mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-02-13 00:11:22 +08:00
Merge remote-tracking branch 'LCTT/master'
This commit is contained in:
Xingyu.Wang
commit
0b5a6d21a4
@ -1,5 +1,5 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: translator: (ninifly )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
|
||||
@ -1,92 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (How to shop for enterprise firewalls)
|
||||
[#]: via: (https://www.networkworld.com/article/3390686/how-to-shop-for-enterprise-firewalls.html#tk.rss_all)
|
||||
[#]: author: (Zeus Kerravala https://www.networkworld.com/author/Zeus-Kerravala/)
|
||||
|
||||
How to shop for enterprise firewalls
|
||||
======
|
||||
Performance, form factors, and automation capabilities are key considerations when choosing a next-generation firewall (NGFW).
|
||||
Firewalls have been around for years, but the technology keeps evolving as the threat landscape changes. Here are some tips about what to look for in a next-generation firewall ([NGFW][1]) that will satisfy business needs today and into the future.
|
||||
|
||||
### Don't trust firewall performance stats
|
||||
|
||||
Understanding how a NGFW performs requires more than looking at a vendor’s specification or running a bit of traffic through it. Most [firewalls][2] will perform well when traffic loads are light. It’s important to see how a firewall responds at scale, particularly when [encryption][3] is turned on. Roughly 80% of traffic is encrypted today, and the ability to maintain performance levels with high volumes of encrypted traffic is critical.
|
||||
|
||||
**Learn more about network security**
|
||||
|
||||
* [How to boost collaboration between network and security teams][4]
|
||||
* [What is microsegmentation? How getting granular improves network security][5]
|
||||
* [What to consider when deploying a next-generation firewall][1]
|
||||
* [How firewalls fit into enterprise security][2]
|
||||
|
||||
|
||||
|
||||
Also, be sure to turn on all major functions – including application and user identification, IPS, anti-malware, URL filtering and logging – during testing to see how a firewall will hold up in a production setting. Firewall vendors often tout a single performance number that's achieved with core features turned off. Data from [ZK Research][6] shows many IT pros learn this lesson the hard way: 58% of security professionals polled said they were forced to turn off features to maintain performance.
|
||||
|
||||
Before committing to a vendor, be sure to run tests with as many different types of traffic as possible and with various types of applications. Important metrics to look at include application throughput, connections per second, maximum sessions for both IPv4 and [IPv6][7], and SSL performance.
|
||||
|
||||
### NGFW needs to fit into broader security platform
|
||||
|
||||
Is it better to have a best-of-breed strategy or go with a single vendor for security? The issue has been debated for years, but the fact is, neither approach works flawlessly. It’s important to understand that best-of-breed everywhere doesn’t ensure best-in-class security. In fact, the opposite is typically true; having too many vendors can lead to complexity that can't be managed, which puts a business at risk. A better approach is a security platform, which can be thought of as an open architecture, that third-party products can be plugged into.
|
||||
|
||||
Any NGFW must be able to plug into a platform so it can "see" everything from IoT endpoints to cloud traffic to end-user devices. Also, once the NGFW has aggregated the data, it should be able to perform analytics to provide insights. This will enable the NGFW to take action and enforce policies across the network.
|
||||
|
||||
### Multiple form factors, consistent security features
|
||||
|
||||
Firewalls used to be relegated to corporate data centers. Today, networks have opened up, and customers need a consistent feature set at every point in the network. NGFW vendors should have the following form factors available to optimize price/performance:
|
||||
|
||||
* Data center
|
||||
* Internet edge
|
||||
* Midsize branch office
|
||||
* Small branch office
|
||||
* Ruggedized for IoT environments
|
||||
* Cloud delivered
|
||||
* Virtual machines that can run in private and public clouds
|
||||
|
||||
|
||||
|
||||
Also, NGFW vendors should have a roadmap for a containerized form factor. This certainly isn’t a trivial task. Most vendors won’t have a [container][8]-ready product yet, but they should be able to talk to how they plan to address the problem.
|
||||
|
||||
### Single-pane-of-glass firewall management
|
||||
|
||||
Having a broad product line doesn’t matter if products need to be managed individually. This makes it hard to keep policies and rules up to date and leads to inconsistencies in features and functions. A firewall vendor must have a single management tool that provides end-to-end visibility and enables the administrator to make a change and push it out across the network at once. Visibility must extend everywhere, including the cloud, [IoT][9] edge, operational technology (OT) environments, and branch offices. A single dashboard is also the right place to implement and maintain software-based segmentation instead of having to configure each device.
