Traditional perimeter-based network defense is obsolete—transform to a Zero Trust model

Digital transformation has made the traditional perimeter-based network defense obsolete. A new white paper helps you understand the core principles of a Zero Trust approach.
The post Traditional perimeter-based network defense is obsolete—transform to a Zero Trust model appeared first on Microsoft Security. READ MORE HERE…

Read more

Can microsegmentation help IoT security?

The Internet of Things (IoT) promises some big benefits for organizations, such as greater insights about the performance of corporate assets and finished products, improved manufacturing processes, and better customer services. The nagging security issues related to IoT, unfortunately, remain a huge concern for companies and in some cases might be keeping them from moving forward with initiatives. One possible solution to at least some of the security risks of IoT is microsegmentation, a  concept in networking that experts say could help keep IoT environments under control.To read this article in full, please click here(Insider Story) READ MORE HERE…

Read more

Exploit found in Supermicro motherboards could allow for remote hijacking

A security group discovered a vulnerability in three models of Supermicro motherboards that could allow an attacker to remotely commandeer the server. Fortunately, a fix is already available.Eclypsium, which specializes in firmware security, announced in its blog that it had found a set of flaws in the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11.[ Also see: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ]
BMCs are designed to permit administrators remote access to the computer so they can do maintenance and other updates, such as firmware and operating system patches. It’s meant to be a secure port into the computer while at the same time walled off from the rest of the server.To read this article in full, please click here READ MORE HERE…

Read more

Flaw found in Supermicro motherboards could allow for remote hijacking

A security group discovered a vulnerability in three models of Supermicro motherboards that could allow an attacker to remotely commandeer the server. Fortunately, a fix is already available.Eclypsium, which specializes in firmware security, announced in its blog that it had found a set of flaws in the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11.[ Also see: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ]
BMCs are designed to permit administrators remote access to the computer so they can do maintenance and other updates, such as firmware and operating system patches. It’s meant to be a secure port into the computer while at the same time walled off from the rest of the server.To read this article in full, please click here READ MORE HERE…

Read more

How SD-Branch addresses today’s network security concerns

Secure software-defined WAN (SD-WAN) has become one of the hottest new technologies, with some reports claiming that 85% of companies are actively considering SD-WAN to improve cloud-based application performance, replace expensive and inflexible fixed WAN connections, and increase security.But now the industry is shifting to software-defined branch (SD-Branch), which is broader than SD-WAN but introduced several new things for organizations to consider, including better security for new digital technologies. To understand what’s required in this new solution set, I recently sat down with John Maddison, Fortinet’s executive vice president of products and solutions.To read this article in full, please click here READ MORE HERE…

Read more

Is your enterprise software committing security malpractice?

Back when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that’s nothing compared to what enterprise security, analytics, and hardware management tools are doing.An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer’s network. The company issued a report and warning last week.ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, “ExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises.”To read this article in full, please click here READ MORE HERE…

Read more

Tempered Networks simplifies secure network connectivity and microsegmentation

The TCP/IP protocol is the foundation of the internet and pretty much every single network out there. The protocol was designed 45 years ago and was originally only created for connectivity. There’s nothing in the protocol for security, mobility, or trusted authentication.The fundamental problem with TCP/IP is that the IP address within the protocol represents both the device location and the device identity on a network. This dual functionality of the address lacks the basic mechanisms for security and mobility of devices on a network.This is one of the reasons networks are so complicated today. To connect to things on a network or over the internet, you need VPNs, firewalls, routers, cell modems, etc. and you have all the configurations that come with ACLs, VLANs, certificates, and so on. The nightmare grows exponentially when you factor in internet of things (IoT) device connectivity and security. It’s all unsustainable at scale.To read this article in full, please click here READ MORE HERE…

Read more

Meta Networks builds user security into its Network-as-a-Service

Network-as-a-Service (NaaS) is growing in popularity and availability for those organizations that don’t want to host their own LAN or WAN, or that want to complement or replace their traditional network with something far easier to manage.With NaaS, a service provider creates a multi-tenant wide area network comprised of geographically dispersed points of presence (PoPs) connected via high-speed Tier 1 carrier links that create the network backbone. The PoPs peer with cloud services to facilitate customer access to cloud applications such as SaaS offerings, as well as to infrastructure services from the likes of Amazon, Google and Microsoft. User organizations connect to the network from whatever facilities they have — data centers, branch offices, or even individual client devices — typically via SD-WAN appliances and/or VPNs.To read this article in full, please click here READ MORE HERE…

Read more