Cisco is offering software updates for two of its AnyConnect for Windows products it says are actively being exploited in the field.AnyConnect for Windows is security software package, in this case for Windows machines, that sets up VPN connectivity, provides access control and supports other endpoint security features. Cisco said AnyConnect products for MacOS, Linux are not affected.Cisco said its Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability, which is described in this advisory.To read this article in full, please click here
Freeman Health System has around 8,000 connected medical devices in its 30 facilities in Missouri, Oklahoma, and Kansas. Many of these devices have the potential to turn deadly at any moment. "That’s the doomsday scenario that everyone is afraid of," says Skip Rollins, the hospital chain's CIO and CISO.Rollins would love to be able to scan the devices for vulnerabilities and install security software on them to ensure that they aren't being hacked. But he can't."The vendors in this space are very uncooperative," he says. "They all have proprietary operating systems and proprietary tools. We can't scan these devices. We can't put security software on these devices. We can't see anything they're doing. And the vendors intentionally deliver them that way."To read this article in full, please click here
SolarWinds, the maker of a well-known and widely used suite of IT management software products, announced this week that it’s expanding to the cloud, with the release of Observability, a cloud-native, SaaS-based IT management service that is also available for hybrid cloud environments.The basic idea of Observability is to provide a more holistic, integrated overview of an end-user company’s IT systems, using a single-pane-of-glass interface to track data from network, infrastructure, application and database sources. The system's machine learning techniques are designed to bolster security via anomaly detection.To read this article in full, please click here
As Cisco celebrates the 25th anniversary of Cisco Networking Academy, the company on Tuesday announced two new certifications and a plan to provide networking, cybersecurity and general IT training to 25 million people over the next 10 years.The training will be done through the company's networking academy, an IT skills-to-jobs program that provides IT courses, learning simulators, and hands-on learning opportunities, supporting instructors and learners in 190 countries. To date, Cisco says more than 17.5 million global learners have taken Cisco Networking Academy courses to gain IT skills, with 95% of students attributing their post-course job or education opportunity to Cisco Networking Academy.To read this article in full, please click here
The IoT fingerprinting feature will allow companies to fully identify IoT devices that don't have the storage or processing capabilities to communicate complete identifying information such as model number, or even device type.
Google Cloud is rolling out new network and security features, including a service that provides Layer-7 security.The new offerings announced at Google Cloud Next also include firewall and web application-protection options aimed at advancing existing cloud connectivity and ensuring the security of cloud-based resources.“We are fundamentally enhancing our network fabric—which includes 35 regions, 106 zones and 173 network edge locations across 200-plus countries—and making it simpler and easier for organizations to migrate their existing workloads and modernize applications all while securing and making them easier to manage,” said Muninder Sambi, vice president and general manager of networking for Google Cloud.To read this article in full, please click here
As Morgan Stanley Smith Barney has learned, an information technology asset disposal program can protect a company against the potential catastrophe of data leaks from gear you’re getting rid of.
Beyond the human cost, natural disasters like hurricane Ian can take a high toll on business continuity, causing enterprise-infrastructure damage that takes days or weeks to fix at a downtime cost in the six figures per hour. If Ian didn’t get you, now is the time to prepare for a future disaster that might hit your network.Vulnerable areas include cloud providers’ managed services that might require customers to explicitly specify they want their apps, compute, and storage housed in redundant, geographically separate availability zones. According to Uptime Institute, roughly one third of enterprises are architecting cloud apps that are vulnerable to outages in single cloud availability zones, rather than distributing their workloads across multiple zones.To read this article in full, please click here
Beyond the human cost, natural disasters like hurricane Ian can take a high toll on business continuity, causing enterprise-infrastructure damage that takes days or weeks to fix while downtime costs in the six figures per hour. If Ian didn’t impact your operations, now is the time to prepare for a future disaster that might hit your network.Vulnerable areas include cloud providers’ managed services that might require customers to explicitly specify they want their apps, compute, and storage housed in redundant, geographically separate availability zones. According to Uptime Institute, roughly one third of enterprises are architecting cloud apps that are vulnerable to outages in single cloud availability zones, rather than distributing their workloads across multiple zones.To read this article in full, please click here
Breached information includes names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's licence or passport numbers.
A growing number of organizations are drawing an invisible line around their internet-connected resources in an effort to keep attackers at bay. Called software-defined perimeter (SDP), it is based on the relatively simple idea of throwing a virtual barrier around servers, routers, printers, and other enterprise network components.The goal of SDP is to protect networks behind a flexible, software-based perimeter. "Advantages include stronger security and greater flexibility and consistency," says Ron Howell, principal SD-WAN and SASE architect at IT and business consulting firm Capgemini Americas.To read this article in full, please click here
Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric.The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco’s Enterprise Cloud & SD-WAN group. “They want to connect these users as reliably and securely as these users would be in an office environment,” he said.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here
Palo Alto Networks is reinforcing the security and operational features of its Prisma secure-access service edge (SASE) package.New features include the ability to adjust security settings for multiple software-as-a-service-based apps, new security capabilities, and AIOPs support. In addition the company is expanding its family of Ion SD-WAN security devices to provide additional configuration options.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here
Palo Alto Networks is reinforcing the security and operational features of its Prisma secure-access service edge (SASE) package.New features include the ability to adjust security settings for multiple software-as-a-service-based apps, new security capabilities, and AIOPs support. In addition the company is expanding its family of Ion SD-WAN security devices to provide additional configuration options.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here
Redundancy is essential for dealing with both planned and unplanned outages, and that includes having redundant dynamic host-configuration protocol (DHCP) servers to allow uninterrupted dynamic assignment of IP addresses.For those working in Windows environments, there are currently two options for setting up redundant DHCP servers: a failover scenario with a main server paired with another in hot standby; and a load-balancing scenario in which two DHCP servers actively handle client requests.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here
Redundancy is essential for dealing with both planned and unplanned outages, and that includes having redundant dynamic host-configuration protocol (DHCP) servers to allow uninterrupted dynamic assignment of IP addresses.For those working in Windows environments, there are currently two options for setting up redundant DHCP servers: a failover scenario with a main server paired with another in hot standby; and a load-balancing scenario in which two DHCP servers actively handle client requests.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here
The internet of things (IoT) is a catch-all term for the growing number of electronics that aren't traditional computing devices, but are connected to the internet to send data, receive instructions or both.There's an incredibly broad range of ‘things’ that fall under the IoT umbrella: Internet-connected ‘smart’ versions of traditional appliances such as refrigerators and light bulbs; gadgets that could only exist in an internet-enabled world such as Alexa-style digital assistants; and internet-enabled sensors that are transforming factories, healthcare, transportation, distribution centers and farms.What is the internet of things?
The IoT brings internet connectivity, data processing and analytics to the world of physical objects. For consumers, this means interacting with the global information network without the intermediary of a keyboard and screen (Alexa, for example).To read this article in full, please click here