ETSI Open Source MANO: Orchestrating the 5G Orchestra in a world’s first

Sophia Antipolis, 19 March 2019

On Saturday, 16 March, the public was invited to experience musicians perform a fully synchronized concert across venues in Bristol and London.

Read More...

First ETSI NFV API conformance test event in remote mode

Sophia Antipolis, 10 May 2019

From February 4 to April 15, 2019, ETSI organized a remote NFV API Plugtests® event with the support of its Centre for Testing and Interoperability. The Remote NFV API Plugtests was not only the first to be entirely remote; it was also the first entirely dedicated to the testing of NFV APIs.

Read More...

AIOTI, ISO/IEC JTC1, ETSI, oneM2M and W3C Collaborate on Two Joint White Papers on Semantic Interoperability Targeting Developers and Standardization Engineers

Cross-organization expert group works together on accelerating adoption of semantic technologies in IoT.

AIOTI today announced its collaborative role in the publication of two joint white papers on semantic interoperability entitled Semantic IoT Solutions - A Developer Perspective and Towards semantic interoperability standards based on ontologies in conjunction with organizations closely tied to the advancement of the IoT ecosystem.

Read More...

ETSI IoT Week: semantics, experiences and security

Sophia Antipolis, 28 October 2019

ETSI IoT Week 2019 (21-25 October) drew more than 200 attendees to ETSI’s headquarters for what has become a must attend event for anyone who wants to understand the importance of standard-enabled technologies for IoT service deployments, in many different sectors.

Read More...

ETSI Open Source MANO unveils Release SEVEN, enables more than 20,000 cloud-native applications for NFV environments

Sophia Antipolis, 12 December 2019

Today, the ETSI Open Source MANO group is pleased to unveil its latest release, OSM Release SEVEN. This release brings cloud-native applications to NFV deployments, enabling OSM to on-board over 20,000 pre-existing production-ready Kubernetes applications, with no need of any translation or repackaging. OSM release SEVEN allows you to combine within the same Network Service the flexibility of cloud-native applications with the predictability of traditional virtual and physical network functions (VNFs and PNFs) and all the required advanced networking required to build complex end to end telecom services.

Read More...

ETSI releases a Technical Report on autonomic network management and control applying machine learning and other AI algorithms

Sophia Antipolis, 5 March 2020

The ETSI Technical Committee on Core Network and Interoperability Testing (TC INT) has just released a Technical Report, ETSI TR 103 626, providing a mapping of architectural components for autonomic networking, cognitive networking and self-management. This architecture will serve the self-managing Future Internet.

The ETSI TR 103 626 provides a mapping of architectural components developed in the European Commission (EC) WiSHFUL and ORCA Projects, using the ETSI Generic Autonomic Networking Architecture (GANA) model.

The objective is to illustrate how the ETSI GANA model specified in the ETSI specification TS 103 195-2 can be implemented when using the components developed in these two projects. The Report also shows how the WiSHFUL architecture augmented with virtualization and hardware acceleration techniques can implement the GANA model. This will guide implementers of autonomics components for autonomic networks in their optimization of their GANA implementations.

The TR addresses autonomic decision-making and associated control-loops in wireless network architectures and their associated management and control architectures. The mapping of the architecture also illustrates how to implement self-management functionality in the GANA model for wireless networks, taking into consideration another Report ETSI TR 103 495, where GANA cognitive algorithms for autonomics, such as machine learning and other AI algorithms, can be applied.

SESAR Deployment Manager signs MoU with ETSI for European Air Traffic Management modernization

Sophia Antipolis, 27 July 2020

SESAR Deployment Manager (SDM) has recently signed an MoU with ETSI, namely to participate to the ETSI technical group making standards for aeronautics (TG AERO). SESAR aims at the modernization of Europe’s Air Traffic Management (ATM), crucial for the sustainability of European aviation and the forecasted increase in air traffic by 2035 (pre covid-19 forcast). SDM synchronizes and coordinates the deployment of common projects, translating the regulatory requirements to the industry.

Read More...

ETSI Unveils First Cloud-Native VNF Management Specifications

Sophia Antipolis, 17 November 2020

The ETSI group on Network Functions Virtualization (ETSI Industry Specification Group NFV) is pleased to unveil its first specification enabling containerized VNFs to be managed in an NFV framework. The ETSI GS NFV-IFA 040 specifies requirements for service interfaces and an object model for OS (Operating System) container management and orchestration.

Read More...

