NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Jul 29, 2021

Cisco preps now for the hybrid workforce
Work-from employees will no longer be treated as a second-class citizen, which means they will get best-in-class technology including SD-WAN appliances, cellular backup alternatives, zero trust security support and maybe even battery backup.

That's at least part of the plan for hybrid workers now and moving forward, said Cisco's Todd Nightingale, executive vice president and general manager of the company's Enterprise Networking & Cloud business. "The ‘return-to-office' concept is a myth--it's a world we have left behind."

To read this article in full, please click here



Network World Security
Jul 28, 2021

Feds' demand for software standards could boost enterprise security
Enterprises can look for more transparency from software vendors after the Biden Administration's recent mandate that software bills of materials be provided by companies attempting to do business with the federal government.

Software bills of materials, frequently abbreviated to SBOMs, aren't a new concept. The idea comes from the manufacturing sector, where it's often crucial for buyers to fully understand the components and materials that were used to make a particular piece of equipment.

The 10 most powerful companies in enterprise networking 2021 For example, a train engine might contain parts that aren't rated for certain levels of vibration stress, making it unsuitable for use on a particular type of track. The goal of an SBOM is similar, listing all the proprietary, open source, and licensed components being used in a particular piece of software, so that a buyer can review it and check whether any of those components are outdated or insecure.

To read this article in full, please click here



Network World Security
Jul 27, 2021

IBM upgrades its Big Iron OS for better cloud, security, and AI support
IBM continues to fine-tune its mainframe to keep it attractive to enterprise users interested in keeping the Big Iron in their cloud and AI-application development plans.

The company released a new version of the mainframe operating system—z/OS V2.5—that includes beefed-up support for containers, AI, and security.

Chip shortage will hit hardware buyers for months to years According to IBM, applications are at the heart of transactional and batch workloads running on z/OS. Fundamentally, developing new applications while modernizing existing applications is part of the digital transformation occurring in many enterprises.

To read this article in full, please click here



Network World Security
Jul 16, 2021

What is Network as a Service (NaaS)?
The day is coming when enterprise IT professionals will be able to order network infrastructure components from a menu of options, have them designed to fit their business needs, and have the whole thing delivered and running in perhaps hours.

The concept is called Network as a Service (NaaS), and it has been around in a number of different forms for a few years, mostly in the service provider arena.

Read more about NaaS:

NaaS is the future, but it's got challenges Cisco takes its first steps toward network-as-a-service The 10 most powerful companies in enterprise networking How to avoid the network-as-a-service shell game For enterprises, the as-a-service concept took hold as companies started to embrace cloud computing and its model of consumption-based capacity. In the infrastructure space, for example, more than 75% of infrastructure in edge locations and up to 50% of data-center infrastructure will be consumed in the as-a-service model by 2024, according to research firm IDC.

To read this article in full, please click here



Network World Security
Jul 08, 2021

Ransomware recovery: Plan for it now
If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it's important to understand how ransomware works.

How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it's important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.

To read this article in full, please click here



Network World Security
Jul 07, 2021

Don't let subdomains sink your security
If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization's main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.

Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has "only" 2,132 subdomains.

What is DNS and how it works Whatever value subdomains bring to enterprises--and they bring plenty--they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.

To read this article in full, please click here



Network World Security
Jul 01, 2021

10 competitors Cisco just can't kill off
In compiling this iteration of our list of competitors Cisco can't kill off, one thing is clear: The competition is fierce amongst the bigger players.

Nearly all the networking giant's competitors have refreshed their product lines or bought into technology to compete more closely with Cisco. But that's not to say Cisco has been sitting still by any means.

The 10 most powerful companies in enterprise networking 2021 The company has expanded and refreshed its core Catalyst, Nexus and Silicon One networking gear and made major strides in security and software. Going forward, it wants to lead the industry in network-as-a-service.

To read this article in full, please click here



Network World Security
Jun 30, 2021

Cisco completes purchase of security risk-management firm
Cisco continues to bulk-up its security portfolio, this week closing the deal on risk-based management company Kenna Security for an undisclosed amount.

Kenna's Risk-Based Vulnerability Management system collects and analyzes security data to provide security teams with information about threats so they can prioritize remediation and better understand risks.

Read about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The technology will become part of Cisco's SecureX service that integrates numerous security components. Cisco says the service is an open, cloud-native system to detect and remediate threats across Cisco and third-party products from a single interface. The SecureX dashboard shows operational metrics, triggers alerts to emerging threats, and accelerates threat investigations and incident management by aggregating and correlating global intelligence and local context in one view.  

To read this article in full, please click here



Network World Security
Jun 28, 2021

Department of Defense works to integrate battlefield intel networks
If yours is like most enterprises, it is under intense competitive pressure to understand faster, decide faster, and act faster in an increasingly dynamic environment.

For businesses, that environment is the economy. But for the U.S. Department of Defense (DoD), the environment in which they must leverage technology and tactics against deadly adversaries is more like a battlefield. And all but the most self-aggrandizing sales directors would agree that the stakes on the battlefield are considerably higher than growing revenue and capturing market share. (Not that they are trivial!)

Read more: Cisco tool taps telemetry for network, security analytics

To read this article in full, please click here



Network World Security
Jun 28, 2021

The Department of Defense, networking, and the speed of relevance
If yours is like most enterprises, it is under intense competitive pressure to understand faster, decide faster, and act faster in an increasingly dynamic environment.

For businesses, that environment is the economy. But for the U.S. Department of Defense (DoD), the environment in which they must leverage technology and tactics against deadly adversaries is more like a battlefield. And all but the most self-aggrandizing sales directors would agree that the stakes on the battlefield are considerably higher than growing revenue and capturing market share. (Not that they are trivial!)

Read more: Cisco tool taps telemetry for network, security analytics

To read this article in full, please click here



Network World Security
Jun 14, 2021

The great cloud computing surge
Driven in part by the pandemic, cloud computing adoption has reached new heights. These five articles take a close look at the implications.

Network World Security
Jun 08, 2021

Why the cloud will never eat the data center
Sometimes it's hard to see gradual changes in technology paradigms because they're gradual.  Sometimes it helps to play "Just suppose…" and see where it leads. So, just suppose that the cloud did what some radical thinkers say, and "absorbed the network". That's sure an exciting tag line, but is this even possible, and how might it come about?

Companies are already committed to a virtual form of networking for their WAN services, based on VPNs or SD-WAN, rather than building their own WANs from pipes and routers.  That was a big step, so what could be happening to make WANs even more virtual, to the point where the cloud could subsume them?  It would have to be a data-center change.

