NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Jul 10, 2020

Juniper targets security portfolio at SASE race
The conga line around secure-access service edge (SASE), continues to grow with Juniper this week becoming the latest to join the dance.

Just as other big networking players with extensive security portfolios including Cisco and VMware have recently done, Juniper says it will build off its offerings to address the SASE blueprint.

Read about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT As defined by Gartner in 2019, SASE features a wide variety of components that Juniper summarized and includes:

To read this article in full, please click here



Network World Security
Jun 24, 2020

Ripple20 TCP/IP flaws can be patched but still threaten IoT devices
A set of serious network security vulnerabilities collectively known as Ripple20 roiled the IoT landscape when they came to light last week, and the problems they pose for IoT-equipped businesses could be both dangerous and difficult to solve.

Ripple20 was originally discovered by Israel-based security company JSOF in September 2019. It affects a lightweight, proprietary TCP/IP library created by a small company in Ohio called Treck, which has issued a patch for the vulnerabilities. Several of those vulnerabilities would allow for remote-code execution, allowing for data theft, malicious takeovers and more, said the security vendor.

That, however, isn't the end of the problem. The TCP/IP library that contains the vulnerabilities has been used in a huge range of connected devices, from medical devices to industrial control systems to printers, and actually delivering and applying the patch is a vast undertaking. JSOF said that "hundreds of millions" of devices could be affected. Many devices don't have the capacity to receive remote patches, and Terry Dunlap, co-founder of security vendor ReFirm Labs, said that there are numerous hurdles to getting patches onto older equipment in particular.

To read this article in full, please click here



Network World Security
Jun 22, 2020

Microsoft is buying CyberX to bolster its Azure IoT security
Microsoft has announced it will purchase the industrially focused network security vendor CyberX for an undisclosed sum in an effort to bolster the security capabilities of its Azure IoT platform.

The acquisition strikes at the heart of two key IIoT security pain points. While it's comparatively easy to build new IoT devices that have all the necessary features for seamless security management, older devices running a wildly diverse range of different protocols, which may lack important features like the ability to be patched remotely, are a bigger challenge.

To read this article in full, please click here



Network World Security
Jun 17, 2020

Machine learning in Palo Alto firewalls adds new protection for IoT, containers
Palo Alto Networks has released next-generation firewall (NGFW) software that integrates machine learning to help protect enterprise traffic to and from hybrid clouds, IoT devices and the growing numbers of remote workers.

The machine learning is built into the latest version of Palo Alto's firewall operating system - PAN 10.0 -  to prevent real-time signatureless attacks and to quickly identify new devices - in particular  IoT products - with behavior-based identification.

To read this article in full, please click here



Network World Security
Jun 10, 2020

14 IT certifications that will survive and thrive in the pandemic
These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.

Network World Security
Jun 08, 2020

IoT takes aim at social distancing
How IoT technology can help enforce social-distancing rules by monitoring occupancy in workspaces.

Network World Security
Jun 04, 2020

Cisco issues fixes for numerous iOS XE, industrial router vulnerabilities
Cisco has unleashed an extensive new round of security warnings - three of them "critical" - mostly for users of its iOS XE software and industrial router family.

In total, Cisco issued 23 Security Advisories that describe 25 exposures in its IOS and IOS XE systems.  

Network pros react to new Cisco certification curriculum Beyond the three critical advisories, 20 have a "High" impact rating. Cisco said that one vulnerability affects Cisco IOS, IOS XE, IOS XR, and NX-OS Software. Five vulnerabilities affect both Cisco IOS and IOS XE Software. Six vulnerabilities affect Cisco IOS Software and 10 affect Cisco IOS XE Software. Three vulnerabilities affect the Cisco IOx application environment.

To read this article in full, please click here



Network World Security
May 28, 2020

Cisco takes aim at supporting SASE
Cisco is embracing the secure-access service edge (SASE) architecture put forth by Gartner with plans to upgrade some of its existing products to reach the goal of delivering access control, security and networking to cloud services.

The enterprise shift to SASE will be gradual as they figure out the best way to connect their increasingly remote workforce to distributed resources delivered from corporate data centers and as cloud services, Cisco says.

Network pros react to new Cisco certification curriculum "Flexibility will be fundamental as IT chooses among multiple security and networking capabilities that best fit their operations, regulatory requirements, and types of applications," said Jeff Reed, senior vice president of product, Cisco's Security Business Group in a blog post. "Security services can be predominantly delivered from the cloud to provide consistent access policies across all types of endpoints. However, globally distributed organizations may need to apply security and routing services differently according to regional requirements."   

To read this article in full, please click here



Network World Security
May 28, 2020

Healthcare company pivots quickly to support remote workers
Security and performance concerns made it challenging for TrialCard to enable its employees to work from home when the COVID-19 pandemic hit.

Customer service agents use a voice-over-IP phone and thin-client computer, both of which were designed to work in an on-premises office environment. "They need those systems to do their day-to-day job," says Ryan Van Dynhoven, director of infrastructure at TrialCard, a Morrisville, N.C.-based company that helps pharmaceutical manufacturers connect with patients, including providing patient support and clinical trial services.

READ MORE: Enterprises look to SASE to bolster security for remote workers

To read this article in full, please click here



Network World Security
May 28, 2020

SASE helps healthcare company pivot to support remote workers
Security and performance concerns made it challenging for TrialCard to enable its employees to work from home when the COVID-19 pandemic hit.

Customer service agents use a voice-over-IP phone and thin-client computer, both of which were designed to work in an on-premises office environment. "They need those systems to do their day-to-day job," says Ryan Van Dynhoven, director of infrastructure at TrialCard, a Morrisville, N.C.-based company that helps pharmaceutical manufacturers connect with patients, including providing patient support and clinical trial services.

