SECURITY Stories

Most enterprise networks can't handle big data loads

Published on: 2019-09-25

Another week, another survey that finds IT cannot keep up with the ever-expanding data overload. This time the problem surrounds network bandwidth and overall performance. A survey of 300 IT professionals conducted by management consultant firm Accenture found the majority feel their enterprise ...

SD-WAN Shines in a Dark Enterprise Market

Published on: 2019-09-25

SD-WAN promises to deliver revenue growth to telcos and other service providers to offset flat revenues from other enterprise services, according to Heavy Reading analyst Sterling Perrin. "Network operators need a way to grow their revenue, and here comes SD-WAN growing revenues the way they ...

Startup Cowbell Cyber Launches 'Continuous Underwriting' Platform

Published on: 2019-09-24

New inside-out approach will give SMBs a way to buy insurance coverage based on a realistic and ongoing assessment of their risk, company says. Startup Cowbell Cyber wants to give small and midsize businesses (SMBs) a better way to get insurance coverage against cybersecurity threats. The ...

Citrix Meshes Istio Service Mesh Into Its ADC Platform

Published on: 2019-09-24

Citrix has linked the Istio control plane service mesh to its ADC platform to more tightly secure and optimize traffic with a microservices-based application environment. The move is also the latest victory for the rapidly evolving service mesh platform. Citrix’s ADC platform is a product suite ...

Kubernetes Kills Containership’s Cruise

Published on: 2019-09-24

The rise of Kubernetes as the de facto container orchestration platform has been a boon to organizations looking to take advantage of a microservices-based ecosystem but has proven to be a challenge for many vendors. The extreme of that challenge played out late last week as Containership ...

Iranian Government Hackers Target US Veterans

Published on: 2019-09-24

A nation-state hacking group recently found attacking IT provider networks in Saudi Arabia as a stepping stone to its ultimate targets has been spotted hosting a fake website, called "Hire Military Heroes," that drops spying tools and other malicious code onto victims' systems. The so-called ...

How to Define & Prioritize Risk Management Goals

Published on: 2019-09-24

As risk management programs differ from business to business, these factors remain constant. When evaluating the goals for a risk management program, many organizations focus on compliance or filling perceived gaps in their capabilities. The problem is, these priorities fall short of considering ...

Cloudflare Introduces 'Bot Fight Mode' Option for Site Operators

Published on: 2019-09-24

Goal is to help websites detect and block bad bot traffic, vendor says. Content delivery network Cloudflare has launched a new feature that it says will help users of its services prevent malicious bots from scraping their websites, stealing credentials, misusing APIs, or launching other ...

Russia Chooses Resiliency Over Efficiency in Cyber Ops

Published on: 2019-09-24

New analysis of the software used by espionage groups linked to Russia finds little overlap in their development, suggesting that the groups are siloed. Russian cyber espionage groups surprisingly do not share much code in their development, suggesting that the nation's various attack groups are ...

Aryaka’s HybridWAN Boasts Multi-Tenancy, Enhanced Firewalls

Published on: 2019-09-24

Aryaka today announced HybridWAN, which is the latest evolution of its SD-WAN offering. The HybridWAN update provides customers with greater flexibility by allowing them to route low-priority traffic over traditional broadband or 4G LTE and business-sensitive traffic over Aryaka’s Layer-2 core. ...

What is Project BroadWay?

Published on: 2019-09-24

About a decade ago, the European Commission started having formal conversations around TETRA and the future of public safety communications networks. This led to the formation of Public Safety Communications – Europe, and subsequently to research validating what public safety users would require ...

UC Security Strategy: Understanding SIM Swapping Attacks

Published on: 2019-09-23

By Sorell SlaymakerUnderstanding how SIM swapping attacks happen is the first step in devising a strategy against them.

Cisco spreads ACI to Microsoft Azure, multicloud and SD-WAN environments

Published on: 2019-09-18

Cisco is significantly spreading its Application Centric Infrastructure (ACI) technology to help customers grow and control hybrid, multicloud and SD-WAN environments. ACI is Cisco’s flagship software-defined networking (SDN) data-center package, but it also delivers the company’s Intent-Based ...

HPE's vision for the intelligent edge

Published on: 2019-09-06

It’s not just speeds and feeds anymore, it's intelligent software, integrated security and automation that will drive the networks of the future. That about sums up the networking areas that Keerti Melkote, HPE's president, Intelligent Edge, thinks are ripe for innovation in the next few years. ...