To read this article in full, please click here



Network World Security
Jun 01, 2021

Open-source: Get SLAs to protect network apps with open-source components
The continuous influx of open-source software (OSS) into enterprise IT departments is, in many ways, an enormous boon to both vendors and users. For the former, the ability to use open source components means getting rid of a great deal of duplicative effort—rather than having to design every part of, say, an IoT sensor and monitoring product from scratch, a vendor can adopt a well-understood, well-supported open source library for its networking stack, and focus more of its attention on the sensing and data analysis features that will set the product apart from its competitors.

For end-users, one of the chief advantages is—at least in theory—the improved security that's part of the usual sales pitch for open source software. The idea here is that the open nature of a piece of software—and the fact that anyone can look at it to discover and correct security flaws—means that it's generally going to be more secure than a proprietary equivalent.

To read this article in full, please click here



Network World Security
May 31, 2021

Make sure your laptop backups can handle ransomware
With increasingly mobile workforces, it's important to effectively backup corporate data that resides on laptops, which requires a unique set of features not found in traditional backup systems used for desktops attached to corporate LANs.

Laptops have all the functionality of desktops, but are readily lost or stolen, have limited bandwidth for connectivity to corporate resources, and can spend unpredictable spans of time disconnected or turned off. So it's important to find backup options that meet these challenges, which can also include ransomware attacks.

Backup lessons from a cloud-storage disaster Backing up laptops properly also makes upgrading them much easier, especially in the world of remote work. A good backup system can restore a user's profile and data, and makes replacing a laptop much simpler for both the IT department and the person whose laptop is being replaced. With the right system in place, all you have to do is ship them a new laptop.  They can restore their own profile and data without IT intervention, saving time, effort, and a lot of money.

To read this article in full, please click here



Network World Security
May 26, 2021

Center for Internet Security: 18 security controls you need
The Center for Internet Security has updated its set of safeguards for warding off the five most common types of attacks facing enterprise networks—web-application hacking, insider and privilege misuse, malware, ransomware, and targeted intrusions.

In issuing its CIS Controls V8 this month, the organization sought to present practical and specific actions businesses can take to protect their networks and data. These range from making an inventory of enterprise assets to account management to auditing logs.

In part the new version was needed to address changes to how businesses operate since V7 was issued three years ago, and those changes guided the work. "Movement to cloud-based computing, virtualization, mobility, outsourcing, work-from-home, and changing attacker tactics have been central in every discussion," the new controls document says.

To read this article in full, please click here



Network World Security
May 19, 2021

Palo Alto Networks pushes enterprise zero trust
Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.

The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. "An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work," he said.

To read this article in full, please click here



Network World Security
May 18, 2021

Cisco CEO on security: "There is really no perimeter in the enterprise to defend anymore."
Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.

Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.

Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.

To read this article in full, please click here



Network World Security
May 18, 2021

Cisco CEO: There's no enterprise perimeter to defend anymore
Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.

Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.

Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.

To read this article in full, please click here



Network World Security
May 14, 2021

‘FragAttack' flaws threaten Wi-Fi, but not too seriously
Almost all Wi-Fi is potentially vulnerable to flaws that date back to 1997 when it became commercially available, but even the person who discovered the weaknesses says some of them are difficult to exploit.

Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who's the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it's coming and what it's good for Mathy Vanhoef, a post-doctoral student at NYU Abu Dhabi, has created attacks—FragAttacks—that take advantage of the vulnerabilities, but in an academic paper about them, says the most widespread vulnerabilities can be exploited only under specific, rare conditions, and require either user interaction or highly unusual configurations to succeed.

To read this article in full, please click here



Network World Security
May 10, 2021

How does certificate-based authentication work?
Certificate-based authentication is a cryptographic technique that allows one computer to securely identify itself to another across a network connection, using a document called a public-key certificate.To read this article in full, please click here

(Insider Story)

Network World Security
May 05, 2021

IBM embraces zero trust with upgraded Cloud Pak service
IBM has taken the wraps off a version of its Cloud Pak for Security that aims to help customers looking to deploy zero-trust security facilities for enterprise resource protection.

IBM Cloud Paks are bundles of Red Hat's Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.

To read this article in full, please click here



Network World Security
May 05, 2021

Juniper takes SASE security control to the cloud
Juniper Networks has laid a key part of its Secure Access Services Edge (SASE) foundation with a cloud-based security-control service that provides a central way to control and protect on-premises or cloud-based enterprise resources.

Called Security Director Cloud, the service focuses Juniper's SASE efforts by providing a central point to manage enterprise security services including policy setting, and threat-detection and -prevention.

Juniper (like other key enterprise networking vendors such as Cisco, Hewlitt-Packard Enterprise (Aruba) and VMware, as well as service providers including Cato Networks, Akamai, and Zscaler) has pledged allegiance to growing SASE support in its product families.

To read this article in full, please click here



Network World Security
May 04, 2021

Cisco adds to its Catalyst software stack for back-to-work safety
Cisco has taken the wraps off a technology package it says will utilize existing core wireless and wired systems to help enterprises better control their physical environments and enable a safer, more secure return to the office.

While supporting remote offices and branches of one—IDC says that post-COVID, more than 52% of workers will either remain remote or hybrid—they rest could return to an altered business space.  

Who's selling SASE, and what do you get? In these offices, sensors and devices that have been used to manage lighting and HVAC systems can be adapted to occupancy and density monitoring, air-quality testing, contact tracing, and in-room presence, according to Anoop Vetteth, vice president of product management with Cisco's Enterprise Switching and Software Solutions group.

To read this article in full, please click here



Network World Security
Apr 28, 2021

802.1X: What you need to know about this LAN-authentication standard
When devics on enterprise LANs need to connect to other devices, they need a standard method for identifying each other to ensure they are communicating with the device they want to, and that's what 802.1x does. This article tells where it came from and how it works.

802.1x defined IEEE 802.1X is a standard that defines how to provide authentication for devices that connect with other devices on local area networks (LANs).

How to deploy 802.1x for Wi-Fi using WPA3 enterprise It provides a mechanism by which network switches and access points can hand off authentication duties to a specialized authentication server, like a RADIUS server, so that device authentication on a network can be managed and updated centrally, rather than distributed across multiple pieces of networking hardware.

To read this article in full, please click here



Network World Security
Apr 26, 2021

Wi-Fi in 2025: It could be watching your every move
I consider myself a techno-optimist. Technology has improved life for humanity in countless ways, like the wheel, the printing press, selfie sticks—these marvels have enriched us all.

So too has Wi-Fi. If not for Wi-Fi, no one could idly stream YouTube videos on company laptops through rogue hotspots at a busy-but-socially-distanced coffeeshop when we're supposed to be doing our jobs. Which is to say none of us could fully leverage the remote network-connectivity tools that allow enterprise employees to be productive any time and from anywhere.

To read this article in full, please click here



Network World Security
Apr 23, 2021

Organizations need to patch Pulse Secure VPNs
Organizations using Pulse Secure's mobile VPN should patch vulnerabilities reportedly being exploited in the wild, possibly by a "Chinese espionage actor".

