NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Nov 22, 2022

Microsoft Azure launches DDoS IP protection for SMBs
DDoS IP Protection for SMBs is designed to provide enterprise-grade distributed denial of service protection at a price that's attractive to small and medium-size companies.

Network World Security
Nov 21, 2022

Mastering Active Directory groups can streamline management, pave way for automation
On the surface, Active Directory groups are a simple and straightforward way to manage identities (users and/or computers) and assign permissions. Users or computers are added as group members, and the group is referenced in access control lists (ACL) on file shares, mailboxes, applications, or other corporate resources. But experienced admins know that this simplicity quickly goes out the window as environments scale. As group memberships grow, management of memberships becomes increasingly complex.

Over the years, Microsoft and others have developed best practices for managing groups and permissions in an Active Directory environment. These strategies are something of a lost art, but there's value to be gained by leveraging these layers of sophistication.

To read this article in full, please click here



Network World Security
Nov 21, 2022

Tame Active Directory groups to streamline management, prep for automation
On the surface, Active Directory groups are a simple and straightforward way to manage identities (users and/or computers) and assign permissions. Users or computers are added as group members, and the group is referenced in access control lists (ACL) on file shares, mailboxes, applications, or other corporate resources. But experienced admins know that this simplicity quickly goes out the window as environments scale. As group memberships grow, management of memberships becomes increasingly complex.

Over the years, Microsoft and others have developed best practices for managing groups and permissions in an Active Directory environment. These strategies are something of a lost art, but there's value to be gained by leveraging these layers of sophistication.

To read this article in full, please click here



Network World Security
Nov 18, 2022

Dell expands data-protection product line
Dell Technologies has announced new products and services for data protection as part of its security portfolio.

Active data protection is often treated as something of an afterthought, especially compared to disaster recovery. Yet it's certainly a problem for companies. According to Dell's recent Global Data Protection Index (GDPI) research, organizations are experiencing higher levels of disasters than in previous years, many of them man-made. In the past year, cyberattacks accounted for 48% of all disasters, up from 37% in 2021, and are the leading cause of data disruption.

One of the major stumbling blocks in deploying data-protection capabilities is the complexity of the rollout. Specialized expertise is often required, and products from multiple vendors are often involved. Even the hyperscalers are challenged to provide multicloud data-protection services.

To read this article in full, please click here



Network World Security
Nov 16, 2022

Palo Alto targets zero-day threats with new firewall software
Palo Alto Networks has released next-generation firewall (NGFW) software that includes some 50 new features aimed at helping enterprise organizations battle zero-day threats and advanced malware attacks.

The new features are built into the latest version of Palo Alto's firewall operating system - PAN 11.0 Nova - and include upgraded malware sandboxing for the company's WildFire malware-analysis service, advanced threat prevention (ATP), and a new cloud access security broker (CASB).

WildFire is Palo Alto's on-prem or cloud-based malware sandbox that is closely integrated with Palo Alto's firewalls. When a firewall detects anomalies, it sends data to WildFire for analysis. WildFire uses machine learning, static analysis, and other analytics to discover threats, malware and zero-day threats, according to the vendor.

To read this article in full, please click here



Network World Security
Nov 10, 2022

Should security systems be the network?
Recently during a research interview with a small but fast-growing business, for the first time I encountered an organization with a "no-network-vendor" network. That is, instead of using Cisco or Dell or even a white-box solution for switching and routing, the company deployed only Fortinet equipment for its entire network. That is, every network component is part of the security infrastructure for them.

They built the network this way not just to bake security into its core (a great idea in itself) but also for:

ease of management: they have one tool, it manages every component ease of deployment: they have only two or three versions of each appliance, all the same except for capacity and port count ease of expansion to new locations: every site is the same as any other site of similar size They have a small stock of replacement appliances on the shelf, with which they provide rapid recovery for all locations. They could easily also consume security-operations center as-a-service, and use professional services for nearly all the rest of their network operations. In essence, their security solution could become their complete network solution as well.

To read this article in full, please click here



Network World Security
Nov 09, 2022

Researchers show techniques for malware persistence on F5 and Citrix load balancers
Tests show that deploying malware in a persistent manner on load balancer firmware is within reach of less sophisticated attackers.

Network World Security
Nov 08, 2022

VMware adds more security for diverse cloud workloads
VMware has added more security features to its forthcoming on-demand multi-cloud networking and security service called Northstar that it previewed during its August VMware Explore 2022 conference.

VMware said then that Northstar will provide a central console for turning up networking and security services across private clouds and VMware Cloud deployments that run on public clouds. It will include VMware services such as Network Detection and Response, NSX Intelligence, advanced load balancing and Web Application Firewall. Within Northstar, Network Detection and Response support will provide scalable threat detection and response for workloads deployed in private and/or public clouds.

To read this article in full, please click here



Network World Security
Nov 04, 2022

Qualys previews TotalCloud FlexScan for multicloud security management
Agentless security management system aims to simplify vulnerability management for security teams and developers in cloud and hybrid cloud environments.

Network World Security
Nov 01, 2022

Cisco adds a firewall, upgrades security
Security is the name of the game at Cisco's Partner Summit gathering this week with the rollout of a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security wares. 

On the firewall front, Cisco announced the Secure Firewall 3105 it says is built specifically for hybrid workers and small branch offices. 

Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end for the Secure Firewall 3100 family, including the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput.

To read this article in full, please click here



Network World Security
Oct 31, 2022

OCP spec for silicon security could help reduce vendor lock-in
A new specification from the Open Compute Project could mean more choices for IT pros when it comes time to replace server cards.

The spec defines a block of code that, when used in processors, establishes root of trust (RoT) boot security. Because the spec is open, any chip maker can use it, and it will provide interoperability with chips made by other chip makers that also use it. This can help eliminate being locked into a single vendor because of proprietary RoT code.

By standardizing on OCP hardware, for example, it's possible to replace a bad smartNIC from one vendor with one from another vendor, says Bill Chen, general manager of server product management at Supermicro, an OCP member.