Open Source MANO Release NINE fulfils ETSI's zero-touch automation vision, ready for MEC and O-RAN use cases

Sophia Antipolis, 18 December 2020

ETSI is pleased to announce the launch of OSM Release NINE today. With an array of new features, this Release completes the alignment process with ETSI NFV specifications, culminating in native adoption of ETSI GS NFV-SOL006 for network functions and service modelling. Standardizing the onboarding process for VNFs into OSM fosters interoperability and boosts the growth of OSM’s VNF ecosystem. Release NINE coincides with the announcement of a new production deployment, confirming OSM as the most comprehensive open-source NFV orchestrator and a key enabler for zero-touch end-to-end network and service automation.

Read More...

ETSI Open Source MANO launches Release TEN, celebrates OSM 5th anniversary

Sophia Antipolis, 16 June 2021

Today ETSI is happy to introduce OSM Release TEN, the 11th Release of an Open-Source project which first announced its Release ZERO in 2016 with the vision of closing the gap between the traditional way of building telecom networks, and the use of cloud technologies in telcos emerging at that time.

Read More...

ETSI Open Source MANO announces OSM Release ELEVEN

Sophia Antipolis, 7 December 2021

ETSI is pleased to announce OSM Release ELEVEN. Committed since its foundation to the alignment with ETSI standardization work, this release completes the adoption of two new ETSI NFV specifications, ETSI GS NFV-SOL004 and ETSI GS NFV-SOL007 for package formats. Standards adoption is part of the OSM vision to enable interoperability and a large and healthy NFV ecosystem. In addition, Release ELEVEN includes significant functional extensions in areas such as interoperability with public clouds, interaction with cloud-native environments and integration of network functions of different natures.

Read More...

ETSI Encrypted Traffic Integration group extends term to work on cryptographic and key management models

Sophia Antipolis, 2 August 2022

ETSI has recently extended the term of its Industry Specification Group Encrypted Traffic Integration (ISG ETI) for a two-year period through to mid-2024 to work on specific cryptographic and key management models.

Read More...

Sophia Antipolis, 20 December 2022

As 2022 comes to an end, we have selected for you our most popular webinars of the year. If you missed them, listen to the recorded presentations and their Q&A sessions, deep dive into the Cyber resilience Act and AI Act, IPv6, Multi-access Edge Computing, Open Source MANO and much more.

Read More...

Sophia Antipolis, 26 July 2023

The ETSI Open Source MANO community is proud to announce OSM Release FOURTEEN. Release FOURTEEN is a Long-Term-Support (LTS) release of ETSI OSM, providing two years of continuous support with bug fixes and security patches, and including significant improvements in many key areas.

Read More...

Sophia Antipolis, 5 October 2023

ETSI is pleased to announce the extension of its Zero touch network and Service Management group (ISG ZSM) for an additional 2 year-period.

Read More...

Sophia Antipolis, 21 December 2023

The ETSI Open Source MANO community is proud to announce OSM Release FIFTEEN, meeting the well-established cadence of two releases per year. The OSM community delivers one Long Term Support (LTS) and one regular release every year, to ensure the OSM user base is provided with continuous innovations and production-ready stability.

Read More...

Sophia Antipolis, 9 July 2024

ETSI is excited to announce OpenCAPIF Release 1 is now available in the ETSI Labs.

OpenCAPIF develops a Common API Framework as defined by 3GPP and this new version introduces several improvements and new features to deliver a more robust, secure, and efficient API Management Platform. These advancements are developed in tight collaboration and incorporating feedback from a growing Research Ecosystem including SNS projects such as 6G-SANDBOX, FIDAL, IMAGINEB5G, SAFE6G, ORIGAMI, ENVELOPE and SUNRISE6G.

Read More...

Sophia Antipolis, 4 September 2024

The ETSI Open Source MANO community is proud to announce OSM Release SIXTEEN, a Long-Term-Support (LTS) release of ETSI OSM, which becomes the most innovative and feature-packed release shipped by OSM to date.

This release brings a revolution in OSM’s functionality, positioning OSM as a generalized cloud-native orchestrator for infrastructure, platforms and services, which extends significantly its former scope. Full cloud-native management of Kubernetes clusters in public clouds, together with the applications or software units running on them, is now possible with Release SIXTEEN. Every operation related to the cluster management (creation, upgrading, scaling, deletion) or the applications running on them is reflected in Git repositories, following the GitOps model. This has been possible thanks to a major change in the internal architecture of OSM.

Read More...

