Archive

Category Archives for "Network World Security"

Cisco brings ransomware protection to XDR SaaS package

Cisco has added ransomware detection and recovery support to its recently unveiled Extended Detection and Response (XDR) system.The new features target recovery from ransomware attacks and come courtesy of integration with Cohesity’s DataProtect and DataHawk offerings which offer configurable ransomware recovery and rescue support for systems assigned to a protection plan. Cohesity’s platform can preserve potentially infected virtual machines for forensic investigation and protect enterprise workloads from future attacks.Cisco said that the exponential growth of ransomware and cyber extortion has made a platform approach crucial to effectively counter adversaries.  It also noted that during the second quarter of 2023, the Cisco Talos Incident Response team responded to the highest number of ransomware engagements in more than a year.To read this article in full, please click here

Network giants unite to fight security risks

A group of industry stalwarts is banding together to help enterprises, services providers and telcos fight cyber foes.The Network Resilience Coalition includes AT&T, Broadcom, BT Group, Cisco Systems, Fortinet, Intel, Juniper Networks, Lumen Technologies, Palo Alto Networks, Verizon and VMware. Its aim is to deliver open and collaborative techniques to help improve the security of network hardware and software across the industry.The coalition was brought together under the Center for Cybersecurity Policy & Law, a nonprofit organization dedicated to improving the security of networks, devices and critical infrastructure. The Center has a broad security mission, but at least for now, it wants the Resilience group to focus on routers, switches and firewalls that are older, may have reached end-of-life vendor support, or have been overlooked for security patching or replacement. To read this article in full, please click here

Fortinet unveils data center firewalls with AI support

Fortinet has released two new high-speed, next generation firewalls designed to protect data center assets.The 387Gbps 3200F series and 164Gbps 900G series feature support for the vendor’s AI-Powered Security Services, which blend AI and machine-learning technologies to make customers aware of cyber threats and act on protecting resources much more quickly, according to Nirav Shah, vice president of products and solutions at Fortinet.FortiGuard AI-Powered Security Services use real-time data from Fortinet’s threat researchers at FortiGuard Lab to monitor for new dangers. “We look at terabytes of data every day, and that's where we run our AI and machine learning to see different things – whether we need to enable AI-powered services with IPS, or utilize sandbox technologies to mitigate them,” Shah said. “If you look at the cybersecurity industry, and the amount of data that we see, and the patterns and other things that we need to recognize to find the threats – [it] is extremely tough if you do it manually.”To read this article in full, please click here

Cisco hosts containerized firewall on Catalyst switches to protect mixed IT/OT networks

Cisco announced a containerized firewall package for its venerable Catalyst switch family that’s designed to help enterprise customers with mixed IT and OT systems more easily segment network resources and save money by consolidating network and security deployments.Specifically, Cisco built a Docker-based container for its Secure Firewall Adaptive Security Appliance (ASA) that can be hosted on its Catalyst 9300 access switches. Cisco Secure Firewall ASA combines firewall, antivirus, intrusion prevention, encryption and virtual private network (VPN) support.The firewall supports up to 10 logical interfaces, which can be used for segmentation. This segmentation helps limit the ability of an attacker to move laterally within the network by containing any breach to a specific zone, wrote Pal Lakatos-Toth, an engineering product manager with Cisco’s security business group, in a blog about the news.To read this article in full, please click here

Cisco snaps up Oort to bolster identity management technology

Cisco is continuing its summer buying spree with the acquisition of security startup Oort for an undisclosed amount.Oort offers an identity threat detection and response platform for enterprise security.  Founded in 2019, Oort raised $15 million in Series A funding that included money from Cisco’s venture capital arm.“With Oort’s API-driven, cloud-native, and agentless platform, they eliminate identity visibility gaps across disparate data sources, show misconfigurations, check for security vulnerabilities, and offer predictive identity analytics to proactively stop attacks,” wrote Raj Chopra, senior vice president and chief product officer for Cisco Security, in a blog about the acquisition. To read this article in full, please click here

