Official Blog

Additional Shellshock (GNU Bash) Vulnerabilities (CVE-2014-6277 and CVE-2014-6278) Identified

Sep 30th, 2014

On September 29, 2014, two additional vulnerabilities were identified in GNU Bash. Per our defined risk mitigation procedures, we are doing vulnerability assessments on all of our systems and are taking the requisite steps to mitigate any potential risks.

The WAF-based rule that we previously made available to all our application performance (ADN) and commerce (Transact) customers will inspect all HTTP/HTTPS requests targeted at their origin to protect their own internal systems against the latest vulnerability described in CVE-2014-6277 in addition to CVE-2014-6271 and CVE-2014-7169. The vulnerability outlined in CVE-2014-6278 continues to be evaluated.

An update on the ShellShock vulnerability for Verizon EdgeCast customers

Sep 29th, 2014

Since becoming aware of the Shellshock (CVE-2014-6271 and CVE-2014-7169) Bash vulnerability, the Verizon EdgeCast security team worked hard to mitigate risks to our environment and that of our customers.

While it is important to note that Verizon EdgeCast’s CDN infrastructure runs on a purpose-built, hardened configuration with many layers of security control, monitoring, and auditing, our defined risk mitigation procedures required that we pro-actively patch and provide software updates to all relevant servers. This activity is now complete. In addition, we made available a WAF-based rule to all of our application performance (ADN) and commerce (Transact) customers to help them protect their own internal systems.

Our ability to complete this massive update in a timely manner is attributable to our SuperPOP architecture, which prioritizes POP quality and connectivity over quantity, alongside our extensive automation and advanced testing procedures. It is this same architecture that enables us to purge caches almost instantly, update WAF rules worldwide in fewer than 5 minutes, respond automatically in minutes to DDoS attacks, and provide industry-leading performance.

Free and comprehensive protection for ShellShock code injection vulnerability available to Verizon EdgeCast customers

Sep 26th, 2014

Verizon EdgeCast has created a Web Application Firewall (WAF) instance designed to identify and block attacks targeting the recently discovered ShellShock vulnerability. These WAF rules are implemented by Verizon EdgeCast’s Network Operations Center (NOC) and require no configuration on the customer side.

Customers do not need to be an existing WAF user; any Verizon EdgeCast ADN and Transact customer can enable this protection free of charge for 30 days by contacting our NOC:

Email: support@edgecast.com
Toll-Free (USA only): 877-EDGE-CDN
Telephone: 1-310-396-7400

The WAF rule is designed to check for a ShellShock attack across multiple vectors in an HTTP request and to stop any attacks at the edge.

This instance identifies and blocks attacks targeting the ShellShock vulnerability (CVE-2014-6271 and CVE-2014-7169) residing on servers running GNU Bash (Bourne again shell) and transported via HTTP/HTTPS traffic. The WAF instance will inspect the entire HTTP/HTTPS request (request line, header, and body) to detect attack traffic. If an attack is detected, the WAF will block the request and return an HTTP 403 (forbidden) response.

Customers who enable this free protection service will not have access to the full WAF rulesets or portal functionality.

Please contact your account representative to learn more about Verizon EdgeCast’s comprehensive web-based security solutions, or visit: http://www.edgecast.com/services/security/.

Client spotlight: Build.com

Sep 13th, 2014

Build.com’s mission is to make home improvement easy. Number 80 in IR’s list of the largest retailers in North America, build.com is driven by a relentless focus on their customers. Together with Verizon Digital Media Services, Build.com takes its website into a new era of instant gratification and real-time expectations.

Watch the video to learn how Build.com drives revenue and user satisfaction using Verizon Digital Media Services’ Commerce Solution.

Driving viewing and social engagement for PaleyFest, the greatest television festival in the world

Sep 9th, 2014

Each spring, PaleyFest brings television fans, casts, and series creators together for the greatest television festival in the world. More than 30,000 fans gathered at the Dolby Theater in Hollywood earlier this year to connect with the people who direct and star in critically-acclaimed shows like AMC’s Mad Men, CW’s The Vampire Diaries, and the Netflix’s Orange is the New Black.

Since they feature the complete casts of TV’s most popular series, PaleyFest events draw huge crowds. Throw in exclusive previews of upcoming episodes and behind-the-scenes stories direct from the producers – this year, Veep creator Armando Iannucci revealed why he avoids cameos from real politicians – and you’ve got all the right ingredients for off-the-charts fan engagement.

But not everyone can attend PaleyFest in person. Many fans experience PaleyFest via the PaleyFest app, which lets them stream festival events in real time from anywhere in the world.

In the past, enabling a live stream was a complicated process for PaleyFest producers. According to Tony Ciesniewski, PaleyFest’s director of technology, streaming vendors would arrive on the scene “with proprietary equipment and a large number of people.” It was a high-maintenance arrangement that involved a lot of coordination with third party teams.

This year, PaleyFest was able to deliver real-time streaming with just two laptops and software from Verizon Digital Media Services (VDMS). No third party equipment. No big video crews. Just a simple, on-demand streaming service that Ciesniewski describes as “flawless.”

Read More

Client spotlight: 1 Mainstream

Aug 29th, 2014

At Verizon EdgeCast, we work with companies that are redefining innovation in media, e-commerce, and high tech. In this section, we feature our most forward thinking customers and tell their stories of creating superior user experiences and simplifying the digital future.

Solving the OTT distribution challenge – 1 Mainstream

Content owners know it all too well: consumers want to watch what they want, whenever they want – on the device that is most convenient at that moment. Traditional TV and so-called “appointment viewing” is becoming less important by the day.

