John Burke

John Burke, CTO of Nemertes, advises clients based on primary research in cloud, networks, automation, and security, and on his 30-plus years’ experience as an IT researcher, practitioner, and leader.

The case for declarative network automation

The case for declarative network automation

Some network teams are finding power and simplicity in the shift from telling devices what to do—imperative programming—to describing what they should be—declarative programming.

Zero trust requires network visibility

Zero trust requires network visibility

AI and machine-learning techniques are imperative in a zero-trust environment that depends on analysis of the behavior of every device, person, or system using the network.

Use zero trust to fight network technical debt

Use zero trust to fight network technical debt

Adopting a zero-trust approach can be the impetus IT teams need to expose technical debt and make sure all network components are capable of enforcing security controls.

Zero trust requires clear architecture plans before changing core systems

Zero trust requires clear architecture plans before changing core systems

Successful enterprises approach zero trust carefully, with the big picture in mind, before making changes to network access, data management or application engineering.

5G wireless WAN will have benefits beyond 4G WWAN

5G wireless WAN will have benefits beyond 4G WWAN

Cellular WAN connectivity has solid enterprise use cases with 4G, and as 5G rolls out, will become more attractive for its speed, reliability, and price.

How wireless WAN can make SD-WAN more agile and resilient

How wireless WAN can make SD-WAN more agile and resilient

WWANS can augment SD-WANs with failover, redundancy, and rapid set-up.

Rethinking the WAN: Zero Trust network access can play a bigger role

Rethinking the WAN: Zero Trust network access can play a bigger role

COVID-induced work-from-home prompted WAN innovations that demonstrate VPNs and SD-WAN aren’t the only good options.

Software-defined perimeter + Zero Trust: A good place to start

Software-defined perimeter + Zero Trust: A good place to start

Software-defined perimeter can be an important part of Zero Trust that enforces network access, but first plan the Zero Trust architecture and the changes that means for the network and security.

Cloud Security – Follow the Feds?

Last week the Feds had a coming out party for FedRAMP (Federal Risk and Authorization Management Program).  Originally announced in October, FedRAMP sets standards for privacy and security for cloud providers to meet in support of...

The Swiss Cheese Perimeter Defense

Since the beginning of the information security profession, the predominant model for security has been a location-centric model. The foundational control is physical access over a computer or computer facility itself. On top of...

Blog: Securing "the" directory

I use the quotation marks around “the” with respect to enterprise directory because there is almost never a single directory in the enterprise. Fifteen years after the first time I remember discussing consolidating onto a single...

Directory Direct

@font-face { font-family: "MS 明朝"; }@font-face { font-family: "Cambria Math"; }@font-face { font-family: "Cambria"; }p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Cambria;...

Phone-as-token: availability/security

@font-face { font-family: "MS 明朝"; }@font-face { font-family: "Cambria Math"; }@font-face { font-family: "Cambria"; }p.MsoNormal, li.MsoNormal, div.MsoNormal { margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Cambria;...

Mobilizing Multifactor

One of the most interesting developments in multifactor authentication is the rise of ubiquitous mobile access.  Ten years ago, most knowledge workers did not carry a mobile phone at all, or even a pager, let alone a smart phone with...

The Need for Cloud Identity Management

Imagine this scenario: a disgruntled IT staffer leaves the company, goes down to the local McDonald's, logs back into the network and starts taking down virtual machines. One of the machines taken down is the Exchange server,...

Mobile Voice and Data Availability: it’s an internet security issue

The other day I was at my friend’s house in Washington, Virginia, (just beyond the middle of nowhere) where mobile phone service is nonexistent. Up until recently the only way to use my Verizon mobile at his house was to use WiFi for...

The Pros and Cons of a Cloud-Based Firewall

For the past few posts I’ve been writing about cloud-based security adoption while focusing on cloud-based firewall as a service, which enjoys high interest among enterprise security architects and staff. There are definitely...

The DNS Under Your Hood

The other day I was reading an article about Ford’s efforts in conjunction with MIT to embed wireless applications into cars. It’s really exciting stuff. A scenario described is one car communicating with cars further up the road to...

Firewalls In The Clouds

Where is your firewall? Yes, it’s in a rack—but where’s the rack? Increasingly, we find organizations looking to a layered firewall model where the first line of defense is not in a rack in the data center, it’s in the cloud....

Security as a Service – What’s Inside Counts

This week I’m writing about cloud-based security services, or Security as a Service (SECaaS). What’s great about SECaaS—like SaaS—is that it's delivered as a service with typically no on-premise gear required. In addition, it’s...

Load More