Hybrid and multicloud initiatives will continue to shape enterprise IT in 2023, and the impact on data-center networking will be felt across key areas including security, management, and operations. Network teams are investing in technologies such as SD-WAN and SASE, expanding automation initiatives, and focusing on skills development as more workloads and applications span cloud environments.“The most important core trend in data centers is the recognition that the hybrid cloud model – which combines current transaction processing and database activities with a cloud-hosted front-end element for the user interface – is the model that will dominate over time,” said Tom Nolle, president of CIMI Corp. and a Network World columnist. The industry is seeing a slow modernization of data center applications to support the hybrid-cloud model, Nolle says, “and included in that is greater componentization of those applications, a larger amount of horizontal traffic, and a greater need to manage security within the hosted parts of the application.”To read this article in full, please click here
Backup and recovery systems are at risk for two types of ransomware attacks: encryption and exfiltration – and most on-premises backup servers are wide open to both. This makes backup systems themselves the primary target of some ransomware groups, and warrants special attention.Hackers understand that backup servers are often under-protected and administered by junior personnel that are less well versed in information security. And it seems no one wants to do something about it lest they become the new backup expert responsible for the server. This is an age-old problem that can allow backup systems to pass under the radar of sound processes that protect most servers.To read this article in full, please click here
The need to surf the internet freely without restrictions or being noticed created the necessity for proxies. So, what is a proxy? To put it in simple terms, a proxy is a device that provides a gateway between users and the web. Therefore, it helps prevent cyber attackers from gaining access to a private network.A proxy is a computer, referred to as an intermediary because it channels traffic between end-users and the web content they visit online. In data gathering, proxies enable you to access data from websites without being detected, increasing the success rate of extracting valuable information.Top 10 Best Residential Proxy Service Providers
Several residential proxy providers claim to provide the ultimate security for your web activities and enable you to browse anonymously. However, some providers' services don't come close to what they claim to provide. Having stated that, the following providers will give you value for your money. If you need a reliable residential proxy, they will come to the rescue.To read this article in full, please click here
Secure Access Service Edge (SASE) is a network architecture that combines software-defined wide area networking (SD-WAN) and security functionality into a unified cloud service that promises simplified WAN deployments, improved efficiency and security, and application-specific bandwidth policies.First outlined by Gartner in 2019, SASE (pronounced “sassy”) has quickly evolved from a niche, security-first SD-WAN alternative into a popular WAN sector that analysts project will grow to become a $10-billion-plus market within the next couple of years.To read this article in full, please click here
Cloud services and hosting provider Rackspace Technology acknowledged Tuesday that a recent incident that took most of its Hosted Exchange email server business offline was the product of a ransomware attack. The company shut the service down last Friday.It was not, initially, clear what had caused the outage, but Rackspace quickly moved to shift Exchange customers over to Microsoft 365, as this part of the company’s infrastructure was apparently unaffected.Rackpsace offers migration to Microsoft 365
Rackspace said today that there is “no timeline” for a restoration of Exchange service, but it is offering Exchange users technical assistance and free access to Microsoft 365 as a substitute, though it acknowledged that migration is unlikely to be a simple process for every user. Rackspace said that, while the migration is in progress, customers can forward email sent to their Hosted Exchange inboxes to an external server, as a temporary workaround.To read this article in full, please click here
The job of a network engineer just keeps getting more complicated. Mission critical applications are competing for bandwidth. The sheer number of devices is exploding, driven by IoT. And the network itself if being extended to the cloud, the edge and to the home office. And then there’s cybersecurity to worry about. Attacks are on the rise across the board, and attackers are constantly looking for vulnerabilities or backdoors, upping the need for solid and secure networking to act as an early warning system for cybersecurity defenses.Thankfully, there are many great tools available to help network engineers complete their never-ending tasks. And many of them are available for free. Here’s our list of 12 killer network tools that won’t break the bank. To read this article in full, please click here
A demonstrated attack by cybersecurity researchers in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.
Having thorough IT security usually means having a layered approach. Basic antivirus, for instance, might catch PC-based malware once a user downloads it, but you could try to block it before it ever reaches the user device, or at least have another security mechanism in place that might catch it if the basic antivirus doesn’t. DNS-based filtering can do this! It can help stop users from browsing to malware and phishing sites, block intrusive advertising to them, and serve as adult content filters.First, a quick primer for those who are unfamiliar with DNS: You utilize the Domain Name System (DNS) every time you surf the Web. Each time you type a site name into the browser, DNS is queried for the IP address corresponding to that particular domain, so the browser can contact the Web server to get the content. The process of converting the domain name to its IP address is called domain-name resolution.To read this article in full, please click here
DDoS IP Protection for SMBs is designed to provide enterprise-grade distributed denial of service protection at a price that's attractive to small and medium-size companies.