READ MORE: Enterprises look to SASE to bolster security for remote workers

To read this article in full, please click here



Network World Security
May 27, 2020

How NDR protects your network from cyberthreats
Three steps to finding a network detection and response product that prevents, detects, investigates, identifies, responds and mitigates cyberattacks.

Network World Security
May 27, 2020

Use of cloud collaboration tools surges and so do attacks
Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.

Network World Security
May 26, 2020

SASE could bolster security for remote workers
The coronavirus pandemic has accelerated some companies' plans to adopt secure access service edge (SASE).

Last summer, Gartner estimated SASE adoption at less than 1% of enterprises and said it would take five to 10 years before the technology reaches mainstream. But today, SASE is one of the main topics of client interest, according to Gartner analyst John Wheeler.

READ MORE: How SD-WAN is evolving into Secure Access Service Edge

To read this article in full, please click here



Network World Security
May 26, 2020

Enterprises look to SASE to bolster security for remote workers
The coronavirus pandemic has accelerated some companies' plans to adopt secure access service edge (SASE).

Last summer, Gartner estimated SASE adoption at less than 1% of enterprises and said it would take five to 10 years before the technology reaches mainstream. But today, SASE is one of the main topics of client interest, according to Gartner analyst John Wheeler.

READ MORE: How SD-WAN is evolving into Secure Access Service Edge

To read this article in full, please click here



Network World Security
May 22, 2020

COVID-19 pandemic ratchets up threats to medical IoT
The mere fact of the COVID pandemic's existence has pushed the American healthcare system to capacity, but another threat to that system has reared its ugly head - cyberattacks, particularly those based on ransomware, have become more common as the disease spread, targeting medical IoT devices and healthcare networks.

According to Forrester Research analyst Chris Sherman, two U.S. hospitals have already been attacked via virtual care systems, after a hacker targeted a vulnerability in a medical IoT device (specifically, a remote patient-monitoring sensor) and gained access to the hospitals' patient databases. And in another type of attack, the Fresenius Group, a medical device maker and the largest private hospital operator in Europe, has been hit by ransomware.

To read this article in full, please click here



Network World Security
May 20, 2020

Amid the pandemic, using trust to fight shadow IT
With most workers scattered at home and trying to come up with their own ad-hoc IT workarounds, there's an easy way for IT shops to build trust: communicate. (Insider Story)

Network World Security
May 19, 2020

6 ways to be more secure in the cloud
If you rely on multiple or hybrid cloud environments to support business processes, you need to be as vigilant protecting data and applications as when they resided on premises.

Network World Security
May 14, 2020

What is IoT? The internet of things explained
The internet of things (IoT) is a catch-all term for the growing number of electronics that aren't traditional computing devices, but are connected to the internet to send data, receive instructions or both.

There's an incredibly broad range of things that fall under that umbrella: Internet-connected "smart" versions of traditional appliances like refrigerators and light bulbs; gadgets that could only exist in an internet-enabled world like Alexa-style digital assistants; internet-enabled sensors that are transforming factories, healthcare, transportation, distribution centers and farms.

What is the internet of things? The IoT brings the power of the internet, data processing and analytics to the real world of physical objects. For consumers, this means interacting with the global information network without the intermediary of a keyboard and screen; many of their everyday objects and appliances can take instructions from that network with minimal human intervention.

To read this article in full, please click here



Network World Security
May 12, 2020

Cisco, others, shine a light on VPN split-tunneling
As the work-from-home trend grows due to the COVID-19 pandemic, the need for secure access to enterprise resources continues to grow and with it the demand for ever-more VPN.

For example demand for commercial virtual private networks in the U.S. jumped by 41% between March 13 and March 23, according to research from Top10VPN.com, a VPN research and testing company in the U.K. The VPN market will hit $70 billion by 2026, according to market research and management consulting company Global Market Insights. In an April blog AT&T pointed to a 700% increase in connections to its cloud-based SD-WAN Static Network Based (ANIRA) VPN service.

To read this article in full, please click here



Network World Security
May 11, 2020

The Internet of things in 2020: More vital than ever
If you work in IT, you're probably safely ensconced at home right now, clinging to your laptop at the edge of your company's network. The shift from office to home has been momentous. But it's also symbolic of a larger trend: The network edge has become as important as the network core. Remote workers aside, the IoT (internet of things) is the biggest reason why the edge has become so crucial.

According to Gartner, a crazy variety of some 21 billion connected "things" are at this moment collecting data and performing all sorts of tasks. The majority are consumer devices, from smart speakers to watches to door locks. The rest serve business: medical devices, engine sensors, industrial robots, HVAC controllers…almost every enterprise now relies on IoT devices in one form or another.

To read this article in full, please click here



Network World Security
May 07, 2020

Global VPN use exploded in March
With millions of people working from home, the coronavirus outbreak has seen global VPN demand surge. Demand for commercial virtual private networks in the U.S. jumped by 41% between March 13 and March 23, according to research from Top10VPN.com, a VPN research and testing company in the U.K.

VPNs were already a growth industry before the COVID-19 outbreak and subsequent shutdown of workplaces. The global VPN market was forecast to grow 12% year-on-year and be worth $70 billion by 2026, according to a Global Market Insights 2020 survey. North America was forecast to remain the leader in VPN usage, with around 30% market share.

To read this article in full, please click here



Network World Security
Apr 27, 2020

UPDATE 4-28: How enterprise networking is changing with a work-at-home workforce
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 4.27

According to the April 22 Verizon Network Report, overall data volume across its networks has increased 19% compared to pre-COVID levels. While data usage remains elevated, the changes in how people are using the network has stabilized, the company stated.   

To read this article in full, please click here



Network World Security
Apr 27, 2020

Microsegmentation product snapshots: Edgewise Networks, VMware and ShieldX Networks
Interest in microsegmentation is growing rapidly. Vendors are stepping forward to help enterprises update their infrastructure security to prevent catastrophic intrusions and data thefts. Here's a look at three microsegmentation market players, showing what they offer, how they work and the ways they differ.

