Study a career in cybersecurity, how to become an expert in the field!

We live in the digital age, where many companies leverage technologies to grow and evolve. It is a new connectivity model to communicate with users through different channels, exchanging information in a simple, fast and comfortable way.
However, access to these technological advantages requires some resources managed over the Internet, such as the cloud and the IoT world. As the technology used follows a continuous development process, becoming more sophisticated at times, cyber threats evolve at the same level.

That’s why cybersecurity infrastructure needs to be effectively addressed. The theft of information or data has become a common activity in our society and it is essential to keep up with its risks. For this reason, companies must have the implementation of security strategies that are able to eliminate such threats. If you are interested in studying cybersecurity and dedicating yourself professionally to this booming sector, read on and we will tell you more about it. How to become a hacker? What is the cybersecurity career like and what are the steps to follow?

Different ways to access the cybersecurity sector

More and more media reporting security breaches generated in large companies. For this reason, technology security experts have become part of the team of many of them. If you are wondering how to study computer security to get you fully into the world of cybersecurity, you have several options. The most classic is to study a technical degree, such as computer engineering and cybersecurity, and then reinforce it with some specialization through postgraduate or master’s studies.

However, many stakeholders are betting on other alternatives without having to study a career. In fact, you can directly access a specialized degree in the cybersecurity sector, although you should know that there are not many centers that have this option.

Another way envisaged are vocational training cycles, mainly for those students who are only practically motivated, something they can also perform in a self-taught way to move forward. There are many public and practically free programs where you can get very good basic training in computer systems or application development. From there you can make the leap to cybersecurity through complementary training and certifications that you can get on your own.

Later we’ll talk about cybersecurity courses or intensive courses known as cybersecurity bootcamp that, in theory, prepare students to jump into the job market in less time. How? By including a focused agenda around a number of small classes that only serve as something if there is a good pre-based basis.

There are also short and specific courses that are an excellent complement to university training or higher grade training cycles. On their own, however, they do not offer knowledge strong enough to address at the technical level everything that encompasses computer security, from programming languages to methodologies or procedures, to even notions of legislation.

In short, the path to the world of cybersecurity can vary depending on the needs and concerns of each person. Any of these possibilities are valid to train in this profession, although not all of the means used are so beneficial.

To what extent is it important to study a career?

As we mentioned, cybersecurity is at its peak, hence several universities have decided to include in their curriculum the expected degrees in Cybersecurity. In any case, some of them have added it as a specialization that is part of the Degree of Informatics, in fact, it is what we studied at the Carlos III University of Madrid. But is it really necessary to have a higher degree to work in computer security?

There is no doubt that studying a Computer or Telecommunications Engineering is a more than valid start. However, people who have opted for this career and have decided to pull for cybersecurity will need to acquire more specific specialized training.
Studying a career or engineering is not essential, but doing so is quite recommended for a simple reason, which is that higher education will always give you some fundamentals on which to focus the specialization to which you want to dedicate yourself. The university allows us to learn the most essentials and will allow you to lay the groundwork for creating and researching what comes next. College isn’t the only means we have, but it’s the best way to get started in this field and any other.

In addition, studying a degree such as Computer Engineering will provide you with solid knowledge, which will become a considerable encourage for companies looking for such profiles. And if the degree in question has a mention of cybersecurity, the technical profile will become very attractive to start a career in a large company.

The options are several, although some experts claim that the most recommended careers in this regard are: Computer Engineering (software or systems) and Mathematics.

The determining factor that leads a company to hire a professional is specific training and they have experience. However, when it comes to positions of great responsibility such as a security director, large companies tend to bet only on qualified profiles. Best of all, if you want to engage in cybersecurity, you don’t necessarily have to be a superior engineer.

The new reality behind Covid-19 has led many companies to implement major changes, using technology as their transformative axis. That’s why cybersecurity is giving so much to talk about and its training has undergone some changes to suit the student’s needs.

Teacher-student interaction has changed and, in addition to face-to-face classes, the student can use different telematics options and study online, although this measure will require a higher level of commitment on their part. In the approach to cybersecurity remains the same, what has increased are the possibilities to study it, leading to remote training.

Specialized courses

The field of cybersecurity is very broad, although it is currently spreading further for anyone who wants to specialize in a specific area. There are certain certifications that, today, are being in high demand at the labor level such as CEH (Ethical Hacker Certificate), CHFI (Forensic Computer Piracy Investigator) and OSCP (Professional Certificate in Offensive Security). Certifications on products such
as IBM QRadar SIEM
from IBM have great market value.

Similarly, other complementary training that is increasingly being demanded among cybersecurity experts is that of legal and ethical issues.

To get us a rough idea we have the reference guide to the CISO White Paper, an initiative of ISMS Forum Spain (Spanish Association for the Promotion of Information Security), in which several directors have worked information Security to provide information regarding the number of functions and responsibilities associated with the cybersecurity sector. In fact, the number of certifications inherent in this figure is spectacular.

The student leaves the university on a general basis, although the real problems are seen on site in organizations and companies. Either way, this knowledge must be completed through specific cybersecurity learning. In this sense, specialized courses or bootcamps are a great bet to continue training in subjects such as forensic analysis, system securization or ethical hacking.

Seeing the heyday of computer security, some institutions specialized in consulting or advising on security projects, offer face-to-face and online courses, as well as specific certifications of great consideration in the sector. They even propose a specific action plan to enhance that knowledge.

Complementary training in law

Most of these specialized courses and these certifications are essentially technical. However, cybersecurity professionals must control other important issues inherent in the legal aspect.