The patch-available here-is considered important enough that the Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies a deadline of April 23 to apply them.

Backup lessons from a cloud-storage disaster CISA's guidance states that federal users of Pulse Connect Secure VPNs must use the company's free utility to ascertain whether their devices are vulnerable.

To read this article in full, please click here



Network World Security
Apr 23, 2021

Backup lessons from a cloud-storage disaster
European's largest cloud provider, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.

Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre Pompidou

To read this article in full, please click here



Network World Security
Apr 20, 2021

VMware bundles support for the branch-of-one workforce
VMware has unveiled an integrated package of cloud security, access control and networking software aimed at addressing the key needs of today's COVID-19-driven remote workforce.

VMware Anywhere Workspace brings together the company's core enterprise software products, including its Workspace ONE unified endpoint management, Carbon Black Cloud cloud-native endpoint security, and secure access service edge (SASE) components, into a single system to support a widely distributed workforce.

Read more: Who's selling SASE, and what do you get? "Enterprises are moving from simply supporting remote work to becoming distributed, anywhere organizations. Companies are rethinking where teams work, how they work, and how they support customers from wherever they are," Sanjay Poonen, chief operating officer, customer operations with VMware, wrote in a blog about the announcement. "To be successful, this means investing in technology and a long-term strategy to be a stronger, more focused and more resilient organization."  

To read this article in full, please click here



Network World Security
Apr 20, 2021

VMware targets branch-of-one workforce with integrated access, security, network package
VMware has unveiled an integrated package of cloud security, access control and networking software aimed at addressing the key needs of today's COVID-19-driven remote workforce.

VMware Anywhere Workspace brings together the company's core enterprise software products, including its Workspace ONE unified endpoint management offering, Carbon Black Cloud cloud-native endpoint security platform, and secure access service edge (SASE) components, into a single deployable system to support the widely distributed workforce.

Read more: Who's selling SASE, and what do you get? "Enterprises are moving from simply supporting remote work to becoming distributed, anywhere-organizations. Companies are rethinking where teams work, how they work and how they support customers from wherever they are. To be successful, this means investing in technology and a long-term strategy to be a stronger, more focused and more resilient organization," Sanjay Poonen, chief operating officer, customer operations with VMware, wrote in a blog about the announcement.   

To read this article in full, please click here



Network World Security
Apr 19, 2021

Water-authority network upgrade spots problems faster
The Albuquerque water authority says recent network upgrades give it greater visibility and control over its remote sites and makes for faster responses to leaks and other problems.

The Albuquerque Bernalillo County Water Utility Authority manages more than 3,000 miles of water-supply pipeline covering more than 650,000 users. The authority manages 135 remote locations, which include well sites, tanks, and pump stations, all of which have programmable logic controllers (PLC) connected to a dedicated, fixed-wireless network running at 900MHz back to the core network.

[Get regularly scheduled insights by signing up for Network World newsletters.] "The [main treatment] plant was built [about] 15 years ago," said Kristen Sanders, the authority's chief information security officer. "So if a piece of equipment went out, replacing it would be about shopping on eBay." Also the authority's fiber backbone that connects the sites with the main plant was past it's service life and had to be replaced.

To read this article in full, please click here



Network World Security
Apr 16, 2021

TCP/IP stack vulnerabilities threaten IoT devices
A set of vulnerabilities in TCP/IP stacks used by FreeBSD and three popular real-time operating systems designed for the IoT was revealed this week by security vendor Forescout and JSOF Research. The nine vulnerabilities could potentially affect 100 million devices in the wild.

Nucleus NET, IPNet and NetX are the other operating systems affected by the vulnerabilities, which a joint report issued by Forescout and JSOF dubbed Name:Wreck.

In a report on the vulnerabilities, Forescout writes that TCP/IP stacks are particularly vulnerable for several reasons, including widespread use, the fact that many such stacks were created a long time ago, and the fact that they make an attractive attack surface, thanks to unauthenticated functionality and protocols that cross network perimeters.

To read this article in full, please click here



Network World Security
Mar 31, 2021

Cisco streamlines, upgrades its SASE bundle
Cisco made enhancements to its security offerings that will expand and change the way customers buy its Secure Access Service Edge products as well as bolster network-access authentication.

Cisco's SASE plan will focus on enhancing networking and security functions while building them into an integrated service that can help simplify access to enterprise cloud resources securely, said Gee Rittenhouse senior vice president and general manager of Cisco's Security Business Group during this week's Cisco Live! event.

MORE CISCO LIVE! NEWS: Cisco takes its first steps toward network-as-a-service; Cisco brings net intelligence to Catalyst switches, app-performance management

To read this article in full, please click here



Network World Security
Mar 29, 2021

5G: Network slicing could result in vulnerabilities
5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 29, 2021

Report: 5G network slicing could leave flaws for bad actors to exploit
5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.

5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can't Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises Network slicing is central to realizing many of 5G's more ambitious capabilities because it enables individual access points or base stations to subdivide networks into multiple logical sections—slices—effectively providing entirely separate networks for multiple uses. The slices can be used for different purposes—say, mobile broadband for end-users and massive IoT connectivity—at the same time, without interfering with each other.



Network World Security
Mar 22, 2021

Cloudflare wants to be your corporate network backbone with centralized management and security
Magic WAN and Magic Firewall aim to simplify linking sites and datacenters while allowing organizations to better enforce security policies.

Network World Security
Mar 18, 2021

VMware bolsters cloud app security with Mesh7 buy
With a goal of making distributed applications more secure, VMware has announced plans to buy security vendor Mesh7 for an undisclosed amount.

Combining the acquisition with its other security wares, VMware aims to address modern applications that require reliable connectivity, dynamic service discovery, and the ability to automate changes quickly without disruption as they extend across multi-cloud environments, said Tom Gillis, senior vice president and general manger with VMware's networking and security business unit, in a blog about the Mesh7 acquisition.

To read this article in full, please click here



Network World Security
Mar 16, 2021

Ransomware: How to make sure backups are ready for a real attack
The best way to avoid paying ransom to attackers who have infected your systems with ransomware is to have those systems adequately backed up so you can wipe them and restore them from safe backups. Here are several options for making sure those backups are up to the task.

In this article, backup refers to any system that you're going to use to respond to a ransomware attack, including old-school backup systems, replication systems, and modern hybrid systems that support backup and disaster recover. For simplicity's sake, they'll all be referred to as backup here.

More about backup and recovery:

To read this article in full, please click here



Network World Security
Mar 11, 2021

Top enterprise data center trends you need to know
Data-center networking was already changing prior to the technology challenges brought on by the COVID-19 pandemic, and few areas of the enterprise will continue to be affected more than data centers by those modifications in the future.

