesses Overcome Cloud Migration Problems About Cisco Cisco enables people to make powerful connections--whether in business, education, philanthropy, or creativity. Cisco hardware, software, and service offerings are used to create the Internet solutions that make networks possible--providing easy access to information anywhere, at any time.

Read More

Microsoft Announces Update to Windows Virtual Desktop to Make Life Easier for IT Admins

Microsoft | May 05, 2020

Microsoft’s service for giving employees access to a virtualized desktop environment on Azure and that allows IT departments to host multiple Windows 10 sessions on the same hardware. Microsoft is now also making it possible to use Microsoft Teams for video meetings in these virtual desktop environments. The unique thing that a Windows Virtual Desktop does relative to traditional VDI. Microsoft today announced a slew of updates to various parts of its Microsoft 365 ecosystem. A lot of these aren’t all that exciting (though that obviously depends on your level of enthusiasm for products like Microsoft Endpoint Manager), but the overall thrust behind this update is to make life easier for the IT admins that help provision and manage corporate Windows — and Mac — machines, something that’s even more important right now, given how many companies are trying to quickly adapt to this new work-from-home environment. For them, the highlight of today’s set of announcements is surely an update to Windows Virtual Desktop, Microsoft’s service for giving employees access to a virtualized desktop environment on Azure and that allows IT departments to host multiple Windows 10 sessions on the same hardware. The company is launching a completely new management experience for this service that makes getting started significantly easier for admins. Read More: Unlocking the Potential of Deep Learning With Virtualized AI Ahead of today’s announcement, Brad Anderson, Microsoft’s corporate VP for Microsoft 365, told me that it took a considerable amount of Azure expertise to get started with this service. With this update, you still need to know a bit about Azure, but the overall process of getting started is now significantly easier. And that, Anderson noted, is now more important than ever. Some organizations are telling me that they’re using on-prem [Virtual Desktop Infrastructure]. They had to go do work to basically free up capacity. In some cases, that means doing away with disaster recovery for some of their services in order to get the capacity. In some cases, I hear leaders say it’s going to take until the middle or the end of May to get the additional capacity to spin up the VDI sessions that are needed. In today’s world, that’s just unacceptable. Given what the cloud can do, people need to have the ability to spin up and spin down on demand. And that’s the unique thing that a Windows Virtual Desktop does relative to traditional VDI. Brad Anderson, Microsoft’s corporate VP for Microsoft 365. Anderson also believes that remote work will remain much more common once things go back to normal — whenever that happens and whatever that will look like. “I think the usage of virtualization where you are virtualizing running an app in a data center in the cloud and then virtualizing it down will grow. This will introduce a secular trend and growth of cloud-based VDI,” he said. In addition to making the management experience easier, Microsoft is now also making it possible to use Microsoft Teams for video meetings in these virtual desktop environments, using a feature called ‘A/V redirection’ that allows users to connect their local audio and video hardware and virtual machines with low latency. It’ll take another month or so for this feature to roll out, though. Also new is the ability to keep service metadata about Windows Virtual Desktop usage within a certain Azure region for compliance and regulatory reasons. For those of you interested in Microsoft Endpoint Manager, the big news here is better support for macOS-based machines. Using the new Intune MDM agent for macOS, admins can use the same tool for managing repetitive tasks on Windows 10 and macOS. Productivity Score — a product only an enterprise manager would love — is also getting an update. You can now see how people in an organization are reading, authoring and collaborating around content in OneDrive and SharePoint, for example. And if they aren’t, you can write a memo and tell them they should collaborate more. There are also new dashboards here for looking at how employees work across devices and how they communicate. It’s worth noting that this is aggregate data and not another way for corporate to look at what individual employees are doing. The one feature here that does actually seem really useful, especially given the current situation, is a new Network Connectivity category that helps IT to figure out where there are networking challenges. Read More: Hitachi Vantara's Storage Platform Brings Large Enterprise Functions to Midsize Enterprise Customers About Microsoft At Microsoft, our mission is to empower every person and every organization on the planet to achieve more. Our mission is grounded in both the world in which we live and the future we strive to create. Today, we live in a mobile-first, cloud-first world, and the transformation we are driving across our businesses is designed to enable Microsoft and our customers to thrive in this world.

Read More