In this sense, law has become a key thing that needs to be managed and controlled. Many cybersecurity experts believe that today’s professionals should have training in ethical and legal matters. Many techniques or tools to use may have the title of illegal in some countries.

The legislative field surrounding computer security is being expanded and increasing, hence some professionals are obliged to train in it: NIS, PSD2, GDPR, among others. The time spent on this need can be an inconvenience, as it cannot be used to obtain greater technical knowledge or improve those acquired. However, no knowledge of law is needed at an advanced level, only from a basic point of view to know the most important thing.

It is not the only thing, as it is also recommended to develop and improve the communication capabilities (written and oral) so that others understand us correctly. Keep in mind that this profession will lead you to report or expose problems or situations orally.

However, this complementary training will be acquired with time, even more so if you have your sights set in a position of greater responsibility. At the moment, the most important thing is to form in cybersecurity in order to apply that knowledge in our professional career. Everything else will gradually arrive, mainly when you have concerns that want to be resolved.

Once my training is complete, what do I do now?

You have to arm yourself with patience because the cybersecurity specialization comes over time. In fact, more and more specific studies appear on this sector. A person cannot gain knowledge overnight. In addition, it is necessary to acquire some experience before starting it.

To make this possible, some companies have generated new resources or areas of readiness at the service of the next generation of cybersecurity professionals. It is also possible to access certain events called CTF (Capture The Flag), equipped with different challenges to implement the knowledge. The idea is to make encounters with computer security lovers to demonstrate their skills in the world of hacking. One of the platforms that make it possible is Hack The Box, an initiative that will allow you to solve problems and make important contacts. However, to get an invitation you will have to hack the web, another challenge to beat.

There’s also no excuse not to practice on your own. There are amazing alternatives like Virtualbox, where you can create a custom lab. In this way you will be able to test different operating systems, explore their weaknesses, offer security solutions and even try to reinforce their weaknesses in the face of the execution of certain actions.

The important thing is not to stay in the general knowledge but to continue training with market-leading technologies. If computer security is something you are passionate about, research and will improve a lot, even through self-training, something complementary to what you will see every day in your work and that will allow you to not only improve your working conditions but learn and enjoy a lot.

Cybersecurity exits, functions and salaries

These experts should develop different strategies to prevent cyberattacks. When implementing these security measures, it is essential to work as a team, although any cybersecurity specialist who is self-considered must cover these tasks:

  • Plan and develop security measures
  • Create internal or external cybersecurity audits
  • Manage the teams that establish security measures
  • Locate and prevent potential cyberattacks
  • Manage and improve the security mechanisms used
  • Ensuring compliance with regulations related to data protection and storage
  • Protect IoT environments such as those

    used in industries and hospitals

The average salary of one of these specialists is around 30000 and 100000 euros per year. The lowest salary concerns qualified technical professionals who have less responsibility and have less experience. This is the case with a security technician or network technician. On the other hand, the highest salaries are for the directors of information systems.

As for the professional outings of these cybersecurity figures there are many, although from here we can give you some ideas about it:

  • Ethical hacking
  • Computer security consultant
  • Security Manager (networks and systems)
  • Cybersecurity Project Manager
  • Architect of risk analysis or security systems
  • Technological judicial expert
  • Sales or cybersecurity control engineer
  • Forensic computer analyst
  • Data protection manager

Get trained in the 10 best paid technologies of 2021

The physical world is getting smaller and smaller, yet the digital world is growing rapidly. Every day millions of people demand services that allow them to facilitate their day-to-day life as well as allow them to stay connected. For this reason, the work of the technological area requires specific and novel skills. Large corporations no longer want comprehensive professionals who manage multiple segments, want professionals with disruptive skills… skills that make them a specialist in a specific segment. Today we will talk about 10 technologies that during 2020 were highly quoted by large companies and that in 2021 promise to be the highest paid of the moment.

1. Mobile app development

A large percentage of companies bet on mobile apps for growth or consolidation in the market. Mobile apps are more dynamic and user-friendly compared to a web page, in that sense, organizations set apps as a technological priority that allows them to interact efficiently with users. This will be one of the most demanded technologies in the coming years.

In this segment, the design and development of mobile applications for recognized platforms such as iOS and Android are highly valued skills. Knowing the programming languages for apps is essential as it is also ideal to know the use of frameworks that streamline the work. Businesses want fabulous apps, but they also want to quickly implement their project!

The average salary an application developer who knows procedures of programming, testing and debugging errors, documentation, and also possesses communicative skills with other professionals of the company is more than 110,000 euros.

But that’s not all! Professionals with mobile video game development skills will get better salaries in 2021. Experts point out that by 2021 5G technology will have greater market penetration, the great speed of this network will allow millions of users worldwide to play from their smartphone without using their PC.

2. AI and machine learning

Artificial intelligence and machine learning are two attractive segments for professionals who want to specialize in technologies that will dominate the market for several decades. Developing hardware and software capable of intelligently processing and analyzing data to perform tasks more accurately and effectively represents one of science’s greatest achievements in recent years.

This new technology is promising, and every organization or technology brand wants to have an AI specialist within their team. Programming these computers is very complex, requiring thousands of algorithms that allow the software to have an analytical capacity for decision making, although it can be a little more complex when creating algorithms that allow the software to learn from all the procedures performed.

An IT professional with such knowledge can opt for jobs with wages between 100,000 and 150,000 euros. Although large corporations like Google, Facebook, Tesla, Amazon… they usually apply for dozens of professionals with AI and machine learning skills,being corporations that pay high salaries that can exceed one million euros. Do you want to train in AI? Check out our Watson courses.