|
||||
|
||||
### Firewall automation capabilities
|
||||
|
||||
The goal of [automation][10] is to help remove many of the manual steps that create "human latency" in the security process. Almost all vendors tout some automation capabilities as a way of saving on headcount, but automation goes well beyond that.
|
||||
|
||||
To continue reading this article register now
|
||||
|
||||
[Get Free Access][11]
|
||||
|
||||
[Learn More][12] Existing Users [Sign In][11]
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3390686/how-to-shop-for-enterprise-firewalls.html#tk.rss_all
|
||||
|
||||
作者:[Zeus Kerravala][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Zeus-Kerravala/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/article/3236448/what-to-consider-when-deploying-a-next-generation-firewall.html
|
||||
[2]: https://www.networkworld.com/article/3230457/what-is-a-firewall-perimeter-stateful-inspection-next-generation.html
|
||||
[3]: https://www.networkworld.com/article/3098354/enterprise-encryption-adoption-up-but-the-devils-in-the-details.html
|
||||
[4]: https://www.networkworld.com/article/3328218/how-to-boost-collaboration-between-network-and-security-teams.html
|
||||
[5]: https://www.networkworld.com/article/3247672/what-is-microsegmentation-how-getting-granular-improves-network-security.html
|
||||
[6]: https://zkresearch.com/
|
||||
[7]: https://www.networkworld.com/article/3254575/what-is-ipv6-and-why-aren-t-we-there-yet.html
|
||||
[8]: https://www.networkworld.com/article/3159735/containers-what-are-containers.html
|
||||
[9]: https://www.networkworld.com/article/3207535/what-is-iot-how-the-internet-of-things-works.html
|
||||
[10]: https://www.networkworld.com/article/3184389/automation-rolls-on-what-are-you-doing-about-it.html
|
||||
[11]: javascript://
|
||||
[12]: /learn-about-insider/
|
||||
@ -1,54 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Must-know Linux Commands)
|
||||
[#]: via: (https://www.networkworld.com/article/3391029/must-know-linux-commands.html#tk.rss_all)
|
||||
[#]: author: (Tim Greene https://www.networkworld.com/author/Tim-Greene/)
|
||||
|
||||
Must-know Linux Commands
|
||||
======
|
||||
A compilation of essential commands for searching, monitoring and securing Linux systems - plus the Linux Command Line Cheat Sheet.
|
||||
It takes some time working with Linux commands before you know which one you need for the task at hand, how to format it and what result to expect, but it’s possible to speed up the process.
|
||||
|
||||
With that in mind, we’ve gathered together some of the essential Linux commands as explained by Network World's [Unix as a Second Language][1] blogger Sandra Henry-Stocker to give aspiring power users what they need to get started with Linux systems.
|
||||
|
||||
The breakdown starts with the rich options available for finding files on Linux – **find** , **locate** , **mlocate** , **which** , **whereis** , to name a few. Some overlap, but some are more efficient than others or zoom in on a narrow set of results. There’s even a command – **apropos** – to find the right command to do what you want to do. This section will demystify searches.
|
||||
|
||||
Henry-Stocker's article on memory provides a wealth of options for discovering the availability of physical and virtual memory and ways to have that information updated at intervals to constantly measure whether there’s enough memory to go around. It shows how it’s possible to tailor your requests so you get a concise presentation of the results you seek.
|
||||
|
||||
Two remaining articles in this package show how to monitor activity on Linux servers and how to set up security parameters on these systems.
|
||||
|
||||
The first of these shows how to run the same command repetitively in order to have regular updates about any designated activity. It also tells about a command that focuses on user processes and shows changes as they occur, and a command that examines the time that users are connected.
|
||||
|
||||
The final article is a deep dive into commands that help keep Linux systems secure. It describes 22 of them that are essential for day-to-day admin work. They can restrict privileges to keep individuals from having more capabilities than their jobs call for and report on who’s logged in, where from and how long they’ve been there.
|
||||
|
||||
Some of these commands can track recent logins for individuals, which can be useful in running down who made changes. Others find files with varying characteristics, such as having no owner or by their contents. There are commands to control firewalls and to display routing tables.
|
||||
|
||||
As a bonus, our bundle of commands includes **The Linux Command-Line Cheat Sheet,** a concise summary of important commands that are useful every single day. It’s suitable for printing out on two sides of a single sheet, laminating and keeping beside your keyboard.
