NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Jul 18, 2018

Mingis on Tech: The blockchain evolution, from services...to smartphones
Oracle joins other major tech vendors by rolling out its blockchain-as-a-service offering, and two smartphone makers plan to include the technology in new devices this year. Get the latest on the blockchain craze.

Network World Security
Jul 12, 2018

Geeky ways to celebrate Friday the 13th
You're in luckWe've cobbled together a slew of things for the geeky among you to do on July 13 -- Friday the 13th that is. And we suggest you do it up because you won't get another chance until Sept. 13, 2019.

Don't miss the day!Mobile apps exist solely for the purpose of reminding you when Friday the 13th is coming up. Pocketkai's free iOS app will remind you of the one to three Friday the 13ths coming up each year for the next 50 years. The Bogeyman's Android app will do likewise, for the next 10 Friday the 13ths.

To read this article in full, please click here



Network World Security
Jul 12, 2018

What are the options for securing SD-WAN?
A key component of SD-WAN is its ability to secure unreliable Internet links and identify anomalous traffic flows.

SD-WAN technology providers are continuing to increase their native security features and to create robust ecosystems of network-security partners.

[ See where SDN is going and learn the difference between SDN and NFV. | Get regularly scheduled insights by signing up for Network World newsletters. ] IT managers should consider their branch network security requirements and carefully evaluate the security capabilities of leading SD-WAN providers, include their native security features and their partnerships with network security providers.

To read this article in full, please click here

(Insider Story)

Network World Security
Jul 10, 2018

The aftermath of the Gentoo GitHub hack
Gentoo GitHub hack: What happened? Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon removed from Gentoo developers. Repository and page content were altered. But within 10 minutes of the attacker gaining access, someone noticed something was going on, 7 minutes later a report was sent, and within 70 minutes the attack was over. Legitimate Gentoo developers were shut out for 5 days while the dust settled and repairs and analysis were completed.

The attackers also attempted to add "rm -rf" commands to some repositories to cause user data to be recursively removed. As it turns out, this code was unlikely to be run because of technical precautions that were in place, but this wouldn't have been obvious to the attacker.

To read this article in full, please click here



Network World Security
Jul 05, 2018

While no one was looking, California passed its own GDPR
The European Union's General Data Protection Regulation (GDPR) is widely viewed as a massively expensive and burdensome privacy regulation that can be a major headache and pitfall for American firms doing business in Europe. Many firms, including Facebook, have sought ways around the law to avoid having to deal with the burden of compliance.

Well, there is no weaseling out now. Last week, with no fanfare, California Governor Jerry Brown signed into law AB375, the California Consumer Privacy Act of 2018, the California equivalent of GDPR that mirrors the EU law in many ways.

To read this article in full, please click here



Network World Security
Jul 03, 2018

Pulse Secure VPN enhanced to better support hybrid IT environments
The workplace is changing rapidly as employees embrace mobility, applications are in the cloud, and Internet of Things (IoT) devices are instrumented for continuous connectivity — and this is affecting how organizations must think about secure access. Regardless of the scenario, organizations want solutions that deliver better productivity for whomever (or whatever) is connecting, a consistent user experience, compliance with corporate policies and regulatory requirements, and strong end-to-end security.

This is the playing field for Pulse Secure, a company that has built a broad portfolio of access products and services that are available as a unified platform. Pulse Secure has considered practically every use case and has built a range of solutions to solve the secure connectivity challenges that IT organizations face. The company claims to have more than 20,000 customers and a presence in 80 percent of global enterprises — maybe even yours.

To read this article in full, please click here



Network World Security
Jul 03, 2018

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34
In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

Network World Security
Jul 03, 2018

Strange and scary IoT hacks
Here's the Thing … Strange and Scary IoT Hacks" data-license="Getty Images"/Image by Ivanastar / Getty Images

To read this article in full, please click here



Network World Security
Jun 19, 2018

Getting hands-on with industrial control system setups at RSA | Salted Hash Ep 31
Host Steve Ragan is joined on the RSA 2018 show floor by Bryson Bort, CEO and founder of SCYTHE, to talk about the ICS Village, where attendees can learn how to better defend industrial equipment through hands-on access to the equipment.

Network World Security
Jun 18, 2018

Microsoft adds resiliency, redundancy, security to Windows Server 2019
With Windows Server 2019, Microsoft is adding resiliency and redundancy enhancements to the Shielded Virtual Machines security controls it introduced with Windows Server 2016.

Shielded VMs originally provided a way to protect virtual machine assets by isolating them from the hypervisor infrastructure and could also help prove to auditors that systems were adequately isolated and controlled. Now Shielded VM enhancements in Window Server 2019 provide real-time failback configurations and host- and policy-based security improvements.

[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] Host key attestation Under Windows Server 2016, key authentication was based on trusted platform module (TPM) cryptoprocessors and Microsoft Active Directory authentication.  Both of these are great solutions but were limited when it comes to extensibility and redundancy.

To read this article in full, please click here

(Insider Story)

Network World Security
Jun 12, 2018

How the Spanish cybercriminal underground operates | Salted Hash Ep 30
Host Steve Ragan reports from the RSA 2018 conference, talking with Liv Rowley, an intelligence analyst at Flashpoint, about Spanish cybercrime, an underground community that poses persistent security risks.

Network World Security
Jun 11, 2018

Automation critical to scalable network security
Securing the business network has been and continues to be one of the top initiatives for engineers. Suffering a breach can have catastrophic consequences to a business, including lawsuits, fines, and brand damage from which some companies never recover.