3. Computer Vision ( ComputerVision)

Generally, it is often associated with AI technologies and machine learning,this is because computer vision software employs a type of machine learning when recording data for later use. Computer vision engineering is based on scripts and lines of code that allow devices to interpret images and videos from data already supplied to the software as well as by obtaining new data from the use of cameras, sensors and other technological elements. A computer vision technology professional can earn an average of between 120,000 euros and 150 euros a year. This type of skill is demanded in a large number of industries that use automated production systems.

4. Business Intelligence (BI)

It is a technology that uses data processing to create accurate and efficient reports that allow you to manage the company intelligently. BI analysts are generally people with experience in data science and other database technologies, but who have specialized in transforming information or data into business knowledge.

These specialists are listed on the market with salaries averaging between EUR 80 000 and EUR 120 000. Such professionals are essential in large corporations, as they provide truthful and accurate information regarding the company and its market position, competition behavior, number-based strategies…

With the knowledge provided by this new skill or technology, companies can reduce their margins of error to the maximum during decision-making. They can know which strategic areas to allocate more resources as well as areas where expenditures should be adjusted or resource savings promoted.

5. Cloud computing

Cloud storage is one of the fastest growing technologies in the IT area, and is expected to be one of the best-paid technologies in the coming years. It shows this is the creation of dozens of data centers in Spain by large corporations such as Amazon, Microsoft, Google and Facebook. These data centers will be part of a robust cloud that will support millions of companies looking to store their information on secure, external, and reliable servers.

Cloud computing experts are professionals capable of providing platform and database migration solutions to the cloud as well as professionals eligible to support, plan, manage, and service for all cloud-hosted resources.

The average salary of a cloud computing specialist is 120,000 euros. This will be one of the highest-paid technologies in the coming years, as companies want to opt for professionals that allow them to work with the scalable and reliable resources offered by long-track clouds such as AWS or IBM.

6. Development of software and APIs

Companies in the coming years will continue to bet on customized and autonomous developments that allow them to grow freely.

Over the past few years, pre-designed software has threatened the field of work of thousands of programmers, as many software like SAP increasingly offer advantages and tools spanning a greater number of areas across multiple industries. However, personalization is an eye-catching theme for businesses and new entrepreneurs. By 2021, organizations looking for unique software will be thousands, perhaps millions of individual projects will be implemented in the coming years. Even for these management tools like SAP, which promise to do everything, there will be thousands of projects in native ABAP language.

But not only will software be sued in 2021, the use of APIs to connect tools, platforms and database is gaining ground. A specialist capable of designing, planning, coding, debugging and implementing software can earn 120,000 euros, but if you have the skills to develop APIs, you can earn more than 150,000 euros.

7. Wired and wireless networks

The technological world grows and together with it all the networks that connect millions of devices in the world. The number of IP networks in the world is expected to double the number of the world’s population several times in the coming decades. For this reason, being a network specialist will remain one of the highest-paid technologies in the coming years.

Companies that have managed to consolidate as well as those that are growing rapidly allocate a significant percentage of their economic resources to the creation of networks that improve their operations and increase the level of security of the data they transmit. Even when the economy is not flattering for industries, network investment should be stable, as it is a vital part of any organization’s operations.

A professional with knowledge of wired and wireless networks can enjoy a salary of 140,000 euros, being one of the best pay technologies.

8. DevOps

DevOps is a term generated by shrinking the English words development and operations. This term refers to methodological procedures for software development, having as its main axis communication, teamwork and integration between different IT professionals. This is one of the most demanded technologies today, combining multiple skills with the intention of achieving a product or end goal with the highest possible quality.

This type of professional participates in all the essential phases for the development of an IT software or project, exercising a role as auditor and supervisor. The DevOps specialist should analyze the product or project and integrate it with the software, equipment, and hardware available to study its behavior. After auditing and integration testing, you can formulate recommendations and new guidelines for your deployment or debugging of errors.

The salary of a DevOps professional can reach 140,000 euros, although if the professional has experience and certifications, he will be able to obtain salaries of more than 160,000 euros.

9. Cybersecurity

Specializing in a cybersecurity career will be one of the most successful decisions in 2021. This is because cybersecurity salaries are around 120,000 euros. This type of professional must possess skills to audit systems, networks, and working methods in organizations, so you can create lines of action against threats, vulnerabilities, and potential computer attacks.

When professionals who specialize in a cybersecurity career gain more experience they can opt for managerial jobs. Cybersecurity salaries for a manager average between 140 000 and 150 000 euros, being a type of professional who must possess leadership skills, planning and training of professionals in relation to the security of information systems. A manager must create and document a security model capable of dealing with any modern attack or threat. In addition, you should monitor that each of the guidelines in that document are effectively complied with. Certifications such as CISSP or IBM QRadar SIEM products are one of the most valued on the market.

10. Big Data

It is the ideal specialization for people who have studied computer science and also enjoy mathematical skills. Big data salaries are the highest in the technological area, on average these professionals usually earn between 140,000 and 150,000 euros. Based on your experience and certifications, the salaries of a
big data professional
can increase considerably.

This technology combines knowledge of softwarearchitecture, hardware, and database to create efficient technology management models within an organization. Database design, implementation and management are presented as essential tasks in this type of technology. Big data specialists are responsible for analyzing the feasibility of external data sources for acquisition as well as complying with communicative procedures with data scientists to obtain resources from databases. These resources are usually raw data or raw data that the big data specialist translates or transforms into tangible information for business, administrative, or business use.

We invite you to consult our catalog of official IBM trainings on

all these technologies and consult us if you want to have our team to train you in them.