Q&A: HPE's networking chief opens up about intelligent edge, Cisco and micro data centers

Published on: 2019-09-05

Since founding Aruba Networks in 2002 and then staying on when Hewlett Packard bought the firm in 2015, Keerti Melkote has seen firsthand the evolution of the wireless industry. From the initial rush to bring laptops using Wi-Fi to the enterprise and the advent of Apple iPad – which Melkote says ...

VMware touts hyperscale SD-WAN

Published on: 2019-08-28

SAN FRANCISCO – VMware teamed with Dell/EMC this week to deliver an SD-WAN service that promises to greatly simplify setting up and supporting wide-area-network connectivity. The Dell EMC SD-WAN Solution is a package of VMware software with Dell hardware and software that will be managed by Dell ...

VMware touts hyperscale SD-WAN

Published on: 2019-08-28

SAN FRANCISCO – VMware teamed with Dell/EMC this week to deliver an SD-WAN service that promises to greatly simplify setting up and supporting wide-area-network connectivity. The Dell EMC SD-WAN Solution is a package of VMware software with Dell hardware and software that will be managed by Dell ...

IDG Contributor Network: Software-defined perimeter – the essence of trust

Published on: 2019-08-26

Actions speak louder than words. Reliable actions build lasting trust in contrast to unreliable words. Imagine that you had a house with a guarded wall. You would feel safe in the house, correct? Now, what if that wall is dismantled? You might start to feel your security is under threat. Anyone ...

Cisco & NTT Ltd. Named to Fortune's Change the World List

Published on: 2019-08-21

SAN JOSE & LONDON, Aug. 21, 2019 – Cisco and NTT Ltd. were recently selected for Fortune’s fifth annual Change the World list, recognizing both companies, and their partnership, as leaders among the Fortune Global 500 in addressing the world’s biggest challenges and for their efforts to “do well ...

Organization of American States and Cisco to Launch Cybersecurity Innovation Councils in Latin America

Published on: 2019-08-15

San Jose, CA August 15, 2019 – Cisco and the Organization of American States (OAS) today announced joint efforts to democratize and boost cybersecurity adoption across Latin America through the creation of the Cybersecurity Innovation Councils. This initiative will serve as multi-stakeholder ...

Cisco Reports Fourth Quarter and Fiscal Year 2019 Earnings

Published on: 2019-08-14

SAN JOSE, Calif., Aug. 14, 2019 -- Cisco today reported fourth quarter and fiscal year results for the period ended July 27, 2019. Cisco reported fourth quarter revenue of $13.4 billion, net income on a generally accepted accounting principles (GAAP) basis of $2.2 billion or $0.51 per share, and ...

Cisco assesses the top enterprise SD-WAN technology drivers

Published on: 2019-08-01

Cisco this week celebrated the second anniversary of its purchase of SD-WAN vendor Viptela and reiterated its expectation that 2019 will see the technology change enterprise networks in major ways. In a blog outlining trends in the SD-WAN world, Anand Oswal, Cisco senior vice president, ...

Who will benefit the most from 5G

Published on: 2019-04-12

The growth of 5G cellular technology has gotten a lot of people excited, including those who are looking for 5G to provide a larger market for cloud computing, and most important, to simplify both connectivity and security. The question is: Who will have the most to gain? Enterprises that ...

Review: 6 slick open source routers

Published on: 2018-02-01

Hackers of the world, unite! You have nothing to lose but the lousy stock firmware your routers shipped with. Apart from smartphones, routers and wireless base stations are undoubtedly the most widely hacked and user-modded consumer devices. In many cases the benefits are major and concrete: a ...

5 Considerations Before Building Your Own Cloud Security Tool

Published on: 2019-09-24

Engineers love to build, and when it comes to cloud security, some DevOps teams try to cobble together their own solution from a combination of cloud-provided and disparate open source products. Before you invest too much time and too many resources into a DIY security project, here are some ...

Securing BGP on the host with origin validation

Published on: 2019-09-24

An increasingly popular design for a data centre network is BGP on the host: each host ships with a BGP daemon to advertise the IP addresses it handles and receives the routes to its fellow servers. Compared to a Layer 2-based design, it is very scalable, resilient, cross-vendor and safe (due to ...

