Network World Security
Author Archives: Network World Security
- Home → Author's archive:
Network World Security
0
IBM service uses DNS to deliver multicloud connectivity
IBM is rolling out a new DNS-based service that will let customers securely control connectivity between distributed multicloud environments.NS1 Connect is one of the first fruits from IBM’s acquisition of DNS specialist NS1 earlier this year. The service is aimed at helping organizations set up the best connection between clouds and end users to deliver applications optimized for performance, cost, security and availability.Core to the NS1 Connect package, which will be available Oct. 17, is traffic-steering technology that intelligently distributes DNS traffic across the network. DNS is often described as the Internet’s phone book, working in the background to match the names of web sites that users type into a search box with the corresponding IP address.To read this article in full, please click here
0
DNS security poses problems for enterprise IT
Attacks related to Domain Name System infrastructure – such as DNS hijacking, DNS tunneling and DNS amplification attacks – are on the rise, and many IT organizations are questioning the security of their DNS infrastructure.Most IT organizations maintain a variety of DNS infrastructure for public services (websites and internet-accessible services) and private services (Active Directory, file sharing, email). Securing both internal and external DNS infrastructure is critical due to a growing number of threats and vulnerabilities that malicious actors use to target them. Unfortunately, very few organizations are confident in their DNS security.Enterprise Management Associates (EMA) recently examined the issue of DNS security in its newly published research report, “DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-Cloud Era.” Based on a survey of 333 IT professionals responsible for DNS, DHCP and IP address management (DDI), the research found that only 31% of DDI managers are fully confident in the security of their DNS infrastructure.To read this article in full, please click here
0
Cisco significantly bolsters security portfolio with $28B Splunk buy
Looking to significantly reinforce its security software portfolio, Cisco has struck a $28 billion cash deal to acquire enterprise and cloud protection company Splunk.Founded in 2003, Splunk’s software platform is known for its wide-reaching ability to search, monitor and analyze data from a variety of systems. Network security teams can use this information to gain better visibility into and gather insights about network traffic, firewalls, intrusion detection systems (IDSes), intrusion prevention systems (IPSes), and security information and event management (SIEM) systems, from on premise and or its cloud-based package, according to Splunk.To read this article in full, please click here
0
How network security can save security dollars
For the last twelve years, 100% of CIOs have said that they expect to spend more on IT security, making security the only category that just keeps on absorbing investment. Every year in the last three years, over 80% of enterprises have said that their IT security still needed improvement. So, like death and taxes, is security spending growth inevitable? If we keep on the way we have, it sure seems like it. But what might change?Let’s start with what’s important to users. External threats, meaning hacking, are a problem for every CIO. Internal threats, from badly behaving employees, are a problem for three out of four. Data theft is a universal fear, and malware that interferes with applications and operations is an important problem for over 90% of CIOs. As far as approaches or targets are concerned, 100% say access security on applications and data is essential and so is regular malware scanning. If you ask CIOs to pick a single thing they think is essential for IT security, it’s access security.To read this article in full, please click here
0
IBM X-Force: Use of compromised credentials darkens cloud security picture
As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That's one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials’ popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here
0
Cisco software targets enterprise cloud security, risk assessment
Cisco is adding a security module to its observability platform that promises to help enterprises assess threat risks and protect cloud-based resources.The Cisco Secure Application module, available now, is part of the vendor’s Full Stack Observability (FSO) platform, which is designed to correlate data from application, networking, infrastructure, security, and cloud domains to make it easier for customers to spot anomalies, preempt and address performance problems, and improve threat mitigation.FSO is designed to make intelligent use of metrics, events, logs and traces. With it, organizations can consolidate to fewer tools, collect data from any source, correlate information, and enable AI-driven analysis to predict and prevent problems, Cisco said at the FSO launch event in June. To read this article in full, please click here
0
10 questions to ask about secure service edge (SSE)
In 2019, Gartner created the term secure access service edge (SASE) to describe a cloud-based service that combines networking and security in order to give remote workers safe access to internet-based resources.Gartner had put its finger on a new set of challenges that enterprise IT faced as employees shifted to remote work during Covid and applications migrated to the cloud. But Gartner overshot the runway a bit; vendors were caught flatfooted and scrambled to cobble together full suites of SASE features.On the customer side, a recent Gartner survey of CISOs revealed that “a majority of buyers are planning for a two-vendor strategy for SASE,” with security and networking teams making separate buying decisions rather than opting for single-vendor SASE.To read this article in full, please click here
0
VMware warns customers to immediately patch critical Aria network software holes