READ MORE: How microsegmentation architectures differ | 3 early adopter stories | Defining microsegmentation

To read this article in full, please click here



Network World Security
Apr 23, 2020

UPDATE 4-23: How enterprise networking is changing with a work-at-home workforce
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 4.23

U.S. Cellular, using authority granted by the Federal Communications Commission, started boosting its mobile broadband capacity in parts of six states to meet increased demand during the COVID-19 pandemic.

To read this article in full, please click here



Network World Security
Apr 22, 2020

How close are we to breaking encryption with quantum computing?
Not as close as you might fear, but quantum encryption cracking is on its way. So, it's time to start getting ready for it.

Network World Security
Apr 21, 2020

Is enterprise security broken?
Deploying independent endpoint or network security separately is coming to a rapid - and much-needed -- end. If you want to stay secure longer-term, focus on unifying your security products now.

Network World Security
Apr 21, 2020

8 video chat apps compared: Which is best for security?
Zoom, Microsoft Teams, Google Duo, Cisco Webex, FaceTime, Jitsi, Signal and WhatsApp. What does their encryption look like? What are the trade-offs?(Insider Story)

Network World Security
Apr 20, 2020

Why 3 enterprises chose microsegmentation
It's a network jungle these days with predators relentlessly searching for ways to infiltrate corporate resources. IT leaders are responding with a variety of different microsegmentation approaches, all designed to isolate workloads from each other and prevent unauthorized lateral movements. We asked three enterprises to share why they deployed microsegmentation technology in their networks and how it's working. Here are their stories.

Distributed firewalls via VMware NSX Todd Pugh, CIO at food products manufacturer SugarCreek, manages a fully virtualized private data center. Like his counterparts at organizations worldwide, his goal is simple: to frustrate and deter network attackers. "Above all, we protect our databases," he says. "We do anything and everything to keep uninvited guests out of our databases."

To read this article in full, please click here



Network World Security
Apr 20, 2020

Why choose microsegmentation? 3 enterprises explain.
It's a network jungle these days with predators relentlessly searching for ways to infiltrate corporate resources. IT leaders are responding with a variety of different microsegmentation approaches, all designed to isolate workloads from each other and prevent unauthorized lateral movements. We asked three enterprises to share why they deployed microsegmentation technology in their networks and how it's working. Here are their stories.

Distributed firewalls via VMware NSX Todd Pugh, CIO at food products manufacturer SugarCreek, manages a fully virtualized private data center. Like his counterparts at organizations worldwide, his goal is simple: to frustrate and deter network attackers. "Above all, we protect our databases," he says. "We do anything and everything to keep uninvited guests out of our databases."

To read this article in full, please click here

(Insider Story)

Network World Security
Apr 20, 2020

Enterprises opt for different microsegmentation architectures
It's a network jungle these days with predators relentlessly searching for ways to infiltrate corporate resources. IT leaders are responding with a variety of different microsegmentation approaches, all designed to isolate workloads from each other and prevent unauthorized lateral movements. We asked three enterprises to share why they deployed microsegmentation technology in their networks and how it's working. Here are their stories.

Distributed firewalls via VMware NSX Todd Pugh, CIO at food products manufacturer SugarCreek, manages a fully virtualized private data center. Like his counterparts at organizations worldwide, his goal is simple: to frustrate and deter network attackers. "Above all, we protect our databases," he says. "We do anything and everything to keep uninvited guests out of our databases."

To read this article in full, please click here



Network World Security
Apr 17, 2020

UPDATE 4-18: How enterprise networking is changing with a work-at-home workforce
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 4.17

AT&T reported that Email traffic is down 25% as more people opt for phone and video calls.  Video conferencing is on the rise with more than 470k Webex Meeting Calls on April 9, the highest during the COVID-19 pandemic.  It also stated instant messaging, including text traffic from messaging apps and platforms, has slightly declined since the week prior, but overall is up nearly 60%.

To read this article in full, please click here



Network World Security
Apr 17, 2020

Microsegmentation architecture choices and how they differ
Despite a string of improvements over the past several years, enterprises can no longer rely on perimeter defenses alone to keep out network attackers. Microsegmentation directly addresses the challenge of unauthorized lateral movements by dividing IT environments into controllable compartments, enabling adopters to securely isolate workloads from each other while making network protection more granular. As cyber-attackers continue to try new ways to dodge security measures and roam across IT environments, microsegmentation is moving into the mainstream.

To read this article in full, please click here



Network World Security
Apr 17, 2020

How microosegmentation architectures differ
Despite a string of improvements over the past several years, enterprises can no longer rely on perimeter defenses alone to keep out network attackers. Microsegmentation directly addresses the challenge of unauthorized lateral movements by dividing IT environments into controllable compartments, enabling adopters to securely isolate workloads from each other while making network protection more granular. As cyber-attackers continue to try new ways to dodge security measures and roam across IT environments, microsegmentation is moving into the mainstream.

To read this article in full, please click here



Network World Security
Apr 17, 2020

How microsegmentation architectures differ
Despite a string of improvements over the past several years, enterprises can no longer rely on perimeter defenses alone to keep out network attackers. Microsegmentation directly addresses the challenge of unauthorized lateral movements by dividing IT environments into controllable compartments, enabling adopters to securely isolate workloads from each other while making network protection more granular. As cyber-attackers continue to try new ways to dodge security measures and roam across IT environments, microsegmentation is moving into the mainstream.

To read this article in full, please click here



Network World Security
Apr 15, 2020

Cisco says to patch critical UCS security holes now
Cisco has posted a package of 17 critical security warnings about authentication vulnerabilities in its Unified Computing System that could let attackers break into systems or cause denial of service troubles.

