NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Jun 30, 2022

IBM brings hybrid-cloud app services to z/OS mainframes
IBM has introduced a service for its mainframe customers to create a cloud environment for developing and testing applications.

Wazi as a Service can be used to create z/OS infrastructure instances for development and testing z/OS application components in a virtualized, containerized sandbox. The instances would run on Red Hat OpenShift on x86 hardware. The service also includes access to z/OS systems and integrates with modern source-code management platforms such as GitHub and GitLab.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Jun 23, 2022

Cisco reports vulnerabilities in products including email and web manager
New vulnerabilities found in Cisco internal testing allow remote access and scripting that could lead to the loss of sensitive user data.

Network World Security
Jun 16, 2022

Cisco puts app-performance tools in the cloud
Cisco is taking aim at better controlling the performance and development of core applications with a new AppDynamics cloud service and open-source development tools.

AppDynamics Cloud is a cloud-native service designed to let enterprises observe applications and take action to remediate performance problems.  

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

Available by the end of June, the service is built to observe distributed and dynamic cloud-native applications at scale, wrote chief marketing officer of Cisco AppDynamics, Eric Schou in a blog about the new offering.

To read this article in full, please click here



Network World Security
Jun 14, 2022

Cisco moves Catalyst, Nexus management to the cloud
Cisco is taking a big step toward cloud-management of both its Catalyst campus and Nexus data-center equipment.

At the Cisco Live customer event this week, the company rolled out two cloud-based management services that provide more options for enterprises to support hybrid workforces.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

Catalyst management in the cloud The first service, Cloud Management for Cisco Catalyst, lets customers manage and troubleshoot Catalyst 9000 switching and wireless campus and branch devices from the company's cloud-based Meraki dashboard, which can manage and troubleshoot a wide variety of devices and networks from a single screen. According to Cisco, Catalyst customers can run a CLI command with information about their organization, and it will move management of that device over to the Meraki cloud.

To read this article in full, please click here



Network World Security
Jun 08, 2022

RSA: Intel reference design to accelerate SASE, other security tasks
Intel has introduced a reference design it says can enable accelerator cards for security workloads including secure access service edge (SASE), IPsec, and SSL/TLS.

The upside of the server cards would be offloading some application processing from CPUs, effectively increasing server performance without requiring additional server rack space, according to Intel.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

The announcement was made at RSA Conference 2022, and details were published in a blog post by Bob Ghaffardi, Intel vice president and general manager of the Enterprise and Cloud Division.

To read this article in full, please click here



Network World Security
Jun 06, 2022

RSA: Cisco launches SASE, offers roadmap for other cloud-based services
Cisco made a variety of security upgrades at the RSA Conference designed to move security operation to the cloud, improve its Secure Access Service Edge offering and offer new simplified security end point control.

The biggest piece of the Cisco roll out was a new overarching security platform called the Cisco Security Cloud will include unified management and policies, and offer open APIs to help grow a multivendor security ecosystem. 

Cisco defines the  Security Cloud as a "multi-year strategic vision for the future of security." It is an ongoing journey that began several years ago and Cisco will continue delivering upon the key tenets of this vision with a consistent roadmap. The cloud will be made up of existing products like Umbrella and offerings from Duo, other features will be developed in the future.

To read this article in full, please click here



Network World Security
Jun 03, 2022

Who is selling Zero Trust Network Access (ZTNA) and what do you get?
Enterprise interest in Zero Trust Network Access (ZTNA) has soared over the past two years among organizations trying to enable secure anywhere, anytime, any device access to IT resources for employees, contractors and third parties.

Much of this interest has stemmed from organizations looking to replace VPNs as the primary remote access mechanism to their networks and data. But it is also being driven by organizations seeking to bolster security in an environment where enterprise data is scattered across on-premises and multi-cloud environments, and being accessed in more ways than ever before.

To read this article in full, please click here



Network World Security
May 31, 2022

6G cellular doesn't exist, but it can be hacked
Arriving at a consensus on when 6G wireless will be widely available commercially is all but impossible, as this small sample size shows:

Northeastern University researchers: More than five years, but probably not long after Nokia CEO Pekka Lundmark: Definitely by 2030 ABI Research: Sometime in the 2030s A magic 8-ball I found in my basement: Reply hazy, try again [ Get regularly scheduled insights by signing up for Network World newsletters. ]

Then there is this intriguing quatrain by 16th century French physician, astrologer and renowned seer Nostradamus:

To read this article in full, please click here



Network World Security
May 31, 2022

U.S. government proposals spell out 5G security advancements
A joint proposal from federal cybersecurity and defense agencies defines a process for ensuring the security of 5G networks.

Network World Security
May 30, 2022

VPNs can complement SASE
The pandemic has accelerated the development of better ways to serve and secure remote workers, which make it a good time to rexamine VPNS.

Recently VPNs have received technical boosts with the addition of protocol options that improve functionality far ahead of where they were when first invented. At the same time, new security architectures zero trust network access (ZTNA), secure access service edge (SASE), and security service edge (SSE) are making inroads into what had been the domain of remote-access VPNs.

To read this article in full, please click here



Network World Security
May 30, 2022

Linux malware is on the rise—6 types of attacks to look for
Malware targeting Linux environments has increased massively in the past year, with threat actors using a variety of techniques to carry out operations.

Network World Security
May 26, 2022

New Linux-based ransomware targets VMware servers
Cheerscript plants double-extortion malware on ESXi servers.

Network World Security
May 25, 2022

Microsoft security vulnerabilities drop after five-year rise
While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.

Network World Security
May 24, 2022

HYAS brings security threat detection, response to production networks
HYAS Confront uses domain expertise and proprietary machine learning to monitor and detect anomalies in production network environments and improve visibility as applications move to the cloud.

Network World Security
May 23, 2022

SASE or SSE? Don't let hype distract from enterprise needs
Secure access service edge (SASE) has generated a buzz over the last couple of years, particularly in light of the pandemic and its associated surge in remote employees. But SASE hasn't quite materialized in the way Gartner - which first coined the term in a 2019 white paper - initially expected. In particular, there's been pushback around the idea that SASE should be delivered by a single vendor, as a single integrated cloud service at the network edge.

The SASE model combines network security functions with WAN capabilities, delivering the security elements in the cloud and using SD-WAN at the edge or in the cloud. Key security functions include secure web gateway (SWG), zero trust network access (ZTNA), firewall as a service (FWaaS), and cloud access security broker (CASB).