To combat this, security professionals have deployed a number of security tools, including next-generation firewalls (NGFW) such as Cisco's Firepower, which is one of the most widely deployed in the industry. 

Managing firewalls becomes increasingly difficult Managing a product like Firepower has become increasingly difficult, though, because the speed at which changes need to be made has increased. Digital businesses operate at a pace never seen before in the business world, and the infrastructure teams need to keep up. If they can't operate at this accelerated pace, the business will suffer. And firewall rules continue to grow in number and complexity, making it nearly impossible to update them manually.

To read this article in full, please click here



Network World Security
Jun 11, 2018

Supermicro is the latest hardware vendor with a security issue
Security researchers with Eclypsium, a firm created by two former Intel executives that specializes in rooting out vulnerabilities in server firmware, have uncovered vulnerabilities affecting the firmware of Supermicro servers. Fortunately, it's not easily exploited.

The good news is these vulnerabilities can be exploited only via malicious software already running on a system. So, the challenge is to get the malicious code onto the servers in the first place. The bad news is these vulnerabilities are easily exploitable and can give malware the same effect as having physical access to this kind of system.

"A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access," Eclypsium said in a blog post announcing its findings.

To read this article in full, please click here



Network World Security
Jun 05, 2018

What happens if IoT security doesn't get solved?
Sometimes, confirmation of the obvious can be really important. At least, that's how I felt when I saw a new Bain & Company report, Cybersecurity Is the Key to Unlocking Demand in IoT.

According to the consulting firm's survey, 45 percent of Internet of Things (IoT) buyers say "concerns about security remain a significant barrier and are hindering the adoption of IoT devices." Worries over IoT security are hardly news, of course. I've been writing about them here on Network World for a while, and a quick internet search for IoT security rains down more than a million hits.

To read this article in full, please click here



Network World Security
Jun 05, 2018

SDNs and NFV are complementary and core components of modernized networks
The terms software defined networking (SDN) and network functions virtualization (NFV) are often used interchangeably, which is incorrect.  In a sense, the two are tied together as companies start using NFV as part of their SDN plans but that doesn't have to be the case.

Enterprises could maintain their current network architecture and shift to NFV or they could roll out an SDN and never leverage the benefits of NFV, so it's important to understand what each is and the benefits of both.

[ For more on SDN see where SDN is going and learn the difference between SDN and NFV. | Get regularly scheduled insights by signing up for Network World newsletters. ] What is software-defined Networking SDNs are a fundamentally different way to think about networks.  Technically, SDNs can be defined as the separation of the management, control and data-forwarding planes of networks.  Many people, including technical individuals read that definition and say, "So what?", but the separation of these planes has a profound impact on networks and enables things that have never been done before.

To read this article in full, please click here



Network World Security
Jun 05, 2018

Learn what the 'zero trust' security model really means | Salted Hash Ep 29
Host Steve Ragan reports from RSA 2018 conference, talking with Wendy Nather, director, advisory CISOs at Duo Security, about how organizations can build a zero trust model, including consistently authenticating users.

Network World Security
Jun 04, 2018

Cato Networks adds threat hunting to its Network as a Service
Enterprises that have grown comfortable with Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (IaaS) are increasingly accepting of Network as a Service (NaaS). NaaS is a rapidly growing market. According to Market Research Future, NaaS is expected to become a US $126 billion market by 2022, sustaining an annual growth rate of 28.4 percent.

One of the key benefits of cloud-based networking is increased security for applications and data. Given that the traditional perimeter of on-premise networks has been decimated by mobile and cloud computing, NaaS builds a new perimeter in the cloud. Now it's possible to unify all traffic - from data centers, branch locations, mobile users, and cloud platforms - in the cloud. This means an enterprise can set all its security policies in one place, and it can push traffic through cloud-based security functions such as next-generation firewall, secure web gateway, advanced threat protection, and so on.

To read this article in full, please click here



Network World Security
May 31, 2018

Study shows admins are doing a terrible job of patching servers
Open source has taken over the server side of things, but admins are doing a terrible job of keeping the software patched and up to date.

Black Duck Software, a developer of auditing software for open-source security, has released its annual Open Source Security and Risk Analysis, which finds enterprise open source to be full of security vulnerabilities and compliance issues.

According to the study, open-source components were found in 96% of the applications the company scanned last year, with an average of 257 instances of open source code in each application.

To read this article in full, please click here



Network World Security
May 28, 2018

TSB phishing attacks | Salted Hash Ep 33
TSB customers in the U.K. were already frustrated by the bank's technical problems, but now the situation has gotten worse as criminals take advantage of the chaos. Host Steve Ragan looks at recent TSB phishing attacks and the kit that powers them.

Network World Security
May 22, 2018

22 essential Linux security commands
There are many aspects to security on Linux systems - from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.

sudo Running privileged commands with sudo  - instead of switching user to root  - is one essential good practice as it helps to ensure that you only use root privilege when needed and limits the impact of mistakes. Your access to the sudo command depends on settings in the /etc/sudoers and /etc/group files.

[ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] $ sudo adduser shark Adding user `shark' ... Adding new group `shark' (1007) ... Adding new user `shark' (1007) with group `shark' ... Creating home directory `/home/shark' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for shark Enter the new value, or press ENTER for the default Full Name []: shark Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] Y If you run sudo and ask who you are, for example, you'll get confirmation that you're running the command as root.