VMware is advising customers to upgrade or patch its Aria for Network Operations software because of potential security problems.VMware Aria is the vendor’s multi-cloud management platform that integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth. A single Aria Hub console provides centralized views and controls and lets customers see and manage the entire multi-cloud environment.The vulnerabilities are in Aria Operations for Networks, a monitoring component that can find the cause of application delays based on TCP traffic latency and retransmissions and trigger alerts on the applications dashboard.To read this article in full, please click here
0
Google’s Cross-Cloud Network service aims to simplify multicloud networking
Google Cloud has added a new service that promises to make it easier for enterprise customers to securely network multiple cloud-based resources.The Cross-Cloud Network service consists of new and existing Google Cloud technology and includes a partner ecosystem to help organizations develop, build and support distributed enterprise applications across clouds.“We know that 70-plus percent of our enterprises are going to adopt multicloud. [The] idea behind Cross-Cloud Network is that today many organizations operate bespoke networks with turnkey security to connect to those clouds that are operationally complex to manage and build, thereby resulting in a much higher total cost of ownership and soaring costs,” said Muninder Sambi, vice president and general manager of networking for Google Cloud. “They set up private data centers to connect and secure the hybrid workforce to access cloud and on-prem resources and manage multiple CDN clouds to accelerate web apps. All of this can also lead to an inconsistent security posture and drives up total costs,” Sambi said.To read this article in full, please click here
0
Fortinet adds wireless and IoT security features to SASE platform
Fortinet continues to enhance its Secure Access Service Edge (SASE) package by adding support for microbranches, extending wireless LAN protections, and improving data loss prevention (DLP) and end-user monitoring capabilities.The vendor added the new features to its FortiSASE offering, which includes SD-WAN, secure web gateway, firewall as a service, cloud access security broker, and zero trust network access (ZTNA), all running on top of its FortiOS operating system. The package can be centrally managed via the firm’s FortiManager software, which sets network and security policies across the Fortinet product line.To read this article in full, please click here
0
Most hyped network technologies and how to deal with them
The appeal of promising network technologies can be jaded by pressure to adopt untested ideas. When I look over the comments I’ve gotten from enterprise technologists this year, one thing that stands out is that almost three-quarters of them said that entrenched views held by company executives is a “significant problem” for them in sustaining their network and IT operations.“Every story that comes out gets me a meeting in the board room to debunk a silly idea,” one CIO said. I’ve seen that problem in my own career and so I sympathize, but is there anything that tech experts can do about it? How do you debunk the “big hype” of the moment?For starters, don’t be too dismissive. Technologists agree that a dismissive response to hype cited by senior management is always a bad idea. In fact, the opening comment that most technologists suggested is “I agree there’s real potential there, but I think there are some near-term issues that need to be resolved before we could commit to it.” The second-most-cited opening is “I’ve already launched a study of that, and I’ll report back to you when it’s complete.” There’s usually a grain (yeah, often Continue reading
0
Cisco, Kyndryl step up partnership to cut enterprise security threats
Cisco and Kyndryl have expanded their partnership to offer new services that are aimed at helping enterprise customers better detect and respond to cyber threats.Specifically, Kyndryl will be integrating its own cyber resiliency offering with Cisco’s overarching Security Cloud platform that includes security components such as Cisco’s Duo access control, extended detection and response features, and Multicloud Defense, which orchestrates security and policy across private and public clouds.Security Cloud operates as a layer on top of the infrastructure across a customer’s cloud services – including Azure, AWS, GCP and private data-center clouds – to protect core applications, Cisco said. It features a unified dashboard, support for flexible trust policies, and open APIs to encourage third-party integrators. By correlating data and employing artificial intelligence and machine learning, Cisco Security Cloud can detect and remediate threats quickly throughout an organization, Cisco says.To read this article in full, please click here
0
Versa enhances SASE package with AI-based security tools
Versa is bolstering the AI security management features of its integrated Secure Access Service Edge (SASE) package to include improved malware detection for Advanced Threat Protection, network microsegmention and generative AI protection to help customers better detect and quickly mitigate threats to their networked service and applications.The vendor supports AI in its integrated Versa SASE package that includes SD WAN, a next-generation and web application firewall, intrusion prevention, zero trust support and data loss prevention.To read this article in full, please click here
0
Hybrid mesh firewall platforms gain interest as management challenges intensify
As enterprise networks get more complex, so do the firewall deployments.There are on-premises firewalls to manage, along with firewalls that are deployed in virtual machines and firewalls deployed in containers. There are firewalls for clouds and firewalls for data centers, firewalls for network perimeters, and firewalls for distributed offices. According to Gartner, by 2026, more than 60% of organizations will have more than one type of firewall deployment."A firewall used to be a box or a chasse with multiple cards," says Omdia analyst Fernando Montenegro. "Then we had a firewall in a virtual machine. And now we have a container form factor for a firewall because customers are deploying containers. And, oh, we need firewalls-as-a-service to support SASE."To read this article in full, please click here