That's because myriad technologies are driving changes in the data center—everything from heavy demand for higher-speed networking, support for a remote workforce, increased security, tighter management and perhaps the biggest alteration—the prolific growth of cloud services.

To read this article in full, please click here



Network World Security
Mar 09, 2021

5 free network-vulnerability scanners
Though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself.

Vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process.

Though vulnerability scanners and security auditing tools can cost a fortune, there are free options as well. Some only look at specific vulnerabilities or limit how many hosts can be scanned but there are also those that offer broad IT security scanning.

To read this article in full, please click here



Network World Security
Mar 08, 2021

Cybersecurity in 2021: Stopping the madness
The challenges are greater than ever. But security pros have learned a lot - and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

Network World Security
Mar 08, 2021

WAN challenges steer auto-rental firm to SASE
Latency and reliability concerns set car rental company Sixt on a path to rearchitect its WAN. That led the global company, which has locations in more than 100 countries, to become an early adopter of the network-security architecture dubbed secure access service edge (SASE) by research firm Gartner.

Tech Spotlight: Security 4 ways to keep the cybersecurity conversation going after the crisis (CSO) Mitigating the hidden risks of digital transformation (CIO) WFH security lessons learned from the pandemic (Computerworld) WAN challenges steer Sixt to cloud-native SASE deployment (Network World) 6 security risks in software development — and how to address them (InfoWorld) SASE, pronounced "sassy," blends SD-WAN's network optimization features with security capabilities such as zero-trust authentication, data loss prevention, threat detection, and encryption. Driven by dem

Network World Security
Feb 24, 2021

Cisco issues 3 critical warnings around ACI, NS-OX security holes
Cisco has issued three security advisories rated "critical" for some of its high-end software systems—two aimed at its Application Services Engine (ASE) implementation and one at the NX-OS operating system.

The most concerning warning came for Cisco Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) installed with the ASE which was rated a worse-case scenario, 10 out of a possible 10 on the Common Vulnerability Scoring System (CVSS).  The ACI Multi-Site Orchestrator lets customers control application-access policies across Cisco Application Policy Infrastructure Controller-based fabrics.

To read this article in full, please click here



Network World Security
Feb 24, 2021

IoT security tips and a cautionary tale
You will have more connected devices than ever on your network in 2021, especially if you're in healthcare, retail, or logistics, industries that are among the early adopters of the Internet of Things (IoT). You'll have devices on your network edge, in your headquarters, on vehicles, in machinery, in your stores, in employees' homes, and on public property.

And there's a good chance that some or many of these IoT devices have built-in security vulnerabilities that can endanger your network. In trying to capitalize on the voracious global appetite for connected commercial devices, many IoT manufacturers and developers are shoveling out enterprise IoT devices with, shall we say, varying levels of regard for security.

To read this article in full, please click here



Network World Security
Feb 16, 2021

Palo Alto grows cloud security portfolio with new Prisma release, Bridgecrew buy
Palo Alto had a busy week. First, it rolled out a number of new features for its Prisma cloud-based security package, and then it announced plans to buy cloud security vendor Bridgecrew for about $156 million in cash.

Palo Alto's Prisma is a cloud-based security package that includes access control, advanced threat protection, user behavior monitoring and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, zero-trust network access, a cloud access security broker and a secure web gateway.

To read this article in full, please click here



Network World Security
Feb 09, 2021

How COVID-19 is shaping enterprise networking
The COVID-19 pandemic has influenced the networking arena in a number of ways, including the rise of fully automated remote offices, the need to support a "branch of one," and the growth of new communications software tools.

"One of the biggest trends we are seeing is business agility. That is, IT looking at the tech they have deployed and evaluating it not just in terms of speeds and feeds, but how agile it is to handle whatever's coming next," said Todd Nightingale, Cisco's Enterprise Networking & Cloud business chief. "Software APIs are a huge part of that trend, because it is amazingly easier to handle changes through APIs and software that make it possible to change things in a day rather than months."

To read this article in full, please click here



Network World Security
Feb 08, 2021

The future of work: Coming sooner than you think
What will your worklife be like years from now? Today's work-from-home world has given us a glimpse of the future, as these five articles from CIO, Computerworld, CSO, InfoWorld, and Network World illustrate.

Network World Security
Feb 04, 2021

Cisco AppDynamics software melds security, application management
Cisco AppDynamics is making it easier for customers to integrate security features with application development to help customers detect threats, identify non-standard application behavior, and block attacks.

The company is adding software, called Cisco Secure Application, to the AppDynamics platform to correlate security and application information by scanning code execution for known exploits. Vulnerability data is shared with application and security operations teams so that together they can prioritize, execute, and track remediation efforts.

Read more: How AI can create self-driving data centers

To read this article in full, please click here



Network World Security
Feb 02, 2021

Arista embraces segmentation as part of its zero-trust security
Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.

The new software, Macro-Segmentation Service (MSS)-Group, expands the company's MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company's MSS Host focuses on data-center security policies.

See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision's network information can be utilized by Arista networking partners including VMware, Microsoft and IBM's Red Hat.

To read this article in full, please click here



Network World Security
Jan 20, 2021

Cisco tags critical security holes in SD-WAN software
Cisco has noted and fixed two critical and a number of high-degree vulnerabilities in its SD-WAN software portfolio.

Most of the vulnerabilities could let an authenticated attacker execute command injection attacks against an affected device, which could let the attacker utilize root privileges on the device.

The first critical problem-with a Common Vulnerability Scoring System rating of 9.9 out of 10-is  vulnerability in the web-based management interface of Cisco SD-WAN vManage Software. 

"This vulnerability is due to improper input validation of user-supplied input to the device template configuration," Cisco stated. "An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to gain root-level access to the affected system."

To read this article in full, please click here



Network World Security
Jan 20, 2021

Lessons that insurrection selfies hold for legitimate enterprises
The pro-Trump rioters who invaded the Capitol on January 6 came with smartphones to record and celebrate what they thought was a righteous effort to prevent president-elect Joe Biden from taking office two weeks later.

Now those electronic devices, along with the GPS data they generated, are being used to track the location of rioters within the building as federal law enforcement officials continue to make arrests and build criminal cases.

Among the acts being investigated: breaking through police barriers, smashing windows, and assaulting police officers and media members. Five people died including a Capitol Hill police officer who was bludgeoned with a fire extinguisher.

To read this article in full, please click here



Network World Security
Dec 28, 2020

How to deploy 802.1x for Wi-Fi using WPA3-Enterprise
Wi-Fi Protected Access 3 (WPA3) has brought significant security improvements to Wi-Fi networks, particularly WPA-3Enterprise, which includes tweaks to make authenticating to the network more secure. One of these is has to do with 802.1x authentication that is used to determine whether Wi-Fi clients will be granted access to the enterprise network.

Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who's the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it's coming and what it's good for The enterprise mode of WPA has always allowed you to give each user a unique username/password to login to the Wi-Fi or to utilize unique digital certificates for each user to install on devices for even more security. Now with WPA3-Enterprise, the security is increased as clients are now required to make sure it's communicating with the real authentication server before sending login credentials. That verification was optional with the earlier two versions of WPA.

To read this article in full, please click here



Network World Security
Dec 28, 2020

Wi-Fi: How to deploy 802.1x authentication using WPA3-Enterprise
Wi-Fi Protected Access 3 (WPA3) has brought significant security improvements to Wi-Fi networks, particularly WPA-3Enterprise, which includes tweaks to make authenticating to the network more secure. One of these is has to do with 802.1x authentication that is used to determine whether Wi-Fi clients will be granted access to the enterprise network.

Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who's the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it's coming and what it's good for The enterprise mode of WPA has always allowed you to give each user a unique username/password to login to the Wi-Fi or to utilize unique digital certificates for each user to install on devices for even more security. Now with WPA3-Enterprise, the security is increased as clients are now required to make sure it's communicating with the real authentication server before sending login credentials. That verification was optional with the earlier two versions of WPA.

To read this article in full, please click here



Network World Security
Dec 23, 2020

SolarWinds roundup: Fixes, new bad actors, and the company knew
The SolarWinds Orion security breach is unfolding at a rapid pace and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern is the rate of infection and impact on government systems.

In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework was found to contain a backdoor that communicates via HTTP to third-party servers.

[Get regularly scheduled insights by signing up for Network World newsletters.] After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.

To read this article in full, please click here



Network World Security
Dec 23, 2020

SolarWinds roundup: Fixes, new bad actors, and what the company knew
The SolarWinds Orion security breach is unfolding at a rapid pace, and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern are the rate of infection and impact on government systems.

In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework, was found to contain a backdoor that communicates via HTTP to third-party servers.

[Get regularly scheduled insights by signing up for Network World newsletters.] After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.

To read this article in full, please click here



Network World Security
Dec 23, 2020

SASE check list: 7 key evaluation criteria
The marriage of networking and security into the secure-access service edge stands to improve application performance, reduce infrastructure complexity, and protect sensitive data, and as such SASE is an attractive architecture for enterprises large and small.

Due to the newness of SASE offerings, though, providers are still building and refining the features of their services, so available offerings are complex, often incomplete and require integration with customer organizations' existing network and security architectures.

To read this article in full, please click here



Network World Security
Dec 15, 2020

SolarWinds Trojan: Affected enterprises must use hot patches, isolate compromised gear
Hot patching and isolating potentially affected resources are on the IT response schedule as enterprises that employ SolarWinds Orion network-monitoring software look to limit the impact of the serious Trojan unleashed on the platform.

The supply-chain attack, reported early this week by Reuters and detailed by security researchers at FireEye and Microsoft involves a potential state-sponsored, sophisticated actor gained access to a wide variety of government, public and private networks via Trojanized updates to SolarWind's Orion network monitoring and management software. This campaign may have begun as early as spring 2020 and is ongoing, according to FireEye and others.

To read this article in full, please click here



Network World Security
Dec 15, 2020

Trojan in SolarWinds security has far-reaching impact
SolarWinds says a compromise of its widely used Orion network-monitoring platform endangers the networks of public and private organizations that use it and that the problem should be remediated right away.

In a security advisory, SolarWinds said customers should upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure their environment is safe. An additional hotfix release that both replaces the compromised component and provides several additional security enhancements is expected in the next day or two.

The company's managed services tools appear to be uncompromised, and the company said it isn't aware of any similar issues with its non-Orion products, like RMM, N-Central, and SolarWinds MSP products.

To read this article in full, please click here



Network World Security
Dec 15, 2020

SolarWinds attack explained: And why it was so hard to detect
A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.

Network World Security
Nov 30, 2020

Zero trust planning: Key factors for IT pros to consider
Moving away from VPNs as a means to protect corporate networks at the perimeter and moving toward zero-trust network access requires careful enterprise planning and may require implementing technologies that are new to individual organizations.

ZTNA employs identity-based authentication to establish trust with entities trying to access the network and grants each authorized entity access only to the data and applications they require to accomplish their tasks. It also provides new tools for IT to control access to sensitive data by those entities that are deemed trusted.

To read this article in full, please click here



Network World Security
Nov 16, 2020

Cisco gains container security with Banzai Cloud buy
In its second cloud-native technology acquisition in as many months, Cisco is buying container security firm Banzai Cloud for an undisclosed amount.

Founded in 2017, Banzai is known for developing Kubernetes-based cloud application development and security technologies. It will become part of Cisco's Emerging Technologies and Incubation group, where the company brews new projects for cloud-native networking, security and edge computing environments.

READ MORE: Gartner's top 9 strategic technology trends for 2021

To read this article in full, please click here



Network World Security
Nov 11, 2020

Palo Alto cloud service prevents distributed enterprise data loss
Palo Alto is rolling out a cloud service that promises to protect the highly distributed data in contemporary enterprises.

The cloud service -- Enterprise Data Loss Prevention (DLP) - will help prevent data breaches by automatically identifying confidential intellectual property and personally identifiable information across the enterprise, Palo Alto stated.

Data breaches are a huge and growing problem worldwide, but most of the current DLP systems were only designed to help global-scale organizations that have huge data protection budgets and staffs.  Legacy and point solutions are not accessible, appropriate or effective for many of the companies that need them, said Anand Oswal, senior vice president and general manager with Palo Alto Networks.

To read this article in full, please click here



Network World Security
Oct 30, 2020

Who's selling SASE and what do you get?
Secure access service edge (SASE) architecture rolls networking and security into a cloud service, making it easier for enterprises to provide simple, secure access to corporate resources, but it's still in its infancy. Vendors and service providers sell offerings that they call SASE, but what they actually provide and how they provide it varies widely.

SASE—pronounced "sassy"- is a term coined last year by Gartner, and it combines software-defined WAN (SD-WAN) with access control and security, all bundled as a cloud service.

To read this article in full, please click here



Network World Security
Oct 29, 2020

Cisco fortifies and simplifies its security portfolio with eye toward cloud, zero trust
Simplifying security options for enterprise customers is a daunting task, and it can be even harder in the current pandemic-driven workforce environment. But Cisco is taking steps to both streamline and bolster its security menu, according to news out of its virtual Partner Summit conference. 

For starters, Cisco is eliminating 50 product names and simplifying its offerings within the renamed Cisco Secure portfolio. Cisco is also reinforcing its key platforms, including its SecureX and zero trust packages. (See related story, Cisco software upgrades to simplify hybrid-cloud management, operations)

To read this article in full, please click here



Network World Security
Oct 29, 2020

'Credible threat': How to protect networks from ransomware
(Editor's note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it's a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)

Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.

Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.

To read this article in full, please click here



Network World Security
Oct 28, 2020

Survey: Zero Trust benefits remote work during pandemic
(Editor's note: An August 2020 Enterprise Management Associates survey of 252 North American and European IT professionals found that most had accelerated their adoption of Zero Trust networking framework. This article by EMA Vice President of Research Networking Shamus McGillicuddy further details the results of the "Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation" report.)

The COVID-19 pandemic has prompted 60% of enterprises to accelerate their Zero Trust networking strategies. Just 15% of organizations slowed down in response to the public-health crisis, and 25% reported no effect, according to Enterprise Management Associates research.

To read this article in full, please click here



Network World Security
Oct 19, 2020

How to enforce password complexity on Linux
Deploying password-quality checking on your Debian-based Linux servers can help ensure that your users assign reasonably secure passwords to their accounts, but the settings themselves can be a bit misleading.

For example, setting a minimum password length of 12 characters does not necessarily mean that all your users' passwords will actually have 12 or more characters.

Let's stroll down Complexity Boulevard and see how the settings work and examine some that are worth considering.

[Get regularly scheduled insights by signing up for Network World newsletters.] The files that contain the settings we're going to look at will be:

To read this article in full, please click here



Network World Security
Oct 19, 2020

Gartner: Top strategic technology trends for 2021
Companies need to focus on architecting resilience and accept that disruptive change is the norm, says research firm Gartner, which unveiled its annual look at the top strategic technology trends that organizations need to prepare for in the coming year.

Gartner unveiled this year's list at its flagship IT Symposium/Xpo Americas conference, which is being held virtually this year.

READ MORE: VMware highlights security in COVID-era networking | Essential edge-computing use cases | How AI can boost data-center availability, efficiency

To read this article in full, please click here



Network World Security
Oct 15, 2020

IoT Roundup: Carriers and connectivity fueling Microsoft's IoT expansion, IoT networks getting smarter, and security corner
This month's installment covers the impetus lent to IoT deployments by the ongoing pandemic, some new wrinkles in the security picture, and the possibility of more intelligence at the network edge in the future.

Network World Security
Oct 14, 2020

IBM expands the role of its hybrid-cloud security package
IBM is expanding the role of its security-software package for hybrid-cloud deployments by improving the gathering of security data collected within customer networks and drawing on third-party threat-intelligence feeds, among other upgrades.

IBM's Cloud Pak for Security, which features open-source technology for hunting threats and automation capabilities to speed response to cyberattacks, can bring together on a single console data gathered by customers' existing security point products.

IBM Cloud Paks are bundles of Red Hat's Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.

To read this article in full, please click here



Network World Security
Oct 07, 2020

Juniper upgrades security software with threat intelligence, VPN package
Juniper Networks has added new components to its security portfolio to help customers get a better handle on potential threats as well as improve risk detection and response.

The new products are aimed at figuring out who and what devices are on the network and then offering the security intelligence to help them address threats at every point on the network, said Samantha Madrid vice president of product management in the Security Business & Strategy business at Juniper Networks.

Security is always a challenge but even more so now when customers have mass-scale remote workforces, Madrid said. 

[Get regularly scheduled insights by signing up for Network World newsletters.] Madrid cited a recent Juniper-sponsored IT survey by Vanson Bourne that found 97% of respondents said their companies faced challenges securing their organizations' network effectively.

To read this article in full, please click here



Network World Security
Oct 06, 2020

Cisco slapped with $1.9 billion judgement in security patent lawsuit
Cisco this week lost a patent infringement case brought by security vendor Centripetal Networks and was hit with a $1.9 billion judgement.

A non-jury judgement from U.S. District Judge Henry Morgan determined Cisco infringed on four security patents related to encrypted traffic and packet filtering technology belonging to plaintiff Centripetal Networks. The award directs $755.8 million in actual damages, multiplied by 2.5 to reflect "willful and egregious" conduct from Cisco, the judge found. 

The award also includes past damages and a running royalty of 10% on the apportioned sales of the patented products for a period of three years, followed by a second three-year term with a running royalty of 5% on such sales, which could take damages from the case north of $3 billion, according to a Centripetal statement about the case.

To read this article in full, please click here



Network World Security
Oct 01, 2020

VMware highlights security in COVID-era networking
As enterprise workloads continue to move off-premises and employees continue to work remotely during the COVID-19 pandemic, securing that environment remains a critical challenge for IT.

At its virtual VWworld 2020 gathering, VMware detailed products and plans to help customers deal with the challenges of securing distributed enterprise resources.

More about SD-WAN: How to buy SD-WAN technology: Key questions to consider when selecting a supplier • What SD-Branch is and why you'll need it • What are the options for securing SD-WAN? "Amid global disruption, the key to survival for many companies has meant an accelerated shift to the cloud and, ultimately, bolting on security products in their data centers," said Sanjay Poonen, VMware's Chief Operating Officer, Customer Operations. "But legacy security systems are no longer sufficient for organizations that are using the cloud as part of their computing infrastructure. It's time to rethink security for the cloud. Organizations need protection at the workload level, not just at the endpoint."

To read this article in full, please click here



Network World Security
Sep 29, 2020

VMware plan disaggregates servers, offloads network virtualization and security
VMware is continuing its effort to remake the data center, cloud and edge to handle the distributed workloads and applications of the future.

At its virtual VMworld 2020 event the company previewed a new architecture called Project Monterey that goes a long way toward melding bare-metal servers, graphics processing units (GPUs), field programmable gate arrays (FPGAs), network interface cards (NICs) and security into a large-scale virtualized environment.

Monterey would extend VMware Cloud Foundation (VCF), which today integrates the company's vShphere virtualization, vSAN storage, NSX networking and vRealize cloud management systems to support GPUs, FPGAs and NICs into a single platform that can be deployed on-premises or in a public cloud.

To read this article in full, please click here



Network World Security
Sep 29, 2020

VMware plan disaggregates servers; offloads network virtualization and security
VMware is continuing its effort to remake the data center, cloud and edge to handle the distributed workloads and applications of the future.

At its virtual VMworld 2020 event the company previewed a new architecture called Project Monterey that goes a long way toward melding bare-metal servers, graphics processing units (GPUs), field programmable gate arrays (FPGAs), network interface cards (NICs) and security into a large-scale virtualized environment.

Monterey would extend VMware Cloud Foundation (VCF), which today integrates the company's vShphere virtualization, vSAN storage, NSX networking and vRealize cloud management systems to support GPUs, FPGAs and NICs into a single platform that can be deployed on-premises or in a public cloud.

