Saturday, November 23, 2024
Latest:

Network Security

Networkworld 

Cisco spotlights generative AI in security, collaboration

TH Author , , ,

Looking to harness a decade of AI/ML development Cisco this week previewed generative AI-based features it will soon bring to its Security Cloud service and Webex collaboration offerings.Cisco said it was looking meld the network and security intelligence it has amassed over the years with the large language models (LLMs) of generative AI to simplify enterprise operations and address threats with practical, effective techniques.  The first fruits of this effort will be directed at the Cisco Security Cloud, the overarching, integrated-security platform that includes software such as Duo access control and Umbrella security as well as firewalls and  Talos threat intelligence access all delivered via the cloud.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco jumps into SSE arena, boosts application security

TH Author , , , ,

Cisco this week took the wraps off a security service edge (SSE) offering that aims to help enterprises securely connect growing edge resources, including cloud, private and SAAS applications.Along with the SSE package, the vendor made two additional application security-related announcements at its Cisco Live! customer event. It unveiled Cisco Multicloud Defense, which is a new service designed to protect cloud service workloads, and it upgraded Panoptica, its cloud-native security application development software.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco aims for AI-first security with Armorblox buy

TH Author , ,

Cisco plans to buy Armorblox, a six-year-old AI vendor, to help create “an AI-first Security Cloud.”“Leveraging Armorblox’s use of predictive and Generative AI across our portfolio, we will change the way our customers understand and interact with their security control points,” wrote Raj Chopra senior vice president and chief product officer for Cisco Security in a blog announcing the pending acquistion.While securing email was Armorblox’s first application of its AI techniques, they might also be applied to attack prediction, rapid threat detection, and efficient policy enforcement, Chopra wrote. “Through this acquisition though, we see many exciting broad security use cases and possibilities to unlock.”To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Why it makes sense to converge the NOC and SOC

TH Author , , ,

It’s been 17 years and counting since Nemertes first wrote about the logic of integrating event response in the enterprise: bringing together the security operations center (SOC) and network operations center (NOC) at the organizational, operational, and technological levels. Needless to say, this has not happened at most organizations, although there has been a promising trend toward convergence in the monitoring and data management side of things. It’s worth revisiting the issue.Why converge?
The arguments for convergence remain pretty compelling:
Both the NOC and SOC are focused on keeping an eye on the systems and services comprising the IT environment; spotting and understanding anomalies; and spotting and responding to events and incidents that could affect or are affecting services to the business.
Both are focused on minimizing the effects of events and incidents on the business.
The streams of data they watch overlap hugely.
They often use the same systems (e.g. Splunk) in managing and exploring that data.
Both are focused on root-cause analysis based on those data streams.
Both adopt a tiered response approach, with first-line responders for “business as usual” operations and occurrences, and anywhere from one to three tiers of escalation to more senior engineers, architects, and analysts.
Most crucially: When something unusual happens in or to the environment (that router is acting funny), it can be very hard to know up front whether it is fundamentally a network issue (that router is acting funny – it has been misconfigured) or a security issue (that router is acting funny – it has been compromised) or both (that router is acting funny – it has been misconfigured and is now a serious vulnerability). Having fully separate NOC and SOC can mean duplicative work as both teams pick something up and examine it. It can mean ping-ponging incidents that bounce from one to the other, or incidents that neither picks up, thinking the other has or will.

At the very least, the lower tiers of separate NOC and SOC operations should be converged, so that there is neither duplication nor a game of hot potato as staff try to figure out what a problem actually is, and whether the response will be network focused, security focused, or both. Maintaining separate or semi-separate escalation paths is supportable given that lower-level convergence.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco aims for full-stack observability with AppDynamics/ThousandEyes tie-in

TH Author , , ,

Cisco is more tightly integrating its network- and application-intelligence tools in an effort to help customers quickly diagnose and remediate performance problems.An upgrade to Cisco’s Digital Experience Monitoring (DEM) platform melds the vendor’s AppDynamics application observability capabilities and ThousandEyes network intelligence with a bi-directional, OpenTelemetry-based integration package. (Read more about how to shop for network observability tools)The goal with DEM is to get business, infrastructure, networking, security operations, and DevSecOps teams working together more effectively to find the root cause of a problem and quickly address the issue, said Carlos Pereira, Cisco Fellow and chief architect in its Strategy, Incubation & Applications group. To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

AWS secures access to cloud apps without using VPNs

TH Author , , ,

Amazon Web Services has launched a service that secures user access to its cloud applications without requiring a VPN.AWS Verified Access, which the company previewed last November, validates every application request using Zero Trust principles before granting access to applications. Since AWS previewed the networking service, it has added two new features: AWS Web Application Firewall (WAF) and the ability to pass signed identity context to customers’ application endpoints.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Aruba banks on integrated security, AI, NaaS for enterprise growth

TH Author ,

Security, AI, and network-as-a-service (NaaS) were top of mind for Aruba Networks execs at their Atmosphere customer conference this week.“Ten years ago for most network operators their main job was making sure connectivity was reliable and security was someone else’s problem. It was outside their perimeter,” said David Hughes, senior vice president, chief product and technology officer with Aruba. “But today all perimeters have dissolved and the network has expanded,” .“The networking team is now responsible for making sure connectivity is secure from the start. Bolting it on somewhere won’t cut it anymore, it needs to be built into the network,” Hughes said.To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Arista streamlines network access control via SaaS

TH Author ,

Arista Networks has rolled out a SaaS-based service aimed at helping enterprises more network access control (NAC) more easily.The service, called CloudVision Guardian for Network Identity (CV-AGNI) uses real-time telemetry from Arista’s network products, combines it with data from its CloudVision management platform, and uses artificial intelligence to evaluate the information and implement security policies. The service can also onboard new devices, authenticate existing users, segment devices on the network, or help troubleshoot problems from a cloud-based system, according to Pramod Badjate, group vice president and general manager, of Arista’s Cognitive Campus group. To read this article in full, please click here READ MORE HERE…

Read more
Networkworld 

Cisco to launch an extended detection and response SaaS package

TH Author , , ,

Cisco is taking its first major step into Extended Detection and Response (XDR) with a SaaS-delivered integrated system of endpoint, network, firewall, email and identity software aimed at protecting enterprise resources.Cisco’s XDR service, which will be available July, brings together myriad Cisco and third-party security products to control network access, analyze incidents, remediate threats, and automate response all from a single cloud-based interface. The offering gathers six telemetry sources that Security Operations Center (SOC) operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS, Cisco stated.To read this article in full, please click here READ MORE HERE…

Read more