Categories
Articles

Thinking about automation: DDoS protection

One of the major causes of disruption on the Internet is Distributed Denial of Service (DDoS) attacks. Unlike “hacking”, these don’t require there to be any security weakness in the target system: they simply aim to overload it with more traffic than it (or its network connection) can handle. Often such attacks are launched from […]

Categories
Articles

Automation: Two ways

Earlier in the year, Networkshop included a presentation on Juniper’s Mist AI system for managing wifi networks. I was going to look at it – as an application I don’t know – as a test for my model for thinking about network/security automation. That may still happen, but first it has taken me down an […]

Categories
Articles

Thinking about blocking

Throughout the time I’ve been working for Janet, the possibility of using technology to block undesirable activity on networks and computers keeps coming up. Here are four questions I use to think about whether and how technology is likely to be effective in reducing a particular kind of activity: Where is the list? Any technology […]

Categories
Articles

The future of automated incident response

My post about automating incident response prompted a fascinating chat with a long-standing friend-colleague who knows far more about Incident Response technology than I ever did. With many thanks to Aaron Kaplan (AK), here’s a summary of our discussion… Developments in automated defence AK: Using Machine Learning (“AI”) in cyber-defence will be a gradual journey. […]

Categories
Articles

Does the AI Act allow automated network defence?

In response to my posts about the relevance of the draft EU AI Act to automated network management one concern was raised: would falling within scope of this law slow down our response to attacks? From the text of the Act, I was pretty sure it wouldn’t, so I’m grateful to Lilian Edwards for the […]

Categories
Articles

Thinking about automation

To help me think about automated systems in network and security management, I’ve put what seem to be the key points into a picture. In the middle is my automated network management or security robot: to the left are the systems the robot can observe and control, to the right its human partner and the […]

Categories
Articles

Automating Digital Infrastructures

Most of our digital infrastructures rely on automation to function smoothly. Cloud services adjust automatically to changes in demand; firewalls detect when networks are under attack and automatically try to pick out good traffic from bad. Automation adjusts faster and on a broader scale than humans. That has advantages: when Jisc’s CSIRT responded manually to […]

Categories
Articles

BEREC Net Neutrality Guidelines: good news for security

BEREC, the board of European Telecoms Regulators, has just published its updated guidance on enforcing the Network Neutrality Regulation. Jisc has been working with the Forum of Incident Response and Security Teams (FIRST) for nearly five years to ensure that this legislation and guidance didn’t discourage legitimate practices to secure the operation of networks: this […]

Categories
Articles

BEREC clarifies that permanent network security measures may be OK

Four years ago, Jisc responded to the Board of European Regulators of Electronic Communications (BEREC) consultation on network neutrality to point out that some security measures cannot just be temporary responses by the victims of attacks, but need to be permanently configured in all networks to prevent them being used for distributed denial of service […]

Categories
Articles

Net Neutrality: BCP-38 Seems OK

The Board of European Regulators of Electronic Communications (BEREC) have now released the final version of their net neutrality guidelines, following a public consultation that received nearly half a million responses. These seem to have resulted in clarifications of the draft version, rather than any significant change of policy. Jisc’s response raised a concern that […]