Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

News 01 Jun 2023
Zyxel vulnerability under 'widespread exploitation'

Researchers warn that threat actors are widely exploiting an unauthenticated command injection vulnerability to target multiple Zyxel network devices. Continue Reading
News 01 Jun 2023
Mitiga warns free Google Drive license lacks logging visibility

The ability to view logs is critical for enterprises to detect and attribute malicious activity. Mitiga said the Google Drive issue allows data exfiltration without a trace. Continue Reading

Answer 10 Jun 2021

The top 6 SSH risks and how regular assessments cut danger

By performing ongoing risk assessments, organizations can keep their SSH vulnerabilities at a minimum and ensure their remote access foundation is secure. Continue Reading
Tip 04 Jun 2021

5 steps to secure the hybrid workforce as offices reopen

Companies must now face the security challenges of overseeing a hybrid workforce as employees return to the office. Continue Reading
Feature 02 Jun 2021

What is secure remote access in today's enterprise?

Out with the old, in with the new. The meaning of secure remote access, and how organizations achieve it, is changing. Here's what you need to know. Continue Reading
Tip 01 Jun 2021

Who is responsible for secure remote access management?

The pandemic exposed the need for a strong secure remote access strategy. Now, organizations need to figure out which team must make it happen. Continue Reading
Feature 28 May 2021

MDM vs. MAM: What are the key differences?

Mobile workers are productive and even essential to business success. But IT has to protect corporate apps and data -- as well as worker privacy -- via MDM, MAM or both. Continue Reading
Guest Post 24 May 2021

Why cloud changes everything around network security

Vishal Jain examines why the data center mindset doesn't work for network security when it comes to using the public cloud and how companies should think instead. Continue Reading
Feature 21 May 2021

How to secure remote access for the hybrid work model

With the post-COVID-19 hybrid work model taking shape, discover the technologies and trends analysts and IT leaders view as the anchors to ensure secure remote access. Continue Reading
News 20 May 2021

CrowdStrike breaks down 'Golden SAML' attack

The nightmare scenario, demonstrated at RSA Conference 2021, was used by threat actors in the SolarWinds breach and gave them control over both cloud and on-premises systems. Continue Reading
Tip 20 May 2021

Create a remote access security policy with this template

The expansion of remote work has created complicated security risks. Get help developing and updating a remote access security policy. Download our free template to get started. Continue Reading
News 19 May 2021

Cisco shares lessons learned in zero-trust deployment

The networking giant explained at RSA Conference 2021 how it was able to deploy a company-wide zero trust model in less than six months, and what it learned along the way. Continue Reading
Tip 19 May 2021

How to build a cloud security observability strategy

Security observability in the cloud involves more than workload monitoring. Read up on the essential observability components and tools needed to reap the security benefits. Continue Reading
Feature 19 May 2021

12 essential features of advanced endpoint security tools

In addition to protecting an organization's endpoints from threats, IT administrators can use endpoint security tools to monitor operation functions and DLP strategies. Continue Reading
Feature 14 May 2021

Endpoint security strategy: Focus on endpoints, apps or both?

Companies know how to secure traditional endpoints, but what about mobile devices outside the network? They should decide if they want to protect devices, apps or both. Continue Reading
Tip 14 May 2021

Enterprises mull 5G vs. Wi-Fi security with private networks

While Wi-Fi security can be implemented just as securely as 5G, mechanisms built into 5G offer some compelling benefits to enterprises considering private 5G networks. Continue Reading
News 13 May 2021

'FragAttacks' eavesdropping flaws revealed in all Wi-Fi devices

Security researcher Mathy Vanhoef said every Wi-Fi device is impacted by at least one of the 12 vulnerabilities, and most devices are vulnerable to several of the flaws. Continue Reading
Feature 10 May 2021

From EDR to XDR: Inside extended detection and response

As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms. Continue Reading
News 06 May 2021

'BadAlloc' vulnerabilities spell trouble for IoT, OT devices

A week after Microsoft revealed 25 memory allocation vulnerabilities in several IoT and OT products, some devices have been patched, while others have not. Continue Reading
News 26 Apr 2021

