NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Oct 12, 2021

Edge computing: 5 potential pitfalls
Edge computing is gaining steam as an enterprise IT strategy with organizations looking to push storage and analytics closer to where data is gathered, as in IoT networks. But it's got its challenges.

Tech Spotlight:

To read this article in full, please click here



Network World Security
Oct 11, 2021

4 questions that get the answers you need from IT vendors
It's the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year's budgeting. They've done this for decades, and it's interesting to me that in any given year, enterprises share roughly three of their top five priorities. It's more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren't they getting addressed? They say their top problem is an "information gap."

Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they'll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they're not getting it.

To read this article in full, please click here



Network World Security
Oct 06, 2021

VMworld 2021: VMware to pack more security into NSX
When it comes to protecting data-center-based resources in the highly distributed world, traditional security hardware and software components just aren't going to cut it.

That's the bottom line for enterprises as they move to distributed digital environments according to Tom Gillis, senior vice president and general manager of VMware's networking & advanced security business group. The idea is that security needs to be put deep into the infrastructure fabric and protect workloads across their lifecycle, Gillis said during an interview with Network World at the company's VMworld virtual conference.

To read this article in full, please click here



Network World Security
Oct 01, 2021

For networking pros, every month is Cybersecurity Awareness Month
When National Cybersecurity Awareness Month (NCSAM) was launched in October 2004, it was a modest affair, offering anodyne advice to individual Americans and US businesses along the lines of making sure to update your antivirus software twice a year.

Since then NCSAM has grown into an event-packed month with star-studded guest panels, annual launches in various cities (looking at you, Ypsilanti, Michigan!), the participation of federal cybersecurity officials, and weekly themes. This year, for example, the themes in each successive week are:

Be Cyber Smart Phight the Phish! Experience. Share. (Cybersecurity Career Awareness Week) Cybersecurity First Linux security: Cmd provides visibility, control over user activity Not sure why the organizers didn't make "Cybersecurity First" the theme of the month's first week, but it is not for me to second-guess the federal Cybersecurity & Infrastructure Security Agency (CISA) and the public/private National Cyber Security Alliance (NCSA), organizers of the annual awareness month.

To read this article in full, please click here



Network World Security
Sep 28, 2021

How and why automation can improve network-device security
The recent T-Mobile data breach, reportedly facilitated by attackers gaining access to an unprotected router and from there into the network, could have been prevented through the use of network automation.

IDS, IPS, SASE, and other newer technologies get a lot more attention, but automation is critical to modern network security. Here's a look at how automation should be used to enhance network security.

To read this article in full, please click here



Network World Security
Sep 24, 2021

Cisco patches three critical holes in IOS XE software
Cisco has patched three critical security holes in its IOS XE software that's used across a variety of its core routers and switches.

The three critical warnings are part of a big release of 32 security alerts, many of which are IOS XE-related, including firewall, SD-WAN and wireless access vulnerabilities.

Linux security: Cmd provides visibility, control over user activity Of the critical patches, the worst is a weakness in the Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers; it's rated as a 10 out of 10 on the Common Vulnerability Scoring System (CVSS).

To read this article in full, please click here



Network World Security
Sep 23, 2021

Nutanix offers virtual private cloud HCI, multicloud workload managemant
Nutanix is releasing enhancements to its AOS operating system and Era database-management service designed to make it easier for enterprises to manage data, workloads, and business-continuity security tools in hybrid cloud environments via software-defined networking capabilities

AOS and Era are both components of the Nutanix Cloud Platform. AOS 6, the new version of Nutanix's hyperconverged infrastructure (HCI) software, is designed to simplify network management across multiple clouds and enable enterprises to build virtual private clouds. Nutanix announced the updates at its .NEXT event this week.

To read this article in full, please click here



Network World Security
Sep 23, 2021

Nutanix offers virtual private cloud HCI, multicloud workload management
Nutanix is releasing enhancements to its AOS operating system and Era database-management service designed to make it easier for enterprises to manage data, workloads, and business-continuity security tools in hybrid cloud environments via software-defined networking capabilities

AOS and Era are both components of the Nutanix Cloud Platform. AOS 6, the new version of Nutanix's hyperconverged infrastructure (HCI) software, is designed to simplify network management across multiple clouds and enable enterprises to build virtual private clouds. Nutanix announced the updates at its .NEXT event this week.

To read this article in full, please click here



Network World Security
Sep 20, 2021

Tape backup as a defense vs. ransomware
Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.

The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.

How to choose the best NVMe storage array When cloud's not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.

To read this article in full, please click here



Network World Security
Sep 16, 2021

Palo Alto shapes SASE package for hybrid enterprises
Palo Alto Networks has bolted together its SD-WAN and security technologies to offer an integrated, cloud-based, secure-access service edge (SASE) offering aimed at simplifying distributed enterprises.

Called Prisma SASE, the package brings together the company's core Prisma Access package of cloud-based, next-generation security gateways with its Prisma SD-WAN technology it got when it bought CloudGenix for $420 million last year.

To read this article in full, please click here



Network World Security
Sep 16, 2021

What to expect from SASE certifications
Secure access service edge (SASE) is a network architecture that rolls SD-WAN and security into a single, centrally managed cloud service that promises simplified WAN deployment, improved security, and better performance.

According to Gartner, SASE's benefits are transformational because it can speed deployment time for new users, locations, applications and devices as well as reduce attack surfaces and shorten remediation times by as much as 95%.

With the pandemic, adoption of SASE  has been on an upward swing. A June report from Sapio Research, commissioned by Versa Networks, finds 34% of companies are already using SASE, and another 30% plan to in the next six to 12 months.

To read this article in full, please click here



Network World Security
Sep 13, 2021

Gartner: IT skills shortage hobbles cloud, edge, automation growth
Gartner says the current paucity of skilled IT worker is foiling the adoption of cloud, edge computing, and automation technologies.

In its "2021-2023 Emerging Technology Roadmap" based on surveying 437 global firms, Gartner found that IT executives see the talent shortage as the most significant barrier to deploying emerging technologies, including compute infrastructure and platform services, network security, digital workplace, IT automation, and storage.

To read this article in full, please click here



Network World Security
Sep 10, 2021

Palo Alto launches an enterprise-grade security pack for remote workers
Palo Alto Networks has rolled out a Wi-Fi based package that the company says provides remote workers with enterprise-class security features.

Called Okyo Garde, the bundle incuds Wi-Fi-6-based hardware and mobile application-security software that includes threat-intelligence updates, and sells the hardware and software to enterprises as a customizable subscription. The package also offers malware and ransomware prevention, phishing protection, infected device detection, and suspicious-activity monitoring and control, the company said.

Linux security: Cmd provides visibility, control over user activity Workers' homes are becoming enterprise "branches of one" with multiple devices without IT teams or a deep set of cybersecurity protections, yet they face the same threat landscape as any enterprise, said Mario Queiroz, executive vice president of Palo Alto Networks. Threat actors may even see them as more vulnerable and therefore attractive entry points into the corporate network,  Queiroz said.