Specifically the problems are with Cisco's UCS Director and Express which let customers build private-cloud systems and support automated provisioning processes and orchestration to optimize and simplify delivery of data-center resources, the company said.

To read this article in full, please click here



Network World Security
Apr 14, 2020

IBM extends z15 mainframe family, intensifies Linux security
IBM continued to reshape the mainframe with an eye toward further integrating it within hybrid clouds and securing Linux-based workloads.

On the hardware side, IBM rolled out two entry-level, 19" single-frame, air-cooled platforms, the  z15 Model T02 and LinuxONE III Model LT2. The new machines are extensions of the IBM z15 family that Big Blue rolled out in September of last year. 

To read this article in full, please click here



Network World Security
Apr 13, 2020

IoT roundup: Tech companies step up to help fight against COVID-19
This month, we look at some of the ways the IoT sector is helping to combat the spread of the novel coronavirus.

Network World Security
Apr 11, 2020

UPDATE 4-10: How enterprise networking is changing with a work-at-home workforce
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 4.10 Verizon Wireless cell-network data indicates how well its customers in the U.S. are staying put during the coronavirus pandemic, with some regions of the country doing far better than others.

The carrier sees a general decline in the number of cell-site handoffs that take place when data sessions move from one tower to another as people move around.

To read this article in full, please click here



Network World Security
Apr 04, 2020

UPDATE: How enterprise networking is changing with a work-at-home workforce
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 4.10

 

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) on April 8 released new guidance on how remote government workers and potentially others should address network security.  The "interim Trusted Internet Connections (TIC) 3.0 guidance to aid agencies in securing their network and cloud environments." CISA wrote: "While this prior work has been invaluable in securing federal networks and information, the program must adapt to modern architectures and frameworks for government IT resource utilization. Accordingly, OMB's [Office of Management and Budget] memorandum provides an enhanced approach for implementing the TIC initiative that provides agencies with increased flexibility to use modern security capabilities."

To read this article in full, please click here



Network World Security
Apr 01, 2020

How to prepare Office 365 and Windows for a disaster
With IT and security teams stressed due to the COVID-19 crisis, it's more important than ever to make sure you've prepared your network for a disaster.

Network World Security
Mar 31, 2020

Palo Alto grows SD-WAN platform buy snapping-up CloudGenix for $420M
With an eye towards significantly bolstering its edge networking offerings, Palo Alto has entered into an agreement to buy cloud-based SD-WAN vendor CloudGenix for $420 million in cash.

Palo Alto said upon the completion of the acquisition it will integrate CloudGenix's cloud-managed SD-WAN products to accelerate the intelligent onboarding of remote branches and retail stores into its Prisma Access package. 

More about SD-WAN: How to buy SD-WAN technology: Key questions to consider when selecting a supplier • How to pick an off-site data-backup method •  SD-Branch: What it is and why you'll need it • What are the options for security SD-WAN? Announced in May 2019, Palo Alto's Prisma is a cloud-based security package that includes access control, advanced threat protection, user behavior monitoring and  other services that promise to protect enterprise applications and resources.

To read this article in full, please click here



Network World Security
Mar 31, 2020

Palo Alto grows SD-WAN platform by snapping-up CloudGenix for $420M
With an eye towards significantly bolstering its edge networking offerings, Palo Alto has entered into an agreement to buy cloud-based SD-WAN vendor CloudGenix for $420 million in cash.

Palo Alto said upon the completion of the acquisition it will integrate CloudGenix's cloud-managed SD-WAN products to accelerate the intelligent onboarding of remote branches and retail stores into its Prisma Access package. 

More about SD-WAN: How to buy SD-WAN technology: Key questions to consider when selecting a supplier • How to pick an off-site data-backup method •  SD-Branch: What it is and why you'll need it • What are the options for security SD-WAN? Announced in May 2019, Palo Alto's Prisma is a cloud-based security package that includes access control, advanced threat protection, user behavior monitoring and  other services that promise to protect enterprise applications and resources.

To read this article in full, please click here



Network World Security
Mar 30, 2020

BrandPost: 5 Network Security Remedies for Telework
With the COVID-19 (coronavirus) global pandemic, many employers are recommending additional telework to help keep employees safe and productive. More and more, companies are embracing "remote teams" and allowing their employees the opportunity to work from home or telecommute.

Yet home IT devices are still subject to many of the same threats as on-site business devices. Unsecured off-site routers, modems, and other network devices can cause big headaches for employers, and poorly configured home devices can affect the entire organization. They can still be attacked from any device on the Internet, but they are also vulnerable to unauthorized access from neighbors and passersby.

To read this article in full, please click here



Network World Security
Mar 30, 2020

BrandPost: 4 Risks of Waiting to Migrate to the Cloud
If you're responsible for the security of your organization's digital environment, staying up-to-date with the latest hardware, environment, and software vulnerability patches can be a challenge. Migrating your workloads to the cloud can help address these challenges in new, unique ways. Waiting to migrate to the cloud can create unforeseen consequences. Here are four risks of waiting to migrate to the cloud and how CIS resources can help mitigate them. 

Lack of independent security configurations By leveraging virtual machines (VMs) in the cloud, systems admins and CISOs can deploy a single image across multiple workstations. Starting with a base image is an option, but base images lack vendor-agnostic security configurations.

To read this article in full, please click here



Network World Security
Mar 30, 2020

BrandPost: How to Prepare for Your Next Cybersecurity Compliance Audit
Reading a list of cybersecurity compliance frameworks is like looking at alphabet soup: NIST CSF, PCI DSS, HIPAA, FISMA, GDPR…the list goes on. It's easy to be overwhelmed, and not only because of the acronyms. Many frameworks do not tell you where to start or exactly how to become compliant. Cybersecurity best practices from the Center for Internet Security (CIS) provide prioritized, prescriptive guidance for a strong cybersecurity foundation. And, they support your efforts toward compliance with the aforementioned alphabet soup.