Top OT cybsersecurity solutions for Industry & Healthcare

Introduction

Today’s industrial control networks are a hive of interconnected devices designed to work together as a whole. If the mechanism fails at any point, it can trigger a serious domino effect. For example, communications systems are needed to advise power plants on the amount of electricity available in the network and to regulate its production. A hospital depends on its own networks to send diagnostics to customers and a car factory has complex robots that are also interconnected. Although not everything is accessible on the Internet, there are many ways to access these environments and the risk is growing exponentially.

In general, each of the 16 Critical Infrastructure Resources (CIKR) are highly interconnected and are generally affected by similar vulnerabilities and attack vectors.  Securing CIKR is difficult due to many factors. These environments were initially planned to be independent, so no online defense was required or implemented. They also manufacture goods and operate non-stop for thousands of hours, so downtime, except for repairs and patches, would have a significant impact on the business. Few hospitals upgrade an X-ray machine if it works and does its job, nor does a grav conveyor or uranium centrifuge. This is a problem because old hardware and applications are prone to create problems when exposed to modern attacks.

CIKRs have been reluctant to adopt newer technology because their design has been able to reliably deliver a result that is necessary for our modern society over the years using their own protocols, processes and security systems (however old they may be). The vast majority of WO systems operate on a day-to-day basis without significant error. However, the risk of supporting legacy applications and systems even since the late 1980s is increasingly high.

Medigate

Medigate is our preferred solution for making hospitals and medical centers safe and free from cyber threats. It identifies the nature of the attack so the user will have the ability to prevent a rash action or be targeted. The clinical context will help in identifying the development of chaotic human behavior. Device profiles will help you manage device lifecycles and offer additional network security as a result. Medigate and Check Point have come up with an advanced security solution for implementing the Internet of Things (IoT) and IoMT networks. The combined solution of Check Point with Medigate establishes quick and effective security monitoring for Hospitals. The key features include:

  • Realistic and holistic medical device registration.
  • Mapped-automated anomaly detection.
  • Policies are generated from device attributes.
  • “Single pane of glass” for all content produced by Medigate on Check Point Smart Console.
  • Automatically activating IPS flagging of known Internet of Things exploits.

Security experts wonder whether the security mechanism of online hospitals hasn’t been developed differently. This should be seen as another hint that plenty of legacy networks were never made with data security in mind, placing vital resources and lives at risk. Of course, layers of Cyber defense safety can be added today. The only real difficulty is to design and enforce appropriate layered layers of internet security. Another way to do this is to bring security programs into applications. This would be the safest decision in the long run. Long story short, the transition will take a long time. Updating the equipment of such facilities would come with an equal magnitude of risks as the installation of security systems.

Medigate’s passive platform can be installed by hospitals and security system integrators very easily and is integrated with Check Point’s R80 management system and Security Gateways. Once connected, the medical device security platform shared the identification information of the device and application information with Check Point’s Smart Console. This enables a full view of the screen for a screencast of both devices. Due to granular visibility in surgical devices, medication’s effectiveness is assured. Medigate takes advantage of deep packet inspection to monitor devices by specific identifiers, including setup, usage, performance, and location. This enables both systems to be displayed simultaneously to the Check Point Smart Console, removing the need to flip back and forth between dashboards.

The ability to tag medical devices by connectivity type, model name, and vendor enables more granular policies management. Medigate checks what is changing in the network every hour to ensure that the tags stay current.

Tenable.ot

The heart of a company is a computerized network of controllers that transmit and receive commands. Programmable Logic Controllers (PLCs) and Remote Terminal Units (RTUs) are industrial equipment that acts as the bedrock of industrial processes. Operations infrastructure now has a large scale attack surface and multiple attack vectors. If we are not able to monitor access to the info, there is a strong risk of getting targeted.

Tenable.ot (formely know as Indegy ICS) is designed to protect enterprise networks from cyber threats, malicious insiders, and human error. Our solution also offers vulnerability identification and avoidance, asset tracking, reporting, and managing the setup of a Wi-Fi network. Industrial Control System (ICS) protection and protection is improved dramatically. The approach provides a clear situational understanding across all departmental locations.

When making investment decisions in OT systems, the cost is still a concern. In order to finance the initiative, we must transfer the costs to users of the services. These innovations are not affordable since the users of the goods produced by this technology have fixed-capital costs included in the cost of goods sold. Increased investment in technology along with its short life span would be costly. Many of the costs of recycling would not be passed down to consumers because of federal legislation. The sector has failed to come to a consensus about the consequences of protecting their OT processes, and how to finance those improvements over the decades.

Just recently no evidence there needed to be special strategies developed to defend against cyber-attacks. On the rise are cyberwar scenarios and as a result, users and companies should be safe as well. The urgent need is for authentication mechanisms to protect UTM/OTM so that system administrators can protect and safeguard their systems from end to end.

Integration of QRadar SIEM

QRadar is a security information solution that offers real-time monitoring of the IT networks. We offer a broad variety of QRadar solutions including core SIEM parts and associated additional hardware.

The key feature of the QRadar SI Platform allows the acquisition of security information in real-time. The solution will gather data from attached logs to analyze abnormalities and produce disturbing warnings until a security threat is identified. This unique appliance recognizes, evaluates, and tracks security, enforcement, and policy threats in networks. It allows network administrators and others to decide on proactive network safety initiatives.

This module scans your computer network for bugs, as well as looks at the data obtained from other hackers (such as Nessus and Rapid7). Using our system to address network security issues. In addition, this lists the index of vulnerabilities that can be further used in connection rules and reports by IBM QRadar Vulnerability Manager. This module would help you inspect your computing devices within hours or even minutes.