To read this article in full, please click here



Network World Security
Oct 31, 2022

Engineering workstation attacks on industrial control systems double: Report
Some of the biggest challenges faced in securing industrial control systems involve integrating legacy and aging operational technology with modern IT systems.

Network World Security
Oct 27, 2022

How Cisco's Cloud Control Framework helps it comply with multiple security standards
Its open-source Cloud Control Framework gives Cisco a common template to meet security standards and regulatory requirements across the globe.

Network World Security
Oct 26, 2022

Cisco issues fixes for active exploits of its Windows VPN clients
Cisco is offering software updates for two of its AnyConnect for Windows products it says are actively being exploited in the field.

AnyConnect for Windows is security software package, in this case for Windows machines, that sets up VPN connectivity, provides access control and supports other endpoint security features. Cisco said AnyConnect products for MacOS, Linux are not affected.

Cisco said its Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability, which is described in this advisory.

To read this article in full, please click here



Network World Security
Oct 21, 2022

IoT security strategy from enterprises using connected devices
Freeman Health System has around 8,000 connected medical devices in its 30 facilities in Missouri, Oklahoma, and Kansas. Many of these devices have the potential to turn deadly at any moment. "That's the doomsday scenario that everyone is afraid of," says Skip Rollins, the hospital chain's CIO and CISO.

Rollins would love to be able to scan the devices for vulnerabilities and install security software on them to ensure that they aren't being hacked. But he can't.

"The vendors in this space are very uncooperative," he says. "They all have proprietary operating systems and proprietary tools. We can't scan these devices. We can't put security software on these devices. We can't see anything they're doing. And the vendors intentionally deliver them that way."

To read this article in full, please click here



Network World Security
Oct 21, 2022

IoT security strategy from those who use connected devices
Freeman Health System has around 8,000 connected medical devices in its 30 facilities in Missouri, Oklahoma, and Kansas. Many of these devices have the potential to turn deadly at any moment. "That's the doomsday scenario that everyone is afraid of," says Skip Rollins, the hospital chain's CIO and CISO.

Rollins would love to be able to scan the devices for vulnerabilities and install security software on them to ensure that they aren't being hacked. But he can't.

"The vendors in this space are very uncooperative," he says. "They all have proprietary operating systems and proprietary tools. We can't scan these devices. We can't put security software on these devices. We can't see anything they're doing. And the vendors intentionally deliver them that way."

To read this article in full, please click here



Network World Security
Oct 20, 2022

SolarWinds' Observability offers visibility into hybrid cloud infrastructure
SolarWinds, the maker of a well-known and widely used suite of IT management software products, announced this week that it's expanding to the cloud, with the release of Observability, a cloud-native, SaaS-based IT management service that is also available for hybrid cloud environments.

The basic idea of Observability is to provide a more holistic, integrated overview of an end-user company's IT systems, using a single-pane-of-glass interface to track data from network, infrastructure, application and database sources. The system's  machine learning techniques are designed to bolster security via anomaly detection.

To read this article in full, please click here



Network World Security
Oct 20, 2022

SolarWinds' Observability offers visibility into hybrid-cloud infrastructure
SolarWinds, is has launched a cloud-native, SaaS-based, IT-management service that is also available for hybrid-cloud environments.

Called Observability, the service provides a holistic, integrated overview of enterprise IT systems, using a single interface to track data from network, infrastructure, application, and database sources, says the company, which is noted for its suite of IT management software. The new service's machine-learning techniques are designed to bolster security via anomaly detection.

To read this article in full, please click here



Network World Security
Oct 18, 2022

Cisco launches 10-year plan to train 25 million people in IT skills
As Cisco celebrates the 25th anniversary of Cisco Networking Academy, the company on Tuesday announced two new certifications and a plan to provide networking, cybersecurity and general IT  training to 25 million people over the next 10 years.

The training will be done through the company's networking academy, an IT skills-to-jobs program that provides IT courses, learning simulators, and hands-on learning opportunities, supporting instructors and learners in 190 countries. To date, Cisco says more than 17.5 million global learners have taken Cisco Networking Academy courses to gain IT skills, with 95% of students attributing their post-course job or education opportunity to Cisco Networking Academy.

To read this article in full, please click here



Network World Security
Oct 12, 2022

Portnox adds IoT fingerprinting to network access control service
The IoT fingerprinting feature will allow companies to fully identify IoT devices that don't have the storage or processing capabilities to communicate complete identifying information such as model number, or even device type.

Network World Security
Oct 11, 2022

Google Cloud adds networking, security features for enterprises
Google Cloud is rolling out new network and security features, including a service that provides Layer-7 security.

The new offerings announced at Google Cloud Next also include firewall and web application-protection options aimed at advancing existing cloud connectivity and ensuring the security of cloud-based resources.

"We are fundamentally enhancing our network fabric—which includes 35 regions, 106 zones and 173 network edge locations across 200-plus countries—and making it simpler and easier for organizations to migrate their existing workloads and modernize applications all while securing and making them easier to manage," said Muninder Sambi, vice president and general manager of networking for Google Cloud.

To read this article in full, please click here



Network World Security
Oct 05, 2022

The astronomical costs of an asset disposal program gone wrong
As Morgan Stanley Smith Barney has learned, an information technology asset disposal program can protect a company against the potential catastrophe of data leaks from gear you're getting rid of.

Network World Security
Sep 29, 2022

About a third of cloud users need to learn resiliency lessons from Ian
Beyond the human cost, natural disasters like hurricane Ian can take a high toll on business continuity, causing enterprise-infrastructure damage that takes days or weeks to fix while downtime costs in the six figures per hour. If Ian didn't impact your operations, now is the time to prepare for a future disaster that might hit your network.

Vulnerable areas include cloud providers' managed services that might require customers to explicitly specify they want their apps, compute, and storage housed in redundant, geographically separate availability zones. According to Uptime Institute, roughly one third of enterprises are architecting cloud apps that are vulnerable to outages in single cloud availability zones, rather than distributing their workloads across multiple zones.