When developing your cybersecurity compliance plan, consider the elements below to ensure you have a solid foundation:

To read this article in full, please click here



Network World Security
Mar 30, 2020

BrandPost: NGINX CIS Hardened Images Provide Security at Maximum Efficiency
Just over 50% of the Internet's busiest websites - including Dropbox, Netflix, and WordPress.com - are served or proxied on NGNIX (Source: W3Techs).  But how can organizations secure this popular open-source web server?

At CIS, our mission to help everyone have a secure online experience drives us to develop cybersecurity best practices. We take those best practices, use them to harden machine images, and make them available in the cloud. That's why we're excited about the CIS Hardened Images for NGINX on Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). This pre-configured virtual image is available on a CIS Hardened Linux base image and container image.

To read this article in full, please click here



Network World Security
Mar 25, 2020

How enterprise networking is changing with a work-at-home workforce
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 3.27

Broadband watchers at BroadbandNow say users in most of the cities it analyzed are experiencing normal network conditions, suggesting that ISP's (and their networks) are holding up to the shifting demand. In a March 25 post the firm wrote: "Encouragingly, many of the areas hit hardest by the spread of the coronavirus are holding up to increased network demand. Cities like Los Angeles, Chicago, Brooklyn, and San Francisco have all experienced little or no disruption. New York City,  now the epicenter of the virus in the U.S., has seen a 24% dip out of its previous ten-week range. However, with a new median speed of nearly 52 Mbps, home connections still appear to be holding up overall."

To read this article in full, please click here



Network World Security
Mar 25, 2020

ROLLING UPDATE: The impact of COVID-19 on public networks and security
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE 3.27

Broadband watchers at BroadbandNow say users in most of the cities it analyzed are experiencing normal network conditions, suggesting that ISP's (and their networks) are holding up to the shifting demand. In a March 25 post the firm wrote: "Encouragingly, many of the areas hit hardest by the spread of the coronavirus are holding up to increased network demand. Cities like Los Angeles, Chicago, Brooklyn, and San Francisco have all experienced little or no disruption. New York City,  now the epicenter of the virus in the U.S., has seen a 24% dip out of its previous ten-week range. However, with a new median speed of nearly 52 Mbps, home connections still appear to be holding up overall."

To read this article in full, please click here



Network World Security
Mar 25, 2020

NEWS UPDATE: The impact of COVID-19 on public networks and security
As the coronavirus spreads, public and private companies as well as government entities are requiring employees to work from home, putting unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns.  What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation.  Check back frequently!

UPDATE: 3.26

Week over week (ending March 23) Ookla says it has started to see a degradation of mobile and fixed-broadband performance worldwide. More detail on specific locations is available below. Comparing the week of March 16 to the week of March 9, mean download speed over mobile and fixed broadband decreased in Canada and the U.S. while both remained relatively flat in Mexico. What is the impact of the coronavirus on corporate network planning? Depends on how long the work-from-home mandate goes on really. Tom Nolle, president of CIMI Corp. takes an interesting look at the situation saying the shutdown "could eventually produce a major uptick for SD-WAN services, particularly in [managed service provider]    Businesses would be much more likely to embark on an SD-WAN VPN adventure that didn't involve purchase/licensing, favoring a service approach in general, and in particular one with a fairly short contract period." Statistics from VPN provider NordVPN show the growth of VPN usage across the globe.  For example, the company said the US has ex

Network World Security
Mar 23, 2020

Post-coranavirus planning calls for more (not less) investment in tech
The coronavirus crisis is just beginning. But it will end. And how you fare after the pandemic depends on what you do right now. Here are four areas to focus on.

Network World Security
Mar 23, 2020

Post-coronavirus planning calls for more (not less) investment in tech
The coronavirus crisis is just beginning. But it will end. And how you fare after the pandemic depends on what you do right now. Here are four areas to focus on.

Network World Security
Mar 19, 2020

Cisco warns of five SD-WAN security weaknesses
Cisco has issued five  warnings about security weaknesses in its SD-WAN offerings, three of them on the high-end of the vulnerability scale.

The worst problem is with the command-line interface (CLI) of its SD-WAN Solution software where a weakness could let a local attacker inject arbitrary commands that are executed with root privileges, Cisco wrote.

To read this article in full, please click here



Network World Security
Mar 17, 2020

Coronavirus: What companies are ready for our new reality?
One class of companies is already equipped to work in a fully distributed employee model. Another going to have a difficult time adapting to most employees having to work from home. Some won't survive if this lasts more than a few weeks.

Network World Security
Mar 16, 2020

Coronavirus challenges remote networking
As the coronavirus spreads, many companies are requiring employees to work from home, putting unanticipated stress on remote networking technologies and causing bandwidth and security concerns.

Businesses have facilitated brisk growth of teleworkers over the past decades to an estimated 4 million-plus. The meteoric rise in new remote users expected to come online as a result of the novel coronavirus calls for stepped-up capacity.

Research by VPN vendor Atlas shows that VPN usage in the U.S. grew by 53% between March 9 and 15, and it could grow faster. VPN usage in Italy, where the virus outbreak is about two weeks ahead of the U.S., increased by 112% during the last week. "We estimate that VPN usage in the U.S. could increase over 150% by the end of the month," said Rachel Welch, chief operating officer of Atlas VPN, in a statement.

To read this article in full, please click here



Network World Security
Mar 16, 2020

As networks evolve enterprises need to rethink security
Digital innovation is disrupting businesses. Data and applications are at the hub of new business models, and data needs to travel across the extended network at increasingly high speeds without interruption. To make this possible, organizations are radically redesigning their networks by adopting multi-cloud environments, building hyperscale data centers, retooling their campuses, and designing new connectivity systems for their next-gen branch offices. Networks are faster than ever before, more agile and software-driven. They're also increasingly difficult to secure. To understand the challenges and how security needs to change, I recently talked with John Maddison, executive vice president of products for network security vendor Fortinet.