Ensuring security using Next-Gen SIEM

  • Security vendors will use machine learning and artificial intelligence approaches to bypass old security tools that are using static laws. You can deter unknown attacks by using a big data analytics-based next-gen SIEM service. Machine learning systems evolve easily and are capable of identifying advanced threats that law- or signature-based detection systems can’t identify.
  • Behavioral analytics can be used to track insider danger and spying practices. Understanding the entire body of “Behavior Anomaly” is a key to identifying an insider danger at an individual and community level. Insider attacks stem from breaking into access rights they have been given. These malicious actions may be identified using a next-gen SIEM that introduced powerful behavioral analytics.
  • Good emergency response systems are important to disaster management. Cyber threats that are not stopped are also had detrimental consequences. In delivering and sustaining company instruction on the procedures to conduct in the event of an assault, your organization minimizes the harm of an attack.
  • Physicians should ensure their medical data stays private and limited to approved persons. The EMR documents contain health information, so it is important to keep the medical details private. Usually, Legacy SIEMs enable organizations to mix confidential patient data with other IT data as well as enforcement details a next-gen SIEM solution offers all of the privileges required to preserve data security, such as anonymization of data, role-based access management, data filtering or erasure, and a full audit trail.
  • Healthcare companies are subject to more legislation in today’s culture. Next-gen SIEM technologies deliver out of the box and ad-hoc reporting to satisfy regulations like HIPAA, HITRUST, GDPR, and others.

Conclusion

Healthcare practitioners are mindful of the necessity of preserving patient records. Healthcare security is under attack by both external and internal threats, making it imperative to protect individuals Personal Health Information (PHI). There has been a substantial rise in the cost of healthcare, and companies are being targeted for their information and results. The organization often faces stiff regulatory pressure which punishes careless or mischievous mishandling of data.

We must keep in mind to provide sufficient protection in our enterprise climate. This form of networking can help us learn more about what is happening in our machine as well as the internet. One of the most common tracking and analysis techniques is Security Information and Event Management, which collect information such as computer device events and archive and process them. Special attention should be paid to installing SIEMs in OT networks and the peculiarities of these networks should be borne in mind. We can help you to deploy and integrate IPS, SIEM, and IDS. Contact us!

OKD V4 is finally out – new features and everything you need to know

As you might know OKD is the community version of Red Hat OpenShift powered by Kubernetes. After using OKD 3.11 for quite some time, many developers that use this distribution of Kubernetes were looking forward to OKD 4. Like any other platform, OKD was updated to fix some of the issues in the previous versions and also to add features and functionalities that could make the platform more robust and user-friendly to developers. Version 4 of OKD was released in July 2020, and if you want to know what this version has to offer, this article is for you. We shall discuss the new features and everything you need to know about OKD4 and how you can install it on the various cloud platforms. Make sure you read it till the end ;)

New features in OKD v4

There are lots of new features and functionalities in this new update.  Below are some of the major ones that you need to know.

  1. Operator lifecycle manager (OLM)

OLM is one of the features that several developers have been looking forward to having in OKD. What Operator lifecycle management does is helping cluster administrators in installing, upgrading, and granting access to Operators running on their cluster. The role of this new feature is to make the work of cluster administrators more seamless than it was in the previous versions of OKD. OKD v4 has an organized list of all operators with the ability to load other operators into the cluster. It also handles role-based access control for certain teams to use certain operators. With this version, rolling updates for all operators are handled by the Operators lifecycle manager as well.

  1. Cluster maximums

With this new version of OKD, you can use the OKD limit calculator to know the cluster limit for your environment. So, you can get to know ahead of time the maximum number of clusters that can be deployed in your environment.

  1. Node tuning operator

OKD v4 now has the node tuning operator functionality that helps developers manage node-level tuning by orchestrating the tuned daemon. This feature is very crucial when deploying high-performing applications that need some level of kernel tuning.

  1. Cluster monitoring

With this feature, developers can configure horizontal pod autoscaling (HPA) based on the custom metrics API. Despite its availability in this new version of OKD, this feature still has a couple of limitations that include; the adapter only connecting to a single Prometheus instance to use Prometheus and also having to manually deploy and configure the adapter.

Another limitation with this feature is the fact that the syntax for Prometheus Adapter could be changed in future updates of the software.

  1. New alerts are now integrated into the UI.

In this version of OKD, you can view all the cluster-level alters and also alerting rules all within the new OKD web console.

  1. Telemeter

Telemeter helps to provide information about the cluster-related metrics that could be of importance to the people using OKD. So, with telemeter, it is possible to Gather crucial health metrics of OKD installations, enable a viable feedback loop of OKD upgrades, gather the cluster’s number of nodes per cluster and their size (CPU cores and RAM), gather the size of etcd, and also gather details about the health condition and status for any OpenShift framework component installed on an OpenShift cluster.

Other features include the following;

  • Multi-stage Docker file can now be accessed within all Docker strategy builds
  • Instead of being managed by the oc admn registry, the registry is now managed by an operator.
  • On top of the registry, an operator now also manages and configures the cluster network. Monitoring and upgrading of the cluster network is also the responsibility of an operator.
  • OKD 4 also has a new feature called multus, which is a meta plug-in for Kubernetes Container Network Interface (CNI), which enables a user to create multiple network interfaces for every pod.
  • F5 router plug-in is now not supported within OKD. It can now be got from a container connector that was created by the developers of this plug-in.
  • The user interface of the platform also has a slightly new look to make it easy for the developers to find the features they need.