Starts: Wed, 20 Nov 2024 19:30:00 -0500
11/20/2024 06:00:00PM
Location: Toronto, Canada

Starts: Thu, 28 Nov 2024 18:30:00 -0500
11/28/2024 05:30:00PM
Location: Montreal, Canada

Job Summary: The International Food Policy Research Institute (IFPRI) seeks a qualified candidate to serve as Manager of Administration & Corporate Services for a one-year, renewable appointment in the Finance and Administration Division. The Manager of Administration & Corporate Services AFR is responsible for the overall coordination of administrative matters between IFPRI's headquarters in Washington DC and the IFPRI regional and country/project offices in Africa. The position provides management and operational support to IFPRI regional and country/project offices in Africa including related administrative aspects of current and new corporate partnerships in Africa. This position is based in Dakar, Senegal.  Essential Duties: Specific Duties include but are not limited to: Lead finance and administration functions of the Dakar office, providing operational support and oversight of day-to-day office activities.  Provide management support and oversight of the financial and administrative operations of IFPRI Regional and country/project offices in Africa, including functions such as budgeting, contracts and grants, human resources, facilities and IT management. Work closely with key administrative departments at IFPRI headquarters for accounting, human resources, computer services and facilities/office services, in the development of and roll-out of IFPRI-wide policy and procedure changes, providing guidance and training as needed to regional and country offices to ensure that the quality of operational support meets IFPRI operations standards. Regular analysis of operations capacity of IFPRI offices in Africa, identifying and making recommendations regarding opportunities for improvement in IFPRI’s administrative operations and processes, and undertaking new initiatives as agreed. Build strong relationships with Country Office Heads and Country Administrative and Finance Managers, providing advice, guidance, and support in all areas of operations and ensuring compliance with IFPRI policies and procedures. Financial reporting oversight for IFPRI regional and country offices in Africa, and supervision and management of the Hub Finance and Administration unit team, ensuring compliance with IFPRI and donor standards, policies and procedures and processes. Participation in the formulation of annual budgets and capital plans for IFPRI offices in Africa. Provide management oversight to ensure that proper financial controls are in place and processes are compliant with correct accounting procedures, providing strategic direction in developing options for addressing any weaknesses. Monitor projects in African locations on an as required basis. Facilitate decision-making on human resource (HR) matters relating to IFPRI offices in Africa (policies and procedures, labor law compliance, staffing, recruitment, conflict resolution, etc.) Work to build the capacity of finance, administrative staff members throughout IFPRI offices in Africa through regular training sessions and mentoring support. Contribute to the internal and external audit preparations for IFPRI offices in Africa and provide support on the implementation of audit recommendations and actions. Required Qualifications: Bachelor’s degree plus twelve years of relevant professional experience or Master’s degree plus ten years of relevant experience.  Minimum of four years management experience. Excellent verbal, written and interpersonal skills. Strong customer service skills. Ability to work effectively with all levels of organizations, including regional partners and donors. Ability to work autonomously, yet keep others informed. Ability to work in a multicultural setting. Excellent attention to details. Fluency in French is highly preferred.  ​Physical Demand & Work environment: Employee will sit in an upright position for a long period of time with little opportunity to move/stretch Employee will lift between 0-10 pounds Employee is required to have close visual acuity to perform activities such as: preparing and analyzing data and figures; transcribing; viewing computer terminal; extensive reading. The International Food Policy Research Institute (IFPRI) is an equal employment opportunity employer - F/M/Disability/Vet/Sexual Orientation/Gender Identity.