To read this article in full, please click here



Network World Security
May 20, 2022

What is Nmap and why do you need it on your network?
Nmap, short for Network Mapper, is a free and open source tool used for vulnerability checking, port scanning and, of course, network mapping. Despite being created back in 1997, Nmap remains the gold standard against which all other similar tools, either commercial or open source, are judged.

Nmap has maintained its preeminence because of the large community of developers and coders who help to maintain and update it. The Nmap community reports that the tool, which anyone can get for free, is downloaded several thousand times every week.

To read this article in full, please click here



Network World Security
May 19, 2022

CISA issues emergency warning over two new VMware vulnerabilities
The U.S. Cybersecurity and Infrastructure Agency issues emergency security directive over VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973, which threat actors are likely to exploit.

Network World Security
May 18, 2022

8 questions to ask vendors about Zero Trust Network Access (ZTNA)
The increased deployment of core business applications in the cloud and the shift to remote work brought on by the pandemic have obliterated any notion of the traditional "corporate moat" style of security.

Today's hybrid workplace, where employees are on the road, working from home and maybe visiting the office once or twice a week, has forced network and security teams to adopt a more flexible approach to managing the network, identities, and authentication.

Zero Trust Network Access (ZTNA) has emerged as the preferred approach to address today's security challenges. The concept is relatively simple: Instead of building a layered perimeter defense of firewalls, IDS/IPSes and anti-virus software, Zero Trust assumes that every user or device is untrusted until it becomes sufficiently verified.

To read this article in full, please click here



Network World Security
May 17, 2022

Google Cloud boosts open-source security, simplifies zero-trust rollouts
Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.

At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.

One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies.

"Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there's a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."

To read this article in full, please click here



Network World Security
May 17, 2022

Google Cloud launches services to bolster open-source security, simplify zero-trust rollouts
Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.

At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.

One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies.

"Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there's a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."

To read this article in full, please click here



Network World Security
May 11, 2022

6 top network security threats and how to beat them
It's a war zone out there. In the seemingly endless game of cyber cat and mouse, accurate intelligence remains the best tool for beating attackers at their own game.

Here's an analysis of today's six top network threats and tips for how to identify and quash them.

1. Ransomware Ransomware is easily the greatest network threat, since it gives attackers the biggest bang for the buck with a relatively low probability of getting caught. "There's also a low bar in the skill category to break into this sort of thing," says Andy Rogers, a senior assessor at cybersecurity and compliance firm Schellman. "There are plenty of Ransomware-as-a-Service (RaaS) businesses that will be more than willing to ensure you have the tools you need to unleash a ransomware campaign."

To read this article in full, please click here



Network World Security
May 10, 2022

Intel details IPU roadmap to free up CPUs
Intel is betting that future data-center operations will depend on increasingly powerful servers running ASIC-based, programable CPUs, and its wager rides on the development of infrastructure processing units (IPU), which are Intel's programmable networking devices designed to reduce overhead and free up performance for CPUs.

Read more: SmartNICs set to infiltrate enterprise networks

To read this article in full, please click here



Network World Security
May 10, 2022

Cohesity launches FortKnox to protect data from ransomware attacks
Data management specialist Cohesity is launching a new data isolation and recovery tool called FortKnox, in a bid to help customers protect their data from ransomware attacks.

FortKnox provides an additional layer of off-site protection for customers by keeping data in a secure ‘vault,' with physical separation, network and management isolation to keep threat actors from accessing sensitive data.

An object lock requires a minimum of two or more people to approve critical actions, such as changes of vault policy, and access can be managed using granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest.

To read this article in full, please click here



Network World Security
May 05, 2022

Cisco warns of critical vulnerability in virtualized network software
Multiple vulnerabilities have been discovered in Cisco's Enterprise NFV Infrastructure Software (NFVIS). The worst of the vulnerabilities could let an attacker escape from the guest virtual machine (VM) to the host machine, Cisco disclosed. The other two problems involve letting a bad actor inject commands that execute at the root level and allowing a remote attacker to leak system data from the host to the VM.

NFVIS is Linux-based infrastructure software designed to help enterprises and service providers to deploy virtualized network functions, such as a virtual router, firewall and WAN acceleration, Cisco stated.

To read this article in full, please click here



Network World Security
May 05, 2022

Dell offers data, app recovery support for multicloud assets
Dell is offering an expanded ecosystem of multicloud data management tools for its customers with a focus on data recovery services, adding recovery vault support for on-premises as well as public cloud assets.

"Our customers want help reducing complexity and are seeking solutions that use a common approach to managing data wherever it lives — from public clouds, to the data center, to the edge," said Chuck Whitten, co-chief operating officer, Dell Technologies, in a statement. "We are building a portfolio of software and services that simplifies on-premises and multicloud environments and offers." 

To read this article in full, please click here



Network World Security
May 05, 2022

4 lessons learned from the Atlassian network outage
Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. 

While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company's engineers and the lengths they had to go to find and fix the problems.

The outage was the result of a series of unfortunate internal errors by Atlassian's own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes' worth of data transactions, and the vast majority of customers didn't see any downtime whatsoever.

To read this article in full, please click here



Network World Security
May 05, 2022

4 networking best practices learned from the Atlassian network outage
Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. 

While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company's engineers and the lengths they had to go to find and fix the problems.

The outage was the result of a series of unfortunate internal errors by Atlassian's own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes' worth of data transactions, and the vast majority of customers didn't see any downtime whatsoever.

To read this article in full, please click here



Network World Security
May 03, 2022

Cisco urges software update to thwart counterfeit switches
Cisco is encouraging users of its popular Catalyst 2960X/2960XR switches to upgrade their IOS operating systems in an effort to combat counterfeiting.

Because of the pervasiveness of these switches on the gray market, it's imperative that customers enable the latest software release - IOS release 15.2(7)E4 or later - to validate the authenticity, security, and performance of their Catalyst 2960X/2960XR 24/48 port Gigabit Ethernet switches, Cisco stated in a notice to customers. 

To read this article in full, please click here



Network World Security
May 03, 2022

TLS implementation flaws open Aruba and Avaya network switches to RCE attacks
The network switch vulnerabilities are considered critical and could allow attackers to break network segmentation, exfiltrate data, and escape captive portals.

Network World Security
Apr 20, 2022

Basing network security on IP addressing: Would it be worth it?
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn't that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.

Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there's an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we're told is SASE without SD-WAN. In any event, what happens is that there's pressure to add this new thing on, and that creates another layer of protection...maybe.  Complication and cost? Surely.