It is not surprising that online TV consumption across all devices has seen a 246% year-over-year growth, according to Adobe’s Q1 2014 Benchmark report. What’s notable is that IP-based TV and content delivery seems to be finally catching on in living rooms, too.

OTT access points, such as Apple TV, Roku, and game consoles, are increasing their share of total online video consumption. Again looking at the Adobe Benchmark report, there a two numbers that validate this trend:

  • 123% increase in video starts (largest growth of all devices)
  • 539% share growth in TV Everywhere authenticated video

This trend is set to continue. Last year, a PwC study estimated over-the-top TV streaming revenues at $3.3 billion. Fast-forward to 2018, PwC predicts it to be a $10.1 billion segment — too big to be just an afterthought for media companies.

This promise of triple digit growth is where the challenge for content owners lies. It’s the increasing number of OTT formats and devices that consumers can choose from that will make it ever more difficult -and time-consuming- to reach (and monetize) all of them.

Some of the factors that contribute to this challenge are:

Read More

Broadcasting, reinvented

Aug 22nd, 2014

Visit Verizon Digital Media Services at IBC to see how!

From acquisition to encoding, delivery and playback, Verizon Digital Media Services’ cloud-based Broadcast Solution provides the easiest, most cost-effective way to adaptively stream all of your live, linear, and on demand content.

Verizon is a key component in how we deliver our video in this new world of TV Everywhere – Albert Cheng, E.V.P and Chief Product Officer, Digital Media, Disney/ABC Television group.

Contact us now to schedule a demonstration of our Broadcast Solution at this year’s IBC conference in Amsterdam. Our team will be there to show you how deploying a TV Everywhere solution has never been easier with Verizon’s end-to-end, cloud-based solution.

Stop by our stand in Hall 14, Stand G08, or schedule a meeting today: vdmsinfo@verizon.com

Verizon Digital Media Services will also be hosting a panel discussion on the first day of the exhibition:

IBC Panel:  The TV Everywhere Challenge - Reach Your Audience.

Place: Content Everywhere Hall (Center Stage)

Date: Friday, Sept 12

Time: 4:30 to 5:30 pm

Moderated by Colin Dixon, Founder, nScreen Media

Seats will be limited. Be sure to get there early!

For more information on our Broadcast Solution, please visit: www.uplynk.com/overview.html

Behind the scenes of delivering 5% of the global Internet (including the world’s biggest sporting event)

Aug 21st, 2014

Earlier this summer, we published a post on the viewing trends that we saw from streaming soccer games from Brazil. The key take-away: mobile viewing was the main driver behind the streaming records set by the tournament.

Reliably delivering millions of streams to hundreds of different devices is not an easy task and requires tedious planning and preparation – especially if those streams lead to exploding traffic on social media networks.

We took a look behind the scenes at our Network Operations Center during this summer’s biggest sporting event to explore how our team prepares for streaming large scale events – while keeping over 5% of the global internet fast and secure:

To learn more about Verizon Digital Media Services’ live streaming solution, please visit www.uplynk.com/linear.html

or read our recent blog post on how we remove complexity from live streaming.

Strategies For Winning Millennials’ Loyalty

Aug 19th, 2014

Millennials are fiercely brand loyal. 70% say they come back to brands they love. But, getting their attention is harder than ever. A generation whose purchasing power will exceed $200 billion in 2017, Millennials are very specific about who they trust and spend their money with; they do their research first before making purchasing decisions.

For e-commerce and fashion brands this raises the question: ho do you build a relationship that makes them want to come back and trust you?

Investing in a great user experience is a first step. Treating them like red-carpet guests, tastemakers, and experts in the fields of fashion and beauty is a close second. That’s according to Anthony Citrano, VP of communications at Verizon Digital Media Services, who recently presented at the Second Annual WWD Digital Forum London.

Speaking to executives from global fashion brands and retailers, Anthony took a close look at the world of Millennials – and provided strategies on how to turn them into happy shoppers, based on data from Verizon Digital Media Services’ Millennial Study.

Watch the video of Anthony’s presentation to learn about the 10 most important thoughts on Millennials’ world:

Anthony’s slides are available for download on Verizon Digital Media Services’ SlideShare.

To learn more about Verizon Digital Media Services’ e-commerce solution, please visit: www.edgecast.com/solutions/ecommerce/

Product Spotlight: Verizon EdgeCast’s DNS –proven to be the world’s fastest DNS service–

Aug 4th, 2014

When we launched our DNS service last October, we introduced it as the world’s fastest DNS product.

And what we proved back then with internal testing has now been confirmed by outside third parties. Just last week, SolveDNS published their July 2014 DNS Speed Comparison Report – ranking the Verizon EdgeCast DNS as the #1 “fastest managed DNS service across the world.”

image

Graphic by SolveDNS

What’s the secret behind the performance of Verizon EdgeCast’s DNS service? Our massive global IP Anycast network that consists of POPs in most major metros across four continents and low-latency proximity to almost every broadband user in the world.

The Verizon EdgeCast network is vastly over-provisioned relative to traffic volume and capable of large numbers of queries. It is also highly reliable – ensuring resolution of DNS queries 100% of the time.

Paired with superior performance, Verizon EdgeCast’s DNS allows customers to:

  • Manage their DNS zones
  • Verify a server’s capability to fulfill requests through worldwide health checks
  • Load balance application traffic
  • Establish a failover system that prevents interruptions to their web applications and site infrastructure
  • Prevent cache poisoning attacks
  • Mitigate distributed denial of service (DDoS) attacks on their servers by leveraging Verizon EdgeCast’s distributed DNS network and technologies

For more information on Verizon EdgeCast’s DNS service, please visit: www.edgecast.com/services/route-managed-dns/

For more information on Verizon EdgeCast’s security solutions, please visit:  www.edgecast.com/services/security/