|
||||
|
||||
Enjoy!
|
||||
|
||||
To continue reading this article register now
|
||||
|
||||
[Get Free Access][2]
|
||||
|
||||
[Learn More][3] Existing Users [Sign In][2]
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3391029/must-know-linux-commands.html#tk.rss_all
|
||||
|
||||
作者:[Tim Greene][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Tim-Greene/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/blog/unix-as-a-second-language/?nsdr=true
|
||||
[2]: javascript://
|
||||
[3]: /learn-about-insider/
|
||||
@ -1,61 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Health care is still stitching together IoT systems)
|
||||
[#]: via: (https://www.networkworld.com/article/3392818/health-care-is-still-stitching-together-iot-systems.html#tk.rss_all)
|
||||
[#]: author: (Jon Gold https://www.networkworld.com/author/Jon-Gold/)
|
||||
|
||||
Health care is still stitching together IoT systems
|
||||
======
|
||||
The use of IoT technology in medicine is fraught with complications, but users are making it work.
|
||||
_Government regulations, safety and technical integration are all serious issues facing the use of IoT in medicine, but professionals in the field say that medical IoT is moving forward despite the obstacles. A vendor, a doctor, and an IT pro all spoke to Network World about the work involved._
|
||||
|
||||
### Vendor: It's tough to gain acceptance**
|
||||
|
||||
**
|
||||
|
||||
Josh Stein is the CEO and co-founder of Adheretech, a medical-IoT startup whose main product is a connected pill bottle. The idea is to help keep seriously ill patients current with their medications, by monitoring whether they’ve taken correct dosages or not.
|
||||
|
||||
The bottle – which patients get for free (Adheretech’s clients are hospitals and clinics) – uses a cellular modem to call home to the company’s servers and report on how much medication is left in the bottle, according to sensors that detect how many pills are touching the bottle’s sides and measuring its weight. There, the data is analyzed not just to determine whether patients are sticking to their doctor’s prescription, but to help identify possible side effects and whether they need additional help.
|
||||
|
||||
For example, a bottle that detects itself being moved to the bathroom too often might send up a flag that the patient is experiencing gastrointestinal side effects. The system can then contact patients or providers via phone or text to help them take the next steps.
|
||||
|
||||
The challenges to reach this point have been stiff, according to Stein. The company was founded in 2011 and spent the first four years of its existence simply designing and building its product.
|
||||
|
||||
“We had to go through many years of R&D to create a device that’s replicatible a million times over,” he said. “If you’re a healthcare company, you have to deal with HIPAA, the FDA, and then there’s lots of other things like medication bottles have their whole own set of regulatory certifications.”
|
||||
|
||||
Beyond the simple fact of regulatory compliance, Stein said that there’s resistance to this sort of new technology in the medical community.
|
||||
|
||||
“Healthcare is typically one of the last industries to adopt new technology,” he said.
|
||||
|
||||
### Doctor: Colleagues wonder if medical IoT plusses are worth the trouble
|
||||
|
||||
Dr. Rebecca Mishuris is the associate chief medical information officer at Boston Medical Center, a private non-profit hospital located in the South End. One of the institution’s chief missions is to act as a safety net for the population of the area – 57% of BMC’s patients come from under-served populations, and roughly a third don’t speak English as a primary language. That, in itself, can be a problem for IoT because many devices are designed to be used by native English speakers.
|
||||
|
||||
BMC’s adoption of IoT tech has taken place mostly at the individual-practice level – things like Bluetooth-enabled scales and diagnostic equipment for specific offices that want to use them – but there’s no hospital-wide IoT initiative happening, according to Mishuris.
|
||||
|
||||
That’s partially due to the fact that many practitioners aren’t convinced that connected healthcare devices are worth the trouble to purchase, install and manage, she said. HIPAA compliance and BMC’s own privacy regulations are a particular concern, given that many of the devices deal with patient-generated data.
