SolarWinds roundup: Fixes, new bad actors, and what the company knew

The SolarWinds Orion security breach is unfolding at a rapid pace, and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern are the rate of infection and impact on government systems.In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework, was found to contain a backdoor that communicates via HTTP to third-party servers.[Get regularly scheduled insights by signing up for Network World newsletters.]
After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.To read this article in full, please click here READ MORE HERE…

Read more

5 Hot network-automation startups to watch

With the combined challenges of tight IT budgets and scarcer technical talent, it’s becoming imperative for enterprise network pros to embrace automation of processes and the way infrastructure responds to changing network traffic.Not only can automation help address these problems, they can also improve overall application-response time by anticipating and addressing looming congestion. Modern applications, such as virtual reality and artificial intelligence, and architectures that incorporate IoT and hybrid cloud have yet to reach their true potential because network capacity seems to always lag behind demand.  A common problem is that too much networking infrastructure is still manually maintained and managed, but major vendors are starting to addressing these  issues, as are startups that seek to break bottlenecks through automation.To read this article in full, please click here READ MORE HERE…

Read more

Get ready for the convergence of IT and OT networking and security

Most IT networking professionals are so busy with their day-to-day responsibilities that they don’t have time to consider taking on more work. But for companies with an industrial component, there’s an elephant in the room that is clamoring for attention. I’m talking about the increasingly common convergence of IT and operational technology (OT) networking and security.Traditionally, IT and OT have had very separate roles in an organization. IT is typically tasked with moving data between computers and humans, whereas OT is tasked with moving data between “things,” such as sensors, actuators, smart machines, and other devices to enhance manufacturing and industrial processes. Not only were the roles for IT and OT completely separate, but their technologies and networks were, too.To read this article in full, please click here READ MORE HERE…

Read more

How blockchain will manage networks

Ethernet networking technology is flawed, say some engineers. The problem is it doesn’t have any inherent security built in to it. Ethernet also hard to manage because it’s centralized. It’s out-of-date, and it needs revamping, researchers say.One attempt to address the issue is the Marconi protocol, which is a strategy to shift network and packet management over to a smart contract, decentralized chain-based system. Smart contracts are trackable, verifiable transactions. They’re performed through encrypted blockchains and are self-enforcing.To read this article in full, please click here READ MORE HERE…

Read more

National pen test execution standard would improve network security

As the number of cyber attacks increases, the demand for penetration tests – to determine the strength of a company’s defense – is also going up. People are worried about their companies’ networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.The demand for these tests is only going to increase as attackers get more sophisticated. And it’s essential these tests catch all possible vulnerabilities.[ Also read: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ]
Benefits and gaps of penetration tests
Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.To read this article in full, please click here READ MORE HERE…

Read more

Durham County goes Cisco for enterprise network ops and security proficiency

The government in Durham County, N.C., was spending hours and hours manually provisioning its network and keeping security policies current, so it decided two and a half years ago to upgrade for the sake of efficiency and security.Since then, the government’s IT staff of four has migrated its traditional point-to-point network to a more modern enterprise featuring the software-defined technologies of Cisco’s Application Centric Infrastructure (ACI) and DNA Center that support its 2,100 enterprise end users and online services for 315,000 county residents.  [ Read also: How to plan a software-defined data center network ]
As a result, time spend on certain manual chores has plummeted, freeing up staff time for forward-looking projects.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

The rise of next-generation network packet brokers

Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.To read this article in full, please click here READ MORE HERE…

Read more

Cato Networks adds threat hunting to its Network as a Service

Enterprises that have grown comfortable with Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (IaaS) are increasingly accepting of Network as a Service (NaaS). NaaS is a rapidly growing market. According to Market Research Future, NaaS is expected to become a US $126 billion market by 2022, sustaining an annual growth rate of 28.4 percent.One of the key benefits of cloud-based networking is increased security for applications and data. Given that the traditional perimeter of on-premise networks has been decimated by mobile and cloud computing, NaaS builds a new perimeter in the cloud. Now it’s possible to unify all traffic – from data centers, branch locations, mobile users, and cloud platforms – in the cloud. This means an enterprise can set all its security policies in one place, and it can push traffic through cloud-based security functions such as next-generation firewall, secure web gateway, advanced threat protection, and so on.To read this article in full, please click here READ MORE HERE…

Read more

7 free network tools you must have

“I am all about useful tools. One of my mottos is ‘the right tool for the right job.'” –Martha StewartIf your “right job” involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren’t working as they’re supposed to, you’ve got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that’s what we’re here for; to help in your quest for the right tools.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
We’ve done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we’ve compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

7 free networking tools you must have

“I am all about useful tools. One of my mottos is ‘the right tool for the right job.'” –Martha StewartIf your “right job” involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren’t working as they’re supposed to, you’ve got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that’s what we’re here for; to help in your quest for the right tools.[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
We’ve done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we’ve compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.To read this article in full, please click here READ MORE HERE…

Read more