To read this article in full, please click here

(Insider Story)

Network World Security
May 22, 2018

22 essential security commands for Linux
There are many aspects to security on Linux systems - from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.

sudo Running privileged commands with sudo  - instead of switching user to root  - is one essential good practice as it helps to ensure that you only use root privilege when needed and limits the impact of mistakes. Your access to the sudo command depends on settings in the /etc/sudoers and /etc/group files.

[ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] $ sudo adduser shark Adding user `shark' ... Adding new group `shark' (1007) ... Adding new user `shark' (1007) with group `shark' ... Creating home directory `/home/shark' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for shark Enter the new value, or press ENTER for the default Full Name []: shark Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] Y If you run sudo and ask who you are, for example, you'll get confirmation that you're running the command as root.

To read this article in full, please click here

(Insider Story)

Network World Security
May 22, 2018

How deception technologies use camouflage to attract attackers | Salted Hash Ep 26
Host Steve Ragan reports from the show floor at RSA 2018, where talks with Chris Roberts, chief security architect at Acalvio Technologies, about the benefits and misconceptions of deception technologies.

Network World Security
May 21, 2018

Asigra evolves backup/recovery to address security, compliance needs
As backup and recovery products and solutions evolve, they are beginning to intersect with security and compliance. Online backup and recovery software company Asigra has announced a new version of its software that addresses the risks posed by ransomware and non-compliance with Article 17 of the European Union's General Data Protection Regulation (GDPR). Both should be a concern for organizations of all sizes, from global enterprises on down to small/medium businesses.

Let's take a look at the new capabilities that Asigra is bringing to market with the version 14 release of its Cloud Backup software, and why these capabilities are an important evolution in backup and recovery.

To read this article in full, please click here



Network World Security
May 18, 2018

Tech Talk: Prepping for GDPR
CSO's Michael Nadeau and Steve Ragan join Computerworld's Ken Mingis and IDG Communications' Mark Lewis to look at what the new EU privacy rules means. They offer insights on how companies can prepare - and what happens if they don't.

Network World Security
May 18, 2018

What is blockchain technology?
Cryptocurrency such as Bitcoin has garnered most of the media coverage and hype to date, but keep your eye on blockchain - this new technology is poised to change IT in much the same way open-source software did a quarter century ago.

Network World Security
May 17, 2018

Cisco CEO trumpets Catalyst 9K advances, software business success
Industry bellwether Cisco revealed some important financial numbers this week - its revenues were $12.5 billion, up 4 percent for the third quarter year-over-year, with product revenue up 5 percent.

But one of the of the more interesting tidbits is that the company said it was selling some 40 Catalyst 9000 systems a day in and has installed 2,700 of the big boxes this quarter bring the total to 5,800 since its introduction in 2017. The Catalyst 9000 is key to a number of Cisco's future initiatives - one of the most important being its drive to build out its Network Intuitive plans for intent-based networking.

[ Related: Getting grounded in intent-based networking] | The other is that the way its software is sold - via a variety of subscription/feature levels is a key component of its overall strategy to become a more software-oriented company.

To read this article in full, please click here



Network World Security
May 16, 2018

What an Apple phishing attack looks like | Salted Hash Ep 32
How can you tell the difference between a legitimate email and a phishing attack? Host Steve Ragan shows what an Apple phishing attack looks like, screen by screen, showing the difference between the real and the fake.

Network World Security
May 15, 2018

Get a hands-on, inside look at the dark web | Salted Hash Ep 25
Reporting from RSA 2018, host Steve Ragan helps dispel the hype and confusion surrounding the dark web, as he talks with Alon Arvatz, co-founder at IntSights.

Network World Security
May 15, 2018

Can AI help bridge the IT security skills gap? | Salted Hash Ep 27
Host Steve Ragan reports from the show floor at RSA 2018, taking with Oliver Tavakoli, CTO at Vectra Networks, and author of the Thinking Security blog on CSOonline.com, about the types of IT security work that can be off-loaded to artificial intelligence systems.

Network World Security
May 14, 2018

The Enterprise of Thing's troubling lack of security
When it comes to security and manageability, Enterprise of Things (EoT) devices must have far more stringent requirements than consumer IoT devices, which often have virtually no built-in security. Indeed, enterprise use of consumer-grade IoT is highly risky.

Making the matter even more urgent is the growing number of deployed EoT devices, which is expected to increase significantly over the next two to three years. (I estimate there will be more "things" in an enterprise than PC and mobile phone clients combined within three to four years.)

To read this article in full, please click here



Network World Security
May 11, 2018

10 competitors Cisco just can't kill off
10 competitors Cisco just can't kill offImage by IDG / jesadaphorn, Getty Images

Creating a short list of key Cisco competitors is no easy task as the company now competes in multiple markets.  In this case we tried to pick companies that have been around awhile or firms that have developed key technologies that directly impacted the networking giant. Cisco is now pushing heavily into software and security, a move that will open it up to myriad new competitors as well. Take a look.

To read this article in full, please click here



Network World Security
May 10, 2018

CIO Leadership Live with Jack Clare, CIO and chief strategy officer at Dunkin' Brands | Ep 9
In this episode of CIO Leadership Live, host Maryfran Johnson talks with Jack Clare, CIO and chief strategy officer at Dunkin' Brands, about the company's mobile payment, ordering and loyalty apps, and how it's striving to improve customers' drive-through experience.

Network World Security
May 10, 2018

CIO Leadership Live, with guest Jack Clare, CIO and chief strategy officer at Dunkin' Brands
In this episode of CIO Leadership Live, host Maryfran Johnson talks with Jack Clare, CIO and chief strategy officer at Dunkin' Brands, about the company's mobile payment, ordering and loyalty apps, and how it's striving to improve customers' drive-through experience.

