[*] [+] [-] [x] [A+] [a-]  
[l] at 6/24/20 3:43pm

A set of serious network security vulnerabilities collectively known as Ripple20 roiled the IoT landscape when they came to light last week, and the problems they pose for IoT-equipped businesses could be both dangerous and difficult to solve.

Ripple20 was originally discovered by Israel-based security company JSOF in September 2019. It affects a lightweight, proprietary TCP/IP library created by a small company in Ohio called Treck, which has issued a patch for the vulnerabilities. Several of those vulnerabilities would allow for remote-code execution, allowing for data theft, malicious takeovers and more, said the security vendor.

That, however, isn’t the end of the problem. The TCP/IP library that contains the vulnerabilities has been used in a huge range of connected devices, from medical devices to industrial control systems to printers, and actually delivering and applying the patch is a vast undertaking. JSOF said that “hundreds of millions” of devices could be affected. Many devices don’t have the capacity to receive remote patches, and Terry Dunlap, co-founder of security vendor ReFirm Labs, said that there are numerous hurdles to getting patches onto older equipment in particular.

To read this article in full, please click here

[Author: Jon Gold] [Category: Internet of Things, Networking, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 6/22/20 3:54pm

Microsoft has announced it will purchase the industrially focused network security vendor CyberX for an undisclosed sum in an effort to bolster the security capabilities of its Azure IoT platform.

The acquisition strikes at the heart of two key IIoT security pain points. While it’s comparatively easy to build new IoT devices that have all the necessary features for seamless security management, older devices running a wildly diverse range of different protocols, which may lack important features like the ability to be patched remotely, are a bigger challenge.

To read this article in full, please click here

[Author: Jon Gold] [Category: Internet of Things, Security, Cloud Computing]

[*] [+] [-] [x] [A+] [a-]  
[l] at 6/17/20 6:22pm

Palo Alto Networks has released next-generation firewall (NGFW) software that integrates machine learning to help protect enterprise traffic to and from hybrid clouds, IoT devices and the growing numbers of remote workers.

The machine learning is built into the latest version of Palo Alto's firewall operating system – PAN 10.0 –  to prevent real-time signatureless attacks and to quickly identify new devices – in particular  IoT products – with behavior-based identification.

To read this article in full, please click here

[Author: Michael Cooney] [Category: Security, Internet of Things]

[*] [+] [-] [x] [A+] [a-]  
[l] at 6/10/20 10:58am
These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.

[Author: David Foote] [Category: Careers, Certifications, ITIL, Analytics, Skills and Training, Salaries, Jobs, Encryption, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 6/8/20 12:49pm

As many part of the U.S. are at least partially lifting lockdown sanctions prompted by the COVID pandemic, questions about the safety of those moves remain. IoT technology, however, might help alleviate some of those concerns.

The degree to which it’s safe to reopen certain workspaces hinges in large part on how strictly social distancing practices are followed, and IoT technology may have a role to play. Companies like Genetec, a building management and security firm, are rolling out products designed to help businesses manage their facilities during the pandemic.

To read this article in full, please click here

[Author: Jon Gold] [Category: Internet of Things, Security, Malware, Network Monitoring]

[*] [+] [-] [x] [A+] [a-]  
[l] at 6/8/20 12:49pm
How IoT technology can help enforce social-distancing rules by monitoring occupancy in workspaces.

[Author: Tim Greene] [Category: Internet of Things, Security, Malware, Network Monitoring]

[*] [+] [-] [x] [A+] [a-]  
[l] at 6/4/20 11:34am

Cisco has unleashed an extensive new round of security warnings – three of them “critical” – mostly for users of its iOS XE software and industrial router family.

In total, Cisco issued 23 Security Advisories that describe 25 exposures in its IOS and IOS XE systems.  

Network pros react to new Cisco certification curriculum

Beyond the three critical advisories, 20 have a “High” impact rating. Cisco said that one vulnerability affects Cisco IOS, IOS XE, IOS XR, and NX-OS Software. Five vulnerabilities affect both Cisco IOS and IOS XE Software. Six vulnerabilities affect Cisco IOS Software and 10 affect Cisco IOS XE Software. Three vulnerabilities affect the Cisco IOx application environment.

To read this article in full, please click here

[Author: Michael Cooney] [Category: Security, Networking]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/28/20 4:50pm

Cisco is embracing the secure-access service edge (SASE) architecture put forth by Gartner with plans to upgrade some of its existing products to reach the goal of delivering access control, security and networking to cloud services.

The enterprise shift to SASE will be gradual as they figure out the best way to connect their increasingly remote workforce to distributed resources delivered from corporate data centers and as cloud services, Cisco says.

Network pros react to new Cisco certification curriculum

“Flexibility will be fundamental as IT chooses among multiple security and networking capabilities that best fit their operations, regulatory requirements, and types of applications,” said Jeff Reed, senior vice president of product, Cisco’s Security Business Group in a blog post. “Security services can be predominantly delivered from the cloud to provide consistent access policies across all types of endpoints. However, globally distributed organizations may need to apply security and routing services differently according to regional requirements.”   

To read this article in full, please click here

[Author: Michael Cooney] [Category: Networking, Security, Cloud Computing]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/27/20 10:00pm

Security and performance concerns made it challenging for TrialCard to enable its employees to work from home when the COVID-19 pandemic hit.