To read this article in full, please click here



Network World Security
Mar 16, 2020

As the networks evolve enterprises need to rethink network security
Digital innovation is disrupting businesses. Data and applications are at the hub of new business models, and data needs to travel across the extended network at increasingly high speeds without interruption. To make this possible, organizations are radically redesigning their networks by adopting multi-cloud environments, building hyperscale data centers, retooling their campuses, and designing new connectivity systems for their next-gen branch offices. Networks are faster than ever before, more agile and software-driven. They're also increasingly difficult to secure. To understand the challenges and how security needs to change, I recently talked with John Maddison, executive vice president of products for network security vendor Fortinet.

To read this article in full, please click here



Network World Security
Mar 09, 2020

Essential things to know about container networking
Containers have emerged over the past several years to provide an efficient method of storing and delivering applications reliably across different computing environments. By containerizing an application platform and its dependencies, differences in OS distributions and underlying infrastructures are abstracted away. 

Networking has emerged as a critical element within the container ecosystem, providing connectivity between containers running on the same host as well as on different hosts, says Michael Letourneau, an IT architect at Liberty Mutual Insurance. "Putting an application into a container automatically drives the need for network connectivity for that container," says Letourneau, whose primary focus is on building and operating Liberty Mutual's container platform. 

To read this article in full, please click here



Network World Security
Feb 26, 2020

Cisco security warnings include firewall holes, Nexus software weaknesses
Cisco has issued another batch of security warnings that include problems in its Firepower firewall (FXOS),  Unified Computing System (UCS) software and Nexus switch operating system (NX-OS) .

Network pros react to new Cisco certification curriculum The firewall and UCS vulnerabilities all have a severity level of "high" on the Common Vulnerability Scoring System and include:

To read this article in full, please click here



Network World Security
Feb 26, 2020

How to fight scripting attacks
Most phishing campaigns use links to malicious scripts that infect users' devices. Here's how to spot and prevent them from doing damage.

Network World Security
Feb 24, 2020

Juniper bolsters wireless security; fights against encrypted malicious threats
Juniper is filling out its enterprise security portfolio this week by integrating support for its Mist wireless customers and adding the capability for customers to gain better visibility and control over encrypted traffic threats.

With the new additions, Juniper is looking to buttress its ability to let users secure all traffic traversing the enterprise network via campus, WAN or data center. The moves are part of Juniper's grand Connected Security platform that includes a variety of security products including its next-generation firewalls that promise to protect networked resources across infrastructure and endpoints.

To read this article in full, please click here



Network World Security
Feb 24, 2020

Cisco goes to the cloud with broad enterprise security service
Cisco has unveiled a cloud-based security platform it says will go a long way in helping customers protect their far-flung networked resources.

Cisco describes the new SecureX service as offering  an open, cloud-native system that will let customers detect and remediate threats across Cisco and third-party products from a single interface. IT security teams can then automate and orchestrate security management across enterprise cloud, network and applications and end points.

Network pros react to new Cisco certification curriculum "Until now, security has largely been piecemeal with companies introducing new point products into their environments to address every new threat category that arises," wrote Gee Rittenhouse senior vice president and general manager of Cisco's Security Business Group in a blog about SecureX.

To read this article in full, please click here



Network World Security
Feb 19, 2020

How to prevent data loss on your network
Use these tools and techniques to protect important data from being exfiltrated from your Windows network.

Network World Security
Feb 18, 2020

Complying with CCPA: Answers to common questions
Enforcement of the California Consumer Privacy Act begins this summer, but lawsuits are already being filed. To help you comply and avoid being sued, CSO contributor Maria Korolov joins IDG TECH(talk) host Juliet Beauchamp to discuss critical components of the CCPA and answer viewers' questions.

Network World Security
Feb 18, 2020

5 Hot network-automation startups to watch
With the combined challenges of tight IT budgets and scarcer technical talent, it's becoming imperative for enterprise network pros to embrace automation of processes and the way infrastructure responds to changing network traffic.

Not only can automation help address these problems, they can also improve overall application-response time by anticipating and addressing looming congestion. Modern applications, such as virtual reality and artificial intelligence, and architectures that incorporate IoT and hybrid cloud have yet to reach their true potential because network capacity seems to always lag behind demand.  

A common problem is that too much networking infrastructure is still manually maintained and managed, but major vendors are starting to addressing these  issues, as are startups that seek to break bottlenecks through automation.

To read this article in full, please click here



Network World Security
Feb 12, 2020

How cyber attackers hide malware on your network
Knowing where to look for malware lurking on your network gives you a better chance to prevent damage from it.

Network World Security
Feb 11, 2020

What's the difference between the deep web and the dark web?
We hear the terms "deep web" and "dark web" thrown around a lot... but what do they actually mean? And what's the difference between the two? CSO Online writer J.M. Porup joins Juliet to dispel rumors and discuss what sets the deep web and dark web apart from the rest of the web.

Network World Security
Feb 11, 2020

Release the monkey! How Infection Monkey tests network security
This free, open source penetration testing tool uses real attacks and real techniques to try and exploit its way into a network.

Network World Security
Feb 10, 2020

Who should lead the push for IoT security?
The ease with which internet of things devices can be compromised, coupled with the potentially extreme consequences of breaches, have prompted action from legislatures and regulators, but what group is best to decide?

Both the makers of IoT devices and governments are aware of the security issues, but so far they haven't come up with standardized ways to address them.

[Get regularly scheduled insights by signing up for Network World newsletters.] "The challenge of this market is that it's moving so fast that no regulation is going to be able to keep pace with the devices that are being connected," said Forrester vice president and research director Merritt Maxim. "Regulations that are definitive are easy to enforce and helpful, but they'll quickly become outdated."