To read this article in full, please click here



Network World Security
Aug 11, 2021

5 steps for modernizing enterprise networks
The business value of the network has never been higher, and this is driven by digital transformation as borne out businesses accelerating their digital initiatives by as much as seven years due to the pandemic. This is had a profound impact on the enterprise network as most of the enabling technologies such as cloud, mobility and IoT are network centric.

This intense focus on digital transformation has exposed many flaws with legacy networks. They are rigid, require intensive manual processes, and lack the agility and intelligence to meet the demands of digital business. Organizations need to make network modernization a priority if they are to maximize their investments in other technologies. Here are five steps that all businesses should consider when modernizing the network.

To read this article in full, please click here



Network World Security
Aug 03, 2021

Juniper software triggers network response to threats
Juniper Networks continues to grow its enterprise cloud-security family with a new product that promises to protect application workloads in any cloud or on-premises environment.

The company rolled out Juniper Cloud Workload Protection package--a  lightweight software agent that the company says controls application execution and monitors application behavior to help businesses spot and fix anomalies.

Backup lessons from a cloud-storage disaster The idea is to provide protection from attackers looking to exploit application vulnerabilities, said Kate Adam, senior director of security product marketing for Juniper Networks. 

To read this article in full, please click here



Network World Security
Jul 29, 2021

Cisco preps now for the hybrid workforce
Work-from employees will no longer be treated as a second-class citizen, which means they will get best-in-class technology including SD-WAN appliances, cellular backup alternatives, zero trust security support and maybe even battery backup.

That's at least part of the plan for hybrid workers now and moving forward, said Cisco's Todd Nightingale, executive vice president and general manager of the company's Enterprise Networking & Cloud business. "The ‘return-to-office' concept is a myth--it's a world we have left behind."

To read this article in full, please click here



Network World Security
Jul 28, 2021

Feds' demand for software standards could boost enterprise security
Enterprises can look for more transparency from software vendors after the Biden Administration's recent mandate that software bills of materials be provided by companies attempting to do business with the federal government.

Software bills of materials, frequently abbreviated to SBOMs, aren't a new concept. The idea comes from the manufacturing sector, where it's often crucial for buyers to fully understand the components and materials that were used to make a particular piece of equipment.

The 10 most powerful companies in enterprise networking 2021 For example, a train engine might contain parts that aren't rated for certain levels of vibration stress, making it unsuitable for use on a particular type of track. The goal of an SBOM is similar, listing all the proprietary, open source, and licensed components being used in a particular piece of software, so that a buyer can review it and check whether any of those components are outdated or insecure.

To read this article in full, please click here



Network World Security
Jul 27, 2021

IBM upgrades its Big Iron OS for better cloud, security, and AI support
IBM continues to fine-tune its mainframe to keep it attractive to enterprise users interested in keeping the Big Iron in their cloud and AI-application development plans.

The company released a new version of the mainframe operating system—z/OS V2.5—that includes beefed-up support for containers, AI, and security.

Chip shortage will hit hardware buyers for months to years According to IBM, applications are at the heart of transactional and batch workloads running on z/OS. Fundamentally, developing new applications while modernizing existing applications is part of the digital transformation occurring in many enterprises.

To read this article in full, please click here



Network World Security
Jul 16, 2021

What is Network as a Service (NaaS)?
The day is coming when enterprise IT professionals will be able to order network infrastructure components from a menu of options, have them designed to fit their business needs, and have the whole thing delivered and running in perhaps hours.

The concept is called Network as a Service (NaaS), and it has been around in a number of different forms for a few years, mostly in the service provider arena.

Read more about NaaS:

NaaS is the future, but it's got challenges Cisco takes its first steps toward network-as-a-service The 10 most powerful companies in enterprise networking How to avoid the network-as-a-service shell game For enterprises, the as-a-service concept took hold as companies started to embrace cloud computing and its model of consumption-based capacity. In the infrastructure space, for example, more than 75% of infrastructure in edge locations and up to 50% of data-center infrastructure will be consumed in the as-a-service model by 2024, according to research firm IDC.

To read this article in full, please click here



Network World Security
Jul 08, 2021

Ransomware recovery: Plan for it now
If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified it, and removed it. Jumping too quickly to the restore phase could actually make things worse. To understand why this is the case, it's important to understand how ransomware works.

How ransomware spreads in your environment There are many articles such as this one that describe what ransomware does, but it's important to emphasize that the goal of ransomware is rarely to infect just one system. Modern ransomware variants will immediately attempt to identify and execute various operating system vulnerabilities to gain administrative access and spread to the rest of your LAN. The attack will be coordinated via command-and-control (C&C) servers, and contacting these servers for instructions is the first thing that every ransomware variant does. They key in responding to an active ransomware attack is stopping further communications with C&C servers, as well as further communications between infected systems and the rest of your network.

To read this article in full, please click here



Network World Security
Jul 07, 2021

Don't let subdomains sink your security
If your enterprise has a website (and one certainly would hope so in 2021!), it also has subdomains. These prefixes of your organization's main domain name are essential for putting structural order to the content and services on your website, thus preventing online visitors from instantly fleeing in terror, disdain, or confusion.

Large enterprises can have thousands of subdomains. IBM, for example, has roughly 60,000 subdomains, while Walmart.com has "only" 2,132 subdomains.

What is DNS and how it works Whatever value subdomains bring to enterprises--and they bring plenty--they present more targets for bad actors. Why, just last year the subdomains of Chevron, 3M, Warner Brothers, Honeywell, and many other large organizations were hijacked by hackers who redirected visitors to sites featuring porn, malware, online gambling, and other activities of questionable propriety.

To read this article in full, please click here



Network World Security
Jul 01, 2021

10 competitors Cisco just can't kill off
In compiling this iteration of our list of competitors Cisco can't kill off, one thing is clear: The competition is fierce amongst the bigger players.

Nearly all the networking giant's competitors have refreshed their product lines or bought into technology to compete more closely with Cisco. But that's not to say Cisco has been sitting still by any means.

The 10 most powerful companies in enterprise networking 2021 The company has expanded and refreshed its core Catalyst, Nexus and Silicon One networking gear and made major strides in security and software. Going forward, it wants to lead the industry in network-as-a-service.

To read this article in full, please click here



Network World Security
Jun 30, 2021

Cisco completes purchase of security risk-management firm
Cisco continues to bulk-up its security portfolio, this week closing the deal on risk-based management company Kenna Security for an undisclosed amount.

Kenna's Risk-Based Vulnerability Management system collects and analyzes security data to provide security teams with information about threats so they can prioritize remediation and better understand risks.

Read about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The technology will become part of Cisco's SecureX service that integrates numerous security components. Cisco says the service is an open, cloud-native system to detect and remediate threats across Cisco and third-party products from a single interface. The SecureX dashboard shows operational metrics, triggers alerts to emerging threats, and accelerates threat investigations and incident management by aggregating and correlating global intelligence and local context in one view.  

To read this article in full, please click here



Network World Security
Jun 28, 2021

Department of Defense works to integrate battlefield intel networks
If yours is like most enterprises, it is under intense competitive pressure to understand faster, decide faster, and act faster in an increasingly dynamic environment.