To read this article in full, please click here



Network World Security
Sep 29, 2022

About a third of you cloud users need to learn resiliency lessons from Ian
Beyond the human cost, natural disasters like hurricane Ian can take a high toll on business continuity, causing enterprise-infrastructure damage that takes days or weeks to fix at a downtime cost in the six figures per hour. If Ian didn't get you, now is the time to prepare for a future disaster that might hit your network.

Vulnerable areas include cloud providers' managed services that might require customers to explicitly specify they want their apps, compute, and storage housed in redundant, geographically separate availability zones. According to Uptime Institute, roughly one third of enterprises are architecting cloud apps that are vulnerable to outages in single cloud availability zones, rather than distributing their workloads across multiple zones.

To read this article in full, please click here



Network World Security
Sep 23, 2022

A third of Australian population likely affected in Optus cyberattack
Breached information includes names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's licence or passport numbers.

Network World Security
Sep 13, 2022

Software-defined perimeter: What it is and how it works
A growing number of organizations are drawing an invisible line around their internet-connected resources in an effort to keep attackers at bay. Called software-defined perimeter (SDP), it is based on the relatively simple idea of throwing a virtual barrier around servers, routers, printers, and other enterprise network components.

The goal of SDP is to protect networks behind a flexible, software-based perimeter. "Advantages include stronger security and greater flexibility and consistency," says Ron Howell, principal SD-WAN and SASE architect at IT and business consulting firm Capgemini Americas.

To read this article in full, please click here



Network World Security
Sep 13, 2022

Cisco expands its SD-WAN software for wider reach, better security
Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric.

The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco's Enterprise Cloud & SD-WAN group. "They want to connect these users as reliably and securely as these users would be in an office environment," he said.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Aug 31, 2022

Palo Alto Networks bulks-up its SASE portfolio
Palo Alto Networks is reinforcing the security and operational features of its Prisma secure-access service edge (SASE) package.

New features include the ability to adjust security settings for multiple software-as-a-service-based apps, new security capabilities, and AIOPs support. In addition the company is expanding its family of Ion SD-WAN security devices to provide additional configuration options.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Aug 18, 2022

How to set up DHCP failover on Windows Server
Redundancy is essential for dealing with both planned and unplanned outages, and that includes having redundant dynamic host-configuration protocol (DHCP) servers to allow uninterrupted dynamic assignment of IP addresses.

For those working in Windows environments, there are currently two options for setting up redundant DHCP servers: a failover scenario with a main server paired with another in hot standby; and a load-balancing scenario in which two DHCP servers actively handle client requests.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Aug 11, 2022

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group
Cisco says an employee's credentials were compromised after an attacker gained control of a personal Google account.

Network World Security
Aug 08, 2022

What is IoT? The internet of things explained
The internet of things (IoT) is a catch-all term for the growing number of electronics that aren't traditional computing devices, but are connected to the internet to send data, receive instructions or both.

There's an incredibly broad range of ‘things' that fall under the IoT umbrella: Internet-connected ‘smart' versions of traditional appliances such as refrigerators and light bulbs; gadgets that could only exist in an internet-enabled world such as Alexa-style digital assistants; and internet-enabled sensors that are transforming factories, healthcare, transportation, distribution centers and farms.

What is the internet of things? The IoT brings internet connectivity, data processing and analytics to the world of physical objects. For consumers, this means interacting with the global information network without the intermediary of a keyboard and screen (Alexa, for example).

To read this article in full, please click here



Network World Security
Aug 04, 2022

Government-imposed internet shutdowns impacted 1.9 billion people in first half of 2022
Internet shutdowns by governments across the world impacted 1.89 billion citizens globally in the first half of 2022, a 22% increase when compared with the second half of 2021.

A recent report compiled by VPN service provider Surfshark found there were 66 state-mandated internet blackouts imposed across six countries and territories during the period: Burkina Faso, India, Jammu and Kashmir, Kazakhstan, Pakistan, and Sudan. Local shutdowns were observed in India, Jammu and Kashmir region, and Pakistan, while Burkina Faso, Kazakhstan, and Sudan chose to cut down internet connections nationwide.

While there was an overall decrease in the number of internet shutdowns during the period—72 cases in the first half of 2022 compared with 84 reported in the second half of 2021—the number of people impacted was much higher, as reliance on the internet has increased globally.

To read this article in full, please click here



Network World Security
Aug 02, 2022

Axis adds automation, onboarding features to Atmos ZTNA network access software
Axis is also offering migration tools and a buyback program for those looking to move from legacy ZTNA (zero trust network access) applications.

Network World Security
Jul 29, 2022

Network security depends on two foundations you probably don't have
You've done everything to secure your network, and you still face threats. That's what most enterprises say about their network security, and they're half right. Yes, they still face threats, but they've not done everything to address them. In fact, most enterprises haven't really implemented the two foundations on which real network security must be based.

When I ask enterprises whether they've done a top-down analysis of network security, they usually say they do it every year. When I ask what's involved in that assessment, they say they look for indications that their current strategies have failed. They build another layer, which is kind of like putting a second Band-Aid on a cut.

To read this article in full, please click here



Network World Security
Jul 27, 2022

IBM bolsters quantum cryptography for z16 mainframe
While the need for it may be years away, IBM has added additional mainframe protection against future quantum-based security attacks.

When Big Blue rolled out the newest iteration of its mainframe - the z16—in April, one of its core design pillars was a promise to protect organizations from anticipated quantum-based security threats. Specifically, the z16 supports the Crypto Express8S adapter to deliver quantum-safe APIs that will let enterprises start developing quantum-safe cryptography along with classical cryptography and to modernize existing applications and build new applications, IBM stated.

To read this article in full, please click here



Network World Security
Jul 15, 2022

Are you doing enough to secure your network infrastructure?
It's time to take a hard look at whether you're devoting enough resources to securing your network infrastructure. Short answer: You're probably not.