To read this article in full, please click here



Network World Security
Apr 20, 2022

IP addressing could support effective network security, but would it be worth it?
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn't that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.

Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there's an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we're told is SASE without SD-WAN. In any event, what happens is that there's pressure to add this new thing on, and that creates another layer of protection...maybe.  Complication and cost? Surely.

To read this article in full, please click here



Network World Security
Apr 14, 2022

US security agencies warn of threats to industrial, utility control networks
Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.

The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Apr 14, 2022

What is DRaaS and how it can save your business from disaster
Disaster Recovery as a Service (DRaaS) provides data replication, hosting, and recovery services from the cloud in the event of a disaster, power outage, ransomware attack, or other business interruption.

DRaaS backs up data, applications, and IT infrastructure to the cloud, with providers typically having geographically dispersed data center footprints. In the event of a disaster, the business will failover to the DRaaS provider's data center in a different region. 

As opposed to traditional disaster recovery methods, which require businesses to operate an off-site DR facility, DRaaS shifts that burden to service providers, and, thus, expands the market beyond the large enterprises that could afford such capital-intensive setups.

To read this article in full, please click here



Network World Security
Apr 13, 2022

US security agencies warn of threats to indusctial, utility control networks
Key US government security organizations are warning industrial control system (ICS)/supervisory control and data acquisition (SCADA)-basednetworks are being threatened by bad actors armed with custom software tools.

The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Apr 12, 2022

Cisco SD-WAN software gains broader application access, enhanced analytics
Cisco has tweaked its flagship SD-WAN software package to increase customer application flexibility and improve visibility into the performance of distributed resources.

The company announced Cisco SD-WAN release 17.8, which adds support for new business and customized cloud applications, analytics and security features.

SD-WAN buyers guide: Key questions to ask vendors Specifically, the company upgraded the SD-WAN Cloud OnRamp for SaaS service, which links branch offices or individual remote users to cloud applications such as Cisco's Webex, Microsoft 365, AWS, Google, Oracle, Salesforce and more.

To read this article in full, please click here



Network World Security
Apr 07, 2022

5 VMware products need patching against serious security vulnerabilities
Virtualization and cloud vendor VMware this week disclosed eight vulnerabilities in five of its products, and urged users of Workspace ONE Access and all its products that include VMware Identity Manager components to patch immediately.

Three of those vulnerabilities were rated critical on the CVSSv3 scale—two of them contain the possibility for remote code execution, while the third would allow a bad actor to bypass VMware's user authentication systems to execute unauthorized operations.

To read this article in full, please click here



Network World Security
Apr 07, 2022

10 essential Linux tools for network and security pros
Picking just 10 Linux open source security tools isn't easy, especially when network professionals and security experts have dozens if not several hundred tools available to them.

There are different sets of tools for just about every task—network tunneling, sniffing, scanning, mapping. And for every environment—Wi-Fi networks, Web applications, database servers.

We consulted a group of experts (Vincent Danen, vice president of product security, RedHat; Casey Bisson, head of product growth, BluBracket; Andrew Schmitt, a member of the BluBracket Security Advisory Panel; and John Hammond, senior security researcher, Huntress) to develop this list of must-have Linux security tools.

To read this article in full, please click here



Network World Security
Apr 07, 2022

Who's selling SASE and what do you get?
Demand for secure access service edge (SASE) has grown tremendously during the pandemic. As adoption picks up, vendors are promising feature-rich and integrated SASE solutions. Customers have different needs when it comes to SASE, however, and it's not always easy to understand what a SASE provider is offering.

As an approach, SASE combines networking and security into a scalable cloud service that fits with the remote and hybrid work models companies use today. Potential benefits include easier network and security management, flexibility to scale up or down as business needs require, and lower costs.

To read this article in full, please click here



Network World Security
Apr 05, 2022

IBM z16: A mainframe designed for AI, hybrid cloud, security and open source
Today's announcement of IBM's new z16 mainframes promises a system that caters to enterprise needs that include support for AI, security, hybrid cloud, and open source efforts well into the future.

The new, more powerful and feature-rich Big Iron boasts an AI accelerator built onto its core Telum processor that can do 300 billion deep-learning inferences per day with one millisecond latency and includes what IBM calls a quantum-safe system to protect organizations from anticipated quantum-based security threats.

[Get regularly scheduled insights by signing up for Network World newsletters.]

To read this article in full, please click here



Network World Security
Apr 04, 2022

Fortinet tightens integration of enterprise security, networking controls
Fortinet has made available a new release of its core FortiOS software that includes features the vendor says will help enterprises more tightly meld security and networking controls.

FortiOS 7.2, has 300 new features including AI support to help stop network threats more quickly, sandboxing to help fight ransomware threats, and improved SD-WAN, branch, and edge orchestration.

How to choose an edge gateway FortiOS is the vendor's operating system for the FortiGate family of hardware and virtual components. FortiOS implements Fortinet Security Fabric and includes network security such as firewalling, access control, and authentication in addition to SD-WAN, switching, and wireless services. 

To read this article in full, please click here



Network World Security
Mar 31, 2022

Zero trust requires network visibility
In a zero-trust environment, trust is not static. Behavior has to be visible for trust to persist.

One of the most important differences between old thinking on networking and the zero-trust mindset is the inversion of thinking on trust. Pre-ZT, the assumption was this: Once you get on the network, you are assumed to be allowed to use it any way you want until something extraordinary happens that forces IT to shut you down and remove your access. You are assumed broadly trustworthy, and confirming that status positively is very rare. It is also very rare to have that status revoked.

To read this article in full, please click here



Network World Security
Mar 30, 2022

CISA warns of attacks against internet-connected UPS devices
Threat actors have targeted power supplies whose control interfaces are connected to the internet, and CISA says that they should be disconnected immediately.

Network World Security
Mar 30, 2022

Palo Alto launches cloud-native firewall service for AWS
Cloud NGFW for AWS enables organizations to shift security responsibility to Palo Alto, allowing them to speed cloud innovation while remaining secure, the vendor says.

Network World Security
Mar 28, 2022

Use zero trust to fight network technical debt
Zero trust (ZT) is a mindset and a method, not a technology. The current push to adopt ZT is driven by an urgent and growing need to make a major leap forward in risk management and attack containment in enterprise networks, a need driven home by every successive wave of ransomware. IT can use the urgency of moving to ZT to root out some of the technical debt in the environment. Specifically, it can be a catalyst to find areas exempted from network and network security standards and bring them up to date under the new paradigm of zero trust.

