This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.

The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”

To read this article in full, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Organizations are used to appliances being the workhorse of their protection needs. There are appliances for everything from firewalls, to Intrusion Detection Systems, Web Security Gateways, Email Security Gateways, Web Application Firewalls, and Advanced Threat Protection.

But as crucial as security appliances are today, they are eventually going to die out as they get increasingly less effective, requiring detection to be pushed to the machines that need protection.    Here are the nine reasons why:

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Organizations are used to appliances being the workhorse of their protection needs. There are appliances for everything from firewalls, to Intrusion Detection Systems, Web Security Gateways, Email Security Gateways, Web Application Firewalls, and Advanced Threat Protection.

But as crucial as security appliances are today, they are eventually going to die out as they get increasingly less effective, requiring detection to be pushed to the machines that need protection.    Here are the nine reasons why:

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Organizations are used to appliances being the workhorse of their protection needs. There are appliances for everything from firewalls, to Intrusion Detection Systems, Web Security Gateways, Email Security Gateways, Web Application Firewalls, and Advanced Threat Protection.

But as crucial as security appliances are today, they are eventually going to die out as they get increasingly less effective, requiring detection to be pushed to the machines that need protection.    Here are the nine reasons why:

To read this article in full, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

More businesses are embarking on data lake initiatives than ever before, yet Gartnerpredicts 90% of deployed data lakes will be useless through 2018 as they’re overwhelmed with data with no clear use cases. Organizations may see the value of having a single repository to house all enterprise data, but lack the resources, knowledge and processes to ensure the data in the lake is of good quality and actually useful to the business.  To truly leverage your organization’s data lake to derive real, actionable insights, there are five best practices to keep in mind:

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Applications are the lifeblood of any enterprise, but application performance can suffer without optimal support from the infrastructure teams. At the heart of this problem is the fact that application- and infrastructure-layer management stacks remain distinct entities across the IT environment.

Application performance management (APM) drills down into the behavioral characteristics of the app and its supporting runtime environments, and perhaps select pieces of the virtual servers, but it is blind below the virtual machine. The underlying physical and virtual resources are managed and controlled by an infrastructure performance monitoring (IPM) system, which can effectively maintain the health of physical and virtual resources but doesn’t know whether this is producing an effective application environment in terms of either cost or performance.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Your help desk email and phones start lighting up. Your CIO is in your office looking stressed and staring at you. Quickly, you learn your company is the latest target of a ransomware attack.

Logically, you shouldn’t be in this position. The latest detection software and data protection tactics are commonplace at your organization, intending to keep you out of this mess. Also, you have followed all best practices to ensure maximum data availability, so it’s likely your backups and disaster recovery sites were impacted as well. At this point, all that matters is that your data has been kidnapped, and you need to restore operations as soon as possible.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

We’re in an era in which pre-packaged exploit services make it possible for the average Joe, with no technological experience or prowess, to launch intricate attacks on our environments. So, what can be done? Patching operating systems and applications is a surefire way to block some attacks.  But you need to do more than blast out auto updates.

Here are seven patch management best practices that take your organization’s cybersecurity to the next level:

#1 Use a proper discovery service

You can’t secure what you don’t know about. The only way to know if a breach or vulnerability exists is to employ broad discovery capabilities. A proper discovery service entails a combination of active and passive discovery features and the ability to identify physical, virtual and on and off premise systems that access your network. Developing this current inventory of production systems, including everything from IP addresses, OS types and versions and physical locations, helps keep your patch management efforts up to date, and it’s important to inventory your network on a regular basis. If one computer Continue reading

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Seeing the success of the Bring Your Own Device movement, a cadre of leading companies are starting to explore if a similar approach can be used to address the authentication challenge. If BYOD essentially makes the device a proxy for the work environment, can that same device serve as a proxy for customers online?

This new movement, known as Bring Your Own Authentication (BYOA), holds the same promise of reimagining the way we think of authentication, putting the consumer (and device) front and center in the interaction, and relegating passwords to the background or eliminating them completely. But there are challenges to overcome in order for mass adoption.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Network analytics is key to helping IT proactively deliver great user experiences, but analytics for the enterprise access network is complicated. Besides the array of connectivity options, the heterogeneous mix of client devices and the different application models to accommodate, there are volumes of relevant input data that can be used, such as:

• Actual data packets generated by real clients
• Synthetic data packets generated by simulated clients
• Real-time metrics and traps from infrastructure
• Logs/configuration from infrastructure and servers
• Flow data from infrastructure
• APIs from application servers

Nyansa

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

The flexibility of the cloud has driven IT to look closely at opportunities to replicate that agility in their own infrastructure and operations. Automation initiatives have optimized many layers of the computing stack, but application delivery services remain a last-mile problem as network teams find themselves hamstrung by inflexible legacy architectures.

While virtual appliances for load balancing, long thought of as the answer for software-driven infrastructure, have existed since the advent of virtualization, they inherit most of the architectural challenges of legacy solutions, including limited scalability, lack of central management and orchestration, and performance limitations. Instead, what is needed is an application delivery architecture based on software-defined principles that logically separates the control plane from the data plane delivering the application services.