Network World Security
May 09, 2018

7 free networking tools you must have
"I am all about useful tools. One of my mottos is 'the right tool for the right job.'" -Martha Stewart

If your "right job" involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren't working as they're supposed to, you've got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that's what we're here for; to help in your quest for the right tools.

[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] We've done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we've compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.

To read this article in full, please click here



Network World Security
May 09, 2018

Mingis on Tech: Reflections on RSA 2018
This year's RSA security conference focused on a variety of cybersecurity topics - everything from blockchain to the looming GDPR rules. CSO's Steve Ragan was there and offers insights on what he learned.

Network World Security
May 09, 2018

Watch Tech Talk on May 17 for an in-depth GDPR discussion
The GDPR deadline is coming up fast, and most businesses in the U.S. aren't ready yet. Join Ken Mingis and his panel of experts as they discuss the impact of the new rules and what U.S. organizations must do now to protect customer data. Find the show here on May 17.

Network World Security
May 08, 2018

Getting grounded in IoT networking and security
download Getting grounded in IoT networking and security The internet of things already consists of nearly triple the number of devices as there are people in the world, and as more and more of these devices creep into enterprise networks it's important to understand their requirements and how they differ from other IT gear.

To read this article in full, please click here



Network World Security
May 08, 2018

Countdown to the GDPR deadline: Are you ready? | Salted Hash Ep 28
Host Steve Ragan reports from the RSA 2018 show floor, talking with Greg Reber, founder and CEO at AsTech Consulting, about the looming GDPR deadline and what IT security professionals should be getting done now.

Network World Security
May 04, 2018

VMware and VeloCloud announce their networking and security strategy
It's been a few months since VMware closed its acquisition of VeloCloud, a prominent SD-WAN provider. In that time, the two companies have worked to integrate their products, and recently they announced a unified strategy called the Virtual Cloud Network.

The strategy fully supports the migration of applications and data out of the enterprise data center to the cloud and to branches — and with IoT, pretty much anything can be considered a branch today, as VeloCloud claims to have a customer with ocean-going ships as branches. The result is that many enterprises are in a position where their applications are everywhere, and their data is everywhere. This has profound implications on the network that needs to support all of this.

To read this article in full, please click here



Network World Security
May 01, 2018

Defending against mobile technology threats | Salted Hash Ep 24
What are the current dangers in mobile technology and what are the strategies to keep yourself protected? Join host Steve Ragan from the show floor at RSA 2018, where he talks with Will LaSala, director of Security Solutions and security evangelist at VASCO Data Security.

Network World Security
Apr 30, 2018

How have network firewalls evolved?
Firewalls have become ubiquitous across the enterprise IT landscape because of their proven ability to stop bad traffic from entering corporate networks and protect a company's most valuable assets. So how have firewalls evolved over the years and what are the latest trends in firewall security?

Network World Security
Apr 24, 2018

Mingis on Tech: The lowdown on Android security
Google's Android OS sometimes gets unfairly maligned as being weak on security. Computerworld blogger JR Raphael explains why that's a misconception and how users can keep their devices safe.

Network World Security
Apr 23, 2018

Internet exchange points team up to bring better MANRS to the internet
Spreading bad routing information to your neighbors on the internet isn't just bad manners, it could be bad for business.

That, at least, is the message that the Internet Society (ISOC) wants to spread, as it calls on internet exchange points (IXPs) to help eliminate the most common threats to the internet's routing system.

[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] If they do so, then it's good news for their members, the ISPs that interconnect there, and for those ISPs' customers, who will benefit from more secure and robust internet access.

To read this article in full, please click here



Network World Security
Apr 23, 2018

5 key enterprise IoT security recommendations
Not so long ago, the phrase "consumerization of IT" was on everyone's lips. Whole publications and conferences (remember CITE, for Consumerization of IT in the Enterprise?) were created to chronicle the trend of corporations relying on products and services originally created for consumers — which was often easier to use and of higher quality than its business-oriented competitors.

Well, no one talks much about the consumerization of IT anymore… not because the trend went away, but because consumer tech has now permeated every aspect of business technology. Today, it's just how things work — and if you ask me, that's a good thing.

To read this article in full, please click here



Network World Security
Apr 20, 2018

Honeypots and the evolution of botnets | Salted Hash Ep 23
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.

Network World Security
Apr 18, 2018

Is it time to kill the pen test? | Salted Hash Ep 22
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.

Network World Security
Apr 18, 2018

Is it time to kill the pentest? | Salted Hash Ep 22
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.

Network World Security
Apr 12, 2018

One in five serverless apps has a critical security vulnerability
Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.

Now we have "serverless" apps, which is a bit of a misnomer. They still run on a server; they just don't have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It's the ultimate in small server footprint and reducing server load.

To read this article in full, please click here



Network World Security
Apr 10, 2018

Cisco broadens Tetration security delivery with cloud, virtual buying options
Cisco has added new cloud and virtual deployment options for customers looking to buy into its Tetration Analytics security system.

Cisco's Tetration system gathers information from hardware and software sensors and analyzes it using big-data analytics and machine learning to offer IT managers a deeper understanding of their data center resources.

[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] Tetration can improve enterprise security monitoring, simplify operational reliability, give customers a single tool to collect consistent security telemetry across the entire data center and analyze large volumes of data in real time.  