No more exempting network components from access-control roles In a ZT environment, the network not only doesn't trust a node new to it, but it also doesn't trust nodes that are already communicating across it. When a node is first seen by a ZT network, the network will require that the node go through some form of authentication and authorization check. Does it have a valid certificate to prove its identity? Is it allowed to be connected where it is based on that identity? Is it running valid software versions, defensive tools, etc.? It must clear that hurdle before being allowed to communicate across the network.

To read this article in full, please click here



Network World Security
Mar 23, 2022

IBM service aims to secure multicloud operations
IBM is launching a new service to help customers manage their data encryption keys in a hybrid cloud environment. 

Unified Key Orchestrator lets customers integrate all security key-management systems into one managed service that's backed by Big Blue's Hardware Security Module. HSM is IBM's system that protects against physical or logical attacks and has special hardware to perform cryptographic operations and protect keys.

Gartner: IT skills shortage hobbles cloud, edge, automation growth Available from IBM Cloud, Unified Key Orchestrator lets customers maintain visibility and control over who has access to their critical data, while running workloads across hybrid or multicloud cloud environments. In addition, with a single, secure, cloud-based  view of an organization's crypto keys, enterprises can create and revoke keys for their data across multiple clouds. At the same time, companies no longer need to rely on security experts with specialized knowledge of each individual cloud to handle security operations, according to IBM.

To read this article in full, please click here



Network World Security
Mar 23, 2022

What is NAC and why is it important for network security?
Network Access Control (NAC) is a cybersecurity technique that prevents unauthorized users and devices from entering private networks and accessing sensitive resources. Also known as Network Admission Control, NAC first gained a foothold in the enterprise in the mid-to-late 2000s as a way to manage endpoints through basic scan-and-block techniques.

As knowledge workers became increasingly mobile, and as BYOD initiatives spread across organizations, NAC solutions evolved to not only authenticate users, but also to manage endpoints and enforce policies.

How NAC works NAC tools detect all devices on the network and provide visibility into those devices. NAC software prevents unauthorized users from entering the network and enforces policies on endpoints to ensure devices comply with network security policies. NAC solutions will, for instance, make sure that the endpoint has up-to-date antivirus and anti-malware protections.

To read this article in full, please click here



Network World Security
Mar 08, 2022

New attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs
Though not as easy to exploit, this proof of concept shows that some Intel and ARM processors are still vulnerable to side-channel attacks.

Network World Security
Mar 08, 2022

Critical flaws in APC uninterruptible power supplies poses risks to mission-critical devices
Attackers can exploit cloud-connected APC Smart-UPS units to take control of the devices they protect.

Network World Security
Mar 08, 2022

Critical flaws in remote management agent impacts thousands of medical devices
The Axeda platform, used by hundreds of IoT devices, has seven vulnerabilities, three of which allow for remote code execution.

Network World Security
Mar 07, 2022

Gartner: SSE is SASE minus the SD-WAN
SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.

Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the "A" — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it's available from vendors listed in the report (here and here, for example).

To read this article in full, please click here



Network World Security
Mar 07, 2022

SSE is SASE minus the SD-WAN
SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.

Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the "A" — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it's available from vendors listed in the report (here and here, for example).

To read this article in full, please click here



Network World Security
Mar 04, 2022

NSA urges businesses to adopt zero trust for network security
The National Security Agency this week detailed recommendations for businesses to secure their network infrastructure against attacks, giving safe configuration tips for commonly used networking protocols and urging the use of basic security measures for all networks.

The NSA's report highlighted the importance of zero trust principles for network security, but the bulk of it covers specific steps network administrators should take to keep their infrastructure safe from compromise. Configuration tips for network admins include the use of secure, frequently changed passwords for all administrative accounts, limiting login attempts, and keeping potentially vulnerable systems patched and up-to-date. The report also describes safe configurations for SSH (secure shell), HTTP and SNMP (simple network management protocol).

To read this article in full, please click here



Network World Security
Mar 04, 2022

NSA urges businesses to adopt zero trust principles for network security
The National Security Agency this week issued detailed recommendations for businesses trying to secure their networking infrastructure against attacks, giving safe configuration tips for commonly used networking protocols and urging the use of basic security measures for all networks.

The NSA's report began by highlighting the importance of zero trust principles for network security, but the bulk of it covers specific steps network administrators should take to keep their infrastructure safe from compromise. Configuration tips for network admins include the use of secure, frequently changed passwords for all administrative accounts, limiting login attempts and keeping potentially vulnerable systems patched and up-to-date. The report also describes safe configurations for SSH (secure shell), HTTP and SNMP (simple network management protocol).

To read this article in full, please click here



Network World Security
Mar 03, 2022

7 DNS attack types and how to mitigate them
Domain name system (DNS) attacks, in which bad actors take advantage of vulnerabilities in the DNS Internet protocol, are extremely prolific -- and costly.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 03, 2022

7 DNS attacks and how to mitigate them
Domain name system (DNS) attacks, in which bad actors take advantage of vulnerabilities in the DNS Internet protocol, are extremely prolific—and costly.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 03, 2022

The 5 big DNS attacks and how to mitigate them
Domain name system (DNS) attacks, in which bad actors take advantage of vulnerabilities in the DNS Internet protocol, are extremely prolific—and costly.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 01, 2022

FCC looks into BGP vulnerabilities, in light of Russian hacking threat
The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet.

The move, announced Monday, was issued in response to "Russia's escalating actions inside of Ukraine," according to the commission's notice of inquiry.

BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes.

To read this article in full, please click here



Network World Security
Feb 25, 2022

Cisco IDs top 2022 security threats and what to do about them
2022 will be another busy year for enterprise incident responders as ransomware, supply chain and myriad zero-day attacks will continue to rise, according to Cisco's Talos security experts.

To help address the threats, the Cisco Talos team used a blog and online presentation to detail steps enterprises can take to defend themselves against the growing field of bad actors and also to point out lessons learned from recent damaging exploits such as the Log4j vulnerability and Microsoft Exchange server zero-day threats.

Once, zero-day attacks were typically launched by state actors against service providers, but those days are gone, wrote Nick Biasini head of outreach at Cisco Talos in a blog about the security landscape in 2022. Now new, less experienced combatants seek out a broader range of targets, using less surgical attacks. "This has led to more risky behavior than we've seen historically, without as much regard for collateral damage," he wrote.

