Security Archives - Page 70 of 182

Trump Prepares Executive Orders to Supercharge 5G, AI

The president’s commitment comes as his top cybersecurity chief warns that China could use Huawei’s 5G networking equipment to steal “trillions” of dollars of intellectual property.

Give your automated services credentials with Access service tokens

Cloudflare Access secures your internal sites by adding authentication. When a request is made to a site behind Access, Cloudflare asks the visitor to login with your identity provider. With service tokens, you can now extend that same level of access control by giving credentials to automated tools, scripts, and bots.

Authenticating users and bots alike

When users attempt to reach a site behind Access, Cloudflare looks for a JSON Web Token (a JWT) to determine if that visitor is allowed to reach that URL. If user does not have a JWT, we redirect them to the identity provider configured for your account. When they login successfully, we generate the JWT.

When you create an Access service token, Cloudflare generates a unique Client ID and Secret scoped to that service. When your bot sends a request with those credentials as headers, we validate them ourselves instead of redirecting to your identity provider. Access creates a JWT for that service and the bot can use that to reach your application.

Getting started

Within the Access tab of the Cloudflare dashboard, you’ll find a new section: Service Tokens. To get started, select “Generate a New Service Token.”

You’ll be asked to Continue reading

SD-WAN Security Under the Hood

A while ago we published a guest blog post by Christoph Jaggi explaining the high-level security challenges of most SD-WAN solutions… but what about the low-level details?

Sergey Gordeychik dived deep into implementation details of SD-WAN security in his 35C3 talk (slides, video).

TL&DW: some of the SD-WAN boxes are as secure as $19.99 Chinese webcam you bought on eBay.

Huawei and ZTE Face New Bans and Legislation

Huawei and ZTE's list of woes continue as Germany, Canada, Poland, and the U.S. all appear to be working to impose new bans.

Google Goes All In on Confidential Computing

The cloud giant wants the rest of the industry to get behind its open source confidential computing framework. And it launched a $15K challenge to accelerate this technology.

Fortinet Introduces Intent-Based Next-Gen Firewalls

This approach provides a granular level of security control by matching functionality to specific use cases and business requirements.

vArmour Closes $44M Series E, Pushes Multi-Cloud Compliance

CEO Tim Eades won’t comment on his company’s valuation. But he says the investment puts it on track for an IPO and profitability within the next 12 to 18 months.

Securing your SWIFT environment with VMware

The SWIFT Controls Framework was created to help customers figure out which controls are needed to better secure their SWIFT environment. The SWIFT security controls framework is broken down into objectives, principles, and controls. The three objectives are “Secure your environment, Know and Limit Access, and Detect and Respond”.

Customers interested in exploring VMware product alignment with the SWIFT framework should evaluate the end-to-end solution. This includes VMware products, as well as other technology that support a customer’s SWIFT platform. The following is a high-level alignment of some of the SWIFT framework controls and VMware products.

VMware Product Alignment with SWIFT Objectives

Restrict internet access & Protect Critical Systems from General IT Environment

As part of a SWIFT deployment, a secured and zoned off environment must be created. This zone contains the SWIFT infrastructure that is used for all SWIFT transaction. Two SWIFT Principles that we will discuss are

Protect Critical Systems from General IT Environment
Detect Anomalous Activity to Systems or Transaction Records

These controls are required to be enforced on the SWIFT infrastructure. SWIFT requires that all traffic from the general IT infrastructure to the SWIFT zone be as restricted as possible. They also Continue reading

Spectra Taps Versa Networks to Deliver Managed SD-WAN in India

Versa has now signed managed service provider agreements with more than 80 global providers.

Extreme Networks Moves Into Edge Device Security With Defender for IoT

It’s a smart move for the networking vendor. Gartner estimates that 20.4 billion connected things will be in use by organizations worldwide by 2020.

Dell EMC Boosts Multi-Cloud Data Protection, Remote Office Management

The company expanded data protection with new and enhanced features to its Data Domain and Integrated Data Protection Appliance (IDPA) products.

Cloudflare Support for Azure Customers

Cloudflare seeks to help its end customers use whichever public and private clouds best suit their needs. Towards that goal, we have been working to make sure our solutions work well with various public cloud providers including Microsoft’s Azure platform.

If you are an Azure customer, or thinking about becoming one, here are three ways we have made Cloudflare’s performance and security services work well with Azure.

1) The development of an Azure application for Cloudflare Argo Tunnel.

We are proud to announce an application for Cloudflare Argo Tunnel within the Azure marketplace. As a quick reminder, Argo Tunnel establishes an encrypted connection between the origin and the Cloudflare edge. The small tunnel daemon establishes outbound connections to the two nearest Cloudflare PoPs, and the origin is only accessible via the tunnel between Cloudflare and origin.

Because these are outbound connections, there is likely no need to modify firewall rules, configure DNS records, etc. You can even go so far as to block all IPs on the origin and allow traffic only to flow through the tunnel. You can learn more here. The only prerequisite for using Argo Tunnel is to have Argo enabled on your Cloudflare zone. You can Continue reading

Netsurion Replaces Its SD-WAN With a Unified Network Management, Security Orchestration Platform

Netsurion’s BranchSDO platform is the company’s natural evolution of its SD-WAN service. “What’s next for SD-WAN is really removing the handcuffs off of the branch and allowing this resilient, agile security solution that also delivers compliance,” said John Ayers, VP of product at...

Read More »

Dell EMC Brings the Tactical Azure Stack to the Edge

This was one of several announcements Microsoft made today to boost its cloud and edge capabilities for its U.S. government customers.

Coppell ISD Integrates Security into Infrastructure via VMware AppDefense

What do you get when you provide 12,800 kids with technology and programming classes? You get 12,800 people who are getting ready for the modern workforce of today and tomorrow. You also get 12,800 potential vulnerabilities. With the growing quantity of phishing emails, ransomware and malware that Coppell Independent School District (CISD) already had to combat with a small staff, this Texas school system was looking for smarter solutions.

“All these students who have taken programming classes, they’re often looking to bypass administrative privileges, looking for ways around the internet filters, or looking for ways to play games on the school computers,” said Stephen McGilvray, CISD Executive Director of Technology. “So, in addition to all these external threats we have to worry about, we also have a bunch of homegrown, internal threats.”

The school district recently underwent a data center refresh, which included updates for VMware vSphere, VMware App Volumes and VMware Horizon, and launched the implementation of VMware NSX Data Center. During the refresh, their VMware sales rep told them about a relatively new security product called VMware AppDefense.

At its core, AppDefense shifts the advantage from attackers to defenders by determining and ensuring good application Continue reading

Archive