Archive

Category Archives for "Network World Security"

Zero Trust is hard but worth it

At the end of last year, I heard from a long-time enterprise contact that had a major security concern. The company had installed three layers of security and just completed an audit. It showed that since thIey’d finished their installation they’d had five security incidents, and all of them had originated inside their security perimeter, bypassing most of their protection.Their question was what they did wrong and how they could fix it.What this company experienced is far from rare, and the source of their problems and the paths to correction are far from easy.We tend to think of security as a goal we can achieve with a simple toolkit. Not so. Security is the state you achieve by dealing with all likely threats, and every threat has to be addressed in its own unique way. Problems can come from hackers gaining access to an application or database from the outside, through things like stealing credentials or exploiting weak authentication.To read this article in full, please click here

How to buy enterprise firewalls

Enterprise firewalls have been the quintessential security device for decades, standing guard at the perimeter, inspecting all inbound and outbound traffic for malware. So, what happens to firewalls as the perimeter fades away? They evolve.Today’s firewalls are an essential piece of the enterprise security puzzle. They’ve become the foundational device upon which security vendors have stacked all of their advanced features. Cloud-based, next-generation firewalls (firewall-as-a-service) are a core component of any secure access service edge (SASE) deployment. VPN remote access for work-at-home employees typically terminates at a firewall. And firewalls play a key role in zero-trust network access (ZTNA), serving as the device that enforces access control policies and network segmentation rules.To read this article in full, please click here

How to shop for firewalls

Enterprise firewalls have been the quintessential security device for decades, standing guard at the perimeter, inspecting all inbound and outbound traffic for malware. So, what happens to firewalls as the perimeter fades away? They evolve.Today’s firewalls are an essential piece of the enterprise security puzzle. They’ve become the foundational device upon which security vendors have stacked all of their advanced features. Cloud-based, next-generation firewalls (firewall-as-a-service) are a core component of any secure access service edge (SASE) deployment. VPN remote access for work-at-home employees typically terminates at a firewall. And firewalls play a key role in zero-trust network access (ZTNA), serving as the device that enforces access control policies and network segmentation rules.To read this article in full, please click here

Log4j flaw needs immediate remediation

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t need another big issue to take care of, but they have one: Stemming potential damage from the recently disclosed vulnerability in open source Java-logging Apache Log4j software.  Log4j or Log4Shell has been around a long time—it was released in January, 2001—and is widely used in all manner of enterprise and consumer services, websites, and applications. Experts describe the system as an easy-to-use common utility to support client/server application development.To read this article in full, please click here

Aryaka broadens enterprise targets with managed SD-WAN, SASE services

Aryaka Networks is looking to target more enterprises with a new managed secure access service edge (SASE) offering and an improved, lower cost SD-WAN offerings.Aryaka is known for offering WAN and SD-WAN services over its global Layer 2 network with more than 40 points . The new services spring from that backbone to provide additional, flexible WAN services. SD-WAN buyers guide: Key questions to ask vendors The first is based on a new iteration of Aryaka’s L2 core—the L3—which is optimized for cost and non-mission critical applications or sites that don’t require top-shelf performance. The L2 core is optimized for performance-sensitive applications.To read this article in full, please click here

How to buy SASE

Wouldn’t it be great if there were a cloud-based service that combined networking and security so that users located anywhere could safely and efficiently access applications and data located anywhere? That’s the aim of SASE (rhymes with gassy). SASE isn’t a single product, but rather it’s an approach, a platform, a collection of capabilities, an aspiration.Gartner coined the term Secure Access Service Edge in a 2019 research report, and the name stuck. Vendors have been doing backflips trying to cobble together complete SASE offerings, which would include at a minimum software-defined WAN (SD-WAN), secure Web gateway (SWG), cloud access security broker (CASB), firewall-as-a-service (FWaaS) and zero trust network access (ZTNA).To read this article in full, please click here

Cisco hit with software and physical issues

Cisco Systems has been hit with an unusual double-whammy of issues, one of them in software and one in hardware.First, the more serious issue, a firewall flaw. Security researcher Positive Technologies, which hunts for security vulnerabilities, posted a warning that a vulnerability in Cisco firewall appliances could allow hackers to cause them to fail.The problem is in the Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls. Forrester Research says there are more than a million of them deployed worldwide. Positive assessed the severity level of vulnerability as high and recommended users should install updates, which are available, as soon as possible.To read this article in full, please click here