To read this article in full, please click here



Network World Security
Feb 23, 2022

Zero trust requires clear architecture plans before changing core systems
Zero trust touches everything: identity, applications, networks, data, and devices. The best approach is not to change everything all at once. Instead, start with the big picture.

In our research, we've found the most successful organizations dedicated the first phase of their zero-trust initiatives to working out an architecture. They didn't rush into deploying solutions as though starting with a greenfield.

Everyone else dove in fast, mixing the foundational work on zero trust with one or more of the knock-on efforts: rearchitecting networks, security, and data management; buying tools; forming implementation teams and setting them to work. All those things need to happen, of course, but with zero trust, it pays to do a lot more thinking about how all the pieces will fit together before undertaking the changes needed, either at the architectural level or in the tool set.

To read this article in full, please click here



Network World Security
Feb 15, 2022

F5 integrates security for multi-cloud app protection.
F5 Networks has rolled out an integrated, cloud-based security platform and services aimed at protecting widely distributed enterprise applications.

The company used its Agility conference this week to introduce its overarching Distributed Cloud Services platform, which will bring together security technologies from recent acquisitions, including Threat Stack, Volterra, and Shape Security, plus its own web-application firewall and other components to offer an integrated, secure, distributed application-management platform for on-prem or cloud deployment.

How to build a hybrid-cloud strategy "Modernizing apps includes transformational actions such as leveraging microservices, using multiple clouds and edge locations instead of a single cloud provider, and utilizing API-based communication to connect workloads and data," wrote Haiyan Song, executive vice president and general manager of F5's Security & Distributed Cloud Product Group in a blog about the new services.

To read this article in full, please click here



Network World Security
Feb 14, 2022

5 best practices for making smart-building LANs more secure
Power, they say, corrupts, and absolute power corrupts absolutely. While that was said about politics, it sure seems like it was tailor-made for smart buildings.

Facility-control technology is exploding because the concept is useful and often saves money. Unfortunately, smart devices have also proven to be an on-ramp for major intrusions. Smart buildings are surely absolutely powerful in a way; are they absolutely corruptible? Maybe, if we're not very careful.

[Get regularly scheduled insights by signing up for Network World newsletters.] If corruption means overall bad-ness, then hacking a smart building surely qualifies. It could let intruders mess with lights, heating and air conditioning, and maybe other critical systems, too. We also know from news stories that a hacker could use a successful smart building intrusion to sneak into other business applications, potentially compromising them and  critical company information. It's important to address these risks, and that means starting with how they arise.

To read this article in full, please click here



Network World Security
Feb 09, 2022

Log4j hearing: 'Open source is not the problem'
The high-tech community is still trying to figure out the long-term impact of the serious vulnerability found late last year in the open-source Apache Log4j software, and so is the US Senate.

"Open source is not the problem," stated Dr. Trey Herr, director of the Cyber Statecraft Initiative with Atlantic Council think tank during a US Senate Committee on Homeland Security & Government Affairs hearing this week. "Software supply-chain security issues have bedeviled the cyber-policy community for years."

Experts have been predicting a long-term struggle to remedy the Log4j flaw and its impact. Security researchers at Cisco Talos for example stated that Log4j will be widely exploited moving forward, and users should patch affected products and implement mitigation solutions as soon as possible.

To read this article in full, please click here



Network World Security
Feb 08, 2022

Major security vulnerability found in top servers
Security firm Binarly has discovered more than 20 vulnerabilities hiding in BIOS/UEFI software from a wide range of system vendors, including Intel, Microsoft, Lenovo, Dell, Fujitsu, HP, HPE, Siemens, and Bull Atos.

Binarly found the issues were associated with the use of InsydeH20, a framework code used to build motherboard unified extensible firmware interfaces (UEFI), the interface between a computer's operating system and firmware.

[Get regularly scheduled insights by signing up for Network World newsletters.] All of the aforementioned vendors used Insyde's firmware SDK for motherboard development. It is expected that similar types of vulnerabilities exist in other in-house and third-party BIOS-vendor products as well.

To read this article in full, please click here



Network World Security
Feb 01, 2022

Cato adds fine-grained CASB controls to SASE platform
SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms.

When employees working from home or branch locations log into SaaS services such as Office 365 or Dropbox or Salesforce, a CASB gateway can track the applications employees access, where they log in from, and sometimes even what they do when using those applications.

Previously, Cato only offered limited CASB controls, enabling companies to allow or prohibit the use of particular SaaS tools, says Dave Greenfield, Cato's director of technology evangelism. Now, individual behaviors can be controlled. For example, users might be allowed to download documents from certain cloud file-sharing providers but can only upload documents to a company's preferred platform.

To read this article in full, please click here



Network World Security
Feb 01, 2022

Gartner: Worldwide IT spending to reach $4.5T in 2022
Research firm Gartner forecasts IT spending will reach nearly $4.5 trillion worldwide this year, with enterprise software, IT services, and data center systems leading the way. The projected $4.45 trillion in spending this year represents an increase of 5.1% compared with 2021.

The largest growth segment is enterprise software, which is projected to grow 11% to $672 billion. However, Gartner includes the cloud market in the enterprise software market, and that's where the growth is.

Read more: Gartner's top infrastructure and operations trends for 2022

To read this article in full, please click here



Network World Security
Jan 27, 2022

Access broker found exploiting Log4j vulnerability in VMware
The Prophet Spider gang uses the Log4Shell vulnerability to target the Tomcat service in unpatched VMware Horizon systems.

Network World Security
Jan 17, 2022

Zero Trust is hard but worth it
At the end of last year, I heard from a long-time enterprise contact that had a major security concern. The company had installed three layers of security and just completed an audit. It showed that since thIey'd finished their installation they'd had five security incidents, and all of them had originated inside their security perimeter, bypassing most of their protection.

Their question was what they did wrong and how they could fix it.

What this company experienced is far from rare, and the source of their problems and the paths to correction are far from easy.

We tend to think of security as a goal we can achieve with a simple toolkit. Not so. Security is the state you achieve by dealing with all likely threats, and every threat has to be addressed in its own unique way. Problems can come from hackers gaining access to an application or database from the outside, through things like stealing credentials or exploiting weak authentication.