For businesses, that environment is the economy. But for the U.S. Department of Defense (DoD), the environment in which they must leverage technology and tactics against deadly adversaries is more like a battlefield. And all but the most self-aggrandizing sales directors would agree that the stakes on the battlefield are considerably higher than growing revenue and capturing market share. (Not that they are trivial!)

Read more: Cisco tool taps telemetry for network, security analytics

To read this article in full, please click here



Network World Security
Jun 28, 2021

The Department of Defense, networking, and the speed of relevance
If yours is like most enterprises, it is under intense competitive pressure to understand faster, decide faster, and act faster in an increasingly dynamic environment.

For businesses, that environment is the economy. But for the U.S. Department of Defense (DoD), the environment in which they must leverage technology and tactics against deadly adversaries is more like a battlefield. And all but the most self-aggrandizing sales directors would agree that the stakes on the battlefield are considerably higher than growing revenue and capturing market share. (Not that they are trivial!)

Read more: Cisco tool taps telemetry for network, security analytics

To read this article in full, please click here



Network World Security
Jun 14, 2021

The great cloud computing surge
Driven in part by the pandemic, cloud computing adoption has reached new heights. These five articles take a close look at the implications.

Network World Security
Jun 08, 2021

Why the cloud will never eat the data center
Sometimes it's hard to see gradual changes in technology paradigms because they're gradual.  Sometimes it helps to play "Just suppose…" and see where it leads. So, just suppose that the cloud did what some radical thinkers say, and "absorbed the network". That's sure an exciting tag line, but is this even possible, and how might it come about?

Companies are already committed to a virtual form of networking for their WAN services, based on VPNs or SD-WAN, rather than building their own WANs from pipes and routers.  That was a big step, so what could be happening to make WANs even more virtual, to the point where the cloud could subsume them?  It would have to be a data-center change.

To read this article in full, please click here



Network World Security
Jun 01, 2021

Open-source: Get SLAs to protect network apps with open-source components
The continuous influx of open-source software (OSS) into enterprise IT departments is, in many ways, an enormous boon to both vendors and users. For the former, the ability to use open source components means getting rid of a great deal of duplicative effort—rather than having to design every part of, say, an IoT sensor and monitoring product from scratch, a vendor can adopt a well-understood, well-supported open source library for its networking stack, and focus more of its attention on the sensing and data analysis features that will set the product apart from its competitors.

For end-users, one of the chief advantages is—at least in theory—the improved security that's part of the usual sales pitch for open source software. The idea here is that the open nature of a piece of software—and the fact that anyone can look at it to discover and correct security flaws—means that it's generally going to be more secure than a proprietary equivalent.

To read this article in full, please click here



Network World Security
May 31, 2021

Make sure your laptop backups can handle ransomware
With increasingly mobile workforces, it's important to effectively backup corporate data that resides on laptops, which requires a unique set of features not found in traditional backup systems used for desktops attached to corporate LANs.

Laptops have all the functionality of desktops, but are readily lost or stolen, have limited bandwidth for connectivity to corporate resources, and can spend unpredictable spans of time disconnected or turned off. So it's important to find backup options that meet these challenges, which can also include ransomware attacks.

Backup lessons from a cloud-storage disaster Backing up laptops properly also makes upgrading them much easier, especially in the world of remote work. A good backup system can restore a user's profile and data, and makes replacing a laptop much simpler for both the IT department and the person whose laptop is being replaced. With the right system in place, all you have to do is ship them a new laptop.  They can restore their own profile and data without IT intervention, saving time, effort, and a lot of money.

To read this article in full, please click here



Network World Security
May 26, 2021

Center for Internet Security: 18 security controls you need
The Center for Internet Security has updated its set of safeguards for warding off the five most common types of attacks facing enterprise networks—web-application hacking, insider and privilege misuse, malware, ransomware, and targeted intrusions.

In issuing its CIS Controls V8 this month, the organization sought to present practical and specific actions businesses can take to protect their networks and data. These range from making an inventory of enterprise assets to account management to auditing logs.

In part the new version was needed to address changes to how businesses operate since V7 was issued three years ago, and those changes guided the work. "Movement to cloud-based computing, virtualization, mobility, outsourcing, work-from-home, and changing attacker tactics have been central in every discussion," the new controls document says.

To read this article in full, please click here



Network World Security
May 19, 2021

Palo Alto Networks pushes enterprise zero trust
Palo Alto Networks bolstered its security portfolio with products that target enterprise network users looking to make the move to a zero-trust environment.

The new capabilities focus on a number of zero trust mechanisms—including  SaaS, cloud and DNS that will be available in June—and will make it significantly easier for organizations to adopt zero-trust security across the enterprise, according to Anand Oswal, senior vice president and general manager with Palo Alto.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key As more people are working from anywhere, they require fast and always-on access to data and applications in the distributed cloud, regardless of location, Oswal said. "An all-encompassing zero-trust approach to network security is critical for safeguarding productivity in the new reality of remote, mobile, and hybrid work," he said.

To read this article in full, please click here



Network World Security
May 18, 2021

Cisco CEO on security: "There is really no perimeter in the enterprise to defend anymore."
Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.

Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.

Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.

To read this article in full, please click here



Network World Security
May 18, 2021

Cisco CEO: There's no enterprise perimeter to defend anymore
Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.

Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.

Backup lessons from a cloud-storage disaster Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.

To read this article in full, please click here



Network World Security
May 14, 2021

‘FragAttack' flaws threaten Wi-Fi, but not too seriously
Almost all Wi-Fi is potentially vulnerable to flaws that date back to 1997 when it became commercially available, but even the person who discovered the weaknesses says some of them are difficult to exploit.

Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who's the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it's coming and what it's good for Mathy Vanhoef, a post-doctoral student at NYU Abu Dhabi, has created attacks—FragAttacks—that take advantage of the vulnerabilities, but in an academic paper about them, says the most widespread vulnerabilities can be exploited only under specific, rare conditions, and require either user interaction or highly unusual configurations to succeed.

To read this article in full, please click here



Network World Security
May 10, 2021

How does certificate-based authentication work?
Certificate-based authentication is a cryptographic technique that allows one computer to securely identify itself to another across a network connection, using a document called a public-key certificate.To read this article in full, please click here

(Insider Story)

Network World Security
May 05, 2021

IBM embraces zero trust with upgraded Cloud Pak service
IBM has taken the wraps off a version of its Cloud Pak for Security that aims to help customers looking to deploy zero-trust security facilities for enterprise resource protection.

IBM Cloud Paks are bundles of Red Hat's Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.

To read this article in full, please click here



Network World Security
May 05, 2021

Juniper takes SASE security control to the cloud
Juniper Networks has laid a key part of its Secure Access Services Edge (SASE) foundation with a cloud-based security-control service that provides a central way to control and protect on-premises or cloud-based enterprise resources.

Called Security Director Cloud, the service focuses Juniper's SASE efforts by providing a central point to manage enterprise security services including policy setting, and threat-detection and -prevention.

Juniper (like other key enterprise networking vendors such as Cisco, Hewlitt-Packard Enterprise (Aruba) and VMware, as well as service providers including Cato Networks, Akamai, and Zscaler) has pledged allegiance to growing SASE support in its product families.