To read this article in full, please click here



Network World Security
Feb 10, 2020

5 firewall features IT pros should know about but probably don't
Firewalls continuously evolve to remain a staple of network security by incorporating functionality of standalone devices, embracing network-architecture changes, and integrating outside data sources to add intelligence to the decisions they make - a daunting wealth of possibilities that is difficult to keep track of.

Because of this richness of features, next-generation firewalls are difficult to master fully, and important capabilities sometimes can be, and in practice are, overlooked.

Here is a shortlist of new features IT pros should be aware of.

To read this article in full, please click here



Network World Security
Feb 06, 2020

Next-generation endpoint security goes beyond the endpoint
AI and behavioral analysis are key to elevating the level of security for devices and back-end systems and are a prerequisite for IoT devices and services. Is your vendor moving in the right direction?

Network World Security
Feb 05, 2020

Cisco patches a security glitch affecting routers, switches and phones
Cisco has issued fixes for five security glitches that can be found in a wealth of its networked enterprise products - from switches and routers to web cameras and desktop VoIP phones.  

The problems center around vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) that could let remote attackers take over the products without any user interaction. While no public exploit has been found, an attacker simply needs to send a maliciously crafted CDP packet to a target device located inside the network to take advantage of the weakness, Cisco stated.

Cisco's CDP is a Layer 2 protocol that runs on Cisco devices and enables networking applications to learn about directly connected devices nearby, according to Cisco. It enables management of Cisco devices by discovering networked devices, determining how they are configured, and letting systems using different network-layer protocols learn about each other, according to Cisco.

To read this article in full, please click here



Network World Security
Feb 05, 2020

How to check your vulnerability to credential dumping
Use these techniques to see if attackers have harvested authentication credentials from your Windows network.

Network World Security
Feb 04, 2020

7 best practices for managing a multi-cloud environment
Multi-cloud strategies and hybrid IT environments bring a set of challenges that technology leaders might not have expected.

Network World Security
Feb 04, 2020

The problem with mobile and app voting
It's the day after the 2020 Iowa caucuses, and the Iowa Democratic Party has yet to announce the winner. The app that precinct leaders were supposed to use to report final tallies recorded inconsistent results. Party leaders blamed a "coding issue" within the app, not a hack or attack. Computerworld's Lucas Mearian joins Juliet to discuss the problem with mobile voting and how this snafu may affect the reputation of app voting in the future.

Network World Security
Jan 29, 2020

How to better control access to your Windows network
Take stock of how people and devices access your network and block potential avenues of attack.

Network World Security
Jan 29, 2020

IT pros need to weigh in on that ‘sassy' security model
Cloud services that provide both network and security intelligence are gaining popularity because they are easy to consume and they improve agility. Similarly, a model known as SD-Branch is providing network and security functionality at the WAN edge on a single platform.

Both of these trends have contributed to the development by Gartner of a network architecture known as the secure-access service edge or SASE, which "converges network (for example, software-defined WAN) and network security services (such as [secure web gateways], [cloud access security brokers] and firewall as a service)." SASE (pronounced "sassy") would primarily be delivered as a cloud-based service, Gartner says.

To read this article in full, please click here



Network World Security
Jan 29, 2020

Cisco software fortifies industrial IoT security
Cisco is looking to better protect myriad edge-attached IoT devices with new security software that promises to protect industrial assets in one of the most disparate of network environments.

The company rolled out what it called an overarching security architecture for Industrial IoT (IIoT) environments that includes existing products but also new software called Cisco Cyber Vision, for the automated discovery of industrial assets attached to Cisco's extensive IIoT networking portfolio. 

More about edge networking

To read this article in full, please click here



Network World Security
Jan 28, 2020

Securing the IoT is a nightmare
Currently, we have over 26-billion IoT devices running in our workplaces, offices and homes. If you're looking for an IoT security scorecard, it looks something like this: Security Threats: 26,000,000,000, IoT Secure Devices: 0.

Network World Security
Jan 22, 2020

Cisco issues firewall, SD-WAN security warnings
Amongst Cisco's dump of 27 security advisories today only one was rated as critical - a vulnerability in its Firepower firewall system that could let an attacker bypass authentication and execute arbitrary actions with administrative privileges on a particular device.

The Firepower Management Center (FMC) vulnerability - which was rated at 9.8 out of 10 - comes from improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. With it, an attacker could exploit the vulnerability by sending crafted HTTP requests to an affected device and gain administrative access to its web-based management interface.

To read this article in full, please click here



Network World Security
Jan 22, 2020

How to prep for Windows 7, Server 2008 end of life
Still running Windows 7 or Windows Server 2008? Take these steps to minimize your risk.

Network World Security
Jan 20, 2020

Windows Server vulnerability disclosed by NSA; Don't wait to patch
Microsoft's monthly Patch Tuesday included a hefty haul of fixes: 49 total, and one of them is more than just critical. For enterprises running Windows Server 2016 and Server 2019, it's vital you implement the patch ASAP.

The National Security Agency (NSA) disclosed the Windows vulnerability on Tuesday, the same day the fix was issued. That means the NSA found the flaw likely months ago but held off on public notification until Microsoft could come up with a fix. It would be irresponsible for the NSA, or anyone else, to announce a vulnerability and not give the software maker time to patch it.

The vulnerability was spotted in "crypt32.dll," a Windows module that has been in both desktop and server versions since NT 4.0 more than 20 years ago. Microsoft describes the library as handling certificate and cryptographic messaging functions in the CryptoAPI.

To read this article in full, please click here



Network World Security
Jan 16, 2020

Why multicloud security is your next big challenge
Companies deploy an average of three to five different cloud services. With an increased emphasis on security and regulatory compliance, the capability to manage these disparate systems is crucial.