If you work for a hyperscaler, your organization is probably doing everything it can to secure the network. For almost everyone else, it is pretty safe to assume that the answer is no.

This is not necessarily a blameworthy failing. In many cases it is down to available resources and perceived risk: Given too little money for cybersecurity and too little time from too few people to tackle all possible risks in the network, what should network cybersecurity staff focus on? They tend to focus less on the inward-facing aspects of their networks and more on explicitly outward-facing pieces.

To read this article in full, please click here



Network World Security
Jul 15, 2022

4 ways to better secure your network infrastructure
It's time to take a hard look at whether you're devoting enough resources to securing your network infrastructure. Short answer: You're probably not.

If you work for a hyperscaler, your organization is probably doing everything it can to secure the network. For almost everyone else, it is pretty safe to assume that the answer is no.

This is not necessarily a blameworthy failing. In many cases it is down to available resources and perceived risk: Given too little money for cybersecurity and too little time from too few people to tackle all possible risks in the network, what should network cybersecurity staff focus on? They tend to focus less on the inward-facing aspects of their networks and more on explicitly outward-facing pieces.

To read this article in full, please click here



Network World Security
Jul 14, 2022

New speculative execution attack Retbleed impacts Intel and AMD CPUs
Unlike other speculative execution attacks like Spectre, Retbleed exploits return instructions rather than indirect jumps or calls.

Network World Security
Jul 13, 2022

Juniper upgrades management platform, adds a switch
Juniper Networks has upgraded its cloud-based management platform and introduced a new switch family for campus and branch networks.

On the management side, Juniper says the goal is to simplify network operations for organizations with a mix of campus, branch, micro-site, and remote-worker settings, and it is doing that by adding features to its Mist AI/ML cloud-based management platform and its Marvis virtual network assistant.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Jul 13, 2022

Consulting firms jump on the Zero Trust bandwagon
Deloitte's new Zero Trust Access service and HCL's collaboration with Palo Alto Networks mark a sustained trend towards offering Zero Trust security services for clients.

Network World Security
Jul 12, 2022

5 mistakes to avoid when implementing zero-trust
Interest in zero-trust security has heightened significantly over the past two years among organizations looking for better ways to control access to enterprise data in cloud and on-premises environments for remote workers, contractors and third parties.

Several factors are driving the trend, including increasingly sophisticated threats, accelerated cloud adoption and a broad shift to remote and hybrid work environments because of the pandemic. Many organizations have discovered that traditional security models where everything inside the perimeter is implicitly trusted, does not work in environments where perimeters don't exist and enterprise data and the people accessing it are increasingly distributed and decentralized.

To read this article in full, please click here



Network World Security
Jun 30, 2022

IBM brings hybrid-cloud app services to z/OS mainframes
IBM has introduced a service for its mainframe customers to create a cloud environment for developing and testing applications.

Wazi as a Service can be used to create z/OS infrastructure instances for development and testing z/OS application components in a virtualized, containerized sandbox. The instances would run on Red Hat OpenShift on x86 hardware. The service also includes access to z/OS systems and integrates with modern source-code management platforms such as GitHub and GitLab.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Jun 23, 2022

Cisco reports vulnerabilities in products including email and web manager
New vulnerabilities found in Cisco internal testing allow remote access and scripting that could lead to the loss of sensitive user data.

Network World Security
Jun 16, 2022

Cisco puts app-performance tools in the cloud
Cisco is taking aim at better controlling the performance and development of core applications with a new AppDynamics cloud service and open-source development tools.

AppDynamics Cloud is a cloud-native service designed to let enterprises observe applications and take action to remediate performance problems.  

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

Available by the end of June, the service is built to observe distributed and dynamic cloud-native applications at scale, wrote chief marketing officer of Cisco AppDynamics, Eric Schou in a blog about the new offering.

To read this article in full, please click here



Network World Security
Jun 14, 2022

Cisco moves Catalyst, Nexus management to the cloud
Cisco is taking a big step toward cloud-management of both its Catalyst campus and Nexus data-center equipment.

At the Cisco Live customer event this week, the company rolled out two cloud-based management services that provide more options for enterprises to support hybrid workforces.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

Catalyst management in the cloud The first service, Cloud Management for Cisco Catalyst, lets customers manage and troubleshoot Catalyst 9000 switching and wireless campus and branch devices from the company's cloud-based Meraki dashboard, which can manage and troubleshoot a wide variety of devices and networks from a single screen. According to Cisco, Catalyst customers can run a CLI command with information about their organization, and it will move management of that device over to the Meraki cloud.

To read this article in full, please click here



Network World Security
Jun 08, 2022

RSA: Intel reference design to accelerate SASE, other security tasks
Intel has introduced a reference design it says can enable accelerator cards for security workloads including secure access service edge (SASE), IPsec, and SSL/TLS.

The upside of the server cards would be offloading some application processing from CPUs, effectively increasing server performance without requiring additional server rack space, according to Intel.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

The announcement was made at RSA Conference 2022, and details were published in a blog post by Bob Ghaffardi, Intel vice president and general manager of the Enterprise and Cloud Division.

To read this article in full, please click here



Network World Security
Jun 06, 2022

RSA: Cisco launches SASE, offers roadmap for other cloud-based services
Cisco made a variety of security upgrades at the RSA Conference designed to move security operation to the cloud, improve its Secure Access Service Edge offering and offer new simplified security end point control.

The biggest piece of the Cisco roll out was a new overarching security platform called the Cisco Security Cloud will include unified management and policies, and offer open APIs to help grow a multivendor security ecosystem. 

Cisco defines the  Security Cloud as a "multi-year strategic vision for the future of security." It is an ongoing journey that began several years ago and Cisco will continue delivering upon the key tenets of this vision with a consistent roadmap. The cloud will be made up of existing products like Umbrella and offerings from Duo, other features will be developed in the future.

To read this article in full, please click here



Network World Security
Jun 03, 2022

Who is selling Zero Trust Network Access (ZTNA) and what do you get?
Enterprise interest in Zero Trust Network Access (ZTNA) has soared over the past two years among organizations trying to enable secure anywhere, anytime, any device access to IT resources for employees, contractors and third parties.