To read this article in full, please click here



Network World Security
May 04, 2021

Cisco adds to its Catalyst software stack for back-to-work safety
Cisco has taken the wraps off a technology package it says will utilize existing core wireless and wired systems to help enterprises better control their physical environments and enable a safer, more secure return to the office.

While supporting remote offices and branches of one—IDC says that post-COVID, more than 52% of workers will either remain remote or hybrid—they rest could return to an altered business space.  

Who's selling SASE, and what do you get? In these offices, sensors and devices that have been used to manage lighting and HVAC systems can be adapted to occupancy and density monitoring, air-quality testing, contact tracing, and in-room presence, according to Anoop Vetteth, vice president of product management with Cisco's Enterprise Switching and Software Solutions group.

To read this article in full, please click here



Network World Security
Apr 28, 2021

802.1X: What you need to know about this LAN-authentication standard
When devics on enterprise LANs need to connect to other devices, they need a standard method for identifying each other to ensure they are communicating with the device they want to, and that's what 802.1x does. This article tells where it came from and how it works.

802.1x defined IEEE 802.1X is a standard that defines how to provide authentication for devices that connect with other devices on local area networks (LANs).

How to deploy 802.1x for Wi-Fi using WPA3 enterprise It provides a mechanism by which network switches and access points can hand off authentication duties to a specialized authentication server, like a RADIUS server, so that device authentication on a network can be managed and updated centrally, rather than distributed across multiple pieces of networking hardware.

To read this article in full, please click here



Network World Security
Apr 26, 2021

Wi-Fi in 2025: It could be watching your every move
I consider myself a techno-optimist. Technology has improved life for humanity in countless ways, like the wheel, the printing press, selfie sticks—these marvels have enriched us all.

So too has Wi-Fi. If not for Wi-Fi, no one could idly stream YouTube videos on company laptops through rogue hotspots at a busy-but-socially-distanced coffeeshop when we're supposed to be doing our jobs. Which is to say none of us could fully leverage the remote network-connectivity tools that allow enterprise employees to be productive any time and from anywhere.

To read this article in full, please click here



Network World Security
Apr 23, 2021

Organizations need to patch Pulse Secure VPNs
Organizations using Pulse Secure's mobile VPN should patch vulnerabilities reportedly being exploited in the wild, possibly by a "Chinese espionage actor".

The patch-available here-is considered important enough that the Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies a deadline of April 23 to apply them.

Backup lessons from a cloud-storage disaster CISA's guidance states that federal users of Pulse Connect Secure VPNs must use the company's free utility to ascertain whether their devices are vulnerable.

To read this article in full, please click here



Network World Security
Apr 23, 2021

Backup lessons from a cloud-storage disaster
European's largest cloud provider, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.

Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre Pompidou

To read this article in full, please click here



Network World Security
Apr 20, 2021

VMware targets branch-of-one workforce with integrated access, security, network package
VMware has unveiled an integrated package of cloud security, access control and networking software aimed at addressing the key needs of today's COVID-19-driven remote workforce.

VMware Anywhere Workspace brings together the company's core enterprise software products, including its Workspace ONE unified endpoint management offering, Carbon Black Cloud cloud-native endpoint security platform, and secure access service edge (SASE) components, into a single deployable system to support the widely distributed workforce.

Read more: Who's selling SASE, and what do you get? "Enterprises are moving from simply supporting remote work to becoming distributed, anywhere-organizations. Companies are rethinking where teams work, how they work and how they support customers from wherever they are. To be successful, this means investing in technology and a long-term strategy to be a stronger, more focused and more resilient organization," Sanjay Poonen, chief operating officer, customer operations with VMware, wrote in a blog about the announcement.   

To read this article in full, please click here



Network World Security
Apr 20, 2021

VMware bundles support for the branch-of-one workforce
VMware has unveiled an integrated package of cloud security, access control and networking software aimed at addressing the key needs of today's COVID-19-driven remote workforce.

VMware Anywhere Workspace brings together the company's core enterprise software products, including its Workspace ONE unified endpoint management, Carbon Black Cloud cloud-native endpoint security, and secure access service edge (SASE) components, into a single system to support a widely distributed workforce.

Read more: Who's selling SASE, and what do you get? "Enterprises are moving from simply supporting remote work to becoming distributed, anywhere organizations. Companies are rethinking where teams work, how they work, and how they support customers from wherever they are," Sanjay Poonen, chief operating officer, customer operations with VMware, wrote in a blog about the announcement. "To be successful, this means investing in technology and a long-term strategy to be a stronger, more focused and more resilient organization."  

To read this article in full, please click here



Network World Security
Apr 19, 2021

Water-authority network upgrade spots problems faster
The Albuquerque water authority says recent network upgrades give it greater visibility and control over its remote sites and makes for faster responses to leaks and other problems.

The Albuquerque Bernalillo County Water Utility Authority manages more than 3,000 miles of water-supply pipeline covering more than 650,000 users. The authority manages 135 remote locations, which include well sites, tanks, and pump stations, all of which have programmable logic controllers (PLC) connected to a dedicated, fixed-wireless network running at 900MHz back to the core network.

[Get regularly scheduled insights by signing up for Network World newsletters.] "The [main treatment] plant was built [about] 15 years ago," said Kristen Sanders, the authority's chief information security officer. "So if a piece of equipment went out, replacing it would be about shopping on eBay." Also the authority's fiber backbone that connects the sites with the main plant was past it's service life and had to be replaced.

To read this article in full, please click here



Network World Security
Apr 16, 2021

TCP/IP stack vulnerabilities threaten IoT devices
A set of vulnerabilities in TCP/IP stacks used by FreeBSD and three popular real-time operating systems designed for the IoT was revealed this week by security vendor Forescout and JSOF Research. The nine vulnerabilities could potentially affect 100 million devices in the wild.

Nucleus NET, IPNet and NetX are the other operating systems affected by the vulnerabilities, which a joint report issued by Forescout and JSOF dubbed Name:Wreck.

In a report on the vulnerabilities, Forescout writes that TCP/IP stacks are particularly vulnerable for several reasons, including widespread use, the fact that many such stacks were created a long time ago, and the fact that they make an attractive attack surface, thanks to unauthenticated functionality and protocols that cross network perimeters.

To read this article in full, please click here



Network World Security
Mar 31, 2021

Cisco streamlines, upgrades its SASE bundle
Cisco made enhancements to its security offerings that will expand and change the way customers buy its Secure Access Service Edge products as well as bolster network-access authentication.

Cisco's SASE plan will focus on enhancing networking and security functions while building them into an integrated service that can help simplify access to enterprise cloud resources securely, said Gee Rittenhouse senior vice president and general manager of Cisco's Security Business Group during this week's Cisco Live! event.

MORE CISCO LIVE! NEWS: Cisco takes its first steps toward network-as-a-service; Cisco brings net intelligence to Catalyst switches, app-performance management

To read this article in full, please click here



Network World Security
Mar 29, 2021

5G: Network slicing could result in vulnerabilities
5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 29, 2021

Report: 5G network slicing could leave flaws for bad actors to exploit
5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.

