Palo Alto targets zero-day threats with new firewall software

Palo Alto Networks has released next-generation firewall (NGFW) software that includes some 50 new features aimed at helping enterprise organizations battle zero-day threats and advanced malware attacks.The new features are built into the latest version of Palo Alto’s firewall operating system – PAN 11.0 Nova – and include upgraded malware sandboxing for the company’s WildFire malware-analysis service, advanced threat prevention (ATP), and a new cloud access security broker (CASB).WildFire is Palo Alto’s on-prem or cloud-based malware sandbox that is closely integrated with Palo Alto’s firewalls. When a firewall detects anomalies, it sends data to WildFire for analysis. WildFire uses machine learning, static analysis, and other analytics to discover threats, malware and zero-day threats, according to the vendor.To read this article in full, please click here READ MORE HERE…

Read more

2022 holiday DDoS protection guide

The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays (for example, more sales for retailers and more players for gaming companies). Unfortunately, cyber attackers also look forward to this time of year to celebrate an emerging holiday tradition—distributed denial-of-service (DDoS) attacks.
The post 2022 holiday DDoS protection guide appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Should security systems be the network?

Recently during a research interview with a small but fast-growing business, for the first time I encountered an organization with a “no-network-vendor” network. That is, instead of using Cisco or Dell or even a white-box solution for switching and routing, the company deployed only Fortinet equipment for its entire network. That is, every network component is part of the security infrastructure for them.They built the network this way not just to bake security into its core (a great idea in itself) but also for:
ease of management: they have one tool, it manages every component
ease of deployment: they have only two or three versions of each appliance, all the same except for capacity and port count
ease of expansion to new locations: every site is the same as any other site of similar size

They have a small stock of replacement appliances on the shelf, with which they provide rapid recovery for all locations. They could easily also consume security-operations center as-a-service, and use professional services for nearly all the rest of their network operations. In essence, their security solution could become their complete network solution as well.To read this article in full, please click here READ MORE HERE…

Read more

Cisco adds a firewall, upgrades security

Security is the name of the game at Cisco’s Partner Summit gathering this week with the rollout of a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security wares. On the firewall front, Cisco announced the Secure Firewall 3105 it says is built specifically for hybrid workers and small branch offices. Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end for the Secure Firewall 3100 family, including the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput.To read this article in full, please click here READ MORE HERE…

Read more

IoT security strategy from those who use connected devices

Freeman Health System has around 8,000 connected medical devices in its 30 facilities in Missouri, Oklahoma, and Kansas. Many of these devices have the potential to turn deadly at any moment. “That’s the doomsday scenario that everyone is afraid of,” says Skip Rollins, the hospital chain’s CIO and CISO.Rollins would love to be able to scan the devices for vulnerabilities and install security software on them to ensure that they aren’t being hacked. But he can’t.”The vendors in this space are very uncooperative,” he says. “They all have proprietary operating systems and proprietary tools. We can’t scan these devices. We can’t put security software on these devices. We can’t see anything they’re doing. And the vendors intentionally deliver them that way.”To read this article in full, please click here READ MORE HERE…

Read more

Software-defined perimeter: What it is and how it works

A growing number of organizations are drawing an invisible line around their internet-connected resources in an effort to keep attackers at bay. Called software-defined perimeter (SDP), it is based on the relatively simple idea of throwing a virtual barrier around servers, routers, printers, and other enterprise network components.The goal of SDP is to protect networks behind a flexible, software-based perimeter. “Advantages include stronger security and greater flexibility and consistency,” says Ron Howell, principal SD-WAN and SASE architect at IT and business consulting firm Capgemini Americas.To read this article in full, please click here READ MORE HERE…

Read more

Cisco expands its SD-WAN software for wider reach, better security

Cisco has broadened the scope of Cisco SD-WAN software by growing its reach and security, and expanding its support for deploying multi-region WAN fabric.The idea behind the new features is to help manage the complexity and security of connecting to cloud resources from the edge of the network, said JP Shukla, director, product management, in Cisco’s Enterprise Cloud & SD-WAN group. “They want to connect these users as reliably and securely as these users would be in an office environment,” he said.
[ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here READ MORE HERE…

Read more