Upgrading to OKD4

At the time of release, the option of updating OKD from version 3.11 to version 4 was not available. You have to perform a new installation of Openshift 4 independently. If you are using cloud platforms like AWS, bare metal, and vSphere host, it is possible to install OKD with a user-provided infrastructure.

Final thoughts

This new update of OKD is something every developer that was using version 3.11 of the platform should be looking forward to. It has lots of interesting features and a refreshed UI like we have seen above. The goal of this update is to make developers and operations engineers more productive while executing their tasks with OKD.

If you need training, check our OpenShift and Docker + Kubernetes workshops and contact to schedule your free course demo.

Sign up for our free IBM QRadar SIEM webinar

Get to know from our experts the reference SIEM solution and leader year after year in the market: IBM QRadar SIEM. One tool allows to separate the grain from the straw being able to correlate millions of events from servers, computers, network electronics and immense external knowledge bases such as IBM X-Force allowing us to prioritize and optimize the time and efforts of our cybersecurity analysts.

Anticipating sophisticated attacks requires a mature, powerful and flexible SIEM solution to implement the latest attack prevention and information theft methodologies. Given the enormous interest in this technology, we offer once a month an intensive course in webinar format taught in English and totally free.

The next edition will be on Monday, January 18, 2021 at 15:oo London, 10:00 New York

In this first webinar, we’ll talk about existing architectures, from All-In-One environments to the ability to deploy some or even all of the cloud infrastructure, protecting our environments on AWS, Azure, or Google Cloud. We’ll stop to discuss what’s new in the latest releases, multi-client environments, and the challenges of environment migrations and updates. We will discuss the philosophy of the product and how to make the most of its powerful rule engine. We will discuss solution costs, licensing options and discuss the latest success stories among our customers. This workshop is based on our popular cybersecurity analyst courses, QRadar SIEM management and advanced product usage. The webminar will be fundamentally practical and during it, we will perform various live demonstrations.

Online seminar agenda

  • Introduction of IBM QRadar SIEM
  • On-site and cloud solution architecture
  • What’s new in the latest versions
  • Improvements over competitors: Splunk, LogRhythm, Exabeam, Rapid7, Fireye
  • Product demonstration
  • Success stories
  • Open debate, pleas and questions.

Although it is an online seminar, places are limited. Sign up right now. We will send you an email a few days in earlier with all the details and information needed to connect.

 

Sign up for our free Red Hat OpenShift 4.6 webinar

At Sixe Ingeniería we want to release the latest version of Red Hat Openshift Container Platform 4.6. Our preferred technology for container-based and PaaS (Platform as a Service) workloads in general. That’s why we offer every month an intensive course in webinar format taught in English and totally free. We will start from scratch and there is no need for previous experience in docker or kubernetes (technologies that we will talk about briefly during training).

The next edition will be on Tuesday, January 19, 2021 at 15:oo London time and 10:00 in New York time.

 

In this first webinar we will talk about the existing reference architectures, their relationship with Kubernetes and the possibilities we have for their installation. We’ll cover both deployments in our data center and our favorite cloud provider (Google, Azure, AWS, IBM). Not forgetting the mixed environments also known as hybrid cloud, where we choose which applications we will deploy “on-premises” and which “off-site” or directly in the cloud. We will discuss the costs of the solution, the available security layers and also discuss the latest success stories among our customers. This workshop is based on our popular deployment and operations course, from which we will borrow some examples that will allow you to understand through a few short live demonstrations, the potential of this technology.

Online seminar agenda

  • Introduction of Red Hat OpenShift 4.6
  • Red Hat OpenShift Container Platform Architecture
  • Deploying the solution
  • What’s new and migrated from previous versions
  • Success stories.. and failure (spoiler: no client our xD)
  • Open debate, pleas and questions.

Although it is an online seminar, places are limited. Sign up right now. We will send you an email a few days in earlier with all the details and information needed to connect.

 

Myths and truths about security in Red Hat OpenShift

Many of our customers are planning to start using Red Hat OpenShift, our preferred container orchestration platform. Its advantages can be summed up in that it allows a progressive modernization of existing applications and the deployment of many others that, for what to deny, with a design based on micro-services are imposed on many new IT architectures. Just thinking about never having to “prepare” a machine again (installing operating system, configuring network, security, installing libraries and dependent software) every time we want to deploy an environment justifies giving this technology a try.


Kubernetes
is to containers what OpenStack went to Cloud environments. An open source solution, which allows us to share a portion of the infrastructure available in our data centers: servers, networks, storage in resource pools on which to deploy, automatically various workloads. Through a self-provisioning portal, our developers will be able to not only deploy the environments they need to make their applications work perfectly, but also automatically and continuously verify that those applications are working properly. If a developer’s “commit” at the last minute of the day causes a bug, you can go back to the previous day’s version without anyone having to intervene.

If we add to this the ability to make gradual deployments, where a small percentage of users enjoy a new version of our application while the rest continue to use the latest stable version; high availability that works without any additional configuration, resource allocation (developers, memory, CPU, disk space, IP address assignment) per project, or the ability to measure in real time what part of our infrastructure we are using, at what level of efficiency and with what results, few system managers will say no to such a wonder. Not forgetting the ability to automatically scale applications by adding or removing containers as needed.

Luckily or unfortunately, noor all is in the hands of the system managers. What about security? What do CISOs think? Let’s to go over some “myths.”