5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can't Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises Network slicing is central to realizing many of 5G's more ambitious capabilities because it enables individual access points or base stations to subdivide networks into multiple logical sections—slices—effectively providing entirely separate networks for multiple uses. The slices can be used for different purposes—say, mobile broadband for end-users and massive IoT connectivity—at the same time, without interfering with each other.



Network World Security
Mar 22, 2021

Cloudflare wants to be your corporate network backbone with centralized management and security
Magic WAN and Magic Firewall aim to simplify linking sites and datacenters while allowing organizations to better enforce security policies.

Network World Security
Mar 18, 2021

VMware bolsters cloud app security with Mesh7 buy
With a goal of making distributed applications more secure, VMware has announced plans to buy security vendor Mesh7 for an undisclosed amount.

Combining the acquisition with its other security wares, VMware aims to address modern applications that require reliable connectivity, dynamic service discovery, and the ability to automate changes quickly without disruption as they extend across multi-cloud environments, said Tom Gillis, senior vice president and general manger with VMware's networking and security business unit, in a blog about the Mesh7 acquisition.

To read this article in full, please click here



Network World Security
Mar 16, 2021

Ransomware: How to make sure backups are ready for a real attack
The best way to avoid paying ransom to attackers who have infected your systems with ransomware is to have those systems adequately backed up so you can wipe them and restore them from safe backups. Here are several options for making sure those backups are up to the task.

In this article, backup refers to any system that you're going to use to respond to a ransomware attack, including old-school backup systems, replication systems, and modern hybrid systems that support backup and disaster recover. For simplicity's sake, they'll all be referred to as backup here.

More about backup and recovery:

To read this article in full, please click here



Network World Security
Mar 11, 2021

Top enterprise data center trends you need to know
Data-center networking was already changing prior to the technology challenges brought on by the COVID-19 pandemic, and few areas of the enterprise will continue to be affected more than data centers by those modifications in the future.

That's because myriad technologies are driving changes in the data center—everything from heavy demand for higher-speed networking, support for a remote workforce, increased security, tighter management and perhaps the biggest alteration—the prolific growth of cloud services.

To read this article in full, please click here



Network World Security
Mar 09, 2021

5 free network-vulnerability scanners
Though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself.

Vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process.

Though vulnerability scanners and security auditing tools can cost a fortune, there are free options as well. Some only look at specific vulnerabilities or limit how many hosts can be scanned but there are also those that offer broad IT security scanning.

To read this article in full, please click here



Network World Security
Mar 08, 2021

Cybersecurity in 2021: Stopping the madness
The challenges are greater than ever. But security pros have learned a lot - and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

Network World Security
Mar 08, 2021

WAN challenges steer auto-rental firm to SASE
Latency and reliability concerns set car rental company Sixt on a path to rearchitect its WAN. That led the global company, which has locations in more than 100 countries, to become an early adopter of the network-security architecture dubbed secure access service edge (SASE) by research firm Gartner.

Tech Spotlight: Security 4 ways to keep the cybersecurity conversation going after the crisis (CSO) Mitigating the hidden risks of digital transformation (CIO) WFH security lessons learned from the pandemic (Computerworld) WAN challenges steer Sixt to cloud-native SASE deployment (Network World) 6 security risks in software development — and how to address them (InfoWorld) SASE, pronounced "sassy," blends SD-WAN's network optimization features with security capabilities such as zero-trust authentication, data loss prevention, threat detection, and encryption. Driven by dem

Network World Security
Feb 24, 2021

Cisco issues 3 critical warnings around ACI, NS-OX security holes
Cisco has issued three security advisories rated "critical" for some of its high-end software systems—two aimed at its Application Services Engine (ASE) implementation and one at the NX-OS operating system.

The most concerning warning came for Cisco Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) installed with the ASE which was rated a worse-case scenario, 10 out of a possible 10 on the Common Vulnerability Scoring System (CVSS).  The ACI Multi-Site Orchestrator lets customers control application-access policies across Cisco Application Policy Infrastructure Controller-based fabrics.

To read this article in full, please click here



Network World Security
Feb 24, 2021

IoT security tips and a cautionary tale
You will have more connected devices than ever on your network in 2021, especially if you're in healthcare, retail, or logistics, industries that are among the early adopters of the Internet of Things (IoT). You'll have devices on your network edge, in your headquarters, on vehicles, in machinery, in your stores, in employees' homes, and on public property.

And there's a good chance that some or many of these IoT devices have built-in security vulnerabilities that can endanger your network. In trying to capitalize on the voracious global appetite for connected commercial devices, many IoT manufacturers and developers are shoveling out enterprise IoT devices with, shall we say, varying levels of regard for security.

To read this article in full, please click here



Network World Security
Feb 16, 2021

Palo Alto grows cloud security portfolio with new Prisma release, Bridgecrew buy
Palo Alto had a busy week. First, it rolled out a number of new features for its Prisma cloud-based security package, and then it announced plans to buy cloud security vendor Bridgecrew for about $156 million in cash.

Palo Alto's Prisma is a cloud-based security package that includes access control, advanced threat protection, user behavior monitoring and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, zero-trust network access, a cloud access security broker and a secure web gateway.

To read this article in full, please click here



Network World Security
Feb 09, 2021

How COVID-19 is shaping enterprise networking
The COVID-19 pandemic has influenced the networking arena in a number of ways, including the rise of fully automated remote offices, the need to support a "branch of one," and the growth of new communications software tools.

"One of the biggest trends we are seeing is business agility. That is, IT looking at the tech they have deployed and evaluating it not just in terms of speeds and feeds, but how agile it is to handle whatever's coming next," said Todd Nightingale, Cisco's Enterprise Networking & Cloud business chief. "Software APIs are a huge part of that trend, because it is amazingly easier to handle changes through APIs and software that make it possible to change things in a day rather than months."

To read this article in full, please click here



Network World Security
Feb 08, 2021

The future of work: Coming sooner than you think
What will your worklife be like years from now? Today's work-from-home world has given us a glimpse of the future, as these five articles from CIO, Computerworld, CSO, InfoWorld, and Network World illustrate.

Network World Security
Feb 04, 2021

Cisco AppDynamics software melds security, application management
Cisco AppDynamics is making it easier for customers to integrate security features with application development to help customers detect threats, identify non-standard application behavior, and block attacks.

The company is adding software, called Cisco Secure Application, to the AppDynamics platform to correlate security and application information by scanning code execution for known exploits. Vulnerability data is shared with application and security operations teams so that together they can prioritize, execute, and track remediation efforts.

Read more: How AI can create self-driving data centers

To read this article in full, please click here



Network World Security
Feb 02, 2021

Arista embraces segmentation as part of its zero-trust security
Arista has expanded its security software to let customers control authorized network access and communication between groups from the data center to the cloud.

The new software, Macro-Segmentation Service (MSS)-Group, expands the company's MSS security-software family, which currently includes MSS Firewall for setting security policies across customer edge, data-center and campus networks. Additionally, the company's MSS Host focuses on data-center security policies.