|
||||
|
||||
To continue reading this article register now
|
||||
|
||||
[Get Free Access][1]
|
||||
|
||||
[Learn More][2] Existing Users [Sign In][1]
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3392818/health-care-is-still-stitching-together-iot-systems.html#tk.rss_all
|
||||
|
||||
作者:[Jon Gold][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Jon-Gold/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: javascript://
|
||||
[2]: /learn-about-insider/
|
||||
@ -1,70 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (5G: A deep dive into fast, new wireless)
|
||||
[#]: via: (https://www.networkworld.com/article/3385030/5g-a-deep-dive-into-fast-new-wireless.html#tk.rss_all)
|
||||
[#]: author: (Craig Mathias https://www.networkworld.com/author/Craig-Mathias/)
|
||||
|
||||
5G: A deep dive into fast, new wireless
|
||||
======
|
||||
|
||||
### 5G wireless networks are just about ready for prime time, overcoming backhaul and backward-compatibility issues, and promising the possibility of all-mobile networking through enhanced throughput.
|
||||
|
||||
The next step in the evolution of wireless WAN communications - [5G networks][1] \- is about to hit the front pages, and for good reason: it will complete the evolution of cellular from wireline augmentation to wireline replacement, and strategically from mobile-first to mobile-only.
|
||||
|
||||
So it’s not too early to start least basic planning to understanding how 5G will fit into and benefit IT plans across organizations of all sizes, industries and missions.
|
||||
|
||||
**[ From Mobile World Congress:[The time of 5G is almost here][2] ]**
|
||||
|
||||
5G will of course provide end-users with the additional throughput, capacity, and other elements to address the continuing and dramatic growth in geographic availability, user base, range of subscriber devices, demand for capacity, and application requirements, but will also enable service providers to benefit from new opportunities in overall strategy, service offerings and broadened marketplace presence.
|
||||
|
||||
A look at the key features you can expect in 5G wireless. (Click for larger image.)
|
||||
|
||||
![A look at the key features you can expect in 5G wireless.][3]
|
||||
|
||||
This article explores the technologies and market drivers behind 5G, with an emphasis on what 5G means to enterprise and organizational IT.
|
||||
|
||||
While 5G remains an imprecise term today, key objectives for the development of the advances required have become clear. These are as follows:
|
||||
|
||||
## 5G speeds
|
||||
|
||||
As is the case with Wi-Fi, major advances in cellular are first and foremost defined by new upper-bound _throughput_ numbers. The magic number here for 5G is in fact a _floor_ of 1 Gbps, with numbers as high as 10 Gbps mentioned by some. However, and again as is the case with Wi-Fi, it’s important to think more in terms of overall individual-cell and system-wide _capacity_. We believe, then, that per-user throughput of 50 Mbps is a more reasonable – but clearly still remarkable – working assumption, with up to 300 Mbps peak throughput realized in some deployments over the next five years. The possibility of reaching higher throughput than that exceeds our planning horizon, but such is, well, possible.
|
||||
|
||||
## Reduced latency
|
||||
|
||||
Perhaps even more important than throughput, though, is a reduction in the round-trip time for each packet. Reducing latency is important for voice, which will most certainly be all-IP in 5G implementations, video, and, again, in improving overall capacity. The over-the-air latency goal for 5G is less than 10ms, with 1ms possible in some defined classes of service.
|
||||
|
||||
## 5G network management and OSS
|
||||
|
||||
Operators are always seeking to reduce overhead and operating expense, so enhancements to both system management and operational support systems (OSS) yielding improvements in reliability, availability, serviceability, resilience, consistency, analytics capabilities, and operational efficiency, are all expected. The benefits of these will, in most cases, however, be transparent to end-users.
|
||||
|
||||
## Mobility and 5G technology
|
||||
|
||||
Very-high-speed user mobility, to as much as hundreds of kilometers per hour, will be supported, thus serving users on all modes of transportation. Regulatory and situation-dependent restrictions – most notably, on aircraft – however, will still apply.
|
||||
|
||||
To continue reading this article register now
|
||||
|
||||
[Get Free Access][4]
|
||||
|
||||
[Learn More][5] Existing Users [Sign In][4]
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3385030/5g-a-deep-dive-into-fast-new-wireless.html#tk.rss_all
|
||||
|
||||
作者:[Craig Mathias][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Craig-Mathias/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/article/3203489/what-is-5g-how-is-it-better-than-4g.html
|
||||
[2]: https://www.networkworld.com/article/3354477/mobile-world-congress-the-time-of-5g-is-almost-here.html
|
||||
[3]: https://images.idgesg.net/images/article/2017/06/2017_nw_5g_wireless_key_features-100727485-large.jpg
|
||||
[4]: javascript://
|
||||
[5]: /learn-about-insider/
|
||||
Loading…
Reference in New Issue
Block a user