OpenShift is tremendously safe by design. In our opinion, its basic technology (containers) is as secure as the Linux Kernel is at all times. That is, container processes are separated by linux kernel “namespaces”, the resources they use by “cgroups” and their security, and their context by SELinux. It’s powerful, yes, but we’re still sharing a kernel among many containers in each one. and the kernel needs to be patched, also for security reasons. The inclusion of RHCOS (Red Hat Core OS) has allowed us to make great progress in recent times in terms of the security of the operating system on which this Kubernetes distribution runs. However, since the RHCOS nodes are intended to operate with little change, it is important that any security-related improvements to those nodes are done with extreme care. it’s not going to be that we get the opposite effect.

The images we download are always verified and your code audited by Red Hat. Well, actually access to container images (downloaded or own) are managed in a similar way to RPMs. There are public or private repositories that we connect to, with their keys and their signatures. Vulnerabilities keep coming out every day so we need to have some kind of solution that monitors the contents of the container images available in our repositories, especially images downloaded and installed in our environment.

OpenShift supports JFrog Artifactory, Black Duck Hub, and Docker Trusted Registry. Red Hat CloudForms SmartState can also be used to mark vulnerable images in such a way that OpenShift prevents those images from being used. They are also useful for applications that perform static application security (SAST) testing and dynamic application security (DAST) testing, such as HP Fortify and IBM AppScan.

OpenShift has a robust and secure authentication system. Each OpenShift cluster actually uses user, group, and role accounts.

To manage each user’s access to OpenShift components and be able to verify each user’s identity, the cluster will connect to different identification providers (OpenID, LDAP, Active Directory, Github, etc.). Each of which will have its own configuration, advantages and disadvantages.

Isolation of networks and communications between OpenShift projects is sufficient. It is robust, because it is based on the network components of Kubernetes, but there are operators and plug-ins that can help us isolate the different networks or give dedicated accesses to certain network cards using technologies like SR-IOV. Plugins such as Multus-CNI that allow this and other functions, complementing the features of the Cluster Network Operator (CNO), the CNI’s “Container Network Interfaces” and CoreDNS .

Interested in knowing more about OpenShift? You may be interested in our three-day intensive Red Hat OpenShift 4.X course. We also offer official IBM training if you want to deploy IBM Power Systems servers.

 

Deploy OpenShift 4.6 in five minutes on your own laptop or server

Perhaps one of the challenges in learning about Red Hat OpenShift is having a good testing environment to understand the platform well, be able to deploy test applications, and be phesible with both the GUI and the command line. While a minimal cluster starting with OpenShift version 4 requires at least 6 nodes, there is an all-in-one system called Red Hat CodeReady Containers. It includes a minimum cluster of the latest OpenShift 4 version with a series of settings to work on a single virtual machine that we can deploy on our test servers, or even on your own laptop. Although it is a project aimed mainly at software developers, but that serves us perfectly, to learn how to configure and manage this platform.

What other differences exist?

  • There is only one node, which acts as “master” and “worker” at a time. You’ll see a lot of “warning” messages, but it’s not a problem.
  • Kubernetes Operators are disabled. Also monitoring to save resources.
  • Cannot upgrade to new versions of OpenShift. Although this is not a problem because we can download and run the new versions of this virtual machine that Red Hat is publishing regularly.
  • It is an environment that must be recreated from time to time. Red Hat recommends doing it once a month, but in our hands-on experience, every two or three days of use, it gets slower and slower and needs to be destroyed and recreated.
  • As it runs inside a virtual machine, it may be up to us to make some additional network settings by hand.

What are the HW and SW requirements?

  • Latest version of Red Hat or Centos 7.X or 8.X. We prefer Centos as the setup is faster.
  • 4 virtual CPUs (vCPUs)
  • 8GB RAM
  • 35 GB of disk space.

If none of this is a problem for you, you
can download the
image here. Please note that you need a Red Hat developer account (free).

You will see that in addition to selecting the operating system (there is an image for each type of “Hypervisor”), there is also a “secret”, this is still a kind of key-license, which will ask us during the creation of the virtual environment. Don’t download iton, but write down the “pull secret” in a notebook or similar.

If we are deploying the environment on Red Hat Linux, we will need to run these two commands to install and activate the NetworkManager:

$ su -c ‘yum install NetworkManager’

$ su -c ‘sytemctl start NetowrkManager’

We will also add a non-administrator user with sudo permissions, essential for everything to work properly.

$ useradd crc

$ passwd crc

$ vi /etc/sudoers

Allow root to run any commands anywhere

root ALL(ALL) ALL

crc ALL(ALL) ALL

With this user, we’ll download Code Ready Containers and launch the environment configurator.

$ su – crc

$ cd /home/crc/

$wget https://mirror.openshift.com/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz

$ tar -xvf crc*.xz

$ mv crc-linux-1.xxx-amd64/* /home/crc/bin/

$ crc setup

The latter is a necessary trick for DNS to work properly

$ crc start -n ‘8.8.8’

After a few minutes you should see this message.

To access the cluster, first set up your environment by following ‘crc oc-env’ instructions.

Then you can access it by running ‘oc login -u developer -p developer https://api.crc.testing:6443’.

To login as an admin, run ‘oc login -u kubeadmin -p dpDFV-xamBW-kKAk3-Fi6Lg https://api.crc.testing:6443‘.

You need to set up a number of environment variables with

$ eval $(crc oc-env)

Now you can register as an administrator:

$ oc login -u kubeadmin -p dpDFV-xamBW-kKAk3-Fi6Lg https://api.crc.testing:6443

.. or as a developer:

$ oc login -u developer -p developer https://api.crc.testing:6443

If you don’t have a graphical environment installed on this server, you won’t be able to access the web environment (via crc console),but you can use Firefox on any other system where you have Linux installed.