To read this article in full, please click here



Network World Security
Sep 25, 2020

Government cybersecurity agency warns of Windows Server exploit
The federal government's Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.

The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take "immediate and emergency action" to patch CVE-2020-1472, issued August 11.

The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named "Zerologon" because of how it works.

To read this article in full, please click here



Network World Security
Sep 25, 2020

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE
If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.

Cisco this week posted 25 "High" rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company's most widely used operating systems. The warnings affect firewalls, wireless access points and switches.

Network pros react to new Cisco certification curriculum For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).

To read this article in full, please click here



Network World Security
Sep 23, 2020

Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud
The mainframe has been declared "dead", "morphed" and "transformed" so many times over the years sometimes it's sometimes hard to believe the Big Iron still has an identity in the enterprise world.

But clearly it does and in a major way, too. 

[ Lessons on diversity in IT: 10 professional organizations focused on diversity in tech • Being Black in IT: 3 tech leaders share their stories • Gender gapped: The state of gender diversity in IT • Maori participation in IT: diversity insights for CIOs everywhere • IT snapshot: Ethnic diversity in the tech industry ] Take recent news as an example: According to IBM, 75% of the top 20 global banks are running the newest z15 mainframe, and the IBM Systems Group reported a 68% gain in Q2 IBM Z revenue year-over-year.

To read this article in full, please click here



Network World Security
Sep 07, 2020

What is SASE? A cloud service that marries SD-WAN with security
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.

Because it's a cloud service, SASE (pronounced "sassy") can be readily scaled up and scaled down and billed based on usage. As a result, it can be an attractive option in a time of rapid change.

[Get regularly scheduled insights by signing up for Network World newsletters.] While some vendors in this space offer hardware devices to connect at-home employees and corporate data centers to their SASE networks, most vendors handle the connections through software clients or virtual appliances.

To read this article in full, please click here



Network World Security
Aug 25, 2020

IoT roundup: A wide-scale security flaw and energy-sector botnets
Monitoring water treatment using IoT will become $3.5 billion business.

Network World Security
Aug 17, 2020

How the network can support zero trust
Simply stated, zero trust calls for verifying every user and device that tries to access the network and enforcing strict access-control and identity management that limits authorized users to accessing only those resources they need to do their jobs.

Zero trust is an architecture, so there are many potential solutions available, but this is a look at those that fit in the realm of networking.

[Get regularly scheduled insights by signing up for Network World newsletters.] Least privilege One broad principle of zero trust is least privilege, which is granting individuals access to just enough resources to carry out their jobs and nothing more. One way to accomplish this is network segmentation, which breaks the network into unconnected sections based on authentication, trust, user role, and topology. If implemented effectively, it can isolate a host on a segment and minimize its lateral or east-west communications, thereby limiting the "blast radius" of collateral damage if a host is compromised. Because hosts and applications can reach only the limited resources they are authorized to access, segmentation prevents attackers from gaining a foothold into the rest of the network.

To read this article in full, please click here



Network World Security
Jul 30, 2020

Cisco urges patching flaws in data-center, SD-WAN gear
Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offering customers should deal with now.

On the data center side, the most critical - with a threat score of 9.8 out of 10 - involves a vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could let an unauthenticated, remote attacker bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

Cisco DCNM lets customers see and control network connectivity  through a single web-based management console for the company's Nexus, Multilayer Director Switch, and Unified Computing System products.

To read this article in full, please click here



Network World Security
Jul 27, 2020

How to tailor SASE to your enterprise
Businesses considering the secure access service edge (SASE) model need to understand that there are numerous ways to implement it that can be tailored to their future needs and the realities of their legacy networks.

As defined by Gartner, which coined the term, SASE calls for security to be built in as part of the network and delivered as a cloud service, but that might not fit the circumstances faced by all enterprises.

READ about SD-WAN: How to buy SD-WAN technology: Key questions to consider when selecting a supplier • How to pick an off-site data-backup method •  SD-Branch: What it is and why you'll need it • What are the options for security SD-WAN? Depending on their needs, it may make more sense to have SASE delivered as a managed service package or even in an architecture that includes privately owned security infrastructure that is managed from the cloud - alternatives that can achieve the same goals.

To read this article in full, please click here



Network World Security
Jul 27, 2020

Are newer medical IoT devices less secure than old ones?
Experts differ on whether older connected medical devices or newer ones are more to blame for making healthcare networks more vulnerable to cyberattack.

The classic narrative of insecure IoT centers on the integration of older devices into the network. In some industries, those devices pre-date the internet, sometimes by a considerable length of time, so it's hardly surprising that businesses face a lot of challenges in securing them against remote compromise.

To read this article in full, please click here



Network World Security
Jul 16, 2020

Counterfeit Cisco switches raise network security alarms
In a disconcerting event for IT security professionals, counterfeit versions of Cisco Catalyst 2960-X Series switches were discovered on an unnamed business network, and the fake gear was found to be designed to circumvent typical authentication procedures, according to a report from F-Secure.

F-Secure says its investigators found that while the counterfeit Cisco 2960-X units did not have any backdoor-like features, they did employ various measures to fool security controls. For example, one of the units exploited what F-Secure believes to be a previously undiscovered software vulnerability to undermine secure boot processes that provide protection against firmware tampering. 

To read this article in full, please click here



Network World Security
Jul 10, 2020

Juniper aligns its security portfolio with the SASE model
The conga line around secure-access service edge (SASE), continues to grow with Juniper this week becoming the latest to join the dance.

Just as other big networking players with extensive security portfolios including Cisco and VMware have recently done, Juniper says it will build off its offerings to address the SASE blueprint.

Read about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT As defined by Gartner in 2019, SASE features a wide variety of components that Juniper summarized and includes:

To read this article in full, please click here



Network World Security
Jul 10, 2020

Juniper targets security portfolio at SASE race
The conga line around secure-access service edge (SASE), continues to grow with Juniper this week becoming the latest to join the dance.

Just as other big networking players with extensive security portfolios including Cisco and VMware have recently done, Juniper says it will build off its offerings to address the SASE blueprint.

Read about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT As defined by Gartner in 2019, SASE features a wide variety of components that Juniper summarized and includes:

To read this article in full, please click here



Network World Security
Jun 24, 2020

Ripple20 TCP/IP flaws can be patched but still threaten IoT devices
A set of serious network security vulnerabilities collectively known as Ripple20 roiled the IoT landscape when they came to light last week, and the problems they pose for IoT-equipped businesses could be both dangerous and difficult to solve.

Ripple20 was originally discovered by Israel-based security company JSOF in September 2019. It affects a lightweight, proprietary TCP/IP library created by a small company in Ohio called Treck, which has issued a patch for the vulnerabilities. Several of those vulnerabilities would allow for remote-code execution, allowing for data theft, malicious takeovers and more, said the security vendor.