Job Summary:  The International Food Policy Research Institute (IFPRI) seeks an Accounting Manager for a two-year, renewable appointment to provide general accounting support in the Accounting Department. This position will report to the Controller and is based at IFPRI headquarters located in Washington, DC. Essential Duties: Specific duties and responsibilities include but are not limited to: Manage the daily accounting activities required to maintain the general ledger in compliance with financial policies and procedures. Supervise, direct, and review the work of the General Ledger, Accounts Payable and Payroll accountants. Manage and oversee in-house payroll processing and federal, state, and local tax filings in a timely manner.   Maintain organized set of detailed records and files to document and support financial transactions. Routinely analyze general ledger accounts to ensure accuracy and appropriate summaries of accounts detail is maintained.  Prepare and/or review general ledger bank account reconciliations and ensure reconciling items are cleared in a timely manner. Respond to inquiries and assist staff to resolve issues in a timely manner. Inform Controller of relevant issues regarding financial controls, accounting, and reporting. Recommendations improvements to accounting processes and procedures and assist with implementation as needed. Assist with internal and external audits.   Ensure field office transactions are recorded timely and accurately.  Serve as the point of contact for accounting matters for IFPRI’s field offices. Perform other duties as assigned or required.   Qualifications:  B.S. Degree in Accounting plus ten years of relevant work experience, a Masters Degree in Accounting plus seven years of relevant work experience, or equivalent experience At least two years as management experience  Experience using Deltek Costpoint 8.1 or higher preferable Knowledge of GAAP and USAID regulations Experience with basic grant/contract administration Proficiency with Microsoft Excel and Word Strong supervisory experience Detail oriented – strong analytical skills Ability to work independently and multi-task under tight deadlines in a fast-paced environment Excellent interpersonal skills with demonstrated ability to work in a multi-cultural environment Excellent written and verbal English communications skills Strong organizational skills with ability to prioritize work Physical Demand & Work environment: Employee will sit in an upright position for a long period of time.  Employee will lift between 0-10 pounds.  Employee is required to have close visual acuity to perform activities such as: preparing and analyzing data and figures; transcribing; viewing computer terminal; extensive reading. Salary Range: The expected salary range for this job requisition is between $85,600 - $104,900.  In determining your salary, we will consider your experience and other job-related factors.  Benefits IFPRI is committed to providing our staff members with valuable and competitive benefits, as it is a core part of providing a strong overall employee experience. This position is eligible for health insurance coverage and a  summary of our benefits can be found on our website . Please note that the listed benefits are generally available to active, non-temporary, full-time and part-time US based employees who work at least 25 hours per week.  The International Food Policy Research Institute (IFPRI) is an equal employment opportunity employer - F/M/Disability/Vet/Sexual Orientation/Gender Identity.

The Development Strategies and Governance (DSG) Unit within the Transformation Strategies Department of the International Food Policy Research Institute (IFPRI) seeks a Research Unit Contracts & Grants Manager I, who will be responsible for financial management which includes budgetary responsibilities, cost monitoring and control, and financial analysis and reporting, contracts administration which includes proposal preparation and submission and the administration of the Unit’s special projects. Other responsibilities include supervising Unit Admin Support staff, serving as liaison with finance and administration as well as the Director General’s office; drafting correspondence for the Unit director and communication with external contacts (donors, clients, collaborators, sub-contractors and auditors); and service as active member on various standing and ad-hoc committees, as well as work with Project Managers in management of budgets, contracts, deliverables, invoices and other payment documents. This position is a 2-year, renewable appointment based in Washington, DC.   Essential Duties: Specific duties and responsibilities include but are not limited to: Providing technical support in proposal preparation, reviewing contracts to ensure they reflect the provisions negotiated, and monitoring performance of contracts and submission of specified deliverables.  Drafting, negotiating and monitoring consultant collaborative agreements, serve as liaison between program collaborators and finance/administrative issues, review monthly financial reports, and provide financial analysis reports on projects.  Preparing the divisional budgets and monitoring expense budgets Coordinating the drafting of project/program budgets; review of accounting transactions.  Developing spreadsheets & maintaining financial information for planning & reference. Drafting routine correspondence regarding contracts or project/program finances. Assisting in financial audits Coordinating financial and operational activities for field offices Ensuring the smooth operation of the program’s day-to-day activities; coordinate seminars and workshops, manage logistical arrangements on seminars/workshops. Liaising with IFPRI HR Services, Facilities and IT department for related issues and needs. Preparing administrative and operational procedures for the division and approves timesheets Maintaining division files Supervising administrative support staff Other tasks as assigned. Required Qualifications:  Bachelor’s degree plus ten years of relevant experience, or associate’s degree plus twelve years of relevant experience.   Two year of management experience Experience in developing, monitoring and managing budgets and contracts. Experience in coordinating budget processes, reviewing accounting transactions, developing financial projections and reports. Solid composition, grammar and proof-reading skills, with the ability to compose correspondence and reports; excellent written and oral English communications skills. Proficient in Microsoft Office; word processing & spreadsheet programs required. Ability to handle multiple tasks & prioritize tasks with minimal supervision in a fast-paced environment. Demonstrated experience and comfort working with multiple program managers simultaneously.  Ability to prioritize and coordinate tasks in such an environment. Demonstrated flexibility to adjust to multiple individual work styles.  Attention to detail and ability to work within a team in a multicultural environment.   Preferred Qualifications: Familiarity with IFPRI’s operational systems (finance, accounting, etc.) and the CGIAR system is highly desirable.  Proficiency in a second language of the U.N. system Demonstrated proficiency with MS Office, especially Microsoft Word, Outlook, Excel, and PowerPoint required, and demonstrated proficiency with financial management and administrative software applications such as Costpoint, OnBase, Deltek, and/or other applications. Physical Demand & Work environment: Employee will sit in an upright position for a long period of time  Employee will lift between 0-10 pounds.  Employee is required to have close visual acuity to perform activities such as: preparing and analyzing data and figures; transcribing; viewing computer terminal; extensive reading. Salary Range: The expected salary range for this job requisition is between $85,600- $104,900. In determining your salary, we will consider your experience and other job-related factors.  Benefits: IFPRI is committed to providing our staff members with valuable and competitive benefits, as it is a core part of providing a strong overall employee experience. This position is eligible for health insurance coverage and a summary of our benefits can be found on our website. Please note that the listed benefits are generally available to active, non-temporary, full-time and part-time US-based employees who work at least 25 hours per week. The International Food Policy Research Institute (IFPRI) is an equal employment opportunity employer - F/M/Disability/Vet/Sexual Orientation/Gender Identity.