You need to copy the contents of /etc/hosts from the server where you installed OpenShift at the end of your local /etc/hosts file

Next you’ll need to open a VPN via ssh from a desktop environment like Ubuntu to the server where you deployed OpenShift

$ sudo apt-get install sshuttle

$ sudo sshuttle -r root@remote-server-ip -x remote-server-ip 0.0.0.0/0 -vv

And now, if you open your browser and access https://console-openshift-console. crc.testing you’ll see the GUI

 

If you need to know more, we have hands-on courses from both Docker and kubernetes and OpenShift. Contact us without obligation.

Five things to know about our lab services

If your company needs technical help successfully completing its data center infrastructure and services projects, you’ve come to the right place.
Our deployment services and systems lab
help organizations around the world deploy the basic components of the next-generation IT infrastructure, from servers to storage systems and software.

Through short consulting, training, or service contracts, we help IBM, Lenovo, SUSE, and Red Hat customers and partners implement, optimize, and acquire the skills needed to get the most out of new private, public, cognitiveinfrastructure, and critical environments solutions in general. Our consultants bring great IT expertise as well as key insights to help companies get the most out of their technology investments.

All our services are provided either virtually or on-site anywhere in the world.

If you have never worked with our professional services here are five key points you should know about us:

1. We offer all your technical expertise.

We are a global team of technical consultants with experience in IBM Power Systems, IBM Storage and Lenovo as well as AI, cloud and security. Our teams leverage deep technical knowledge, along with proven tools and methodologies over many years and hundreds of projects.

Whether your organization is looking to deploy high-performance servers for multi-cloud, AI, blockchain, and analytics initiatives; secure your data with defined physical and software storage solutions; or maximize your infrastructure investments with software to help you accelerate workloads and simplify management, we can help.

2. We design new solutions together with our customers and technology partners

We are committed to a cooperation strategy to develop new business models, products and services. We collaborate with your organization, product development teams, and other companies that also provide services to your organization to design and deliver the innovative solution your business needs to win and grow in the market.

Together, following an agile approach, we evaluate your current environment and needs, define a roadmap, and design and implement the most valuable solution for and with you, so that in the end your team is fully trained to manage the environment and solution.

3. We help our customers acquire new skills that allow them to be prepared for the future.

Whether you’re migrating to new hardware, adopting AI storage solutions, or designing a multi-cloud infrastructure for enterprise transactions, not only addressing the current challenge, but we also transfer skills and knowledge to your team.

Skill transfer is a key component of our engagement model that helps ensure our customers have the competition to manage their solutions in the future.

4. We offer technical training.

Our courses and workshops take place around the world throughout the year to provide training to customers and partners. We regularly offer specific and comprehensive training sessions conducted by engineers, developers, or experts on our favorite IBM, Lenovo, Red Hat, and SUSE products to help our customers and partners learn, grow, and connect with developers, industry leaders, and executives from the companies we work with.

5. We help our customers adopt state-of-the-art hybrid cloud and artificial intelligence solutions.

We’ve helped many customers design multi-cloud hybrid infrastructures and deploy AI enterprise applications. We understand the challenges customers face around the hybrid cloud, and we can serve as trusted advisors at any stage of the journey to the cloud – from design to management and optimization. This includes support to help businesses move applications to the cloud more easily and, above all, securely.

 

 

Install IBM QRadar Community Edition 7.3.3 in ten minutes

After a long wait, the free version of IBM QRadar SIEM is finally available. This edition, called “Community” contains all the features of QRadar SIEM and requires little memory (works with just 8 or 10GB) compared to the at least 24G required for a minimum commercial version environment. It also includes a license that does not expire and allows you to install all kinds of plugins and applications. The objective is its private use for learning, demos, testing and fundamentally, development of applications compatible with QRadar. That’s why its capabilities are limited to managing up to 50 events (logs) per second and 5,000 network packets per minute, which isn’t bad :)

Keep in mind that one of the main drawbacks that does not bring support for all devices and environments of the commercial version. If we want to monitor a database, or a firewall, we will need to install each of the modules manually

What are the hardware requirements?

  • Memory: 8GB RAM or 10GB if apps are installed, i.e. a modern laptop can run.
  • Disk: 250 GB although our experience tells us that with about 30G is enough for ephemeral environments. Space is being used as SIEM is kept in use. If virtual machines are created and destroyed for short tests, it doesn’t take that long.
  • CPU: 2 cores, but 4 or 6 would be even better.
  • Network: Internet access, a private network, and FQDN hostname.

How do I install it?

IBM provides for this version an image in downloadable OVA format from this link. We no longer have to launch the installer on a CentOS system created by us and with the usual small bugs to correct, which is appreciated. Just have to create an IBM account, something that can be done on the spot and for free. The OVA image can be deployed to VMWare, KVM, or VirtualBox.

The installation process is quick and simple as shown in the following video:

 

New Free QRadar CE version 733New Free QRadar CE version 733

After which, you can start exploring and working by following the clues available in the”Getting started guide”

Once the environment is up and running, you can install applications

QRadar CE 733 Add an App from the App ExchangeQRadar CE 733 Add an App from the App Exchange

And even monitor the network of our house: phones, laptops, home automation systems, etc.

Use The Free QRadar CE to Monitor your Home's Network (flows)Use The Free QRadar CE to Monitor your Home's Network (flows)

Want to know more about IBM QRadar SIEM?

We offer professional services (consultation, deployment and support), official courses and certification bootcamps. Contact us without obligation.

 

SiXe Ingeniería
×