Network World Security
Jan 15, 2020

Review: SaltStack brings SecOps to network orchestration and automation
SaltStack Enterprise, and its optional SecOps modules, is one of the only platforms available today that can fully manage complex enterprise environments while also protecting them.

Network World Security
Jan 15, 2020

3 easy ways to make your Windows network harder to hack
Start the new year off by eliminating common paths for attackers to breach your network.

Network World Security
Jan 13, 2020

How to deal with the impact of digital transformation on networks
Digital transformation has increased the importance of the network, particularly the edge, where customers, employees, cloud applications and IoT devices connect to the enterprise. The legacy static and non-differentiated network edge of years past is no longer sufficient for many reasons, so as companies embark on digital-transformation plans, their networks must evolve.

Networking pros should be looking at, among other things, improving security and embracing software-defined networking (SDN) that supports propagating changes quickly across the network in order to accommodate the many challenges digital transformation creates.

To read this article in full, please click here



Network World Security
Jan 08, 2020

How to fix insecure LDAP binds
Prevent Windows admin credentials from being exposed in cleartext with this tip.

Network World Security
Jan 03, 2020

Cisco issues critical security warnings its Data Center Network Manager
Cisco this week issued software to address multiple critical authentication exposures in its Data Center Network Manager (DCNM) software for its Nexus data center switches.

DCNM is a central management dashboard for data-center fabrics based on Cisco Nexus switches and handles a number of core duties such as automation, configuration control, flow policy management and real-time health details for fabric, devices, and network topology.

To read this article in full, please click here



Network World Security
Jan 02, 2020

How to get maximum protection from MFA in Office 365
Follow these steps to ensure your multi-factor authentication for Office 365 is effective.

Network World Security
Dec 30, 2019

Most popular tech stories of 2019
Insider Pro subscribers pick the Top 10 articles published in our debut year.

Network World Security
Dec 26, 2019

Top tech stories of 2019
The new Apple Card, the battle for cryptocurrency dominance, cybersecurity skills shortage - just a few of the stories that made headlines in 2019. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp discuss the top tech stories of the year.

Network World Security
Dec 24, 2019

How to make the most of Microsoft's new Compliance Score Console
This new Microsoft 365 feature can help you stay in compliance with regulations like GDPR and better protect data.

Network World Security
Dec 23, 2019

Recent VPN hacks reveal transparency issues within the industry and its supply chain
Consumers are no doubt becoming increasingly aware about the safety and security of their online activity after many highly publicized studies have shown an uptick in online data theft. According to the Federal Trade Commission, there were 3 million reports of identity theft alone in 2018.

Even though these threats — and the rash of data breaches — continue to grab headlines, consumers still are connecting to public wifi despite the threats and are joining other unsafe networks while traveling. More cautious or tech-savvy individuals know to turn to virtual private networks (VPNs) as a way to safely connect online, and as VPNs become more mainstream, some project the VPN market can grow to more than $35 billion by 2022. We've even seen some vendors to capitalize by creating flashy TV commercials that insinuate that they are consumers' digital doorman. 

To read this article in full, please click here



Network World Security
Dec 23, 2019

IDG Contributor Network: Recent VPN hacks reveal transparency issues within the industry and its supply chain
Consumers are no doubt becoming increasingly aware about the safety and security of their online activity after many highly publicized studies have shown an uptick in online data theft. According to the Federal Trade Commission, there were 3 million reports of identity theft alone in 2018.

Even though these threats — and the rash of data breaches — continue to grab headlines, consumers still are connecting to public wifi despite the threats and are joining other unsafe networks while traveling. More cautious or tech-savvy individuals know to turn to virtual private networks (VPNs) as a way to safely connect online, and as VPNs become more mainstream, some project the VPN market can grow to more than $35 billion by 2022. We've even seen some vendors to capitalize by creating flashy TV commercials that insinuate that they are consumers' digital doorman. 

To read this article in full, please click here



Network World Security
Dec 18, 2019

How to protect the enterprise from holiday attacks
Attackers often take advantage of the holidays to launch attacks. Use these Microsoft settings to deter them.

Network World Security
Dec 16, 2019

IoT security: IT's biggest headache
The internet of things encompasses connected devices on a massive scale, actionable data and innovative business models - and it also brings unprecedented security challenges.

Network World Security
Dec 16, 2019

IoT security: Why it's your biggest nightmare
The internet of things encompasses connected devices on a massive scale, actionable data and innovative business models - and it also brings unprecedented security headaches.

Network World Security
Dec 11, 2019

How to secure your domain name services
Follow these steps to protect your websites at the server and workstation.

Network World Security
Dec 11, 2019

Blockchain/IoT integration accelerates, hits a 'sweet spot'
IoT and blockchain may be a natural fit, but it will still take five to 10 years before kinks are worked out and the two technologies can reach their full potential, according to Gartner.

Network World Security
Dec 11, 2019

Blockchain/IoT integration accelerates, hits a 'sweet spot' for the two technologies
IoT and blockchain may be a natural fit, but it will still take five to 10 years before kinks are worked out and the two technologies can reach their full potential, according to Gartner.

Network World Security
Dec 09, 2019

What's hot for Cisco in 2020
As the industry gets ready to gear up for 2020 things have been a  little disquieting in networking land.

That's because some key players - Arista and Juniper in particular - have been reporting business slowdowns as new deals have been smaller than expected and cloud providers haven't been as free-spending as in the past.

[Get regularly scheduled insights by signing up for Network World newsletters.] Worldwide IT spending has been on the slow side, Gartner said in October that worldwide IT spending is projected to total $3.7 trillion in 2019, an increase of 0.4% from 2018, the lowest growth forecast so far in 2019. The good news: global IT spending is expected to rebound in 2020 with forecast growth of 3.7%, primarily due to enterprise software spending, Gartner stated.

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2020 CEOExpress Company LLC