Much of this interest has stemmed from organizations looking to replace VPNs as the primary remote access mechanism to their networks and data. But it is also being driven by organizations seeking to bolster security in an environment where enterprise data is scattered across on-premises and multi-cloud environments, and being accessed in more ways than ever before.

To read this article in full, please click here



Network World Security
May 31, 2022

6G cellular doesn't exist, but it can be hacked
Arriving at a consensus on when 6G wireless will be widely available commercially is all but impossible, as this small sample size shows:

Northeastern University researchers: More than five years, but probably not long after Nokia CEO Pekka Lundmark: Definitely by 2030 ABI Research: Sometime in the 2030s A magic 8-ball I found in my basement: Reply hazy, try again [ Get regularly scheduled insights by signing up for Network World newsletters. ]

Then there is this intriguing quatrain by 16th century French physician, astrologer and renowned seer Nostradamus:

To read this article in full, please click here



Network World Security
May 31, 2022

U.S. government proposals spell out 5G security advancements
A joint proposal from federal cybersecurity and defense agencies defines a process for ensuring the security of 5G networks.

Network World Security
May 30, 2022

VPNs can complement SASE
The pandemic has accelerated the development of better ways to serve and secure remote workers, which make it a good time to rexamine VPNS.

Recently VPNs have received technical boosts with the addition of protocol options that improve functionality far ahead of where they were when first invented. At the same time, new security architectures zero trust network access (ZTNA), secure access service edge (SASE), and security service edge (SSE) are making inroads into what had been the domain of remote-access VPNs.

To read this article in full, please click here



Network World Security
May 30, 2022

Linux malware is on the rise—6 types of attacks to look for
Malware targeting Linux environments has increased massively in the past year, with threat actors using a variety of techniques to carry out operations.

Network World Security
May 26, 2022

New Linux-based ransomware targets VMware servers
Cheerscript plants double-extortion malware on ESXi servers.

Network World Security
May 25, 2022

Microsoft security vulnerabilities drop after five-year rise
While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.

Network World Security
May 24, 2022

HYAS brings security threat detection, response to production networks
HYAS Confront uses domain expertise and proprietary machine learning to monitor and detect anomalies in production network environments and improve visibility as applications move to the cloud.

Network World Security
May 23, 2022

SASE or SSE? Don't let hype distract from enterprise needs
Secure access service edge (SASE) has generated a buzz over the last couple of years, particularly in light of the pandemic and its associated surge in remote employees. But SASE hasn't quite materialized in the way Gartner - which first coined the term in a 2019 white paper - initially expected. In particular, there's been pushback around the idea that SASE should be delivered by a single vendor, as a single integrated cloud service at the network edge.

The SASE model combines network security functions with WAN capabilities, delivering the security elements in the cloud and using SD-WAN at the edge or in the cloud. Key security functions include secure web gateway (SWG), zero trust network access (ZTNA), firewall as a service (FWaaS), and cloud access security broker (CASB).

To read this article in full, please click here



Network World Security
May 20, 2022

What is Nmap and why do you need it on your network?
Nmap, short for Network Mapper, is a free and open source tool used for vulnerability checking, port scanning and, of course, network mapping. Despite being created back in 1997, Nmap remains the gold standard against which all other similar tools, either commercial or open source, are judged.

Nmap has maintained its preeminence because of the large community of developers and coders who help to maintain and update it. The Nmap community reports that the tool, which anyone can get for free, is downloaded several thousand times every week.

To read this article in full, please click here



Network World Security
May 19, 2022

CISA issues emergency warning over two new VMware vulnerabilities
The U.S. Cybersecurity and Infrastructure Agency issues emergency security directive over VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973, which threat actors are likely to exploit.

Network World Security
May 18, 2022

8 questions to ask vendors about Zero Trust Network Access (ZTNA)
The increased deployment of core business applications in the cloud and the shift to remote work brought on by the pandemic have obliterated any notion of the traditional "corporate moat" style of security.

Today's hybrid workplace, where employees are on the road, working from home and maybe visiting the office once or twice a week, has forced network and security teams to adopt a more flexible approach to managing the network, identities, and authentication.

Zero Trust Network Access (ZTNA) has emerged as the preferred approach to address today's security challenges. The concept is relatively simple: Instead of building a layered perimeter defense of firewalls, IDS/IPSes and anti-virus software, Zero Trust assumes that every user or device is untrusted until it becomes sufficiently verified.

To read this article in full, please click here



Network World Security
May 17, 2022

Google Cloud boosts open-source security, simplifies zero-trust rollouts
Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.

At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.

One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies.

"Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there's a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."

To read this article in full, please click here



Network World Security
May 17, 2022

Google Cloud launches services to bolster open-source security, simplify zero-trust rollouts
Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.

At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.

One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies.

"Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there's a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."

To read this article in full, please click here



Network World Security
May 11, 2022

6 top network security threats and how to beat them
It's a war zone out there. In the seemingly endless game of cyber cat and mouse, accurate intelligence remains the best tool for beating attackers at their own game.

Here's an analysis of today's six top network threats and tips for how to identify and quash them.

1. Ransomware Ransomware is easily the greatest network threat, since it gives attackers the biggest bang for the buck with a relatively low probability of getting caught. "There's also a low bar in the skill category to break into this sort of thing," says Andy Rogers, a senior assessor at cybersecurity and compliance firm Schellman. "There are plenty of Ransomware-as-a-Service (RaaS) businesses that will be more than willing to ensure you have the tools you need to unleash a ransomware campaign."

To read this article in full, please click here



Network World Security
May 10, 2022

Intel details IPU roadmap to free up CPUs
Intel is betting that future data-center operations will depend on increasingly powerful servers running ASIC-based, programable CPUs, and its wager rides on the development of infrastructure processing units (IPU), which are Intel's programmable networking devices designed to reduce overhead and free up performance for CPUs.