See how AI can boost data-center availability and efficiency MSS software works with Arista Extensible Operating System (EOS) and its overarching CloudVision management software to provide network-wide visibility, orchestration, provisioning and telemetry across the data center and campus. CloudVision's network information can be utilized by Arista networking partners including VMware, Microsoft and IBM's Red Hat.

To read this article in full, please click here



Network World Security
Jan 20, 2021

Cisco tags critical security holes in SD-WAN software
Cisco has noted and fixed two critical and a number of high-degree vulnerabilities in its SD-WAN software portfolio.

Most of the vulnerabilities could let an authenticated attacker execute command injection attacks against an affected device, which could let the attacker utilize root privileges on the device.

The first critical problem-with a Common Vulnerability Scoring System rating of 9.9 out of 10-is  vulnerability in the web-based management interface of Cisco SD-WAN vManage Software. 

"This vulnerability is due to improper input validation of user-supplied input to the device template configuration," Cisco stated. "An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to gain root-level access to the affected system."

To read this article in full, please click here



Network World Security
Jan 20, 2021

Lessons that insurrection selfies hold for legitimate enterprises
The pro-Trump rioters who invaded the Capitol on January 6 came with smartphones to record and celebrate what they thought was a righteous effort to prevent president-elect Joe Biden from taking office two weeks later.

Now those electronic devices, along with the GPS data they generated, are being used to track the location of rioters within the building as federal law enforcement officials continue to make arrests and build criminal cases.

Among the acts being investigated: breaking through police barriers, smashing windows, and assaulting police officers and media members. Five people died including a Capitol Hill police officer who was bludgeoned with a fire extinguisher.

To read this article in full, please click here



Network World Security
Dec 28, 2020

How to deploy 802.1x for Wi-Fi using WPA3-Enterprise
Wi-Fi Protected Access 3 (WPA3) has brought significant security improvements to Wi-Fi networks, particularly WPA-3Enterprise, which includes tweaks to make authenticating to the network more secure. One of these is has to do with 802.1x authentication that is used to determine whether Wi-Fi clients will be granted access to the enterprise network.

Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who's the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it's coming and what it's good for The enterprise mode of WPA has always allowed you to give each user a unique username/password to login to the Wi-Fi or to utilize unique digital certificates for each user to install on devices for even more security. Now with WPA3-Enterprise, the security is increased as clients are now required to make sure it's communicating with the real authentication server before sending login credentials. That verification was optional with the earlier two versions of WPA.

To read this article in full, please click here



Network World Security
Dec 28, 2020

Wi-Fi: How to deploy 802.1x authentication using WPA3-Enterprise
Wi-Fi Protected Access 3 (WPA3) has brought significant security improvements to Wi-Fi networks, particularly WPA-3Enterprise, which includes tweaks to make authenticating to the network more secure. One of these is has to do with 802.1x authentication that is used to determine whether Wi-Fi clients will be granted access to the enterprise network.

Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who's the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it's coming and what it's good for The enterprise mode of WPA has always allowed you to give each user a unique username/password to login to the Wi-Fi or to utilize unique digital certificates for each user to install on devices for even more security. Now with WPA3-Enterprise, the security is increased as clients are now required to make sure it's communicating with the real authentication server before sending login credentials. That verification was optional with the earlier two versions of WPA.

To read this article in full, please click here



Network World Security
Dec 23, 2020

SolarWinds roundup: Fixes, new bad actors, and the company knew
The SolarWinds Orion security breach is unfolding at a rapid pace and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern is the rate of infection and impact on government systems.

In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework was found to contain a backdoor that communicates via HTTP to third-party servers.

[Get regularly scheduled insights by signing up for Network World newsletters.] After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.

To read this article in full, please click here



Network World Security
Dec 23, 2020

SolarWinds roundup: Fixes, new bad actors, and what the company knew
The SolarWinds Orion security breach is unfolding at a rapid pace, and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern are the rate of infection and impact on government systems.

In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework, was found to contain a backdoor that communicates via HTTP to third-party servers.

[Get regularly scheduled insights by signing up for Network World newsletters.] After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.

To read this article in full, please click here



Network World Security
Dec 23, 2020

SASE check list: 7 key evaluation criteria
The marriage of networking and security into the secure-access service edge stands to improve application performance, reduce infrastructure complexity, and protect sensitive data, and as such SASE is an attractive architecture for enterprises large and small.

Due to the newness of SASE offerings, though, providers are still building and refining the features of their services, so available offerings are complex, often incomplete and require integration with customer organizations' existing network and security architectures.

To read this article in full, please click here



Network World Security
Dec 15, 2020

SolarWinds Trojan: Affected enterprises must use hot patches, isolate compromised gear
Hot patching and isolating potentially affected resources are on the IT response schedule as enterprises that employ SolarWinds Orion network-monitoring software look to limit the impact of the serious Trojan unleashed on the platform.

The supply-chain attack, reported early this week by Reuters and detailed by security researchers at FireEye and Microsoft involves a potential state-sponsored, sophisticated actor gained access to a wide variety of government, public and private networks via Trojanized updates to SolarWind's Orion network monitoring and management software. This campaign may have begun as early as spring 2020 and is ongoing, according to FireEye and others.

To read this article in full, please click here



Network World Security
Dec 15, 2020

Trojan in SolarWinds security has far-reaching impact
SolarWinds says a compromise of its widely used Orion network-monitoring platform endangers the networks of public and private organizations that use it and that the problem should be remediated right away.

In a security advisory, SolarWinds said customers should upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure their environment is safe. An additional hotfix release that both replaces the compromised component and provides several additional security enhancements is expected in the next day or two.

The company's managed services tools appear to be uncompromised, and the company said it isn't aware of any similar issues with its non-Orion products, like RMM, N-Central, and SolarWinds MSP products.

To read this article in full, please click here



Network World Security
Dec 15, 2020

SolarWinds attack explained: And why it was so hard to detect
A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.

Network World Security
Nov 30, 2020

Zero trust planning: Key factors for IT pros to consider
Moving away from VPNs as a means to protect corporate networks at the perimeter and moving toward zero-trust network access requires careful enterprise planning and may require implementing technologies that are new to individual organizations.

ZTNA employs identity-based authentication to establish trust with entities trying to access the network and grants each authorized entity access only to the data and applications they require to accomplish their tasks. It also provides new tools for IT to control access to sensitive data by those entities that are deemed trusted.

To read this article in full, please click here



Network World Security
Nov 16, 2020

Cisco gains container security with Banzai Cloud buy
In its second cloud-native technology acquisition in as many months, Cisco is buying container security firm Banzai Cloud for an undisclosed amount.

Founded in 2017, Banzai is known for developing Kubernetes-based cloud application development and security technologies. It will become part of Cisco's Emerging Technologies and Incubation group, where the company brews new projects for cloud-native networking, security and edge computing environments.

READ MORE: Gartner's top 9 strategic technology trends for 2021

To read this article in full, please click here



Network World Security
Nov 11, 2020

Palo Alto cloud service prevents distributed enterprise data loss
Palo Alto is rolling out a cloud service that promises to protect the highly distributed data in contemporary enterprises.