To read this article in full, please click here



Network World Security
Apr 10, 2018

IBM tweaks its z14 mainframe to make it a better physical fit for the data center
IBM is widening its mainframe range with some narrower models - ZR1 and Rockhopper II - that are skinny enough to fit in a standard 19-inch rack, which will answer criticisms of potential customers that the hulking z14 introduced in July 2017 too big to fit in their data centers (see photo above).

In addition to new, smaller, packaging for its z14 hardware, IBM is also introducing Secure Service Container technology. This makes use of the z14's encryption accelerator and other security capabilities to protect containerized applications from unwanted interference.

[ Check out REVIEW: VMware's vSAN 6.6 and hear IDC's top 10 data center predictions . | Get regularly scheduled insights by signing up for Network World newsletters. ] When IBM introduced the z14 last July, with an accelerator to make encrypting information standard practice in the data center, there was one problem: The mainframe's two-door cabinet was far too deep and too wide to fit in standard data center aisles.

To read this article in full, please click here



Network World Security
Apr 05, 2018

Network-as-a-Service: A modern solution to today's networking challenges
Traditional networking architectures over the past two decades or so prescribe that the hub of the network be build around a specific location, such as a data center or a company's headquarters building. This location houses most of the equipment for compute, storage, communications, and security, and this is where enterprise applications are traditionally hosted. For people in branch and other remote locations, traffic is typically backhauled to this hub before going out to other locations, including to the cloud.

Though that formula has been standard operating procedure for many years, it doesn't fit the way of work for many enterprises today. For one thing, there has been a major migration to the cloud. Those enterprise applications that run the business are now hosted in cloud platforms such as Amazon Web Services or Microsoft Azure, either as private applications or as SaaS apps such as Office 365 and Salesforce. In fact, companies often use multiple cloud platforms these days.

To read this article in full, please click here



Network World Security
Apr 04, 2018

Malicious IoT hackers have a new enemy
IoT security is about the farthest thing from a laughing matter in the world of technology today, threatening global trade, privacy and the basic infrastructure of modern society. So you could be forgiven for being taken aback that the newest defender of vulnerable systems against bad actors looks a little like Johnny 5 from the movie Short Circuit.

Researchers at Georgia Tech's School of Electrical and Computer Engineering rolled out the HoneyBot robot late last week. In essence, it's a canary in the digital coal mine, offering an early warning that someone is trying to compromise an organization's systems.

To read this article in full, please click here



Network World Security
Apr 04, 2018

7 free tools every network needs
"I am all about useful tools. One of my mottos is 'the right tool for the right job.'" -Martha Stewart

If your "right job" involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren't working as they're supposed to, you've got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that's what we're here for; to help in your quest for the right tools.

[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ] We've done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we've compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.

To read this article in full, please click here



Network World Security
Mar 28, 2018

People are really worried about IoT data privacy and security—and they should be
A new study from the Economist Intelligence Unit (EIU) shows that consumers around the world are deeply worried about in how their personal information is collected and shared by the Internet of Things (IoT). But let's be honest, the problem isn't that unsophisticated consumers are panicking for no reason. In fact, consumers are merely picking up on the very real inherent risks and uncertainties surrounding IoT data.

Businesses are also worried about IoT security I'll get into the results and implications of the survey in a moment, but first I want to note that business and professionals are equally concerned. Perhaps that's why Gartner just predicted that IoT security spending will hit $1.5 billion by the end of the year, up 28 percent from 2017, and more than double to $3.1 billion by 2021.

To read this article in full, please click here



Network World Security
Mar 27, 2018

Patches for Meltdown and Spectre aren't that bad after all
Internal tests from a leading industry vendor have shown that fixes applied to servers running Linux or Windows Server aren't as detrimental as initially thought, with many use cases seeing no impact at all.

The Meltdown and Spectre vulnerabilities, first documented in January, seemed like a nightmare for virtualized systems, but that is overblown. There are a lot of qualifiers, starting with what you are doing and what generation processor you are using.

The tests were done on servers running Xeons of the Haswell-EP (released in 2014), Broadwell-EP (released in 2016), and Skylake-EP (released in 2017). Haswell and Broadwell were the same microarchitecture, with minor tweaks. The big change there was Broadwell was a die shrink. Skylake, though, was a whole new architecture, and as it turns out, that made the difference.

To read this article in full, please click here



Network World Security
Mar 26, 2018

Penn State secures building automation, IoT traffic with microsegmentation
It was time to get a handle on BACnet traffic at Penn State.

BACnet is a communications protocol for building automation and control (BAC) systems such as heating, ventilating and air conditioning (HVAC), lighting, access control and fire detection. Penn State standardized on BACnet because of its openness.

[ For more on IoT see tips for securing IoT on your network, our list of the most powerful internet of things companies and learn about the industrial internet of things. | Get regularly scheduled insights by signing up for Network World newsletters. ] "Any device, any manufacturer - as long as they talk BACnet, we can integrate them," says Tom Walker, system design specialist in the facility automation services group at Penn State. "It's a really neat protocol, but you have to know the quirks that come with deploying it, especially at scale."

To read this article in full, please click here



Network World Security
Mar 14, 2018

13 flaws found in AMD processors, AMD given little warning
It's probably a good thing AMD didn't rub Intel's nose in the Meltdown and Spectre flaws too much because boy, would it have a doosy of a payback coming to it. A security firm in Israel has found 13 critical vulnerabilities spread across four separate classes that affect AMD's hot new Ryzen desktop and Epyc server processors.