Read more: SmartNICs set to infiltrate enterprise networks

To read this article in full, please click here



Network World Security
May 10, 2022

Cohesity launches FortKnox to protect data from ransomware attacks
Data management specialist Cohesity is launching a new data isolation and recovery tool called FortKnox, in a bid to help customers protect their data from ransomware attacks.

FortKnox provides an additional layer of off-site protection for customers by keeping data in a secure ‘vault,' with physical separation, network and management isolation to keep threat actors from accessing sensitive data.

An object lock requires a minimum of two or more people to approve critical actions, such as changes of vault policy, and access can be managed using granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest.

To read this article in full, please click here



Network World Security
May 05, 2022

Cisco warns of critical vulnerability in virtualized network software
Multiple vulnerabilities have been discovered in Cisco's Enterprise NFV Infrastructure Software (NFVIS). The worst of the vulnerabilities could let an attacker escape from the guest virtual machine (VM) to the host machine, Cisco disclosed. The other two problems involve letting a bad actor inject commands that execute at the root level and allowing a remote attacker to leak system data from the host to the VM.

NFVIS is Linux-based infrastructure software designed to help enterprises and service providers to deploy virtualized network functions, such as a virtual router, firewall and WAN acceleration, Cisco stated.

To read this article in full, please click here



Network World Security
May 05, 2022

Dell offers data, app recovery support for multicloud assets
Dell is offering an expanded ecosystem of multicloud data management tools for its customers with a focus on data recovery services, adding recovery vault support for on-premises as well as public cloud assets.

"Our customers want help reducing complexity and are seeking solutions that use a common approach to managing data wherever it lives — from public clouds, to the data center, to the edge," said Chuck Whitten, co-chief operating officer, Dell Technologies, in a statement. "We are building a portfolio of software and services that simplifies on-premises and multicloud environments and offers." 

To read this article in full, please click here



Network World Security
May 05, 2022

4 lessons learned from the Atlassian network outage
Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. 

While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company's engineers and the lengths they had to go to find and fix the problems.

The outage was the result of a series of unfortunate internal errors by Atlassian's own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes' worth of data transactions, and the vast majority of customers didn't see any downtime whatsoever.

To read this article in full, please click here



Network World Security
May 05, 2022

4 networking best practices learned from the Atlassian network outage
Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. 

While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company's engineers and the lengths they had to go to find and fix the problems.

The outage was the result of a series of unfortunate internal errors by Atlassian's own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes' worth of data transactions, and the vast majority of customers didn't see any downtime whatsoever.

To read this article in full, please click here



Network World Security
May 03, 2022

Cisco urges software update to thwart counterfeit switches
Cisco is encouraging users of its popular Catalyst 2960X/2960XR switches to upgrade their IOS operating systems in an effort to combat counterfeiting.

Because of the pervasiveness of these switches on the gray market, it's imperative that customers enable the latest software release - IOS release 15.2(7)E4 or later - to validate the authenticity, security, and performance of their Catalyst 2960X/2960XR 24/48 port Gigabit Ethernet switches, Cisco stated in a notice to customers. 

To read this article in full, please click here



Network World Security
May 03, 2022

TLS implementation flaws open Aruba and Avaya network switches to RCE attacks
The network switch vulnerabilities are considered critical and could allow attackers to break network segmentation, exfiltrate data, and escape captive portals.

Network World Security
Apr 20, 2022

Basing network security on IP addressing: Would it be worth it?
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn't that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.

Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there's an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we're told is SASE without SD-WAN. In any event, what happens is that there's pressure to add this new thing on, and that creates another layer of protection...maybe.  Complication and cost? Surely.

To read this article in full, please click here



Network World Security
Apr 20, 2022

IP addressing could support effective network security, but would it be worth it?
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn't that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.

Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there's an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we're told is SASE without SD-WAN. In any event, what happens is that there's pressure to add this new thing on, and that creates another layer of protection...maybe.  Complication and cost? Surely.

To read this article in full, please click here



Network World Security
Apr 14, 2022

US security agencies warn of threats to industrial, utility control networks
Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.

The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Apr 14, 2022

What is DRaaS and how it can save your business from disaster
Disaster Recovery as a Service (DRaaS) provides data replication, hosting, and recovery services from the cloud in the event of a disaster, power outage, ransomware attack, or other business interruption.

DRaaS backs up data, applications, and IT infrastructure to the cloud, with providers typically having geographically dispersed data center footprints. In the event of a disaster, the business will failover to the DRaaS provider's data center in a different region. 

As opposed to traditional disaster recovery methods, which require businesses to operate an off-site DR facility, DRaaS shifts that burden to service providers, and, thus, expands the market beyond the large enterprises that could afford such capital-intensive setups.

To read this article in full, please click here



Network World Security
Apr 13, 2022

US security agencies warn of threats to indusctial, utility control networks
Key US government security organizations are warning industrial control system (ICS)/supervisory control and data acquisition (SCADA)-basednetworks are being threatened by bad actors armed with custom software tools.

The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.

[ Get regularly scheduled insights by signing up for Network World newsletters. ]

To read this article in full, please click here



Network World Security
Apr 12, 2022

Cisco SD-WAN software gains broader application access, enhanced analytics
Cisco has tweaked its flagship SD-WAN software package to increase customer application flexibility and improve visibility into the performance of distributed resources.

The company announced Cisco SD-WAN release 17.8, which adds support for new business and customized cloud applications, analytics and security features.

SD-WAN buyers guide: Key questions to ask vendors Specifically, the company upgraded the SD-WAN Cloud OnRamp for SaaS service, which links branch offices or individual remote users to cloud applications such as Cisco's Webex, Microsoft 365, AWS, Google, Oracle, Salesforce and more.

To read this article in full, please click here



Network World Security
Apr 07, 2022

5 VMware products need patching against serious security vulnerabilities
Virtualization and cloud vendor VMware this week disclosed eight vulnerabilities in five of its products, and urged users of Workspace ONE Access and all its products that include VMware Identity Manager components to patch immediately.