To read this article in full, please click here



Network World Security
Jan 10, 2022

How to buy enterprise firewalls
Enterprise firewalls have been the quintessential security device for decades, standing guard at the perimeter, inspecting all inbound and outbound traffic for malware. So, what happens to firewalls as the perimeter fades away? They evolve.To read this article in full, please click here

(Insider Story)

Network World Security
Jan 10, 2022

How to shop for firewalls
Enterprise firewalls have been the quintessential security device for decades, standing guard at the perimeter, inspecting all inbound and outbound traffic for malware. So, what happens to firewalls as the perimeter fades away? They evolve.

Today's firewalls are an essential piece of the enterprise security puzzle. They've become the foundational device upon which security vendors have stacked all of their advanced features. Cloud-based, next-generation firewalls (firewall-as-a-service) are a core component of any secure access service edge (SASE) deployment. VPN remote access for work-at-home employees typically terminates at a firewall. And firewalls play a key role in zero-trust network access (ZTNA), serving as the device that enforces access control policies and network segmentation rules.

To read this article in full, please click here



Network World Security
Dec 16, 2021

Log4j flaw needs immediate remediation
After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn't need another big issue to take care of, but they have one: Stemming potential damage from the recently disclosed vulnerability in open source Java-logging Apache Log4j software.  

Log4j or Log4Shell has been around a long time—it was released in January, 2001—and is widely used in all manner of enterprise and consumer services, websites, and applications. Experts describe the system as an easy-to-use common utility to support client/server application development.

To read this article in full, please click here



Network World Security
Dec 07, 2021

Aryaka broadens enterprise targets with managed SD-WAN, SASE services
Aryaka Networks is looking to target more enterprises with a new managed secure access service edge (SASE) offering and an improved, lower cost SD-WAN offerings.

Aryaka is known for offering WAN and SD-WAN services over its global Layer 2 network with more than 40 points . The new services spring from that backbone to provide additional, flexible WAN services. 

SD-WAN buyers guide: Key questions to ask vendors The first is based on a new iteration of Aryaka's L2 core—the L3—which is optimized for cost and non-mission critical applications or sites that don't require top-shelf performance. The L2 core is optimized for performance-sensitive applications.

To read this article in full, please click here



Network World Security
Dec 07, 2021

How to buy SASE
Wouldn't it be great if there were a cloud-based service that combined networking and security so that users located anywhere could safely and efficiently access applications and data located anywhere? That's the aim of SASE (rhymes with gassy). SASE isn't a single product, but rather it's an approach, a platform, a collection of capabilities, an aspiration.

Gartner coined the term Secure Access Service Edge in a 2019 research report, and the name stuck. Vendors have been doing backflips trying to cobble together complete SASE offerings, which would include at a minimum software-defined WAN (SD-WAN), secure Web gateway (SWG), cloud access security broker (CASB), firewall-as-a-service (FWaaS) and zero trust network access (ZTNA).

To read this article in full, please click here



Network World Security
Dec 06, 2021

Cisco hit with software and physical issues
Cisco Systems has been hit with an unusual double-whammy of issues, one of them in software and one in hardware.

First, the more serious issue, a firewall flaw. Security researcher Positive Technologies, which hunts for security vulnerabilities, posted a warning that a vulnerability in Cisco firewall appliances could allow hackers to cause them to fail.

The problem is in the Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls. Forrester Research says there are more than a million of them deployed worldwide. Positive assessed the severity level of vulnerability as high and recommended users should install updates, which are available, as soon as possible.

To read this article in full, please click here



Network World Security
Nov 29, 2021

SmartNICs set to infiltrate enterprise network, security worlds
Enterprise infrastructure that supports data center, cloud and edge networks could someday be dominated by one of its tiniest components--the smartNIC or data processing unit (DPU).

Use of smartNICs in the enterprise is still evolvinging, but the idea behind them--offloading server CPU duties onto a separate device to free up server cycles--is not new. Specialized hardware accelerators such as graphics processing units (GPU), field-programmable gate arrays (FPGA), and focused NICs have offloaded CPU workloads in telco, financial, and scientific application processing. 

NaaS is the future but it's got challenges Looking ahead, users and vendors see a way to reduce enterprise costs, improve performance and increase security with smartNICs.

To read this article in full, please click here



Network World Security
Nov 29, 2021

SmartNICs set to infiltrate enterprise networks
Enterprise infrastructure that supports data center, cloud and edge networks could someday be dominated by one of its tiniest components--the smartNIC or data processing unit (DPU).

Use of smartNICs in the enterprise is still evolvinging, but the idea behind them--offloading server CPU duties onto a separate device to free up server cycles--is not new. Specialized hardware accelerators such as graphics processing units (GPU), field-programmable gate arrays (FPGA), and focused NICs have offloaded CPU workloads in telco, financial, and scientific application processing. 

NaaS is the future but it's got challenges Looking ahead, users and vendors see a way to reduce enterprise costs, improve performance and increase security with smartNICs.

To read this article in full, please click here



Network World Security
Nov 29, 2021

How to buy Wi-Fi 6 access points
Wi-Fi 6 has some impressive improvements over its predecessor Wi-Fi 5 including lower latency, faster speeds, higher throughput, and increased range that can make it a better fit to serve both dense clusters of clients and clients running high-bandwidth applications.

As Wi-Fi in general replaces wired networks in some enterprises and with the increased use of tablets, laptops, and mobile phones within enterprises, wireless-network responsiveness and versatility are becoming more desirable. Wi-Fi 6 (802.11 ax) can help. It can also improve the efficiency of IoT Wi-Fi networks by letting sensors lie idle more of the time so their batteries last longer.

To read this article in full, please click here



Network World Security
Nov 16, 2021

Palo Alto software advances end-to-end enterprise cloud security
Palo Alto Networks has bolstered its security software to better protect  enterprise Software-as-a-Service (SaaS) applications.

The company rolled out a new version of its core cloud-security package, Prisma 3.0, which includes the ability to code security directly into SaaS applications. The package includes a cloud-access security broker (CASB) to control access to cloud resources.

[Get regularly scheduled insights by signing up for Network World newsletters.] Prisma is a cloud-based security bundle that includes access control, advanced threat protection, user-behavior monitoring, and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, Zero Trust network access and a secure web gateway. 

To read this article in full, please click here



Network World Security
Nov 15, 2021

Rethinking the WAN: Zero Trust network access can play a bigger role
The WAN as initially conceived was about one simple job: the WAN was the network that "connects my sites to each other." That is, the network connecting users in corporate sites to corporate IT resources in other corporate sites or perhaps colocation facilities. It was all inside-to-inside traffic.