SmartNICs set to infiltrate enterprise networks

Enterprise infrastructure that supports data center, cloud and edge networks could someday be dominated by one of its tiniest components--the smartNIC or data processing unit (DPU).Use of smartNICs in the enterprise is still evolvinging, but the idea behind them--offloading server CPU duties onto a separate device to free up server cycles--is not new. Specialized hardware accelerators such as graphics processing units (GPU), field-programmable gate arrays (FPGA), and focused NICs have offloaded CPU workloads in telco, financial, and scientific application processing. NaaS is the future but it's got challenges Looking ahead, users and vendors see a way to reduce enterprise costs, improve performance and increase security with smartNICs.To read this article in full, please click here

How to buy Wi-Fi 6 access points

Wi-Fi 6 has some impressive improvements over its predecessor Wi-Fi 5 including lower latency, faster speeds, higher throughput, and increased range that can make it a better fit to serve both dense clusters of clients and clients running high-bandwidth applications.As Wi-Fi in general replaces wired networks in some enterprises and with the increased use of tablets, laptops, and mobile phones within enterprises, wireless-network responsiveness and versatility are becoming more desirable. Wi-Fi 6 (802.11 ax) can help. It can also improve the efficiency of IoT Wi-Fi networks by letting sensors lie idle more of the time so their batteries last longer.To read this article in full, please click here

Palo Alto software advances end-to-end enterprise cloud security

Palo Alto Networks has bolstered its security software to better protect  enterprise Software-as-a-Service (SaaS) applications.The company rolled out a new version of its core cloud-security package, Prisma Cloud 3.0, which includes the ability to code security directly into SaaS applications. The package includes a cloud-access security broker (CASB) to control access to cloud resources.[Get regularly scheduled insights by signing up for Network World newsletters.] Prisma is a cloud-based security bundle that includes access control, advanced threat protection, user-behavior monitoring, and other services that promise to protect enterprise applications and resources. Managed through a single console, Prisma includes firewall as a service, Zero Trust network access and a secure web gateway. To read this article in full, please click here

Rethinking the WAN: Zero Trust network access can play a bigger role

The WAN as initially conceived was about one simple job: the WAN was the network that “connects my sites to each other.” That is, the network connecting users in corporate sites to corporate IT resources in other corporate sites or perhaps colocation facilities. It was all inside-to-inside traffic.Over the past decade so much has changed that, just before COVID-19 work-from-home mandates took hold, only about 37% of a typical WAN’s traffic was still inside-to-inside, according to Nemertes’ “Next Generation Networks Research Study 2020-2021”. The rest touched the outside world, either originating there as with remote work against data-center systems or terminating there as with SaaS use from a company site or both as with VPNing into the network only to head back out to a SaaS app.To read this article in full, please click here

3 steps to improve collaboration between networking and security pros

(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report “NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation”, by EMA Vice President of Research Networking Shamus McGillicuddy.)To read this article in full, please click here

3 steps to better collaboration between networking and security pros

(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report “NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation”, by EMA Vice President of Research Networking Shamus McGillicuddy.)To read this article in full, please click here

Nvidia jumps into Zero Trust

Nvidia has announced a Zero Trust platform built around its BlueField data-processing units and Nvidia software.Zero Trust is an architecture that verifies every user and device that tries to access the network and enforces strict access control and identity management that limits authorized users to accessing only those resources they need to do their jobs.[Get regularly scheduled insights by signing up for Network World newsletters.] “You cannot just rely on the firewall on the outside, you have to assume that any application or any user inside your data center is a bad actor,” said Manuvir Das, head of enterprise computing at Nvidia. “Zero Trust basically just refers to the fact that you can't trust any application or user because there are bad actors.”To read this article in full, please click here

Drone demo shows it’s possible to protect 5G-managed devices from DDoS, exfiltration attacks