Network Break 253: Arista CloudVision Ingests Configs From Third-Party Gear; Cisco Adds Azure To Cloud ACI

Published on: 2019-09-23

Take a Network Break! Arista Networks upgrades its CloudVision management software to accept configuration information from third-party devices, Cisco adds Azure support for its Cloud ACI and APIC controller, and Marvell completes its acquisition of transceiver manufacturer Aquantia. Datadog ...

Cyber Canon Book Review: Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity

Published on: 2019-09-23

Cyber Canon Book Review: “Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity” (2008), by Byron Acohido and Jon Swartz Bottom Line: I don’t recommend this book for the Cybersecurity Canon Hall of Fame, but if you are interested in ...

Heavy Networking 472: Grappling With Wireless QoS

Published on: 2019-09-20

If you are deploying an enterprise QoS scheme, wireless QoS matters to you. Today, we go through the basics of wireless QoS, covering some of the standards, terminology, and thinking required to get your head around how we can prioritize packets over a shared medium. You ready for this? I hope ...

Top 3 AWS Critical Cloud Misconfigurations and How to Remediate

Published on: 2019-09-20

It’s no secret that cloud adoption yields tremendous business benefit — increased agility, reduced cost, flexibility, ease-of-use, the list goes on. The problem is, companies have adopted cloud faster than they’ve been able to adopt security processes and practices to support it. Developer teams ...

Tongan Women in ICT continues to grow

Published on: 2019-09-20

Since Tonga’s first Women in ICT meeting, held over coffee in June 2018, the group has held a monthly meeting where we come together to talk and catch up as a group. Our numbers have grown in this time, from less than 10 women at our first meeting to an email distribution list of about 30 ...

Palo Alto Networks an Eight-Time Gartner Magic Quadrant Leader

Published on: 2019-09-19

In any high tech industry, it’s not often that a company gets to define a new market, and then continue to expand and reshape it for more than a decade. It’s even less common in our highly competitive cybersecurity space. Maybe that’s why this year’s Gartner Magic Quadrant for Network Firewalls ...

Cisco FirePOWER Series Comparison: FirePOWER 1000 vs 2100 vs 4100

Published on: 2019-09-19

Besides Cisco ASA5500 series firewalls, we know there are also FirePOWER series, like FirePOWER 1000, FirePOWER 2100, FirePOWER 4100, etc. Unlike ASA5500 which is only one series, FirePOWER provide various sub series, what are their differences? Let’s compare. Cisco Firepower 1000 Series is a ...

One Article to Understand the Cloud Computing, Virtualization, and Containers

Published on: 2019-09-17

The word “cloud computing” is believed to be very familiar to everyone. As a mainstream trend in the development of information technology, it frequently appears in front of us. Along with it, there are also these conceptual terms – OpenStack, Hypervisor, KVM, Docker, K8S, etc. These concepts ...

Cyber Canon Book Review: Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time

Published on: 2019-09-16

Cyber Canon Book Review: “Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time,” 2018, by O. Sami Saydjari Bottom Line: I recommend this book for the Cybersecurity Canon Hall of Fame. Imagine a 100-story building designed with a few clicks and plug-ins, with no ...

Network Break 252: Big Tech Backlash Hits Google; Activist Investor Tells AT&T To Slash And Burn

Published on: 2019-09-16

Take a Network Break! It’s an extra-long episode today so pack some extra virtual donuts. We start with follow-ups on AMD, CRL support, and more. On the news front, Microsoft partners with three satellite broadband providers on ExpressRoute, a pair of pen-testers were jailed after breaking in to ...

Forti-much to Appreciate at Mobility Field Day 4

Published on: 2019-09-12

About a month has gone by since I sat in a conference room at Fortinet HQ out in Sunnyvale during Mobility Field Day 4. As I review the presentations my fellow delagates and I saw first hand, I realize just how much information Fortinet’s Chris Hinsz put in front of us. Though the this was ...

CIMC Upgrade – 8540/5520 WLC

Published on: 2019-09-06

If you are familiar with Cisco UCS servers, you may be already familiar with CIMC upgrade procedure. If not this post may help you to upgrade CIMC of your Cisco 8540/5520 WLCs. What is CIMC ? The Cisco Integrated Management Controller (CIMC) is the management service for the C-Series servers. ...

What is Carrier Hotel?