Over the past decade so much has changed that, just before COVID-19 work-from-home mandates took hold, only about 37% of a typical WAN's traffic was still inside-to-inside, according to Nemertes' "Next Generation Networks Research Study 2020-2021". The rest touched the outside world, either originating there as with remote work against data-center systems or terminating there as with SaaS use from a company site or both as with VPNing into the network only to head back out to a SaaS app.

To read this article in full, please click here



Network World Security
Nov 15, 2021

3 steps to better collaboration between networking and security pros
(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report "NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation", by EMA Vice President of Research Networking Shamus McGillicuddy.)

To read this article in full, please click here



Network World Security
Nov 15, 2021

3 steps to improve collaboration between networking and security pros
(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report "NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation", by EMA Vice President of Research Networking Shamus McGillicuddy.)

To read this article in full, please click here



Network World Security
Nov 12, 2021

Nvidia jumps into Zero Trust
Nvidia has announced a Zero Trust platform built around its BlueField data-processing units and Nvidia software.

Zero Trust is an architecture that verifies every user and device that tries to access the network and enforces strict access control and identity management that limits authorized users to accessing only those resources they need to do their jobs.

[Get regularly scheduled insights by signing up for Network World newsletters.] "You cannot just rely on the firewall on the outside, you have to assume that any application or any user inside your data center is a bad actor," said Manuvir Das, head of enterprise computing at Nvidia. "Zero Trust basically just refers to the fact that you can't trust any application or user because there are bad actors."

To read this article in full, please click here



Network World Security
Nov 10, 2021

Drone demo shows it's possible to protect 5G-managed devices from DDoS, exfiltration attacks
A demonstration earlier this year at Stanford School of Engineering proved that a small fleet of computer-controlled drones can maintain their flight integrity in the face of continual cyberattacks on the 5G network used to manage the devices through the deployment of software-defined networking (SDN).

For enterprise IT pros charged with securing devices wirelessly across a 5G network, the drone test results are promising evidence that SDN can help networks under cyberattack to recover almost instantaneously.

To read this article in full, please click here



Network World Security
Nov 08, 2021

Cisco tool makes it easier to meld SD-WAN, security domains
Cisco has upgraded two of its core software programs to make it easier for enterprise customers to secure data-center and WAN-connected resources.https://www.networkworld.com/article/3599213/what-are-data-centers-how-they-work-and-how-they-are-changing-in-size-and-scope.html

Cisco has introduced what it calls Integrated Domain, which combines the domain controllers of Cisco DNA Center and Cisco SD-WAN vManage to tie together network connectivity between the two domains as well as ensuring security-policy consistency end-to-end, according to Justin Buchanan, Cisco director of product management, security policy and access.

To read this article in full, please click here



Network World Security
Nov 01, 2021

Software-defined perimeter is a good place to start a rollout of Zero Trust network access
Zero Trust relies on continuously re-authorizing users, applications, and devices to establish myriad "perimeters of one" in the environment, but the name isn't quite accurate.

Zero Trust doesn't literally mean zero trust; it means zero implicit trust. You—whether that means a person, or a software or hardware system—are not to be trusted simply by virtue of where you are on the network; there is no network perimeter within which you are automatically trusted to connect to services. And you are not to be trusted now just because you were trusted when you first gained access to the network; gaining admission once is not the same thing as ongoing trust. And you are not to be trusted to make the new service connection you are trying to make now just because you were trusted to make the previous one.

To read this article in full, please click here

]]

Network World Security
Oct 27, 2021

Network World Security


Network World Security
Oct 21, 2021

Gartner: Top strategic predictions for 2022 and beyond
Expect the unexpected - that's just one of the core premises IT leaders need to embrace in the next few years, according to Gartner's top strategic predictions for 2022 and beyond.

IT leaders need to be able to move in multiple strategic directions at once, said Daryl Plummer, distinguished research vice president and Gartner Fellow, to the virtual audience at the firm's IT Symposium/Xpo Americas, held this week.

Network certs: Significant raises for the right ones "Resilience, opportunity and risk have always been components of good business strategy, but today these issues hold new meaning," Plummer said. "This year's predictions embody how resilience must be built in more non-traditional ways, from talent to business modularity, while opportunity and risk must be viewed with a greater sense of urgency."

To read this article in full, please click here



Network World Security
Oct 20, 2021

Gartner says IT spending to top $4 Trillion in 2022
With IT budgets growing at the fastest rate in 10 years, worldwide IT spending is projected to total $4.5 trillion in 2022, an increase of 5.5% from 2021, according to the latest Gartner forecasts.

All IT spending segments—from data-center systems to communications services—are forecast to grow next year, according to Gartner. 

[Get regularly scheduled insights by signing up for Network World newsletters.] Enterprise software is likely to have the highest growth in 2022 at 11.5%, driven by infrastructure software spending. Global spending on devices grew over 15%  as remote work, telehealth and remote learning took hold, and Gartner expects 2022 will continue that growth as enterprises upgrade devices and/or invest in multiple devices to support the hybrid work setting. "Enterprises will increasingly build new technologies and software, rather than buy and implement them, leading to overall slower spending levels in 2022 compared to 2021," said John-David Lovelock, distinguished research vice president at Gartner.

To read this article in full, please click here



Network World Security
Oct 19, 2021

Aruba switch can cut the need for separate, single-function appliances
Hewlett Packard Enterprise company Aruba is taking the wraps of a new flagship data-center switch aimed at helping to better control and secure hybrid-cloud traffic in the enterprise.

The Aruba CX 10000 Series switch is a top-of-rack, L2/3 data-center box that the with 3.2Tbps of switching capacity, 48 ports of line rate 10/25GbE and six 40/100GbE ports, the company says. But its most intriguing component is an integrated Elba programmable data processing unit (DPU) from Pensando that helps eliminate the need for separate appliances for security and load balancing, for example.

The 10 most powerful companies in enterprise networking 2021 Pensando is a startup lead by a crew of ex-Cisco stars including its chairmen of the board, former Cisco CEO John Chambers. Others leaders of the company include former Cisco engineering icons Mario Mazzola, Prem Jain, Luca Cafiero and Soni Jiandani, collectively known as MPLS based on their first initials. The MPLS group has founded a number of companies that were spun back into Cisco during Chamber's time as CEO including Andiamo Systems for SAN switching, Nuova Systems for data-center switching. and Insieme Networks for software-defined networking systems.