Customer service agents use a voice-over-IP phone and thin-client computer, both of which were designed to work in an on-premises office environment. "They need those systems to do their day-to-day job," says Ryan Van Dynhoven, director of infrastructure at TrialCard, a Morrisville, N.C.-based company that helps pharmaceutical manufacturers connect with patients, including providing patient support and clinical trial services.

READ MORE: Enterprises look to SASE to bolster security for remote workers

To read this article in full, please click here

[Author: Maria Korolov] [Category: Security, Networking, SD-WAN]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/27/20 6:08am
Three steps to finding a network detection and response product that prevents, detects, investigates, identifies, responds and mitigates cyberattacks.

[Author: IT Central Station] [Category: Networking, Network Security, Cyber Attacks, Security, IT Strategy, Technology Industry]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/26/20 10:01pm
Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.

[Author: Lucian Constantin] [Category: Cloud Security, Collaboration, Security, Cyber Attacks]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/26/20 5:32pm

The coronavirus pandemic has accelerated some companies' plans to adopt secure access service edge (SASE).

Last summer, Gartner estimated SASE adoption at less than 1% of enterprises and said it would take five to 10 years before the technology reaches mainstream. But today, SASE is one of the main topics of client interest, according to Gartner analyst John Wheeler.

READ MORE: How SD-WAN is evolving into Secure Access Service Edge

To read this article in full, please click here

[Author: Maria Korolov] [Category: Networking, Security, SD-WAN]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/26/20 5:32pm

The coronavirus pandemic has accelerated some companies' plans to adopt secure access service edge (SASE).

Last summer, Gartner estimated SASE adoption at less than 1% of enterprises and said it would take five to 10 years before the technology reaches mainstream. But today, SASE is one of the main topics of client interest, according to Gartner analyst John Wheeler.

READ MORE: How SD-WAN is evolving into Secure Access Service Edge

To read this article in full, please click here

[Author: Maria Korolov] [Category: Networking, Security, SD-WAN]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/22/20 4:00am

The mere fact of the COVID pandemic’s existence has pushed the American healthcare system to capacity, but another threat to that system has reared its ugly head – cyberattacks, particularly those based on ransomware, have become more common as the disease spread, targeting medical IoT devices and healthcare networks.

According to Forrester Research analyst Chris Sherman, two U.S. hospitals have already been attacked via virtual care systems, after a hacker targeted a vulnerability in a medical IoT device (specifically, a remote patient-monitoring sensor) and gained access to the hospitals’ patient databases. And in another type of attack, the Fresenius Group, a medical device maker and the largest private hospital operator in Europe, has been hit by ransomware.

To read this article in full, please click here

[Author: Jon Gold] [Category: Internet of Things, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 5/20/20 4:00am
With most workers scattered at home and trying to come up with their own ad-hoc IT workarounds, there’s an easy way for IT shops to build trust: communicate. (Insider Story)

[Author: Ryan Faas] [Category: Security, Software, Mobile Management, iOS, Android, Windows, MacOS, Hardware, IDG Insider]

[*] [+] [-] [x] [A+] [a-]  
[l] at 2/11/20 4:00am
This free, open source penetration testing tool uses real attacks and real techniques to try and exploit its way into a network.

[Author: John Breeden II] [Category: Security, Open Source, Data Breach, IT Strategy, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 1/15/20 4:00am
SaltStack Enterprise, and its optional SecOps modules, is one of the only platforms available today that can fully manage complex enterprise environments while also protecting them.

[Author: John Breeden II] [Category: Security, Network Monitoring, Networking, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/17/19 4:00am
This fully functional, fully trained cybersecurity tool is ready on day 1 to spot threats on whatever network it’s charged with protecting.

[Author: John Breeden II] [Category: Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/29/19 8:06am
Real IT users evaluate network access control solutions: Cisco Identity Services Engine, Aruba ClearPass and ForeScout CounterACT. (Download the 27-page comparison.)

[Author: IT Central Station] [Category: Networking, Access Control, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 10/23/18 4:00am

You know you need to protect your company from unauthorized or unwanted access. You need a network-security tool that examines the flow of packets in and out of the enterprise, governed by rules that decide whether that flow is safe, malicious or questionable and in need of inspection. You need a firewall.

Recognizing that you need a firewall is the first – and most obvious -- step. The next crucial step in the decision-making process is determining which firewall features and policies best-suit your company’s needs.

Today’s enterprise firewalls must be able to secure an increasingly complex network that includes traditional on-premises data center deployments, remote offices and a range of cloud environments. Then you have to implement and test the firewall once it's installed. Perhaps the only element more complex than configuring, testing and managing a next-generation firewall is the decision-making process regarding which product to trust with your enterprise security.

To read this article in full, please click here

(Insider Story)

[Author: Sheryl Hodge] [Category: Firewalls, Security, Networking, IDG Insider]

[*] [+] [-] [x] [A+] [a-]  
[l] at 7/27/18 9:06am

When selecting VPN routers, small businesses want ones that support the VPN protocols they desire as well as ones that fit their budgets, are easy to use and have good documentation.

We looked at five different models from five different vendors: Cisco, D-Link, and DrayTek, Mikrotik and ZyXEL. Our evaluation called for setting up each unit and weighing the relative merits of their price, features and user-friendliness.

[ Learn who's developing quantum computers.]

Below is a quick summary of the results:

To read this article in full, please click here

(Insider Story)

[Author: Eric Geier] [Category: Networking, Router, Security, Cisco Systems, Small Business, IDG Insider]

As of 7/9/20 11:06am. Last new 6/24/20 4:30pm.

Next feed in category: Network World