Microsoft jumps into competitive security service edge (SSE) arena

Microsoft is jumping into the competitive Secure Service Edge (SSE) arena with a software package aimed at protecting its Windows and Azure customers as well as other cloud-based enterprise resources.The new software is part of Microsoft’s Entra identity and network access suite, and it features two new elements – Entra Internet Access and Entra Private Access – that will control and secure access to cloud-based resources. Those two new pieces, coupled with Microsoft’s existing SaaS-focused cloud-access security broker (CASB), called Microsoft Defender for Cloud apps, comprise Microsoft's SSE package.To read this article in full, please click here

Cisco amps up security analytics software

Cisco unveiled a new version of its Secure Network Analytics (SNA) software aimed at making it easier to track more data flows and act faster on relevant security alerts. Enhancements in SNA release 7.4.2 include the ability to more efficiently gather, process and store data; advanced detection capabilities; improved telemetry support; and the ability to run on Cisco’s high-performance UCS M6 hardware.Cisco’s network analytics software is designed to help organizations detect and respond to security threats by harnessing telemetry data from multiple sources and providing insights into network behavior to proactively identify risks, according to a blog post by Jay Bethea, product marketing manager with Cisco’s secure email group.To read this article in full, please click here

Gartner: SSE landscape shifts as vendors add more security services

The market for managed security services is shifting as enterprises weigh their requirements for cloud-based security capabilities and vendors refine their feature sets and product integrations.Converged security services can offer significant benefits to enterprises when it comes to manageability, scalability, security, and price, according to research firm Gartner, which introduced the term SASE, or secure access service edge. SASE is a network architecture that combines software-defined wide area networking (SD-WAN) and security functionality into a unified cloud service that promises simplified WAN deployments, improved efficiency and security, and application-specific bandwidth policies.To read this article in full, please click here

Multiple SD-WAN vendors can complicate move to SASE

Enterprises over the past several years have embraced SD-WAN for many reasons, including the flexibility of cloud architecture, enhanced security, centralized management of distributed locations, and improved application availability and performance. In turn, the popularity of SD-WAN has helped propel interest in secure access service edge (SASE), a network architecture that converges connectivity and security services.To read this article in full, please click here

Networking, security initiatives dominate IT spending priorities

Network connectivity and security are key areas for IT investment as well as potential barriers to global success, according to new research.Nearly half of CIOs claim that establishing and managing connectivity in new markets is the single most critical factor when it comes to ensuring successful global expansion, according to Expereo, which surveyed 650 large enterprise and mid-market CIOs across Asia, Europe and North America for its research. In addition, 49% of CIOs report that their board views global connectivity as “a business-critical asset to growth.”To read this article in full, please click here

Cisco urges stop using weak crypto algorithms with OSPF

To reduce the risk of service problems, Cisco is making it harder for organizations to use weak cryptographic algorithms when setting up authentication for OSPF packets on certain Catalyst Edge Platforms and Integrated Services Routers (ISR).Newer versions of Cisco’s IOS XE software (Release 17.11.1 and later) no longer support those algorithms—DES, 3DES, and MD5—by default, Cisco stated in a field Notice.Specifically, the algorithms are no longer default options for the open shortest path first v 3 (OSPFv3) protocol, which uses the IPsec secure socket API to add authentication to OSPFv3 packets that distribute routing information.To read this article in full, please click here

VMware picks up partners for open-source confidential computing development

Virtualization technology provider VMware has announced that it is partnering with AMD, Samsung, and members of the RISC-V keystone community for the development and operations of confidential computing applications.RISC-V is a hardware standards organization that is designing low-power processors; the Keystone Enclave is an open source project for building customizable trusted execution environments (TEEs).The aim of the new partnership among VMware, AMD, Samsung and RISC-V participants is to collaborate to contribute to the open-source Certifier Framework project for confidential computing. The Certifier Framework is an open-source project started by VMware in 2022 to tackle the key barriers in the development of confidential computing applications.To read this article in full, please click here

Cisco firewall upgrade boosts visibility into encrypted traffic

The software that runs Cisco’s new Firewall 4200 Series now includes the ability to see into encrypted traffic without decrypting it, which the vendor says will allow enterprise customers to better protect hybrid and multicloud applications.The enhanced Cisco Encrypted Visibility Engine (EVE) is part of the 7.4 version of the Secure Firewall operating system. Version 7.4 also includes zero-trust capabilities and improved application access control. The 4200 Series’ operating system also helps improve overall firewall performance – it’s twice as fast as previous high-end Cisco firewalls, the company says.EVE, which has been available since version 7.2 of the software, takes things further than traditional firewalls because it now lets customers detect the client application within an encrypted tunnel, according to Rick Miles, vice president of product management, cloud and network security in Cisco’s security business group.To read this article in full, please click here

