NetworkingNexus.net

Top 10 advanced endpoint protection tools

Endpoint protectionThe days of simple endpoint protection based on traditional anti-malware tools are over. There are now advanced endpoint detection and response (EDR) tools that go beyond proactive monitoring and endpoint protection. They evaluate threats in a larger ecosystem, combining the best aspects from network intrusion detection and examining the individual process level on each computer. That is a tall order, and the 10 products tested are all very capable. However, no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. Here are capsule reviews of 10 advanced endpoint protection products (see the full review):To read this article in full or to leave a comment, please click here

7 trends in advanced endpoint protection

After extensive testing of 10 advanced endpoint protection products, we have identified a series of broad industry trends:1. Virus signatures are passé. Creating a virus with a unique signature is child’s play, thanks to the nearly automated virus construction kits that have filled the internet over the past several years. Instead, many of today’s advanced endpoint protection products make use of security news feeds that report on the latest attacks such as VirusTotal.com and other reputation management services. Some, like CrowdStrike, have a long list of integrations with security and log management tools to make them more effective at spotting attack trends.To read this article in full or to leave a comment, please click here

How to buy endpoint security products

In our testing of 10 endpoint security products, we found that no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. While there is no single product that can suit all situations, endpoint configurations and IT requirements, there are a few key things to consider in your purchase:1. Going agent or agentless. A few of the products we tested don’t require endpoint agents, but the trade off is that you will need to setup LDAP or clean up your Active Directory domain and make use of network switch SNMP management and other connections to your network fabric.To read this article in full or to leave a comment, please click here(Insider Story)

10 cutting-edge tools that take endpoint security to a new level

The days of simple endpoint protection are over. Scanning and screening for malware has become a very complex process, and most traditional anti-malware tools only find a small fraction of potential infections.Nowadays there are numerous advanced endpoint detection and response (EDR) tools, all claiming to find and block the most subtle attacks, even ones that don’t leave many fingerprints.As we wrote last fall, there are two basic approaches: hunting (looking for some odd behavior) and sifting and gathering particular trends or activities (which has its roots in traditional anti-virus).To read this article in full or to leave a comment, please click here

Cutting through the IPv6 Requirements Red Tape

Few years ago a bunch of engineers agreed that the customers need a comprehensive “IPv6 Buyer’s Guide” and thus RIPE-554 was born. There are also IPv6 certification labs, US Government IPv6 profile and other initiatives. The common problem: all these things are complex.

However, it’s extremely easy to get what you want as Ron Broersma explained during his presentation at recent Slovenian IPv6 meeting. All it takes is a single paragraph in the RFP saying something along these lines:

The equipment must have the required functionality and performance in IPv6-only environment.

Problem solved (the proof is left as an exercise for the reader… or you could cheat and watch Ron’s presentation, which you should do anyway ;).

Basics: What is Ternary Content Address Memory (TCAM) ?

Note: You should read about Content Addressable Memory (CAM) before reading this post. Today’s networking hardware operates a Layer 2, Layer 3 and Layer 4 of the OSI model. The device might switch Ethernet frames, route IP packets and implement filters based on the TCP segments. A MAC Address is always an exact match and […]

The post Basics: What is Ternary Content Address Memory (TCAM) ? appeared first on EtherealMind.

Basics: What is Binary CAM (BCAM) ?

Binary CAM performs a binary lookup ands returns either a 1 or 0.

The post Basics: What is Binary CAM (BCAM) ? appeared first on EtherealMind.

Basics: What is Content Addressable Memory (CAM) ?

Content-addressable memory (CAM) is silicon chip architecture that is purpose-built for extremely fast but very specific type of memory lookups.

The post Basics: What is Content Addressable Memory (CAM) ? appeared first on EtherealMind.

How to use VirtualBox to emulate a network

VirtualBox is an open-source virtual machine manager and hypervisor that may also be used as a network emulator. In addition to creating and managing individual virtual machines, VirtualBox can connect virtual machines together to emulate a network of computers and network appliances such as routers or servers. VirtualBox works on the major computing platforms: Windows, MacOS, and Linux.

In this post, I offer a step-by-step tutorial showing how to use the VirtualBox graphical user interface to set up a network of six devices — three routers and three PCs. This tutorial will utilize some of the advanced functions supported by VirtualBox and provide you with the skills to set up a network of virtual machines on your own personal computer.

Required knowledge

I assume you, the reader, are already familiar with the VirtualBox GUI and have used it to create and run virtual machines on your personal computer, using default settings. I also assume you have a basic understanding of Linux shell commands, which will be needed to configure the Linux operating system running on the virtual routers and PCs.

If you need to refresh your knowledge about VirtualBox, the VirtualBox website provides a detailed user manual, and Continue reading

Independence Day 2016

The post Independence Day 2016 appeared first on 'net work.

Android full disk encryption can be brute-forced on Qualcomm-based devices

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users' data and run brute-force attacks against them.The attack was demonstrated last week by security researcher Gal Beniamini and uses two vulnerabilities patched this year in Qualcomm's implementation of the ARM CPU TrustZone.The ARM TrustZone is a hardware security module that runs its own kernel and Trusted Execution Environment independent of the main OS. On Qualcomm chips, the Trusted Execution Environment is called QSEE (Qualcomm Secure Execution Environment).The full-disk encryption feature on Android devices relies on a randomly generated key called the device encryption key (DEK). This key is itself encrypted with another key derived from the user's PIN, password or swipe pattern.To read this article in full or to leave a comment, please click here

Android full disk encryption can be brute-forced on Qualcomm-based devices

Mobile Broadband Ecosystem

Mobile Broadband… You might have heard this term before, possibly in an ISP environment. The term has always represented a name of a department within a mobile operator or a vendor organization. It is always there in profile description for telecom professionals. It is everywhere actually when it comes to a certain ecosystem or framework that delivers Internet Service […]

The post Mobile Broadband Ecosystem appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

SDxCentral’s Top 10 Articles — June 2016

Microsoft tried to buy Docker, MPLS team members resign from Cisco, and more.

Don’t Confuse Hyperconvergence With Web-Scale

There are big differences between hyperconverged systems and the web-scale architectures used by Google and Facebook.

Heavy Metal In The Data Center

Metal heads have nothing over data center managers.

New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

New products of the week 7.4.16

Second man pleads guilty of hacking entertainment industry celebrities

A second man has pleaded guilty to using a phishing scheme to get access to private and sensitive videos and photographs of people in the entertainment industry in Los Angeles.Edward Majerczyk, 28, a resident of Chicago and Orland Park, Illinois, has admitted in a plea agreement entered in the U.S. District Court for the Central District of California that between Nov. 23, 2013 through August 2014, he had engaged in a phishing scheme to obtain usernames and passwords from his victims, according to the U.S. Attorney’s Office for the Central District of California.Majerczyk gained access to the victims’ usernames and passwords after he sent them emails that appeared to be from security accounts of internet service providers. These mails directed the victims to a website that would collect their usernames and passwords. After illegally accessing the email accounts, he obtained personal information including sensitive and private photographs and videos, according to his plea agreement.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,842 2,843 2,844 2,845 2,846 … 3,837 Next »