Published on: 2019-09-05

Carrier Hotel is a Company that owns large buildings and rents out redundant power and floor space. And of course, attracts many Telco’s and Carrier networks to the building. Carrier Hotel often leases off large chunks of space to Service Providers or Enterprises. These companies operate the ...

Quick VPN Installation Guide on Your Router

Published on: 2019-09-04

Having your own VPN, or virtual private network is growing in popularity. With so many hacks and data breaches taking place every day, maintaining certain levels of security is important. That’s why having a VPN is key. What is so important about a VPN? A VPN provides total privacy because your ...

Don’t Forget About Those OTHER Meraki MX Firewall Rules

Published on: 2019-09-03

I’m a long-time user of the Meraki MX security appliance product line. Going way back to the MX-70, I have found tremendous value in what the MX products can do for my far-off sites. (Here’s an old- and I mean old- case study that gets into the early appreciation of the MX line.) I’ve probably ...

Positioning Policy Properly

Published on: 2019-08-30

Who owns the network policy for your organization? How about the security policy?Identity policy? Sound like easy questions, don’t they? The first two are pretty standard. The last generally comes down to one or two different teams depending upon how much Active Directory you have deployed. But ...

IT Security Refresh: More Practical Tips for a Good Foundation (Part 2)

Published on: 2019-08-23

IT in security is big business. With a solid IT security foundation, you can protect your organization from threats – saving time and money. In Part 1 of this series, we discussed NSA’s recommendations for three foundational steps that reduce the number of cyber security attacks. They include: ...

AWS ABCs: Granting A Third-Party Access to Your Account

Published on: 2019-08-20

There can be times when you’re working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example: In each of these cases you likely want to grant the permissions the third-party needs but no more. In other words, no granting of policies because it’s ...

IT Security Refresh: Practical Tips for a Good Foundation (Part 1)

Published on: 2019-08-12

IT system intrusions and malware are increasing. What can you do about it? I’ve stayed away from IT security for a long time. It has seemed to me to be like standing next to a dike, poking fingers in as many holes as I can, eventually running out of fingers. Then I look around and […] The post ...

GORUCK Battle of Ramadi Light - AAR

Published on: 2019-08-04

We shifted into rucking mode as Cadre Igor gave us a destination outside of the park, just up the river trail. We grabbed our coupons, flags, Ranger tab, litters and moved out. Our destination was Bicentennial Park so we headed north along the paved Scioto Trail. This weekend was Pride Weekend ...

Patch! Patch! Patch!

Published on: 2019-07-04

Bob Plankers, Technical Marketing Architect for vSphere at VMware, has a very simple but important message for all of us, and it isn’t really limited to VMware itself: “Patch! Patch! Patch! Did I say… patch?”. That was his starting message when I visited VMware during Security Field Day 2, and ...

BGP route leak sends European traffic via China

Published on: 2019-06-26

On Thursday June 6, 2019, traffic destined to some of Europe’s biggest mobile providers was misdirected in a roundabout path through the Chinese-government-controlled China Telecom, in some cases for more than two hours. “Swiss data center colocation company AS21217 leaked over 70,000 routes to ...

Meraki In The Middle – Smart Security Cameras

Published on: 2019-06-12

I’ve been looking at security cameras recently, in part because my home owners association needs to upgrade the system which monitors some of the amenities. We want motion detection features and, obviously, remote access to view live cameras and recorded footage without having to go to the ...

Five Functional Facts About AWS Service Control Policies

Published on: 2019-05-07

Following on the heels of my previous post, Five Functional Facts about AWS Identity and Access Management, I wanted to dive into a separate, yet related way of enforcing access policies in AWS: Service Control Policies (SCPs). SCPs and IAM policies look very similar–both being JSON documents ...

Our Green Card Journey

Published on: 2019-04-14

We are now Lawful Permanent Residents of the United States - aka Green Card Holders. It took a few years to get to this point. Here’s our timeline, why we did it, what it means for us, and what next. I first moved to the US on an L-1B visa. This is an intra-company transfer visa, that let me ...

Bataan Memorial Death March Marathon 2019 - Race Report

Published on: 2019-04-14

After a while we made our way to the start line which was quite a haul away from where we parked. Seems the theme of the day will be distance. It was still dark and we were close to the back of the pack with the civilian ruckers. The start line was in the distance and lit up during the opening ...