To read this article in full or to leave a comment, please click here

 Over the last several decades, the evolution of artificial intelligence has followed an uncertain path – reaching incredible highs and new levels of innovation, often followed by years of stagnation and disillusionment as the technology fails to deliver on its promises.

Today we are once again experiencing growing interest in the future possibilities for AI. From voice powered personal assistants like Google Home and Alexa, to Netflix’s predictive recommendations, Nest learning thermostats and chatbots used by banks and retailers, there are countless examples of AI seeping into everyday life and the potential of future applications seem limitless . . . again.

To read this article in full or to leave a comment, please click here

Although vendor-written, this contributed piece does not advocate a position that is particular to the author’s employer and has been edited and approved by Network World editors.

Deciding whether and how to use cloud computing is a complex, and made all the more complicated by the overwhelming number of vendors and products. What’s more, hybrid and multicloud approaches blur the lines between the cloud and on-premise deployment options.

With an operations team that counsels organizations on which type of architecture is best for them – on premise, cloud, hybrid or multicloud – and then evaluates what went well and didn’t in all four kinds of deployments, here’s our view of what situations tip the scale toward one approach or another.  While the context is data storage, this analysis applies to most enterprise IT scenarios.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Thanks to cellular GPS, the days of pulling your car over to ask for directions are long gone. It has never been easier to find your way from point A to B and to track down nearby points of interest like restaurants or gas stations.

But, what happens when you walk indoors? The “blue dot” navigation experience doesn’t exist. When inside a mall, conference center, or office complex, you are back to stopping and asking for turn-by-turn directions when needed. 

There is enormous demand for an indoor location experience that is on par with outdoor cellular GPS. Bluetooth Low Energy (BLE) is an exciting technology that promises to satisfy this demand. The major mobile device manufacturers have put their weight behind BLE beaconing standards and a robust BLE ecosystem has emerged to develop indoor location solutions. But two things have held BLE indoor location services back to date:

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Today, databases are the primary system of record, and organizations are required to keep an accurate picture of all the facts, as they occur. Unfortunately, traditional databases are only temporal and cannot provide a truly accurate picture of your business at different points-in-time.

What organizations need today, particularly in regulated industries, is support for bitemporal data.  With a bitemporal database, you can store and query data along two timelines with timestamps for both valid times—when a fact occurred in the real world (“what you knew”), and also system time—when that fact was recorded to the database (“when you knew it”). 

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

In the gap between plug and play unmanaged Ethernet switches and fully managed enterprise switches, vendors added the so called “smart switch,” which offer light management features to unmanaged gigabit Ethernet devices. Today, smart switches targeted at small-to-medium-size business run the gamut in terms of manageability and feature sets. 

The appeal of basic network management features for a small business stems from the need for performance and security. Plug and play and start right away—that’s what every start up wants—then later on, they need basic configurations and features to accommodate growth as needed.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

In a recent Network World article Jon Oltsik noted that Incident Response (IR) automation is becoming a very hot topic in the info security world. Oltsik called out multiple factors driving demand for IR automation and orchestration, including the manual nature of IR work, the cyber skills shortage and the difficulty of coordinating activity between SecOps and DevOps.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

As if ransomware wasn’t bad enough, there is a new twist called doxware.  The term "doxware" is a combination of doxing — posting hacked personal information online — and ransomware. Attackers notify victims that their sensitive, confidential or personal files will be released online. If contact lists are also stolen, the perpetrators may threaten to release information to the lists or send them links to the online content.

Doxware and ransomware share some similarities. They both encrypt the victim's files, both include a demand for payment, and both attacks are highly automated. However, in a ransomware attack, files do not have to be removed from the target; encrypting the files is sufficient. A doxware attack is meaningless unless the files are uploaded to the attacker's system. Uploading all of the victim's files is unwieldy, so doxware attacks tend to be more focused, prioritizing files that include trigger words such as confidential, privileged communication, sensitive or private. 

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

VMware’s NSX virtual network technology can help organizations achieve a greater level of network security, but how you approach deployment will vary depending on whether you are working with new applications (greenfield) or are moving applications from existing infrastructure to NSX (brownfield).

NSX’s micro-segmentation capabilities essentially allow placement of virtual firewalls around every server to control East-West traffic, thereby limiting lateral exploration of networks by hackers, and making it significantly easier to protect applications and data.  It can enable a level of security that previously would have been prohibitively expensive and complicated using traditional hardware.

To read this article in full or to leave a comment, please click here

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

“Life is really simple, but we insist on making it complicated.”  The immortal words of Confucius resonate with anyone who has ever tried to glean useful information from log data.

There are consensus-driven definitions of what exactly log analysis is, but a simplified, accessible explanation might be: to organize log entries into a human-friendly display and make business decisions based on what you learn.

To read this article in full or to leave a comment, please click here