Three of those vulnerabilities were rated critical on the CVSSv3 scale—two of them contain the possibility for remote code execution, while the third would allow a bad actor to bypass VMware's user authentication systems to execute unauthorized operations.

To read this article in full, please click here



Network World Security
Apr 07, 2022

10 essential Linux tools for network and security pros
Picking just 10 Linux open source security tools isn't easy, especially when network professionals and security experts have dozens if not several hundred tools available to them.

There are different sets of tools for just about every task—network tunneling, sniffing, scanning, mapping. And for every environment—Wi-Fi networks, Web applications, database servers.

We consulted a group of experts (Vincent Danen, vice president of product security, RedHat; Casey Bisson, head of product growth, BluBracket; Andrew Schmitt, a member of the BluBracket Security Advisory Panel; and John Hammond, senior security researcher, Huntress) to develop this list of must-have Linux security tools.

To read this article in full, please click here



Network World Security
Apr 07, 2022

Who's selling SASE and what do you get?
Demand for secure access service edge (SASE) has grown tremendously during the pandemic. As adoption picks up, vendors are promising feature-rich and integrated SASE solutions. Customers have different needs when it comes to SASE, however, and it's not always easy to understand what a SASE provider is offering.

As an approach, SASE combines networking and security into a scalable cloud service that fits with the remote and hybrid work models companies use today. Potential benefits include easier network and security management, flexibility to scale up or down as business needs require, and lower costs.

To read this article in full, please click here



Network World Security
Apr 05, 2022

IBM z16: A mainframe designed for AI, hybrid cloud, security and open source
Today's announcement of IBM's new z16 mainframes promises a system that caters to enterprise needs that include support for AI, security, hybrid cloud, and open source efforts well into the future.

The new, more powerful and feature-rich Big Iron boasts an AI accelerator built onto its core Telum processor that can do 300 billion deep-learning inferences per day with one millisecond latency and includes what IBM calls a quantum-safe system to protect organizations from anticipated quantum-based security threats.

[Get regularly scheduled insights by signing up for Network World newsletters.]

To read this article in full, please click here



Network World Security
Apr 04, 2022

Fortinet tightens integration of enterprise security, networking controls
Fortinet has made available a new release of its core FortiOS software that includes features the vendor says will help enterprises more tightly meld security and networking controls.

FortiOS 7.2, has 300 new features including AI support to help stop network threats more quickly, sandboxing to help fight ransomware threats, and improved SD-WAN, branch, and edge orchestration.

How to choose an edge gateway FortiOS is the vendor's operating system for the FortiGate family of hardware and virtual components. FortiOS implements Fortinet Security Fabric and includes network security such as firewalling, access control, and authentication in addition to SD-WAN, switching, and wireless services. 

To read this article in full, please click here



Network World Security
Mar 31, 2022

Zero trust requires network visibility
In a zero-trust environment, trust is not static. Behavior has to be visible for trust to persist.

One of the most important differences between old thinking on networking and the zero-trust mindset is the inversion of thinking on trust. Pre-ZT, the assumption was this: Once you get on the network, you are assumed to be allowed to use it any way you want until something extraordinary happens that forces IT to shut you down and remove your access. You are assumed broadly trustworthy, and confirming that status positively is very rare. It is also very rare to have that status revoked.

To read this article in full, please click here



Network World Security
Mar 30, 2022

CISA warns of attacks against internet-connected UPS devices
Threat actors have targeted power supplies whose control interfaces are connected to the internet, and CISA says that they should be disconnected immediately.

Network World Security
Mar 30, 2022

Palo Alto launches cloud-native firewall service for AWS
Cloud NGFW for AWS enables organizations to shift security responsibility to Palo Alto, allowing them to speed cloud innovation while remaining secure, the vendor says.

Network World Security
Mar 28, 2022

Use zero trust to fight network technical debt
Zero trust (ZT) is a mindset and a method, not a technology. The current push to adopt ZT is driven by an urgent and growing need to make a major leap forward in risk management and attack containment in enterprise networks, a need driven home by every successive wave of ransomware. IT can use the urgency of moving to ZT to root out some of the technical debt in the environment. Specifically, it can be a catalyst to find areas exempted from network and network security standards and bring them up to date under the new paradigm of zero trust.

No more exempting network components from access-control roles In a ZT environment, the network not only doesn't trust a node new to it, but it also doesn't trust nodes that are already communicating across it. When a node is first seen by a ZT network, the network will require that the node go through some form of authentication and authorization check. Does it have a valid certificate to prove its identity? Is it allowed to be connected where it is based on that identity? Is it running valid software versions, defensive tools, etc.? It must clear that hurdle before being allowed to communicate across the network.

To read this article in full, please click here



Network World Security
Mar 23, 2022

IBM service aims to secure multicloud operations
IBM is launching a new service to help customers manage their data encryption keys in a hybrid cloud environment. 

Unified Key Orchestrator lets customers integrate all security key-management systems into one managed service that's backed by Big Blue's Hardware Security Module. HSM is IBM's system that protects against physical or logical attacks and has special hardware to perform cryptographic operations and protect keys.

Gartner: IT skills shortage hobbles cloud, edge, automation growth Available from IBM Cloud, Unified Key Orchestrator lets customers maintain visibility and control over who has access to their critical data, while running workloads across hybrid or multicloud cloud environments. In addition, with a single, secure, cloud-based  view of an organization's crypto keys, enterprises can create and revoke keys for their data across multiple clouds. At the same time, companies no longer need to rely on security experts with specialized knowledge of each individual cloud to handle security operations, according to IBM.

To read this article in full, please click here



Network World Security
Mar 23, 2022

What is NAC and why is it important for network security?
Network Access Control (NAC) is a cybersecurity technique that prevents unauthorized users and devices from entering private networks and accessing sensitive resources. Also known as Network Admission Control, NAC first gained a foothold in the enterprise in the mid-to-late 2000s as a way to manage endpoints through basic scan-and-block techniques.

