Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster
Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here
Erosion of the traditional network perimeter and the transition to work-from-anywhere have conspired to bring an unprecedented threat level to endpoint devices, users, and applications, Cisco CEO Chuck Robbins told the online audience at the virtual RSA Conference 2021.Such threats are exacerbated by the fact that over 3,500 vendors offer security products and services that many customers patchwork together, creating complexity that makes it hard for many to build an effective security position, Robbins said.Backup lessons from a cloud-storage disaster
Against that backdrop, Cisco announced a number of security moves to further integrate and upgrade its own overarching offerings with new features and services.To read this article in full, please click here
Almost all Wi-Fi is potentially vulnerable to flaws that date back to 1997 when it became commercially available, but even the person who discovered the weaknesses says some of them are difficult to exploit.
Wi-Fi resources
Test and review of 4 Wi-Fi 6 routers: Who’s the fastest?
How to determine if Wi-Fi 6 is right for you
Five questions to answer before deploying Wi-Fi 6
Wi-Fi 6E: When it’s coming and what it’s good for
Mathy Vanhoef, a post-doctoral student at NYU Abu Dhabi, has created attacks—FragAttacks—that take advantage of the vulnerabilities, but in an academic paper about them, says the most widespread vulnerabilities can be exploited only under specific, rare conditions, and require either user interaction or highly unusual configurations to succeed.To read this article in full, please click here
Certificate-based authentication is a cryptographic technique that allows one computer to securely identify itself to another across a network connection, using a document called a public-key certificate.To read this article in full, please click here(Insider Story)
IBM has taken the wraps off a version of its Cloud Pak for Security that aims to help customers looking to deploy zero-trust security facilities for enterprise resource protection.IBM Cloud Paks are bundles of Red Hat’s Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.To read this article in full, please click here
Juniper Networks has laid a key part of its Secure Access Services Edge (SASE) foundation with a cloud-based security-control service that provides a central way to control and protect on-premises or cloud-based enterprise resources.Called Security Director Cloud, the service focuses Juniper's SASE efforts by providing a central point to manage enterprise security services including policy setting, and threat-detection and -prevention.Juniper (like other key enterprise networking vendors such as Cisco, Hewlitt-Packard Enterprise (Aruba) and VMware, as well as service providers including Cato Networks, Akamai, and Zscaler) has pledged allegiance to growing SASE support in its product families.To read this article in full, please click here
Cisco has taken the wraps off a technology package it says will utilize existing core wireless and wired systems to help enterprises better control their physical environments and enable a safer, more secure return to the office.While supporting remote offices and branches of one—IDC says that post-COVID, more than 52% of workers will either remain remote or hybrid—they rest could return to an altered business space. Who’s selling SASE, and what do you get?
In these offices, sensors and devices that have been used to manage lighting and HVAC systems can be adapted to occupancy and density monitoring, air-quality testing, contact tracing, and in-room presence, according to Anoop Vetteth, vice president of product management with Cisco’s Enterprise Switching and Software Solutions group.To read this article in full, please click here
When devics on enterprise LANs need to connect to other devices, they need a standard method for identifying each other to ensure they are communicating with the device they want to, and that's what 802.1x does. This article tells where it came from and how it works.802.1x defined
IEEE 802.1X is a standard that defines how to provide authentication for devices that connect with other devices on local area networks (LANs).How to deploy 802.1x for Wi-Fi using WPA3 enterprise
It provides a mechanism by which network switches and access points can hand off authentication duties to a specialized authentication server, like a RADIUS server, so that device authentication on a network can be managed and updated centrally, rather than distributed across multiple pieces of networking hardware.To read this article in full, please click here
I consider myself a techno-optimist. Technology has improved life for humanity in countless ways, like the wheel, the printing press, selfie sticks—these marvels have enriched us all.So too has Wi-Fi. If not for Wi-Fi, no one could idly stream YouTube videos on company laptops through rogue hotspots at a busy-but-socially-distanced coffeeshop when we’re supposed to be doing our jobs. Which is to say none of us could fully leverage the remote network-connectivity tools that allow enterprise employees to be productive any time and from anywhere.To read this article in full, please click here
Organizations using Pulse Secure’s mobile VPN should patch vulnerabilities reportedly being exploited in the wild, possibly by a “Chinese espionage actor”.The patch–available here–is considered important enough that the Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies a deadline of April 23 to apply them.Backup lessons from a cloud-storage disaster
CISA’s guidance states that federal users of Pulse Connect Secure VPNs must use the company’s free utility to ascertain whether their devices are vulnerable.To read this article in full, please click here
The largest cloud provider based in Europe, OVHcloud, suffered a catastrophic fire last month that destroyed one of its data centers and smoke-damaged a neighboring one. OVHcloud customers with data in the burned-out data cener who had their own disaster recovery measures in place or who purchased the off-site backup and disaster-recovery services offered by OVHcloud have been able to resume operations. Those who did not lost data that will never come back.Some losses were complete, such as those described on Twitter by rounq.com who is still waiting for backups and redundancy that he thought were already in place, according to his tweets. Companies that had some type of off-site backup seemed to be up and running again, such as Centre PompidouTo read this article in full, please click here
VMware has unveiled an integrated package of cloud security, access control and networking software aimed at addressing the key needs of today's COVID-19-driven remote workforce.VMware Anywhere Workspace brings together the company’s core enterprise software products, including its Workspace ONE unified endpoint management, Carbon Black Cloud cloud-native endpoint security, and secure access service edge (SASE) components, into a single system to support a widely distributed workforce. Read more: Who's selling SASE, and what do you get?