However, the handling of the disclosure is getting a lot of attention, and none of it good. The company, CTS-Labs of Israel, gave AMD just 24 hours notice of its plans to disclose the vulnerabilities. Typically companies get 90 days to get their arms around a problem, and Google, which unearthed Meltdown, gave Intel six months.

To read this article in full, please click here



Network World Security
Mar 14, 2018

What do ogres, onions and SD-WAN security have in common? Layers!
Remember this scene from the movie Shrek? The big ogre was explaining to Donkey that ogres are very complicated, and like onions, they have layers. Donkey, of course, didn't like the analogy because not everyone likes onions and would have preferred cake as everyone likes cake, but he did seem to understand that ogres did indeed have layers after it was explained to him. 

Orges and onions have layers, but what else does? Or at least should? 

Security for SD-WANs — but that may not seem obvious to everyone.

Also read: The case for securing the SD-WAN | Sign up: Get the latest tech news sent directly to your in-box This week SD-WAN provider, Aryaka, which is now neck and neck with VeloCloud/VMware in market share, according to IHS Markit, announced Passport, a multi-layered security platform and ecosystem that provides best-of-breed security at every level of a software-defined WAN (SD-WAN).

To read this article in full, please click here



Network World Security
Mar 07, 2018

New Spectre derivative bug haunts Intel processors
Intel just can't catch a break these days. Researchers at Ohio State University have found a way to use the Spectre design flaw to break into the SGX secure environment of an Intel CPU to steal information.

SGX stands for Software Guard eXtensions. It was first introduced in 2014 and is a mechanism that allows applications to put a ring around sections of memory that blocks other programs, the operating system, or even a hypervisor from accessing it.

To read this article in full, please click here



Network World Security
Mar 06, 2018

IDG Contributor Network: What to understand about health care IoT and its security
As we have seen, the Internet of Things will disrupt and change every industry and how actors within it do business. Along with new paradigms in services and products that one can offer due to the proliferation of IoT, come business risks as well as heightened security concerns - both physical and cyber. In our prior column, we spoke about this topic in the context of the Smart Electric Grid. Today we're taking a look at how IoT is disrupting the health care market and how we can take steps to secure it.

To read this article in full, please click here



Network World Security
Mar 05, 2018

Scammers spoof Office 365, DocuSign and others | Salted Hash Ep 21
As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game of phishing.

Network World Security
Feb 28, 2018

Memcached servers can be hijacked for massive DDoS attacks
A flaw in the implementation of the UDP protocol for Memcached servers can allow anyone to launch a massive Distributed Denial of Service (DDoS) attack with little effort.

The problem was first discovered by the 0kee Team from China, which published a paper about it (pdf). This past week, security researchers at content delivery network (CDN) specialist Cloudflare also wrote about the issue. And CDN specialist Akamai and security provider Arbor Networks recently published their findings.

To read this article in full, please click here



Network World Security
Feb 27, 2018

GDPR deadline looms: The price and penalties | Salted Hash Ep 20
With the General Data Protection Regulation (GDPR) deadline fast approaching, host Steve Ragan explores the implications of noncompliance for companies -- and possible penalties -- with Greg Reber, founder/CEO of AsTech Consulting.

Network World Security
Feb 22, 2018

Which data center intrusion prevention systems are worth the investment? NSS Labs tests 5 DCIPS products
Performance is critical when evaluating data center intrusion-prevention systems (DCIPS), which face significantly higher traffic volumes than traditional IPSes.

A typical IPS is deployed at the corporate network perimeter to protect end-user activity, while a DCIPS sits inline, inside the data center perimeter, to protect data-center servers and the applications that run on them. That requires a DCIPS to keep pace with traffic from potentially hundreds of thousands of users who are accessing large applications in a server farm, says NSS Labs, which recently tested five DCIPS products in the areas of security, performance and total cost of ownership.

To read this article in full, please click here



Network World Security
Feb 20, 2018

Is the IoT backlash finally here?
As pretty much everyone knows, the Internet of Things (IoT) hype has been going strong for a few years now. I've done my part, no doubt, covering the technology extensively for the past 9 months. As vendors and users all scramble to cash in, it often seems like nothing can stop the rise IoT.

Maybe not, but there have been rumblings of a backlash to the rise of IoT for several years. Consumer and experts worry that the IoT may not easily fulfill its heavily hyped promise, or that it will turn out to be more cumbersome than anticipated, allow serious security issues, and compromise our privacy.

To read this article in full, please click here



Network World Security
Feb 19, 2018

Ransomware: Do you pay the ransom? | Salted Hash Ep 19
Robert Gibbons, CTO at Datto, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.

Network World Security
Feb 12, 2018

Managing open-source mobile security and privacy for activists worldwide | Salted Hash Ep 18
Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the world.

Network World Security
Feb 09, 2018

Tips to improve IoT security on your network
Judging by all the media attention that The Internet of Things (or IoT) gets these days, you would think that the world was firmly in the grip of a physical and digital transformation. The truth, though, is that we all are still in the early days of the IoT.

The analyst firm Gartner, for example, puts the number of Internet connected "things" at just 8.4 billion in 2017 - counting both consumer and business applications. That's a big number, yes, but much smaller number than the "50 billion devices" or "hundreds of billions of devices" figures that get bandied about in the press.

To read this article in full, please click here

(Insider Story)

Network World Security
Feb 08, 2018

Researchers find malware samples that exploit Meltdown and Spectre
It was inevitable. Once Google published its findings for the Meltdown and Spectre vulnerabilities in CPUs, the bad guys used that as a roadmap to create their malware. And so far, researchers have found more than 130 malware samples designed to exploit Spectre and Meltdown.