To read this article in full, please click here



Network World Security
Oct 19, 2021

Gartner: 8 security trends facing the enterprise
More about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT As organizations become less centralized they face new security challenges that require new ways of addressing threats that will change the basic fabric of network security, according to Gartner analysts.

To read this article in full, please click here



Network World Security
Oct 18, 2021

Gartner: Top strategic technology trends for 2022
Digital investments, be they in AI, cloud, security, or engineering, will be among the top technology drivers for 2022, according to Gartner's annual forecast of what it expects will be leading strategic IT trends.

Gartner: IT skills shortage hobbles cloud, edge, automation growth "It is an overarching drive for organizations to do more with and scale the digital environments they have been rapidly developing during the pandemic," said David Groombridge, research vice president at Gartner. "Most of these trends define technologies that together show how  businesses will reconnect  with partners and consumers to create scalable, resilient technical foundations for the future." Gartner unwrapped its forecast at its virtual IT Symposium/Xpo Americas this week.

To read this article in full, please click here



Network World Security
Oct 12, 2021

Edge computing: 5 potential pitfalls
Edge computing is gaining steam as an enterprise IT strategy with organizations looking to push storage and analytics closer to where data is gathered, as in IoT networks. But it's got its challenges.

Tech Spotlight:

To read this article in full, please click here



Network World Security
Oct 11, 2021

4 questions that get the answers you need from IT vendors
It's the time of year when most enterprises are involved in a more-or-less-formal technology review cycle, as a preparatory step for next year's budgeting. They've done this for decades, and it's interesting to me that in any given year, enterprises share roughly three of their top five priorities. It's more interesting that over three-quarters of enterprises carry over at least two of their top five priorities for multiple years. Why aren't they getting addressed? They say their top problem is an "information gap."

Buyers adopt network technologies that improve their business, not just their network. They have to justify spending, particularly spending on some new technology that someone inside or outside has suggested. That means that they have to understand how it will improve operations, how they'll deploy it, and what the cost will be. To do this for a new technology, they need information on how that improvement would happen—and they say they're not getting it.

To read this article in full, please click here



Network World Security
Oct 06, 2021

VMworld 2021: VMware to pack more security into NSX
When it comes to protecting data-center-based resources in the highly distributed world, traditional security hardware and software components just aren't going to cut it.

That's the bottom line for enterprises as they move to distributed digital environments according to Tom Gillis, senior vice president and general manager of VMware's networking & advanced security business group. The idea is that security needs to be put deep into the infrastructure fabric and protect workloads across their lifecycle, Gillis said during an interview with Network World at the company's VMworld virtual conference.

To read this article in full, please click here



Network World Security
Oct 01, 2021

For networking pros, every month is Cybersecurity Awareness Month
When National Cybersecurity Awareness Month (NCSAM) was launched in October 2004, it was a modest affair, offering anodyne advice to individual Americans and US businesses along the lines of making sure to update your antivirus software twice a year.

Since then NCSAM has grown into an event-packed month with star-studded guest panels, annual launches in various cities (looking at you, Ypsilanti, Michigan!), the participation of federal cybersecurity officials, and weekly themes. This year, for example, the themes in each successive week are:

Be Cyber Smart Phight the Phish! Experience. Share. (Cybersecurity Career Awareness Week) Cybersecurity First Linux security: Cmd provides visibility, control over user activity Not sure why the organizers didn't make "Cybersecurity First" the theme of the month's first week, but it is not for me to second-guess the federal Cybersecurity & Infrastructure Security Agency (CISA) and the public/private National Cyber Security Alliance (NCSA), organizers of the annual awareness month.

To read this article in full, please click here



Network World Security
Sep 28, 2021

How and why automation can improve network-device security
The recent T-Mobile data breach, reportedly facilitated by attackers gaining access to an unprotected router and from there into the network, could have been prevented through the use of network automation.

IDS, IPS, SASE, and other newer technologies get a lot more attention, but automation is critical to modern network security. Here's a look at how automation should be used to enhance network security.

To read this article in full, please click here



Network World Security
Sep 24, 2021

Cisco patches three critical holes in IOS XE software
Cisco has patched three critical security holes in its IOS XE software that's used across a variety of its core routers and switches.

The three critical warnings are part of a big release of 32 security alerts, many of which are IOS XE-related, including firewall, SD-WAN and wireless access vulnerabilities.

Linux security: Cmd provides visibility, control over user activity Of the critical patches, the worst is a weakness in the Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers; it's rated as a 10 out of 10 on the Common Vulnerability Scoring System (CVSS).

To read this article in full, please click here



Network World Security
Sep 23, 2021

Nutanix offers virtual private cloud HCI, multicloud workload managemant
Nutanix is releasing enhancements to its AOS operating system and Era database-management service designed to make it easier for enterprises to manage data, workloads, and business-continuity security tools in hybrid cloud environments via software-defined networking capabilities

AOS and Era are both components of the Nutanix Cloud Platform. AOS 6, the new version of Nutanix's hyperconverged infrastructure (HCI) software, is designed to simplify network management across multiple clouds and enable enterprises to build virtual private clouds. Nutanix announced the updates at its .NEXT event this week.

To read this article in full, please click here



Network World Security
Sep 23, 2021

Nutanix offers virtual private cloud HCI, multicloud workload management
Nutanix is releasing enhancements to its AOS operating system and Era database-management service designed to make it easier for enterprises to manage data, workloads, and business-continuity security tools in hybrid cloud environments via software-defined networking capabilities

AOS and Era are both components of the Nutanix Cloud Platform. AOS 6, the new version of Nutanix's hyperconverged infrastructure (HCI) software, is designed to simplify network management across multiple clouds and enable enterprises to build virtual private clouds. Nutanix announced the updates at its .NEXT event this week.

To read this article in full, please click here



Network World Security
Sep 20, 2021

Tape backup as a defense vs. ransomware
Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.

The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.

How to choose the best NVMe storage array When cloud's not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.

To read this article in full, please click here



Network World Security
Sep 16, 2021

Palo Alto shapes SASE package for hybrid enterprises
Palo Alto Networks has bolted together its SD-WAN and security technologies to offer an integrated, cloud-based, secure-access service edge (SASE) offering aimed at simplifying distributed enterprises.

Called Prisma SASE, the package brings together the company's core Prisma Access package of cloud-based, next-generation security gateways with its Prisma SD-WAN technology it got when it bought CloudGenix for $420 million last year.

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2022 CEOExpress Company LLC