|
In a world in which teams of researchers promise to expose a new vulnerability each day--March is brought to you courtesy of PHP bugs--security products must stay up-to-date. Virtual Shield delivers here as well, providing an online-update feature. Updates can be automated to occur every night or when you provide the OK. We tested a full update of the system, which took about 20 minutes to download and replace all the software on the manager and one gateway--the equivalent of flashing the firmware on a hardware appliance--and required a reboot of the Blue Lane appliances. During the reboot of the gateway was the only time our protection was impacted--for 20 to 30 seconds, as it restarted. VMware can be configured to pass all traffic or no traffic when the gateway is not functional; this provides a fail-open or fail-closed capability for updates, or in the event the VirtualShield Gateway should crash. Blue Lane says it expects to release full updates approximately every six months. Patch and policy updates could occur as frequently as every day, depending on need, but fortunately, these are extremely quick, and require no downtime or loss of filtering capability to install. Shortly after we completed the full update, we noticed that reports were not updating accurately and, even worse, that servers were not being discovered and protected as they should. This is when we exercised VirtualShield's support feature, which creates a secure outgoing SSH tunnel on Port 80, 53 or 443 (whichever is open) to Blue Lane. Once connected, keys were generated so we could let a Blue Lane engineer log in to our Manager and diagnose the problem. It turns out that the update process had created a full backup of the system before installing, but because Blue Lane keeps the disk size of the VMs small, there wasn't enough room for the entire backup. This feature, used in the physical appliances, lets Blue Lane quickly revert back to a known-good configuration in case of update problems--but those have 200-GB disks, so a few gigabytes of backup don't cause many problems. Again, Blue Lane says it will fix this bug before it impacts users. Engineers also can troubleshoot problems the old-fashioned way, over the phone, in environments where an outgoing tunnel would not be feasible.
|
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
