Host Steve Ragan reports from the RSA 2018 show floor, talking with Greg Reber, founder and CEO at AsTech Consulting, about the looming GDPR deadline and what IT security professionals should be getting done now.
download
Getting grounded in IoT networking and security
The internet of things already consists of nearly triple the number of devices as there are people in the world, and as more and more of these devices creep into enterprise networks it’s important to understand their requirements and how they differ from other IT gear.To read this article in full, please click here
It’s been a few months since VMware closed its acquisition of VeloCloud, a prominent SD-WAN provider. In that time, the two companies have worked to integrate their products, and recently they announced a unified strategy called the Virtual Cloud Network.The strategy fully supports the migration of applications and data out of the enterprise data center to the cloud and to branches — and with IoT, pretty much anything can be considered a branch today, as VeloCloud claims to have a customer with ocean-going ships as branches. The result is that many enterprises are in a position where their applications are everywhere, and their data is everywhere. This has profound implications on the network that needs to support all of this.To read this article in full, please click here
What are the current dangers in mobile technology and what are the strategies to keep yourself protected? Join host Steve Ragan from the show floor at RSA 2018, where he talks with Will LaSala, director of Security Solutions and security evangelist at VASCO Data Security.
Firewalls have become ubiquitous across the enterprise IT landscape because of their proven ability to stop bad traffic from entering corporate networks and protect a company’s most valuable assets. So how have firewalls evolved over the years and what are the latest trends in firewall security?
Google's Android OS sometimes gets unfairly maligned as being weak on security. Computerworld blogger JR Raphael explains why that's a misconception and how users can keep their devices safe.
Spreading bad routing information to your neighbors on the internet isn’t just bad manners, it could be bad for business.That, at least, is the message that the Internet Society (ISOC) wants to spread, as it calls on internet exchange points (IXPs) to help eliminate the most common threats to the internet’s routing system.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
If they do so, then it’s good news for their members, the ISPs that interconnect there, and for those ISPs’ customers, who will benefit from more secure and robust internet access.To read this article in full, please click here
Not so long ago, the phrase “consumerization of IT” was on everyone’s lips. Whole publications and conferences (remember CITE, for Consumerization of IT in the Enterprise?) were created to chronicle the trend of corporations relying on products and services originally created for consumers — which was often easier to use and of higher quality than its business-oriented competitors.Well, no one talks much about the consumerization of IT anymore… not because the trend went away, but because consumer tech has now permeated every aspect of business technology. Today, it’s just how things work — and if you ask me, that’s a good thing.To read this article in full, please click here
Not so long ago, the phrase “consumerization of IT” was on everyone’s lips. Whole publications and conferences (remember CITE, for Consumerization of IT in the Enterprise?) were created to chronicle the trend of corporations relying on products and services originally created for consumers — which was often easier to use and of higher quality than its business-oriented competitors.Well, no one talks much about the consumerization of IT anymore… not because the trend went away, but because consumer tech has now permeated every aspect of business technology. Today, it’s just how things work — and if you ask me, that’s a good thing.To read this article in full, please click here
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.
Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.Now we have “serverless” apps, which is a bit of a misnomer. They still run on a server; they just don’t have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It’s the ultimate in small server footprint and reducing server load.To read this article in full, please click here
Cisco has added new cloud and virtual deployment options for customers looking to buy into its Tetration Analytics security system.Cisco’s Tetration system gathers information from hardware and software sensors and analyzes it using big-data analytics and machine learning to offer IT managers a deeper understanding of their data center resources.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
Tetration can improve enterprise security monitoring, simplify operational reliability, give customers a single tool to collect consistent security telemetry across the entire data center and analyze large volumes of data in real time. To read this article in full, please click here
IBM is widening its mainframe range with some narrower models – ZR1 and Rockhopper II – that are skinny enough to fit in a standard 19-inch rack, which will answer criticisms of potential customers that the hulking z14 introduced in July 2017 too big to fit in their data centers (see photo above).In addition to new, smaller, packaging for its z14 hardware, IBM is also introducing Secure Service Container technology. This makes use of the z14's encryption accelerator and other security capabilities to protect containerized applications from unwanted interference.[ Check out REVIEW: VMware’s vSAN 6.6 and hear IDC’s top 10 data center predictions . | Get regularly scheduled insights by signing up for Network World newsletters. ]
When IBM introduced the z14 last July, with an accelerator to make encrypting information standard practice in the data center, there was one problem: The mainframe's two-door cabinet was far too deep and too wide to fit in standard data center aisles.To read this article in full, please click here
Traditional networking architectures over the past two decades or so prescribe that the hub of the network be build around a specific location, such as a data center or a company’s headquarters building. This location houses most of the equipment for compute, storage, communications, and security, and this is where enterprise applications are traditionally hosted. For people in branch and other remote locations, traffic is typically backhauled to this hub before going out to other locations, including to the cloud.Though that formula has been standard operating procedure for many years, it doesn’t fit the way of work for many enterprises today. For one thing, there has been a major migration to the cloud. Those enterprise applications that run the business are now hosted in cloud platforms such as Amazon Web Services or Microsoft Azure, either as private applications or as SaaS apps such as Office 365 and Salesforce. In fact, companies often use multiple cloud platforms these days.To read this article in full, please click here
IoT security is about the farthest thing from a laughing matter in the world of technology today, threatening global trade, privacy and the basic infrastructure of modern society. So you could be forgiven for being taken aback that the newest defender of vulnerable systems against bad actors looks a little like Johnny 5 from the movie Short Circuit.Researchers at Georgia Tech’s School of Electrical and Computer Engineering rolled out the HoneyBot robot late last week. In essence, it’s a canary in the digital coal mine, offering an early warning that someone is trying to compromise an organization’s systems.To read this article in full, please click here
A new study from the Economist Intelligence Unit (EIU) shows that consumers around the world are deeply worried about in how their personal information is collected and shared by the Internet of Things (IoT). But let’s be honest, the problem isn’t that unsophisticated consumers are panicking for no reason. In fact, consumers are merely picking up on the very real inherent risks and uncertainties surrounding IoT data.Businesses are also worried about IoT security
I’ll get into the results and implications of the survey in a moment, but first I want to note that business and professionals are equally concerned. Perhaps that’s why Gartner just predicted that IoT security spending will hit $1.5 billion by the end of the year, up 28 percent from 2017, and more than double to $3.1 billion by 2021.To read this article in full, please click here
Internal tests from a leading industry vendor have shown that fixes applied to servers running Linux or Windows Server aren’t as detrimental as initially thought, with many use cases seeing no impact at all.The Meltdown and Spectre vulnerabilities, first documented in January, seemed like a nightmare for virtualized systems, but that is overblown. There are a lot of qualifiers, starting with what you are doing and what generation processor you are using.The tests were done on servers running Xeons of the Haswell-EP (released in 2014), Broadwell-EP (released in 2016), and Skylake-EP (released in 2017). Haswell and Broadwell were the same microarchitecture, with minor tweaks. The big change there was Broadwell was a die shrink. Skylake, though, was a whole new architecture, and as it turns out, that made the difference.To read this article in full, please click here
It was time to get a handle on BACnet traffic at Penn State.BACnet is a communications protocol for building automation and control (BAC) systems such as heating, ventilating and air conditioning (HVAC), lighting, access control and fire detection. Penn State standardized on BACnet because of its openness.[ For more on IoT see tips for securing IoT on your network, our list of the most powerful internet of things companies and learn about the industrial internet of things. | Get regularly scheduled insights by signing up for Network World newsletters. ]
“Any device, any manufacturer – as long as they talk BACnet, we can integrate them,” says Tom Walker, system design specialist in the facility automation services group at Penn State. “It’s a really neat protocol, but you have to know the quirks that come with deploying it, especially at scale.”To read this article in full, please click here
It’s probably a good thing AMD didn’t rub Intel’s nose in the Meltdown and Spectre flaws too much because boy, would it have a doosy of a payback coming to it. A security firm in Israel has found 13 critical vulnerabilities spread across four separate classes that affect AMD’s hot new Ryzen desktop and Epyc server processors.However, the handling of the disclosure is getting a lot of attention, and none of it good. The company, CTS-Labs of Israel, gave AMD just 24 hours notice of its plans to disclose the vulnerabilities. Typically companies get 90 days to get their arms around a problem, and Google, which unearthed Meltdown, gave Intel six months.To read this article in full, please click here