The cloud service -- Enterprise Data Loss Prevention (DLP) - will help prevent data breaches by automatically identifying confidential intellectual property and personally identifiable information across the enterprise, Palo Alto stated.

Data breaches are a huge and growing problem worldwide, but most of the current DLP systems were only designed to help global-scale organizations that have huge data protection budgets and staffs.  Legacy and point solutions are not accessible, appropriate or effective for many of the companies that need them, said Anand Oswal, senior vice president and general manager with Palo Alto Networks.

To read this article in full, please click here



Network World Security
Oct 30, 2020

Who's selling SASE and what do you get?
Secure access service edge (SASE) architecture rolls networking and security into a cloud service, making it easier for enterprises to provide simple, secure access to corporate resources, but it's still in its infancy. Vendors and service providers sell offerings that they call SASE, but what they actually provide and how they provide it varies widely.

SASE—pronounced "sassy"- is a term coined last year by Gartner, and it combines software-defined WAN (SD-WAN) with access control and security, all bundled as a cloud service.

To read this article in full, please click here



Network World Security
Oct 29, 2020

Cisco fortifies and simplifies its security portfolio with eye toward cloud, zero trust
Simplifying security options for enterprise customers is a daunting task, and it can be even harder in the current pandemic-driven workforce environment. But Cisco is taking steps to both streamline and bolster its security menu, according to news out of its virtual Partner Summit conference. 

For starters, Cisco is eliminating 50 product names and simplifying its offerings within the renamed Cisco Secure portfolio. Cisco is also reinforcing its key platforms, including its SecureX and zero trust packages. (See related story, Cisco software upgrades to simplify hybrid-cloud management, operations)

To read this article in full, please click here



Network World Security
Oct 29, 2020

'Credible threat': How to protect networks from ransomware
(Editor's note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it's a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)

Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.

Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.

To read this article in full, please click here



Network World Security
Oct 28, 2020

Survey: Zero Trust benefits remote work during pandemic
(Editor's note: An August 2020 Enterprise Management Associates survey of 252 North American and European IT professionals found that most had accelerated their adoption of Zero Trust networking framework. This article by EMA Vice President of Research Networking Shamus McGillicuddy further details the results of the "Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation" report.)

The COVID-19 pandemic has prompted 60% of enterprises to accelerate their Zero Trust networking strategies. Just 15% of organizations slowed down in response to the public-health crisis, and 25% reported no effect, according to Enterprise Management Associates research.

To read this article in full, please click here



Network World Security
Oct 19, 2020

How to enforce password complexity on Linux
Deploying password-quality checking on your Debian-based Linux servers can help ensure that your users assign reasonably secure passwords to their accounts, but the settings themselves can be a bit misleading.

For example, setting a minimum password length of 12 characters does not necessarily mean that all your users' passwords will actually have 12 or more characters.

Let's stroll down Complexity Boulevard and see how the settings work and examine some that are worth considering.

[Get regularly scheduled insights by signing up for Network World newsletters.] The files that contain the settings we're going to look at will be:

To read this article in full, please click here



Network World Security
Oct 19, 2020

Gartner: Top strategic technology trends for 2021
Companies need to focus on architecting resilience and accept that disruptive change is the norm, says research firm Gartner, which unveiled its annual look at the top strategic technology trends that organizations need to prepare for in the coming year.

Gartner unveiled this year's list at its flagship IT Symposium/Xpo Americas conference, which is being held virtually this year.

READ MORE: VMware highlights security in COVID-era networking | Essential edge-computing use cases | How AI can boost data-center availability, efficiency

To read this article in full, please click here



Network World Security
Oct 15, 2020

IoT Roundup: Carriers and connectivity fueling Microsoft's IoT expansion, IoT networks getting smarter, and security corner
This month's installment covers the impetus lent to IoT deployments by the ongoing pandemic, some new wrinkles in the security picture, and the possibility of more intelligence at the network edge in the future.

Network World Security
Oct 14, 2020

IBM expands the role of its hybrid-cloud security package
IBM is expanding the role of its security-software package for hybrid-cloud deployments by improving the gathering of security data collected within customer networks and drawing on third-party threat-intelligence feeds, among other upgrades.

IBM's Cloud Pak for Security, which features open-source technology for hunting threats and automation capabilities to speed response to cyberattacks, can bring together on a single console data gathered by customers' existing security point products.

IBM Cloud Paks are bundles of Red Hat's Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.

To read this article in full, please click here



Network World Security
Oct 07, 2020

Juniper upgrades security software with threat intelligence, VPN package
Juniper Networks has added new components to its security portfolio to help customers get a better handle on potential threats as well as improve risk detection and response.

The new products are aimed at figuring out who and what devices are on the network and then offering the security intelligence to help them address threats at every point on the network, said Samantha Madrid vice president of product management in the Security Business & Strategy business at Juniper Networks.

Security is always a challenge but even more so now when customers have mass-scale remote workforces, Madrid said. 

[Get regularly scheduled insights by signing up for Network World newsletters.] Madrid cited a recent Juniper-sponsored IT survey by Vanson Bourne that found 97% of respondents said their companies faced challenges securing their organizations' network effectively.

To read this article in full, please click here



Network World Security
Oct 06, 2020

Cisco slapped with $1.9 billion judgement in security patent lawsuit
Cisco this week lost a patent infringement case brought by security vendor Centripetal Networks and was hit with a $1.9 billion judgement.

A non-jury judgement from U.S. District Judge Henry Morgan determined Cisco infringed on four security patents related to encrypted traffic and packet filtering technology belonging to plaintiff Centripetal Networks. The award directs $755.8 million in actual damages, multiplied by 2.5 to reflect "willful and egregious" conduct from Cisco, the judge found. 

The award also includes past damages and a running royalty of 10% on the apportioned sales of the patented products for a period of three years, followed by a second three-year term with a running royalty of 5% on such sales, which could take damages from the case north of $3 billion, according to a Centripetal statement about the case.

To read this article in full, please click here



Network World Security
Oct 01, 2020

VMware highlights security in COVID-era networking
As enterprise workloads continue to move off-premises and employees continue to work remotely during the COVID-19 pandemic, securing that environment remains a critical challenge for IT.

At its virtual VWworld 2020 gathering, VMware detailed products and plans to help customers deal with the challenges of securing distributed enterprise resources.

More about SD-WAN: How to buy SD-WAN technology: Key questions to consider when selecting a supplier • What SD-Branch is and why you'll need it • What are the options for securing SD-WAN? "Amid global disruption, the key to survival for many companies has meant an accelerated shift to the cloud and, ultimately, bolting on security products in their data centers," said Sanjay Poonen, VMware's Chief Operating Officer, Customer Operations. "But legacy security systems are no longer sufficient for organizations that are using the cloud as part of their computing infrastructure. It's time to rethink security for the cloud. Organizations need protection at the workload level, not just at the endpoint."

To read this article in full, please click here



Network World Security
Sep 29, 2020

VMware plan disaggregates servers, offloads network virtualization and security
VMware is continuing its effort to remake the data center, cloud and edge to handle the distributed workloads and applications of the future.