Frequently asked questions about a zero-day vulnerability in Fortinet’s FortiManager that has reportedly been exploited in the wild.

Background

The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a zero-day vulnerability in Fortinet’s FortiManager.

FAQ

What is FortiJump?

FortiJump is a name given to a zero-day vulnerability in the FortiGate-FortiManager (FGFM) protocol in Fortinet’s FortiManager and FortiManager Cloud. It was named by security researcher Kevin Beaumont in a blog post on October 22. Beaumont also created a logo for FortiJump.

What are the vulnerabilities associated with FortiJump?

On October 23, Fortinet published an advisory (FG-IR-24-423) for FortiJump, assigning a CVE identifier for the flaw.

What is CVE-2024-47575?

CVE-2024-47575 is a missing authentication vulnerability in the FortiGate to FortiManager (FGFM) daemon (fgfmsd) in FortiManager and FortiManager Cloud.

How severe is CVE-2024-47575?

Exploitation of FortiJump could allow an unauthenticated, remote attacker using a valid FortiGate certificate to register unauthorized devices in FortiManager. Successful exploitation would grant the attacker the ability to view and modify files, such as configuration files, to obtain sensitive information, as well as the ability to manage other devices.

Obtaining a certificate from a FortiGate device is relatively easy:

Comment
by from discussion
infortinet

According to results from Shodan, there are nearly 60,000 FortiManager devices that are internet-facing, including over 13,000 in the United States, over 5,800 in China, nearly 3,000 in Brazil and 2,300 in India:

When was FortiJump first disclosed?

There were reports on Reddit that Fortinet proactively notified customers using FortiManager about the flaw ahead of the release of patches, though some customers say they never received any notifications. Beaumont posted a warning to Mastodon on October 13:

Post by @GossiTheDog@cyberplace.social

View on Mastodon

Was this exploited as a zero-day?

Yes, according to both Beaumont and Fortinet, FortiJump has been exploited in the wild as a zero-day. Additionally, Google Mandiant published a blog post on October 23 highlighting its collaborative investigation with Fortinet into the “mass exploitation” of this zero-day vulnerability. According to Google Mandiant, they’ve discovered over 50 plus “potentially compromised FortiManager devices in various industries.”

Which threat actors are exploiting FortiJump?

Google Mandiant attributed exploitation activity to a new threat cluster called UNC5820, adding that the cluster has been observed exploiting the flaw since “as early as June 27, 2024.”

Is there a proof-of-concept (PoC) available for this vulnerability/these vulnerabilities?

As of October 23, there are no public proof-of-concept exploits available for FortiJump.

Are patches or mitigations available for FortiJump?

The following table contains a list of affected products, versions and fixed versions.

Fortinet’s advisory provides workarounds for specific impacted versions if patching is not feasible. These include blocking unknown devices from attempting to register to FortiManager, creating IP allow lists of approved FortiGate devices that can connect to FortiManager and the creation of custom certificates. Generally speaking, it is advised to ensure FGFM is not internet-facing.

Has Tenable released any product coverage for these vulnerabilities?

A list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2024-47575 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.

Get more information

• Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
• FortiGuard Labs PSIRT FG-IR-24-423 Advisory

Join Tenable's Security Response Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.