Cisco Live – Network Building Blocks for IoT

Published on: 2019-03-07

Cisco Live happened in Barcelona end of January, and as usual I am a little late with my blog posts about it. Like the last two years I was invited to join the group of technology experts for Tech Field Day Extra, with various presentations covering a number of new and improved Cisco ...

BGP Route Security

Published on: 2018-12-17

Whenever there is a new attack on the Internet that has anything to do with BGP (Border Gateway Protocol), you hear the commonly used phrase that goes something like “BGP is based on the inherent trust model with no inbuilt security”. While that is true (as we will see in this article), what ...

Intro into Fortinet WLAN configuration

Published on: 2018-09-30

Simple, secure, sensible – Koroush Saraf, Fortiner VP of Product Management, emphasized these words in his recent MFD3 presentations. While any vendor can claim their products share these attributes, it’s usually the complexity of workflow that reveals the betrayal of one or all of these ...

Traceroute through Firepower Threat Defense

Published on: 2018-08-13

Nearly eight years ago, I wrote an article about configuring the ASA to permit Traceroute and how to make the device show up in the output. That article is still relevant and gets quite a few hits every day. I wanted to put together a similar How-To article for those using Firepower Threat ...

DMVPN Phase 3: a complete guide

Published on: 2018-07-16

In a previous article, I explained what is and how it works DMVPN technology. In this article you see how to configure DMVPN phase3. This phase allows spokes to build a spoke-to-spoke tunnel and to overcomes the phase2 restriction using NHRP traffic indication messages from the hub to signal to ...

Office 365: Exchange Hybrid issue with Windows Security of Outlook 2016

Published on: 2018-03-28

Outlook prompts for password when accessing migrated Exchange Online resource. The on-premise mailbox has been migrated to Exchange Online and the user opening the calendar to see free/busy and planned meetings is sitting on-premise Exchange server. When analyzing the https network flow with ...

Syslog relay with Scapy

Published on: 2017-11-11

I needed to point some syslog data at a new toy being evaluated by security folks.Reconfiguring the logging sources to know about the new device would have been too much of a hassle for a quick test. Reconfiguring the Real Log Server (an rsyslog box) to relay the logs wasn't viable because the ...

WPA2 KRACK Vulnerability, Getting Information

Published on: 2017-10-16

*** This page is being updated regularly. Please check back periodically. *** I'm sure everyone who does anything with networking or Wi-Fi has heard about the announced WPA2 KRACK vulnerability. I'd like to start a collection of useful information in one single place. My Opinion - the attack ...

What Drives Change in Enterprise IT

Published on: 2017-08-30

Reason For Change in Enterprise IT: Obsolescence You may love your Catalyst 6500 with SUP32 supervisors. They still meet all the requirements of your network: gigabit to the user, routing protocols, security capabilities. Unfortunately, Cisco has made it clear that they no longer want to support ...

SDN Lesson #2 – Introducing Faucet as an OpenFlow Controller

Published on: 2017-03-07

Welcome back to a new article about SDN - this time introducing an OpenFlow controller called Faucet, developed as a RYU application by New Zeeland Research and Education (REANNZ), Waikato University and Victoria University. In this article, I am not going to write about Faucet's architecture ...

Legacy TLS cipher support in Firefox

Published on: 2016-10-12

After upgrading Firefox recently, I noticed that I could no longer access certain embedded devices via HTTPS. It seems that recent versions of Firefox and Chrome no longer support certain TLS ciphers due to recently discovered vulnerabilities. That's all well and good, except the error returned ...

MACsec Implementation on Linux

Published on: 2016-08-01

As you noticed from the previous articles, lately I have been playing with some various tunnelling techniques and today I am presenting MACsec. Most of the documentation resources about MACsec implementation on the web at this moment, are the ones showing various vendors implementation, ...

Overlay Tunneling with Open vSwitch - GRETAP, VXLAN, Geneve, GREoIPsec

Published on: 2016-07-07

Building overlay networks using tunnels was always done to achieve connectivity between isolated networks that needed to share the same policies, VLANs or security domains. In particular, they represent a strong use-case in the data center, where tunnels are created between the hypervisors in ...

DNS-amplification attack reflection on backhaul circuit

Published on: 2013-07-09

As many of us already know, DNS amplification attacks are a big plague for who fights every day for the sake of Internet security and service availability. Infected hosts are instructed by botnet controllers to send DNS queries to recursive open resolvers, asking them for big zones with spoofed ...

© 2016 www.fusioneer.net.All rights reserved.