On the surface, Active Directory groups are a simple and straightforward way to manage identities (users and/or computers) and assign permissions. Users or computers are added as group members, and the group is referenced in access control lists (ACL) on file shares, mailboxes, applications, or other corporate resources. But experienced admins know that this simplicity quickly goes out the window as environments scale. As group memberships grow, management of memberships becomes increasingly complex.Over the years, Microsoft and others have developed best practices for managing groups and permissions in an Active Directory environment. These strategies are something of a lost art, but there’s value to be gained by leveraging these layers of sophistication.To read this article in full, please click here
Dell Technologies has announced new products and services for data protection as part of its security portfolio.Active data protection is often treated as something of an afterthought, especially compared to disaster recovery. Yet it's certainly a problem for companies. According to Dell’s recent Global Data Protection Index (GDPI) research, organizations are experiencing higher levels of disasters than in previous years, many of them man-made. In the past year, cyberattacks accounted for 48% of all disasters, up from 37% in 2021, and are the leading cause of data disruption.One of the major stumbling blocks in deploying data-protection capabilities is the complexity of the rollout. Specialized expertise is often required, and products from multiple vendors are often involved. Even the hyperscalers are challenged to provide multicloud data-protection services.To read this article in full, please click here
Palo Alto Networks has released next-generation firewall (NGFW) software that includes some 50 new features aimed at helping enterprise organizations battle zero-day threats and advanced malware attacks.The new features are built into the latest version of Palo Alto's firewall operating system – PAN 11.0 Nova – and include upgraded malware sandboxing for the company’s WildFire malware-analysis service, advanced threat prevention (ATP), and a new cloud access security broker (CASB).WildFire is Palo Alto’s on-prem or cloud-based malware sandbox that is closely integrated with Palo Alto’s firewalls. When a firewall detects anomalies, it sends data to WildFire for analysis. WildFire uses machine learning, static analysis, and other analytics to discover threats, malware and zero-day threats, according to the vendor.To read this article in full, please click here
Recently during a research interview with a small but fast-growing business, for the first time I encountered an organization with a “no-network-vendor” network. That is, instead of using Cisco or Dell or even a white-box solution for switching and routing, the company deployed only Fortinet equipment for its entire network. That is, every network component is part of the security infrastructure for them.They built the network this way not just to bake security into its core (a great idea in itself) but also for:
ease of management: they have one tool, it manages every component
ease of deployment: they have only two or three versions of each appliance, all the same except for capacity and port count
ease of expansion to new locations: every site is the same as any other site of similar size
They have a small stock of replacement appliances on the shelf, with which they provide rapid recovery for all locations. They could easily also consume security-operations center as-a-service, and use professional services for nearly all the rest of their network operations. In essence, their security solution could become their complete network solution as well.To read this article in full, please click here
VMware has added more security features to its forthcoming on-demand multi-cloud networking and security service called Northstar that it previewed during its August VMware Explore 2022 conference.VMware said then that Northstar will provide a central console for turning up networking and security services across private clouds and VMware Cloud deployments that run on public clouds. It will include VMware services such as Network Detection and Response, NSX Intelligence, advanced load balancing and Web Application Firewall. Within Northstar, Network Detection and Response support will provide scalable threat detection and response for workloads deployed in private and/or public clouds.To read this article in full, please click here
Agentless security management system aims to simplify vulnerability management for security teams and developers in cloud and hybrid cloud environments.
Security is the name of the game at Cisco’s Partner Summit gathering this week with the rollout of a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security wares. On the firewall front, Cisco announced the Secure Firewall 3105 it says is built specifically for hybrid workers and small branch offices. Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end for the Secure Firewall 3100 family, including the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput.To read this article in full, please click here
A new specification from the Open Compute Project could mean more choices for IT pros when it comes time to replace server cards.The spec defines a block of code that, when used in processors, establishes root of trust (RoT) boot security. Because the spec is open, any chip maker can use it, and it will provide interoperability with chips made by other chip makers that also use it. This can help eliminate being locked into a single vendor because of proprietary RoT code.By standardizing on OCP hardware, for example, it’s possible to replace a bad smartNIC from one vendor with one from another vendor, says Bill Chen, general manager of server product management at Supermicro, an OCP member.To read this article in full, please click here
Some of the biggest challenges faced in securing industrial control systems involve integrating legacy and aging operational technology with modern IT systems.