At its virtual VMworld 2020 event the company previewed a new architecture called Project Monterey that goes a long way toward melding bare-metal servers, graphics processing units (GPUs), field programmable gate arrays (FPGAs), network interface cards (NICs) and security into a large-scale virtualized environment.

Monterey would extend VMware Cloud Foundation (VCF), which today integrates the company's vShphere virtualization, vSAN storage, NSX networking and vRealize cloud management systems to support GPUs, FPGAs and NICs into a single platform that can be deployed on-premises or in a public cloud.

To read this article in full, please click here



Network World Security
Sep 29, 2020

VMware plan disaggregates servers; offloads network virtualization and security
VMware is continuing its effort to remake the data center, cloud and edge to handle the distributed workloads and applications of the future.

At its virtual VMworld 2020 event the company previewed a new architecture called Project Monterey that goes a long way toward melding bare-metal servers, graphics processing units (GPUs), field programmable gate arrays (FPGAs), network interface cards (NICs) and security into a large-scale virtualized environment.

Monterey would extend VMware Cloud Foundation (VCF), which today integrates the company's vShphere virtualization, vSAN storage, NSX networking and vRealize cloud management systems to support GPUs, FPGAs and NICs into a single platform that can be deployed on-premises or in a public cloud.

To read this article in full, please click here



Network World Security
Sep 25, 2020

Government cybersecurity agency warns of Windows Server exploit
The federal government's Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.

The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take "immediate and emergency action" to patch CVE-2020-1472, issued August 11.

The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named "Zerologon" because of how it works.

To read this article in full, please click here



Network World Security
Sep 25, 2020

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE
If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.

Cisco this week posted 25 "High" rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company's most widely used operating systems. The warnings affect firewalls, wireless access points and switches.

Network pros react to new Cisco certification curriculum For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).

To read this article in full, please click here



Network World Security
Sep 23, 2020

Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud
The mainframe has been declared "dead", "morphed" and "transformed" so many times over the years sometimes it's sometimes hard to believe the Big Iron still has an identity in the enterprise world.

But clearly it does and in a major way, too. 

[ Lessons on diversity in IT: 10 professional organizations focused on diversity in tech • Being Black in IT: 3 tech leaders share their stories • Gender gapped: The state of gender diversity in IT • Maori participation in IT: diversity insights for CIOs everywhere • IT snapshot: Ethnic diversity in the tech industry ] Take recent news as an example: According to IBM, 75% of the top 20 global banks are running the newest z15 mainframe, and the IBM Systems Group reported a 68% gain in Q2 IBM Z revenue year-over-year.

To read this article in full, please click here



Network World Security
Sep 07, 2020

What is SASE? A cloud service that marries SD-WAN with security
Secure access service edge (SASE) is a network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.

Because it's a cloud service, SASE (pronounced "sassy") can be readily scaled up and scaled down and billed based on usage. As a result, it can be an attractive option in a time of rapid change.

[Get regularly scheduled insights by signing up for Network World newsletters.] While some vendors in this space offer hardware devices to connect at-home employees and corporate data centers to their SASE networks, most vendors handle the connections through software clients or virtual appliances.

To read this article in full, please click here



Network World Security
Aug 25, 2020

IoT roundup: A wide-scale security flaw and energy-sector botnets
Monitoring water treatment using IoT will become $3.5 billion business.

Network World Security
Aug 17, 2020

How the network can support zero trust
Simply stated, zero trust calls for verifying every user and device that tries to access the network and enforcing strict access-control and identity management that limits authorized users to accessing only those resources they need to do their jobs.

Zero trust is an architecture, so there are many potential solutions available, but this is a look at those that fit in the realm of networking.

[Get regularly scheduled insights by signing up for Network World newsletters.] Least privilege One broad principle of zero trust is least privilege, which is granting individuals access to just enough resources to carry out their jobs and nothing more. One way to accomplish this is network segmentation, which breaks the network into unconnected sections based on authentication, trust, user role, and topology. If implemented effectively, it can isolate a host on a segment and minimize its lateral or east-west communications, thereby limiting the "blast radius" of collateral damage if a host is compromised. Because hosts and applications can reach only the limited resources they are authorized to access, segmentation prevents attackers from gaining a foothold into the rest of the network.

To read this article in full, please click here



Network World Security
Jul 30, 2020

Cisco urges patching flaws in data-center, SD-WAN gear
Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offering customers should deal with now.

On the data center side, the most critical - with a threat score of 9.8 out of 10 - involves a vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could let an unauthenticated, remote attacker bypass authentication and execute arbitrary actions with administrative privileges on an affected device.

Cisco DCNM lets customers see and control network connectivity  through a single web-based management console for the company's Nexus, Multilayer Director Switch, and Unified Computing System products.

To read this article in full, please click here



Network World Security
Jul 27, 2020

How to tailor SASE to your enterprise
Businesses considering the secure access service edge (SASE) model need to understand that there are numerous ways to implement it that can be tailored to their future needs and the realities of their legacy networks.

As defined by Gartner, which coined the term, SASE calls for security to be built in as part of the network and delivered as a cloud service, but that might not fit the circumstances faced by all enterprises.

READ about SD-WAN: How to buy SD-WAN technology: Key questions to consider when selecting a supplier • How to pick an off-site data-backup method •  SD-Branch: What it is and why you'll need it • What are the options for security SD-WAN? Depending on their needs, it may make more sense to have SASE delivered as a managed service package or even in an architecture that includes privately owned security infrastructure that is managed from the cloud - alternatives that can achieve the same goals.

To read this article in full, please click here



Network World Security
Jul 27, 2020

Are newer medical IoT devices less secure than old ones?
Experts differ on whether older connected medical devices or newer ones are more to blame for making healthcare networks more vulnerable to cyberattack.

The classic narrative of insecure IoT centers on the integration of older devices into the network. In some industries, those devices pre-date the internet, sometimes by a considerable length of time, so it's hardly surprising that businesses face a lot of challenges in securing them against remote compromise.

To read this article in full, please click here



Network World Security
Jul 16, 2020

Counterfeit Cisco switches raise network security alarms
In a disconcerting event for IT security professionals, counterfeit versions of Cisco Catalyst 2960-X Series switches were discovered on an unnamed business network, and the fake gear was found to be designed to circumvent typical authentication procedures, according to a report from F-Secure.

F-Secure says its investigators found that while the counterfeit Cisco 2960-X units did not have any backdoor-like features, they did employ various measures to fool security controls. For example, one of the units exploited what F-Secure believes to be a previously undiscovered software vulnerability to undermine secure boot processes that provide protection against firmware tampering. 

To read this article in full, please click here



Network World Security
Jul 10, 2020

Juniper targets security portfolio at SASE race
The conga line around secure-access service edge (SASE), continues to grow with Juniper this week becoming the latest to join the dance.

Just as other big networking players with extensive security portfolios including Cisco and VMware have recently done, Juniper says it will build off its offerings to address the SASE blueprint.

Read about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT As defined by Gartner in 2019, SASE features a wide variety of components that Juniper summarized and includes:

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2021 CEOExpress Company LLC