If there is any good news, it's that the majority of the samples appear to be in the testing phase, according to antivirus testing firm AV-TEST, or are based on proof-of-concept software created by security researchers. Still, the number is rising fast.

To read this article in full, please click here



Network World Security
Feb 06, 2018

Spectre and Meltdown | Salted Hash Ep 17
What is it about the Spectre and Meltdown attacks that scared everyone so much? Host Steve Ragan and J.M. Porup talk through the impact of these hardware flaws.

Network World Security
Feb 02, 2018

AMD plans silicon fix for Spectre vulnerability
Comeback kid AMD announced on its quarterly earnings call that it intends to have a silicon fix for the variant 2 of the Spectre exploit, the only one of the Meltdown and Spectre exploits it's vulnerable to, by 2019 with its new Zen 2 core.

The company also said it will ramp up GPU card production to meet the insane demand these days thanks to cryptominers, although it said the biggest challenge will be to find enough memory to make the cards.

Also read: Meltdown and Spectre: How much are ARM and AMD exposed? It's hard to believe that in 2018 we are seeing such shortages in computing hardware, but there you have it.

To read this article in full, please click here



Network World Security
Feb 01, 2018

How to eliminate the default route for greater security
If portions of enterprise data-center networks have no need to communicate directly with the internet, then why do we configure routers so every system on the network winds up with internet access by default?

Part of the reason is that many enterprises use an internet perimeter firewall performing port address translation (PAT) with a default policy that allows access the internet, a solution that leaves open a possible path by which attackers can breach security.

Also on Network World: IPv6 deployment guide; What is edge computing and how it's changing the network?

To read this article in full, please click here

(Insider Story)

Network World Security
Sep 18, 2017

5 Ways to Secure Wi-Fi Networks
Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.

But there's a lot more to Wi-Fi security than just setting a simple password. Investing time in learning about and applying enhanced security measures can go a long way toward better protecting your network. Here are six tips to betters secure your Wi-Fi network.

Use an inconspicuous network name (SSID) The service set identifier (SSID) is one of the most basic Wi-Fi network settings. Though it doesn't seem like the network name could compromise security, it certainly can. Using a too common of a SSID, like "wireless" or the vendor's default name, can make it easier for someone to crack the personal mode of WPA or WPA2 security. This is because the encryption algorithm incorporates the SSID, and password cracking dictionaries used by hackers are preloaded with common and default SSIDs. Using one of those just makes the hacker's job easier.

To read this article in full, please click here



Network World Security
Aug 31, 2017

IoT privacy: 30 ways to build a security culture
Much work still must be done before the industrial and municipal Internet of Things (IoT) becomes widely adopted outside of the circle of innovators. One field, privacy, well understood by the public and private sector in the context of the cloud, PCs and mobile, is in the early stage of adaptation for the IoT.

The sheer volume of data that will be collected and the new more granular architecture of the IoT present new privacy concerns that need to be resolved on an equal scale as the platform's forecasted growth.

A demonstration of this new aspect of privacy and compliance is the Privacy Guidelines for Internet of Things: Cheat Sheet, Technical Report (pdf) by Charith Perera, researcher at the Newcastle University in the U.K. The nine-page report details 30 points about implementing strong privacy protections. This report is summarized below.

To read this article in full, please click here



Network World Security
Jul 17, 2017

Unix: How random is random?
On Unix systems, random numbers are generated in a number of ways and random data can serve many purposes. From simple commands to fairly complex processes, the question "How random is random?" is worth asking.

EZ random numbers If all you need is a casual list of random numbers, the RANDOM variable is an easy choice. Type "echo $RANDOM" and you'll get a number between 0 and 32,767 (the largest number that two bytes can hold).

$ echo $RANDOM 29366 Of course, this process is actually providing a "pseudo-random" number. As anyone who thinks about random numbers very often might tell you, numbers generated by a program have a limitation. Programs follow carefully crafted steps, and those steps aren't even close to being truly random. You can increase the randomness of RANDOM's value by seeding it (i.e., setting the variable to some initial value). Some just use the current process ID (via $$) for that. Note that for any particular starting point, the subsequent values that $RANDOM provides are quite predictable.

To read this article in full, please click here



Network World Security
May 25, 2017

The complexity of password complexity
Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.

First, if you haven't done this already, install the password quality checking library with this command:

apt-get -y install libpam-pwquality The files that contain most of the settings we're going to look at will be:

To read this article in full, please click here



Network World Security
May 24, 2017

Gravityscan, keeping WordPress sites safe
If your website, in common with roughly 25% of all websites, is running WordPress then it's pretty much certain that it's being constantly attacked. WordPress is to hackers what raw meat is to jackals because unless sites are assiduously maintained, they quickly become vulnerable to a huge number of exploits.

The root cause of this vulnerability is WordPress' ecosystem of complex core software augmented by thousands of third party developers whose themes and plugins are often buggy and not quickly (or often, never) updated to fend off known security problems. Add to that many site owners being slow to update their core WordPress installation and you have an enormous and easily discovered collection of irresistible hacking targets.

To read this article in full, please click here



Network World Security
May 15, 2017

8 ways to manage an internet or security crisis
Your business is hit with a ransomware attack. Or your ecommerce site crashes. Your legacy system stops working. Or maybe your latest software release has a major bug. These are just some of the problems that ecommerce, technology and other companies experience at one time or another.