A demonstration earlier this year at Stanford School of Engineering proved that a small fleet of computer-controlled drones can maintain their flight integrity in the face of continual cyberattacks on the 5G network used to manage the devices through the deployment of software-defined networking (SDN).For enterprise IT pros charged with securing devices wirelessly across a 5G network, the drone test results are promising evidence that SDN can help networks under cyberattack to recover almost instantaneously.To read this article in full, please click here

Cisco tool makes it easier to meld SD-WAN, security domains

Cisco has upgraded two of its core software programs to make it easier for enterprise customers to secure data-center and WAN-connected resources.Cisco has introduced what it calls Integrated Domain, which combines the domain controllers of Cisco DNA Center and Cisco SD-WAN vManage to tie together network connectivity between the two domains as well as ensuring security-policy consistency end-to-end, according to Justin Buchanan, Cisco director of product management, security policy and access.To read this article in full, please click here

Software-defined perimeter is a good place to start a rollout of Zero Trust network access

Zero Trust relies on continuously re-authorizing users, applications, and devices to establish myriad “perimeters of one” in the environment, but the name isn’t quite accurate.Zero Trust doesn’t literally mean zero trust; it means zero implicit trust. You—whether that means a person, or a software or hardware system—are not to be trusted simply by virtue of where you are on the network; there is no network perimeter within which you are automatically trusted to connect to services. And you are not to be trusted now just because you were trusted when you first gained access to the network; gaining admission once is not the same thing as ongoing trust. And you are not to be trusted to make the new service connection you are trying to make now just because you were trusted to make the previous one.To read this article in full, please click here

Gartner: Top strategic predictions for 2022 and beyond

Expect the unexpected – that’s just one of the core premises IT leaders need to embrace in the next few years, according to Gartner's top strategic predictions for 2022 and beyond.IT leaders need to be able to move in multiple strategic directions at once, said Daryl Plummer, distinguished research vice president and Gartner Fellow, to the virtual audience at the firm’s IT Symposium/Xpo Americas, held this week.Network certs: Significant raises for the right ones “Resilience, opportunity and risk have always been components of good business strategy, but today these issues hold new meaning,” Plummer said. “This year’s predictions embody how resilience must be built in more non-traditional ways, from talent to business modularity, while opportunity and risk must be viewed with a greater sense of urgency.”To read this article in full, please click here

Gartner says IT spending to top $4 Trillion in 2022

With IT budgets growing at the fastest rate in 10 years, worldwide IT spending is projected to total $4.5 trillion in 2022, an increase of 5.5% from 2021, according to the latest Gartner forecasts.All IT spending segments—from data-center systems to communications services—are forecast to grow next year, according to Gartner.  [Get regularly scheduled insights by signing up for Network World newsletters.] Enterprise software is likely to have the highest growth in 2022 at 11.5%, driven by infrastructure software spending. Global spending on devices grew over 15%  as remote work, telehealth and remote learning took hold, and Gartner expects 2022 will continue that growth as enterprises upgrade devices and/or invest in multiple devices to support the hybrid work setting. “Enterprises will increasingly build new technologies and software, rather than buy and implement them, leading to overall slower spending levels in 2022 compared to 2021,” said John-David Lovelock, distinguished research vice president at Gartner.To read this article in full, please click here

Gartner says IT spending to top $4 trillion in 2022

With IT budgets growing at the fastest rate in 10 years, worldwide IT spending is projected to total $4.5 trillion in 2022, an increase of 5.5% from 2021, according to the latest Gartner forecasts.All IT spending segments—from data-center systems to communications services—are forecast to grow next year, according to Gartner.  [Get regularly scheduled insights by signing up for Network World newsletters.] Enterprise software is likely to have the highest growth in 2022 at 11.5%, driven by infrastructure software spending. Global spending on devices grew over 15% as remote work, telehealth and remote learning took hold, and Gartner expects 2022 will continue that growth as enterprises upgrade devices and/or invest in multiple devices to support the hybrid work setting. “Enterprises will increasingly build new technologies and software, rather than buy and implement them, leading to overall slower spending levels in 2022 compared to 2021,” said John-David Lovelock, distinguished research vice president at Gartner.To read this article in full, please click here

1 2 3 306