Cato Networks launches AI-powered tracker for malware command and control

Cato Networks’ new deep learning algorithms are designed to identify malware command and control domains and block them more quickly than traditional systems based on domain reputation, thanks to extensive training on the company’s own data sets.Cato, a SASE provider based in Tel Aviv, announced the new algorithmic security system today. The system is predicated on the idea that domain reputation tracking is insufficient to quickly identify the command servers used to remotely control malware. That’s because most modern malware uses a domain generation algorithm (DGA) to rapidly generate pseudorandom domain names — which the deployed malware also has a copy of.To read this article in full, please click here

How IT pros can benefit from generative AI safely

The enterprise IT landscape is littered with supposedly paradigm-shifting technologies that failed to live up to the hype, and until now, one could argue that AI fell into that category. But generative AI, which has taken the world by storm in the form of OpenAI’s ChatGPT chatbot, just might be the real deal.Chris Bedi, chief digital information officer at ServiceNow, says the release of ChatGPT last November was “an iPhone moment,” an event that captured the public’s attention in a way that “changed everything forever.” He predicts that generative AI will become embedded into the fabric of every enterprise, and he recommends that CIOs and other IT leaders should begin now to develop their generative AI strategies.To read this article in full, please click here

Network spending priorities for second-half 2023

OK, it’s not been a great first half for many companies, from end users to vendors and providers. The good news is that users sort of believe that many of the economic and political issues that have contributed to the problem have been at least held at bay.There’s still uncertainty in the tech world, but it's a bit less than before. Most of the companies I’ve talked with this year have stayed guardedly optimistic that things were going to improve. Over the last month, of the nearly 200 companies I’ve emailed with, only 21 were “pessimistic” about the outlook for their tech spending in the second half.Lack of pessimism doesn’t translate to optimism, though, and optimism is a bit non-specific for network and IT planners to build on. What are the user priorities for tech for the rest of the year? Do they think their budgets will shift, and if so from what to what? Are they looking to make major changes in their networks, change their vendors, be more or less open? I thought I knew some of the answers to these questions, but for some I was wrong.To read this article in full, please click here

Cisco spotlights generative AI in security, collaboration

Looking to harness a decade of AI/ML development Cisco this week previewed generative AI-based features it will soon bring to its Security Cloud service and Webex collaboration offerings.Cisco said it was looking meld the network and security intelligence it has amassed over the years with the large language models (LLMs) of generative AI to simplify enterprise operations and address threats with practical, effective techniques.  The first fruits of this effort will be directed at the Cisco Security Cloud, the overarching, integrated-security platform that includes software such as Duo access control and Umbrella security as well as firewalls and  Talos threat intelligence access all delivered via the cloud.To read this article in full, please click here

Cisco jumps into SSE arena, boosts application security

Cisco this week took the wraps off a security service edge (SSE) offering that aims to help enterprises securely connect growing edge resources, including cloud, private and SAAS applications.Along with the SSE package, the vendor made two additional application security-related announcements at its Cisco Live! customer event. It unveiled Cisco Multicloud Defense, which is a new service designed to protect cloud service workloads, and it upgraded Panoptica, its cloud-native security application development software.To read this article in full, please click here

Cisco aims for AI-first security with Armorblox buy

Cisco plans to buy Armorblox, a six-year-old AI vendor, to help create “an AI-first Security Cloud.”“Leveraging Armorblox’s use of predictive and Generative AI across our portfolio, we will change the way our customers understand and interact with their security control points,” wrote Raj Chopra senior vice president and chief product officer for Cisco Security in a blog announcing the pending acquistion.While securing email was Armorblox’s first application of its AI techniques, they might also be applied to attack prediction, rapid threat detection, and efficient policy enforcement, Chopra wrote. “Through this acquisition though, we see many exciting broad security use cases and possibilities to unlock.”To read this article in full, please click here