The issue is not if a problem - or crisis - occurs, but how your company handles it when it does. Manage the problem poorly, you risk losing customers, or worse. Handle a crisis promptly and professionally, you can fend off a public relations disaster and might even gain new customers.

So what steps can businesses take to mitigate and effectively manage an IT-related crisis? Here are eight suggestions.

To read this article in full, please click here



Network World Security
May 15, 2017

Incident response is like tracking down a perpetrator
What is incident response?Image by Thinkstock

Incident response is like investigating a real burglary. You look for evidence of the intruder at the crime scene, find his targets and his getaway car, and repair any holes. Discover any cuts in your chain link fence. Take a few steps back for more perspective. Find the intruder's targets. What assets are near the compromised fence? Investigate in both directions to find the intruder's target and getaway car. Fix the fence. Resolve any issues and patch vulnerabilities.

To read this article in full, please click here



Network World Security
May 01, 2017

Network monitoring tools: Features users love and hate
Managing the health of the corporate network will directly affect the productivity of every user of that network. So network administrators need a robust network monitoring tool that helps them manage the network, identify problems before they cause downtime, and quickly resolve issues when something goes wrong.

Five of the top network monitoring products on the market, according to users in the IT Central Station community, are CA Unified Infrastructure Management, SevOne, Microsoft System Center Operations Manager (SCOM), SolarWinds Network Performance Monitor (NPM), and CA Spectrum.

To read this article in full, please click here

(Insider Story)

Network World Security
Apr 27, 2017

Book Review: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
The overall equation is pretty simple: If you want to understand network traffic, you really should install Wireshark. And, if you really want to use Wireshark effectively, you should consider this book. Already in its third edition, Practical Packet Analysis both explains how Wireshark works and provides expert guidance on how you can use the tool to solve real-world network problems.

Yes, there are other packet analyzers, but Wireshark is one of the best, works on Windows, Mac, and Linux, and is free and open source. And, yes, there are other books, but this one focuses both on understanding the tool and using it to address the kind of problems that you're likely to encounter.

To read this article in full, please click here



Network World Security
Apr 10, 2017

Fight firewall sprawl with AlgoSec, Tufin, Skybox suites
New and innovative security tools seem to be emerging all the time, but the frontline defense for just about every network in operation today remains the trusty firewall. They aren't perfect, but if configured correctly and working as intended, firewalls can do a solid job of blocking threats from entering a network, while restricting unauthorized traffic from leaving.

The problem network administrators face is that as their networks grow, so do the number of firewalls. Large enterprises can find themselves with hundreds or thousands, a mix of old, new and next-gen models, probably from multiple vendors -- sometimes accidentally working against each other. For admins trying to configure firewall rules, the task can quickly become unmanageable.

To read this article in full, please click here

(Insider Story)

Network World Security
Mar 24, 2017

Review: Canary Flex security camera lives up to its name
Canary's initial foray into the networked home security camera space was very impressive - my colleague David Newman touted its high security settings in the wake of revelations about the general insecurity of these types of devices. The Canary camera was also somewhat large - a cylindrical tower that took up some significant space on your desk, cabinet or shelf.

The latest camera the company sent me is the Canary Flex, a much smaller unit meant to be more flexible (hence the name) in terms of placement, but also in power options. Like the Arlo Pro camera, the Canary Flex is powered by an internal battery (it's charged via USB cable and power adapter). This means you can move the Flex to a location inside or outside your home where there's no power outlet. The Flex comes with wall mounting screws and a 360-degree magnetic stand so you can position the camera in different spots. Additional accessories, such as a plant mount or twist mount (pictured below), offer even more location choices.

To read this article in full, please click here



Network World Security
Mar 13, 2017

Zix wins 5-vendor email encryption shootout
Email encryption products have made major strides since we last looked at them nearly two years ago. They have gotten easier to use and deploy, thanks to a combination of user interface and encryption key management improvements, and are at the point where encryption can almost be called effortless on the part of the end user.

Our biggest criticism in 2015 was that the products couldn't cover multiple use cases, such as when a user switches from reading emails on their smartphone to moving to a webmailer to composing messages on their Outlook desktop client. Fortunately, the products are all doing a better job handling multi-modal email.

To read this article in full, please click here

(Insider Story)

Network World Security
Mar 06, 2017

Review: vArmour flips security on its head
Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We've even reviewed dedicated threat-hunting tools that ferret out malware that's already active inside a network.

However, what if there were a different way to approach security? Instead of searching for behaviors that might indicate a threat, what if you could define everything that is allowed within a network? If every process, application and workflow needed to conduct business could be defined, then by default everything outside of those definitions could be flagged as illegal. At the very least, critical programs could be identified and all interactions with them could be tightly defined and monitored. It's a different way of looking at security, called segmentation.

To read this article in full, please click here

(Insider Story)

Network World Security
Feb 21, 2017

5 open source security tools too good to ignore
Open source is a wonderful thing. A significant chunk of today's enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that's changing. 

If you haven't been looking to open source to help address your security needs, it's a shame—you're missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. 

To read this article in full, please click here



Network World Security
Feb 15, 2017

Review: Samsung SmartCam PT network camera
The home security camera market has taken a big hit in recent months, becoming the poster child for "bad security behavior" when people talk about the security (or lack thereof) of Internet of Things. Last year's highly publicized DDoS attack on Dyn highlighted insecure cameras being used as part of a botnet; vulnerabilities were also found in Chinese-based security cameras and at least one Samsung SmartCam product. In the U.S., the FTC filed a complaint against D-Link over claims that their webcams were "secure".

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact

©1999-2018 CEOExpress Company LLC