SD-WAN Complexity Remains Adoption Burden, Says Aryaka

According to the vendor's latest annual survey, 37% of respondents named complexity as their No. 1...

Read More »

Untangle Rolls Out Predictive Routing to SD-WAN Router

The technology is designed to translate information from packet headers, out of band information,...

Read More »

Eventually Secure?

I have a Disney+ account. I have kids and I like Star Wars, so it made sense. I got it all set up the day it came out and started binge watching the Mandalorian. However, in my haste to get things up and running I reused an old password instead of practicing good hygiene. As the titular character might scold me, “This is not the way.” I didn’t think anything about it until I got a notification that someone from New Jersey logged into my account.

I panicked and reset my password like a good security person should have done in the first place. I waited for the usual complaints that people had been logged out of the app and prepared to log everyone in again and figure out how to remove my New Jersey interloper. Imagine my surprise when no one came to ask me to turn Phineas and Ferb back on. Imagine my further surprise when I looked in the app and on the Disney+ website and couldn’t find a way to see which devices were logged in to this account. Nor could I find a way to disconnect a rogue device as I could with Netflix Continue reading

Daily Roundup: Deutsche Telekom, Vodafone Embrace 5G DSS

Deutsche Telekom, Vodafone Germany embraced 5G DSS; Edgewise Networks CEO shared security-related...

Read More »

Will Zero-Trust Security Stick After COVID-19?

Edgewise Networks CEO Peter Smith discusses the rapid shift to remote work because of COVID-19 and...

Read More »

Aqua Attacks Container Image-Based Malware in Sandbox

Dynamic Threat Analysis protects containerized applications from image-based malware by...

Read More »

NSX Distributed IDS/IPS is Generally Available

Most readers are already familiar with VMware NSX as a natural platform for intrinsic security in the data center. They understand that NSX’s service-defined firewall is enabling network and security operators to use a distributed software-based solution to replace centralized hardware-based deployments.

The intrusion detection and prevention system (IDS/IPS) functionality released with NSX-T 3.0 enhances the security capabilities of the service-defined firewall, enabling operators to address several additional use cases.

Top Use Cases for NSX Distributed IDS/IPS

• Quickly Achieve Regulatory Compliance: Many data centers host sensitive applications that are required to meet HIPAA[1], PCI-DSS[2], or SOX[3] . Using NSX, network and security operators can now achieve compliance by enabling IDS/IPS, in addition to the firewall for any workload that needs to meet compliance.
• Replace Discrete IDS/IPS Appliances: Operators virtualizing their data center networks can now replace discrete, centralized IDS/IPS appliances with NSX’s distributed implementation. In the process, with NSX they also consolidate firewall and IDS/IPS management.  Since NSX’s security capabilities are in the hypervisor isolated from the workloads, attackers can’t tamper with them.
• Implement Virtual Security zones: Some organizations need to establish direct network connections with partners or treat business units and subsidiaries as Continue reading

Daily Roundup: Google Rolls Out Enterprise BeyondCorp

Google brought BeyondCorp zero-trust security to the masses; Alibaba injected $28B into the cloud;...

Read More »

Google Brings BeyondCorp Zero-Trust Security to the Masses

Google had originally planned to release the product later this year. But then the COVID-19...

Read More »

Ransomware Attacks Spike 148% Amid COVID-19 Scams

“Notable spikes in attacks can also be correlated to key days in the COVID-19 news cycle,”...

Read More »

Is BGP Safe Yet? No. But we are tracking it carefully

BGP leaks and hijacks have been accepted as an unavoidable part of the Internet for far too long. We relied on protection at the upper layers like TLS and DNSSEC to ensure an untampered delivery of packets, but a hijacked route often results in an unreachable IP address. Which results in an Internet outage.

The Internet is too vital to allow this known problem to continue any longer. It's time networks prevented leaks and hijacks from having any impact. It's time to make BGP safe. No more excuses.

Border Gateway Protocol (BGP), a protocol to exchange routes has existed and evolved since the 1980s. Over the years it has had security features. The most notable security addition is Resource Public Key Infrastructure (RPKI), a security framework for routing. It has been the subject of a few blog posts following our deployment in mid-2018.

Today, the industry considers RPKI mature enough for widespread use, with a sufficient ecosystem of software and tools, including tools we've written and open sourced. We have fully deployed Origin Validation on all our BGP sessions with our peers and signed our prefixes.

However, the Internet can only be safe if the major network operators deploy Continue reading

Waiting for a Rainy Day to Do Security Training? It’s Pouring

The FortiGuard Labs team as recently as April 4 reported seeing an average of about 600 new...

Read More »

Time-Based One-Time Passwords for Phone Support

As part of Cloudflare’s support offering, we provide phone support to Enterprise customers who are experiencing critical business issues.

For account security, specific account settings and sensitive details are not discussed via phone. From today, we are providing Enterprise customers with the ability to configure phone authentication to allow for greater support to be offered over the phone without need to perform validation through support tickets.

After providing your email address to a Cloudflare Support representative, you can now provide a token generated from the Cloudflare dashboard or via a 2FA app like Google Authenticator. So, a customer is able to prove over the phone that they are who they say they are.

Configuring Phone Authentication

If you are an existing Enterprise customer interested in phone support, please contact your Customer Success Manager for eligibility information and set-up. If you are interested in our Enterprise offering, please get in contact via our Enterprise plan page.

If you already have phone support eligibility, you can generate single-use tokens from the Cloudflare dashboard or configure an authenticator app to do the same remotely.

On the support page, you will see a card called “Emergency Phone Support Hotline – Authentication”. From here you Continue reading

Coronavirus Stunts IoT Insurgence

The rapid reversal is significant because the convergence of 5G, networks especially suited for...

Read More »

Telefónica’s Security Biz Taps Google Cloud’s Chronicle

Daily Roundup: Awake Security Displaces Cisco

Awake Security displaced Cisco; Ericsson beat out 5G rivals; and Viptela CEO launched multi-cloud...

Read More »

How Secure SD-WAN is the Foundation for Retail SD-Branch

Retail SD-branch needs a secure connection to ensure that customer data is kept safe. Secure SD-WAN...

Read More »

Ericsson Beats Out 5G Rivals to Replace BT’s Huawei Gear

The U.K. government is requiring operators to limit the use of Huawei equipment in the core of 5G...

Read More »

Awake Security Scores $36M, Displaces Cisco, RSA, and Darktrace

Earlier this year Awake partnered with Google Cloud, which extended its network traffic analysis...

Read More »

Offer of Assistance to Governments During COVID-19

As the COVID-19 emergency continues to affect countries and territories around the world, the Internet has been a key factor in providing information to the public. As businesses, organizations and government agencies adjust to this new normal, we recognize the strain that this pandemic has put on the groups working to assist in virus mitigation and provide accurate information to the general public on the state of the pandemic.

At Cloudflare, this means ensuring that these entities have the necessary tools and resources available to them in these extenuating circumstances. On March 13, we announced our Cloudflare for Teams products will be free until September 1, 2020, to ensure Cloudflare users and prospective users have the tools they need to support secure and efficient remote work. Additionally, we have removed usage caps for existing Cloudflare for Teams users and are also providing onboarding sessions so these groups can continue business in this new normal.

As a company, we believe we can do more and have been thinking about ways we can support organizations and businesses that are at the forefront of the pandemic such as health officials and those providing relief to the public. Many organizations have reached out to Continue reading