What is NAC and why is it important for network security?

Network Access Control (NAC) is a cybersecurity technique that prevents unauthorized users and devices from entering private networks and accessing sensitive resources. Also known as Network Admission Control, NAC first gained a foothold in the enterprise in the mid-to-late 2000s as a way to manage endpoints through basic scan-and-block techniques.As knowledge workers became increasingly mobile, and as BYOD initiatives spread across organizations, NAC solutions evolved to not only authenticate users, but also to manage endpoints and enforce policies.How NAC works
NAC tools detect all devices on the network and provide visibility into those devices. NAC software prevents unauthorized users from entering the network and enforces policies on endpoints to ensure devices comply with network security policies. NAC solutions will, for instance, make sure that the endpoint has up-to-date antivirus and anti-malware protections.To read this article in full, please click here READ MORE HERE…

Read more

5 best practices for making smart-building LANs more secure

Power, they say, corrupts, and absolute power corrupts absolutely. While that was said about politics, it sure seems like it was tailor-made for smart buildings.Facility-control technology is exploding because the concept is useful and often saves money. Unfortunately, smart devices have also proven to be an on-ramp for major intrusions. Smart buildings are surely absolutely powerful in a way; are they absolutely corruptible? Maybe, if we’re not very careful.[Get regularly scheduled insights by signing up for Network World newsletters.]
If corruption means overall bad-ness, then hacking a smart building surely qualifies. It could let intruders mess with lights, heating and air conditioning, and maybe other critical systems, too. We also know from news stories that a hacker could use a successful smart building intrusion to sneak into other business applications, potentially compromising them and  critical company information. It’s important to address these risks, and that means starting with how they arise.To read this article in full, please click here READ MORE HERE…

Read more

3 steps to improve collaboration between networking and security pros

(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report “NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation”, by EMA Vice President of Research Networking Shamus McGillicuddy.)To read this article in full, please click here READ MORE HERE…

Read more

3 steps to better collaboration between networking and security pros

(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. This article discusses challenges faced by these teams based on a survey of 366 IT and security professionals detailed in the report “NetSecOps: Aligning Networking and Security Teams to Ensure Digital Transformation”, by EMA Vice President of Research Networking Shamus McGillicuddy.)To read this article in full, please click here READ MORE HERE…

Read more

Edge computing: 5 potential pitfalls

Edge computing is gaining steam as an enterprise IT strategy with organizations looking to push storage and analytics closer to where data is gathered, as in IoT networks. But it’s got its challenges.
Tech Spotlight: Edge Computing

Proving the value of analytics on the edge (CIO)
The cutting edge of healthcare: How edge computing will transform medicine (Computerworld)
Securing the edge: 4 trends to watch (CSO)
How to choose a cloud IoT platform (InfoWorld)
Edge computing: 5 potential pitfalls (Network World)

Its potential upsides are undeniable, including improved latency as well as reduced WAN bandwidth and transmission costs. As a result, enterprises are embracing it. Revenues in the edge-computing market were $4.68 billion in 2020 and are expected to reach $61.14 billion by 2028, according to a May 2021 report by Grand View Research.To read this article in full, please click here READ MORE HERE…

Read more

Water-authority network upgrade spots problems faster

The Albuquerque water authority says recent network upgrades give it greater visibility and control over its remote sites and makes for faster responses to leaks and other problems.The Albuquerque Bernalillo County Water Utility Authority manages more than 3,000 miles of water-supply pipeline covering more than 650,000 users. The authority manages 135 remote locations, which include well sites, tanks, and pump stations, all of which have programmable logic controllers (PLC) connected to a dedicated, fixed-wireless network running at 900MHz back to the core network.[Get regularly scheduled insights by signing up for Network World newsletters.]
“The [main treatment] plant was built [about] 15 years ago,” said Kristen Sanders, the authority’s chief information security officer. “So if a piece of equipment went out, replacing it would be about shopping on eBay.” Also the authority’s fiber backbone that connects the sites with the main plant was past it’s service life and had to be replaced.To read this article in full, please click here READ MORE HERE…

Read more

TCP/IP stack vulnerabilities threaten IoT devices

A set of vulnerabilities in TCP/IP stacks used by FreeBSD and three popular real-time operating systems designed for the IoT was revealed this week by security vendor Forescout and JSOF Research. The nine vulnerabilities could potentially affect 100 million devices in the wild.Nucleus NET, IPNet and NetX are the other operating systems affected by the vulnerabilities, which a joint report issued by Forescout and JSOF dubbed Name:Wreck.In a report on the vulnerabilities, Forescout writes that TCP/IP stacks are particularly vulnerable for several reasons, including widespread use, the fact that many such stacks were created a long time ago, and the fact that they make an attractive attack surface, thanks to unauthenticated functionality and protocols that cross network perimeters.To read this article in full, please click here READ MORE HERE…

Read more

IoT security tips and a cautionary tale

You will have more connected devices than ever on your network in 2021, especially if you’re in healthcare, retail, or logistics, industries that are among the early adopters of the Internet of Things (IoT). You’ll have devices on your network edge, in your headquarters, on vehicles, in machinery, in your stores, in employees’ homes, and on public property.And there’s a good chance that some or many of these IoT devices have built-in security vulnerabilities that can endanger your network. In trying to capitalize on the voracious global appetite for connected commercial devices, many IoT manufacturers and developers are shoveling out enterprise IoT devices with, shall we say, varying levels of regard for security.To read this article in full, please click here READ MORE HERE…

Read more