0
Aruba plugs core enterprise SASE, SSE service protection directions
Aruba Networks is showing off some enhancements to its security platform – including new zero trust and sandboxing features – that promise to help customers advance fortification of their hybrid cloud and enterprise network environments.Hewlett Packard Enterprise’s network subsidiary is also detailing the progress it has made in integrating the security technology from its March purchase of Axis Security into Aruba’s security service edge (SSE) platform with Aruba's SD-WAN and Secure Access Services Edge (SASE) offerings.Some of the new features and directions will be demoed and discussed as part of Aruba’s presence at this week’s Black Hat 2023 event which will focus on everything security including AI, automation and threat intelligence issues.To read this article in full, please click here
0
Fortinet bolsters SD-WAN services, security with new software, next-generation firewalls
Fortinet has added new features to its SD-WAN software and a next-generation firewall series that promise to help customers better monitor and protect distributed enterprise resources.On the SD-WAN front, Fortinet is introducing two services – a network underlay and overlay option to let customers better manage WAN traffic to remote sites. The Underlay Performance Monitoring Service for SD-WAN utilizes the vendor’s core central management system FortiManager and FortiGuard’s database of hundreds of popular SaaS and cloud implementations, to offer visibility into the performance of the underlay network. The underlay network is typically made up if the physical network infrastructure supporting traffic between distributed cloud or remote office resources.To read this article in full, please click here
0
Cisco buys Internet BGP monitoring firm CodeBGP
Aiming to bolster its assessment of Internet traffic health Cisco said it would buy startup Border Gateway Protocol monitoring firm Code BGP for an undisclosed amount.Privately held Code BGP will slide into Cisco’s ThousandEyes network intelligence product portfolio and bring a cloud-based platform that among other features, maintains an inventory of IP address prefixes, peerings and outbound policies of an organization via configured sources, like BGP feeds. BGP tells Internet traffic what route to take, and the BGP best-path selection algorithm determines the optimal routes to use for traffic forwarding.Then, the system lets customers see and interact with this inventory in real-time through an open API and bring real-time detection of BGP hijacking, route leaks, and other BGP issues according to the company. Adding such capabilities will let ThousandEyes further expand its BGP monitoring and incident analysis capabilities to maintain health of the Internet as well as key applications and services, according to Joe Vaccaro vice president of products for Cisco’s ThousandEyes in a blog about the acquisition. To read this article in full, please click here
0
Cisco buys Internet BGP monitoring firm Code BGP
Aiming to bolster its assessment of Internet traffic health, Cisco has acquired Code BGP, a privately held BGP monitoring startup, for an undisclosed amount.Code BGP will slide into Cisco’s ThousandEyes network intelligence product portfolio and bring a cloud-based platform that, among other features, maintains an inventory of IP address prefixes, peerings and outbound policies of an organization via configured sources, like BGP feeds. Border Gateway Protocol (BGP) tells Internet traffic what route to take, and the BGP best-path selection algorithm determines the optimal routes to use for traffic forwarding.Then, the system lets customers see and interact with this inventory in real-time through an open API and bring real-time detection of BGP hijacking, route leaks, and other BGP issues according to the company. Adding such capabilities will let ThousandEyes further expand its BGP monitoring and incident analysis capabilities to maintain health of the Internet as well as key applications and services, according to Joe Vaccaro vice president of products for Cisco’s ThousandEyes in a blog about the acquisition. To read this article in full, please click here
0
Cisco brings ransomware protection to XDR SaaS package
Cisco has added ransomware detection and recovery support to its recently unveiled Extended Detection and Response (XDR) system.The new features target recovery from ransomware attacks and come courtesy of integration with Cohesity’s DataProtect and DataHawk offerings which offer configurable ransomware recovery and rescue support for systems assigned to a protection plan. Cohesity’s platform can preserve potentially infected virtual machines for forensic investigation and protect enterprise workloads from future attacks.Cisco said that the exponential growth of ransomware and cyber extortion has made a platform approach crucial to effectively counter adversaries. It also noted that during the second quarter of 2023, the Cisco Talos Incident Response team responded to the highest number of ransomware engagements in more than a year.To read this article in full, please click here
0
Network giants unite to fight security risks
A group of industry stalwarts is banding together to help enterprises, services providers and telcos fight cyber foes.The Network Resilience Coalition includes AT&T, Broadcom, BT Group, Cisco Systems, Fortinet, Intel, Juniper Networks, Lumen Technologies, Palo Alto Networks, Verizon and VMware. Its aim is to deliver open and collaborative techniques to help improve the security of network hardware and software across the industry.The coalition was brought together under the Center for Cybersecurity Policy & Law, a nonprofit organization dedicated to improving the security of networks, devices and critical infrastructure. The Center has a broad security mission, but at least for now, it wants the Resilience group to focus on routers, switches and firewalls that are older, may have reached end-of-life vendor support, or have been overlooked for security patching or replacement. To read this article in full, please click here