That, however, isn't the end of the problem. The TCP/IP library that contains the vulnerabilities has been used in a huge range of connected devices, from medical devices to industrial control systems to printers, and actually delivering and applying the patch is a vast undertaking. JSOF said that "hundreds of millions" of devices could be affected. Many devices don't have the capacity to receive remote patches, and Terry Dunlap, co-founder of security vendor ReFirm Labs, said that there are numerous hurdles to getting patches onto older equipment in particular.

To read this article in full, please click here



Network World Security
Jun 22, 2020

Microsoft is buying CyberX to bolster its Azure IoT security
Microsoft has announced it will purchase the industrially focused network security vendor CyberX for an undisclosed sum in an effort to bolster the security capabilities of its Azure IoT platform.

The acquisition strikes at the heart of two key IIoT security pain points. While it's comparatively easy to build new IoT devices that have all the necessary features for seamless security management, older devices running a wildly diverse range of different protocols, which may lack important features like the ability to be patched remotely, are a bigger challenge.

To read this article in full, please click here



Network World Security
Jun 17, 2020

Machine learning in Palo Alto firewalls adds new protection for IoT, containers
Palo Alto Networks has released next-generation firewall (NGFW) software that integrates machine learning to help protect enterprise traffic to and from hybrid clouds, IoT devices and the growing numbers of remote workers.

The machine learning is built into the latest version of Palo Alto's firewall operating system - PAN 10.0 -  to prevent real-time signatureless attacks and to quickly identify new devices - in particular  IoT products - with behavior-based identification.

To read this article in full, please click here



Network World Security
Jun 10, 2020

14 IT certifications that will survive and thrive in the pandemic
These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.

Network World Security
Jun 08, 2020

IoT takes aim at social distancing
How IoT technology can help enforce social-distancing rules by monitoring occupancy in workspaces.

Network World Security
Jun 04, 2020

Cisco issues fixes for numerous iOS XE, industrial router vulnerabilities
Cisco has unleashed an extensive new round of security warnings - three of them "critical" - mostly for users of its iOS XE software and industrial router family.

In total, Cisco issued 23 Security Advisories that describe 25 exposures in its IOS and IOS XE systems.  

Network pros react to new Cisco certification curriculum Beyond the three critical advisories, 20 have a "High" impact rating. Cisco said that one vulnerability affects Cisco IOS, IOS XE, IOS XR, and NX-OS Software. Five vulnerabilities affect both Cisco IOS and IOS XE Software. Six vulnerabilities affect Cisco IOS Software and 10 affect Cisco IOS XE Software. Three vulnerabilities affect the Cisco IOx application environment.

To read this article in full, please click here



Network World Security
May 28, 2020

Cisco takes aim at supporting SASE
Cisco is embracing the secure-access service edge (SASE) architecture put forth by Gartner with plans to upgrade some of its existing products to reach the goal of delivering access control, security and networking to cloud services.

The enterprise shift to SASE will be gradual as they figure out the best way to connect their increasingly remote workforce to distributed resources delivered from corporate data centers and as cloud services, Cisco says.

Network pros react to new Cisco certification curriculum "Flexibility will be fundamental as IT chooses among multiple security and networking capabilities that best fit their operations, regulatory requirements, and types of applications," said Jeff Reed, senior vice president of product, Cisco's Security Business Group in a blog post. "Security services can be predominantly delivered from the cloud to provide consistent access policies across all types of endpoints. However, globally distributed organizations may need to apply security and routing services differently according to regional requirements."   

To read this article in full, please click here



Network World Security
May 28, 2020

Healthcare company pivots quickly to support remote workers
Security and performance concerns made it challenging for TrialCard to enable its employees to work from home when the COVID-19 pandemic hit.

Customer service agents use a voice-over-IP phone and thin-client computer, both of which were designed to work in an on-premises office environment. "They need those systems to do their day-to-day job," says Ryan Van Dynhoven, director of infrastructure at TrialCard, a Morrisville, N.C.-based company that helps pharmaceutical manufacturers connect with patients, including providing patient support and clinical trial services.

READ MORE: Enterprises look to SASE to bolster security for remote workers

To read this article in full, please click here



Network World Security
May 28, 2020

SASE helps healthcare company pivot to support remote workers
Security and performance concerns made it challenging for TrialCard to enable its employees to work from home when the COVID-19 pandemic hit.

Customer service agents use a voice-over-IP phone and thin-client computer, both of which were designed to work in an on-premises office environment. "They need those systems to do their day-to-day job," says Ryan Van Dynhoven, director of infrastructure at TrialCard, a Morrisville, N.C.-based company that helps pharmaceutical manufacturers connect with patients, including providing patient support and clinical trial services.

READ MORE: Enterprises look to SASE to bolster security for remote workers

To read this article in full, please click here



Network World Security
May 27, 2020

How NDR protects your network from cyberthreats
Three steps to finding a network detection and response product that prevents, detects, investigates, identifies, responds and mitigates cyberattacks.

Network World Security
May 27, 2020

Use of cloud collaboration tools surges and so do attacks
Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.

Network World Security
May 26, 2020

SASE could bolster security for remote workers
The coronavirus pandemic has accelerated some companies' plans to adopt secure access service edge (SASE).

Last summer, Gartner estimated SASE adoption at less than 1% of enterprises and said it would take five to 10 years before the technology reaches mainstream. But today, SASE is one of the main topics of client interest, according to Gartner analyst John Wheeler.

READ MORE: How SD-WAN is evolving into Secure Access Service Edge

To read this article in full, please click here



Network World Security
May 26, 2020

Enterprises look to SASE to bolster security for remote workers
The coronavirus pandemic has accelerated some companies' plans to adopt secure access service edge (SASE).

Last summer, Gartner estimated SASE adoption at less than 1% of enterprises and said it would take five to 10 years before the technology reaches mainstream. But today, SASE is one of the main topics of client interest, according to Gartner analyst John Wheeler.

READ MORE: How SD-WAN is evolving into Secure Access Service Edge

To read this article in full, please click here



Network World Security
May 22, 2020

COVID-19 pandemic ratchets up threats to medical IoT
The mere fact of the COVID pandemic's existence has pushed the American healthcare system to capacity, but another threat to that system has reared its ugly head - cyberattacks, particularly those based on ransomware, have become more common as the disease spread, targeting medical IoT devices and healthcare networks.

According to Forrester Research analyst Chris Sherman, two U.S. hospitals have already been attacked via virtual care systems, after a hacker targeted a vulnerability in a medical IoT device (specifically, a remote patient-monitoring sensor) and gained access to the hospitals' patient databases. And in another type of attack, the Fresenius Group, a medical device maker and the largest private hospital operator in Europe, has been hit by ransomware.

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2021 CEOExpress Company LLC