"Enterprises are moving from simply supporting remote work to becoming distributed, anywhere organizations. Companies are rethinking where teams work, how they work, and how they support customers from wherever they are," Sanjay Poonen, chief operating officer, customer operations with VMware, wrote in a blog about the announcement. "To be successful, this means investing in technology and a long-term strategy to be a stronger, more focused and more resilient organization." To read this article in full, please click here
The Albuquerque water authority says recent network upgrades give it greater visibility and control over its remote sites and makes for faster responses to leaks and other problems.The Albuquerque Bernalillo County Water Utility Authority manages more than 3,000 miles of water-supply pipeline covering more than 650,000 users. The authority manages 135 remote locations, which include well sites, tanks, and pump stations, all of which have programmable logic controllers (PLC) connected to a dedicated, fixed-wireless network running at 900MHz back to the core network.[Get regularly scheduled insights by signing up for Network World newsletters.]
“The [main treatment] plant was built [about] 15 years ago,” said Kristen Sanders, the authority’s chief information security officer. “So if a piece of equipment went out, replacing it would be about shopping on eBay.” Also the authority’s fiber backbone that connects the sites with the main plant was past it’s service life and had to be replaced.To read this article in full, please click here
A set of vulnerabilities in TCP/IP stacks used by FreeBSD and three popular real-time operating systems designed for the IoT was revealed this week by security vendor Forescout and JSOF Research. The nine vulnerabilities could potentially affect 100 million devices in the wild.Nucleus NET, IPNet and NetX are the other operating systems affected by the vulnerabilities, which a joint report issued by Forescout and JSOF dubbed Name:Wreck.In a report on the vulnerabilities, Forescout writes that TCP/IP stacks are particularly vulnerable for several reasons, including widespread use, the fact that many such stacks were created a long time ago, and the fact that they make an attractive attack surface, thanks to unauthenticated functionality and protocols that cross network perimeters.To read this article in full, please click here
Cisco made enhancements to its security offerings that will expand and change the way customers buy its Secure Access Service Edge products as well as bolster network-access authentication.Cisco's SASE plan will focus on enhancing networking and security functions while building them into an integrated service that can help simplify access to enterprise cloud resources securely, said Gee Rittenhouse senior vice president and general manager of Cisco’s Security Business Group during this week's Cisco Live! event.MORE CISCO LIVE! NEWS: Cisco takes its first steps toward network-as-a-service; Cisco brings net intelligence to Catalyst switches, app-performance managementTo read this article in full, please click here
5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.
5G resources
What is 5G? Fast wireless technology for enterprises and phones
How 5G frequency affects range and speed
Private 5G can solve some problems that Wi-Fi can’t
Private 5G keeps Whirlpool driverless vehicles rolling
5G can make for cost-effective private backhaul
CBRS can bring private 5G to enterprises
Network slicing is central to realizing many of 5G’s more ambitious capabilities because it enables individual access points or base stations to subdivide networks into multiple logical sections—slices—effectively providing entirely separate networks for multiple uses. The slices can be used for different purposes—say, mobile broadband for end-users and massive IoT connectivity—at the same time, without interfering with each other.To read this article in full, please click here
5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.To read this article in full, please click here(Insider Story)
With a goal of making distributed applications more secure, VMware has announced plans to buy security vendor Mesh7 for an undisclosed amount.Combining the acquisition with its other security wares, VMware aims to address modern applications that require reliable connectivity, dynamic service discovery, and the ability to automate changes quickly without disruption as they extend across multi-cloud environments, said Tom Gillis, senior vice president and general manger with VMware's networking and security business unit, in a blog about the Mesh7 acquisition.To read this article in full, please click here
The best way to avoid paying ransom to attackers who have infected your systems with ransomware is to have those systems adequately backed up so you can wipe them and restore them from safe backups. Here are several options for making sure those backups are up to the task.In this article, backup refers to any system that you're going to use to respond to a ransomware attack, including old-school backup systems, replication systems, and modern hybrid systems that support backup and disaster recover. For simplicity’s sake, they’ll all be referred to as backup here.
More about backup and recovery:To read this article in full, please click here