As knowledge workers became increasingly mobile, and as BYOD initiatives spread across organizations, NAC solutions evolved to not only authenticate users, but also to manage endpoints and enforce policies.

How NAC works NAC tools detect all devices on the network and provide visibility into those devices. NAC software prevents unauthorized users from entering the network and enforces policies on endpoints to ensure devices comply with network security policies. NAC solutions will, for instance, make sure that the endpoint has up-to-date antivirus and anti-malware protections.

To read this article in full, please click here



Network World Security
Mar 08, 2022

New attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs
Though not as easy to exploit, this proof of concept shows that some Intel and ARM processors are still vulnerable to side-channel attacks.

Network World Security
Mar 08, 2022

Critical flaws in APC uninterruptible power supplies poses risks to mission-critical devices
Attackers can exploit cloud-connected APC Smart-UPS units to take control of the devices they protect.

Network World Security
Mar 08, 2022

Critical flaws in remote management agent impacts thousands of medical devices
The Axeda platform, used by hundreds of IoT devices, has seven vulnerabilities, three of which allow for remote code execution.

Network World Security
Mar 07, 2022

Gartner: SSE is SASE minus the SD-WAN
SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.

Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the "A" — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it's available from vendors listed in the report (here and here, for example).

To read this article in full, please click here



Network World Security
Mar 07, 2022

SSE is SASE minus the SD-WAN
SASE adoption has been skyrocketing since the start of the pandemic. Secure access service edge, a term Gartner coined in 2019, combines security and networking in a single, scalable, cloud-based platform that fits well in a world in which employees work from home and mostly access cloud-based apps and services.

Now Gartner is pushing a new acronym. Turns out, companies might prefer to get their SASE without the "A" — just security service edge, or SSE. Gartner this month published a Magic Quadrant for SSE (something the company never did for SASE); it's available from vendors listed in the report (here and here, for example).

To read this article in full, please click here



Network World Security
Mar 04, 2022

NSA urges businesses to adopt zero trust for network security
The National Security Agency this week detailed recommendations for businesses to secure their network infrastructure against attacks, giving safe configuration tips for commonly used networking protocols and urging the use of basic security measures for all networks.

The NSA's report highlighted the importance of zero trust principles for network security, but the bulk of it covers specific steps network administrators should take to keep their infrastructure safe from compromise. Configuration tips for network admins include the use of secure, frequently changed passwords for all administrative accounts, limiting login attempts, and keeping potentially vulnerable systems patched and up-to-date. The report also describes safe configurations for SSH (secure shell), HTTP and SNMP (simple network management protocol).

To read this article in full, please click here



Network World Security
Mar 04, 2022

NSA urges businesses to adopt zero trust principles for network security
The National Security Agency this week issued detailed recommendations for businesses trying to secure their networking infrastructure against attacks, giving safe configuration tips for commonly used networking protocols and urging the use of basic security measures for all networks.

The NSA's report began by highlighting the importance of zero trust principles for network security, but the bulk of it covers specific steps network administrators should take to keep their infrastructure safe from compromise. Configuration tips for network admins include the use of secure, frequently changed passwords for all administrative accounts, limiting login attempts and keeping potentially vulnerable systems patched and up-to-date. The report also describes safe configurations for SSH (secure shell), HTTP and SNMP (simple network management protocol).

To read this article in full, please click here



Network World Security
Mar 03, 2022

7 DNS attack types and how to mitigate them
Domain name system (DNS) attacks, in which bad actors take advantage of vulnerabilities in the DNS Internet protocol, are extremely prolific -- and costly.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 03, 2022

7 DNS attacks and how to mitigate them
Domain name system (DNS) attacks, in which bad actors take advantage of vulnerabilities in the DNS Internet protocol, are extremely prolific—and costly.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 03, 2022

The 5 big DNS attacks and how to mitigate them
Domain name system (DNS) attacks, in which bad actors take advantage of vulnerabilities in the DNS Internet protocol, are extremely prolific—and costly.To read this article in full, please click here

(Insider Story)

Network World Security
Mar 01, 2022

FCC looks into BGP vulnerabilities, in light of Russian hacking threat
The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet.

The move, announced Monday, was issued in response to "Russia's escalating actions inside of Ukraine," according to the commission's notice of inquiry.

BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes.

To read this article in full, please click here



Network World Security
Feb 25, 2022

Cisco IDs top 2022 security threats and what to do about them
2022 will be another busy year for enterprise incident responders as ransomware, supply chain and myriad zero-day attacks will continue to rise, according to Cisco's Talos security experts.

To help address the threats, the Cisco Talos team used a blog and online presentation to detail steps enterprises can take to defend themselves against the growing field of bad actors and also to point out lessons learned from recent damaging exploits such as the Log4j vulnerability and Microsoft Exchange server zero-day threats.

Once, zero-day attacks were typically launched by state actors against service providers, but those days are gone, wrote Nick Biasini head of outreach at Cisco Talos in a blog about the security landscape in 2022. Now new, less experienced combatants seek out a broader range of targets, using less surgical attacks. "This has led to more risky behavior than we've seen historically, without as much regard for collateral damage," he wrote.

To read this article in full, please click here



Network World Security
Feb 23, 2022

Zero trust requires clear architecture plans before changing core systems
Zero trust touches everything: identity, applications, networks, data, and devices. The best approach is not to change everything all at once. Instead, start with the big picture.

In our research, we've found the most successful organizations dedicated the first phase of their zero-trust initiatives to working out an architecture. They didn't rush into deploying solutions as though starting with a greenfield.

Everyone else dove in fast, mixing the foundational work on zero trust with one or more of the knock-on efforts: rearchitecting networks, security, and data management; buying tools; forming implementation teams and setting them to work. All those things need to happen, of course, but with zero trust, it pays to do a lot more thinking about how all the pieces will fit together before undertaking the changes needed, either at the architectural level or in the tool set.

To read this article in full, please click here



  • CEOExpress
  • c/o CommunityScape | 200 Anderson Avenue
    Rochester, NY 14607
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2022 CEOExpress Company LLC