Hackers targeting VPN vulnerabilities in ongoing attacks

As remote work increased during the pandemic, threat actors increasingly targeted known vulnerabilities. Continue Reading
News 21 Apr 2021

Zero-day flaw in Pulse Secure VPN exploited in attacks

A remote code execution vulnerability found in Pulse Secure VPN appliances has been exploited in attacks affecting government, defense and financial organizations. Continue Reading
Tip 16 Apr 2021

6 SSH best practices to protect networks from attacks

SSH is essential, but default installations can be costly. Auditing and key management are among critical SSH best practices to employ at any organization. Continue Reading
Tip 15 Apr 2021

Unify on-premises and cloud access control with SDP

One security framework available to organizations struggling with on-premises and cloud access control issues is a software-defined perimeter. Learn how SDP can help. Continue Reading
News 08 Apr 2021

Cring ransomware attacking vulnerable Fortigate VPNs

A vulnerability impacting Fortinet's Fortigate VPN, first disclosed and patched in 2019, is being exploited by Cring ransomware operators to extort bitcoin from enterprises. Continue Reading
Tip 07 Apr 2021

MDR vs. MSSP: Why it's vital to know the difference

When assessing MDR vs. MSSP, the key is understanding why the two aren't interchangeable and how each handles response. Continue Reading
Tip 01 Apr 2021

5 endpoint security best practices to keep company data safe

With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
Feature 22 Mar 2021

How to set up Palo Alto security profiles

Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network. Continue Reading
Feature 22 Mar 2021

Author's advice on Palo Alto firewall, getting started

Interfaces, licenses, policies -- getting started with a Palo Alto Networks firewall can be confusing. Here, the author of 'Mastering Palo Alto Networks' offers his advice. Continue Reading
Guest Post 18 Mar 2021

With 5G, security by design is a must

New tech means new security strategies. Deloitte's Wendy Frank and Shehadi Dayekh explain why this is especially true with 5G. Security by design, they advise, is a critical approach. Continue Reading
Tip 18 Mar 2021

6 AIOps security use cases to safeguard the cloud

Explore six AIOps security use cases in cloud environments, such as threat intelligence analysis and malware detection, as well as expert advice on implementation considerations. Continue Reading
Tip 15 Mar 2021

Endpoint security vs. network security: Why both matter

As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading
News 04 Mar 2021

Microsoft's security roadmap goes all-in on 365 Defender

Microsoft 365 Defender's new threat analytics feature includes step-by-step reports on attacks, vulnerabilities and more, as well as links to relevant alerts in each report. Continue Reading
News 11 Feb 2021

Oldsmar water plant computers shared TeamViewer password

In addition to the advisory published by Massachusetts officials, the FBI issued a private industry notification Tuesday that referenced poor password security. Continue Reading
News 26 Jan 2021

Akamai: Extortion attempts increase in DDoS attacks

New research from Akamai Technologies shows record-breaking DDoS attacks surged in 2020 while extortion-related campaigns against a variety of targets also increased. Continue Reading
Feature 19 Jan 2021

The 5 different types of firewalls explained

Read up on the five different firewalls' similarities and differences, the three firewall deployment models and tips for choosing the firewall that best meets your company's needs. Continue Reading
Tip 14 Jan 2021

Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading
Quiz 23 Dec 2020

Endpoint security quiz: Test your knowledge

Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading
Tip 16 Dec 2020

6 remote workforce cybersecurity strategies for 2021

Remote worker data security has quickly evolved into a top concern for IT security. Here are six strategies to ensure remote workforce cybersecurity in 2021. Continue Reading
Tip 15 Dec 2020

Why it's SASE and zero trust, not SASE vs. zero trust

SASE and zero trust are hot infosec topics. But, when it comes to adoption, it's not a question of either/or, but using SASE to establish and enable zero-trust network access. Continue Reading
Feature 10 Dec 2020

Zero-trust initiatives rely on incremental security improvements

Despite implementation challenges, enterprise security leaders see zero trust as the security model of the future and are moving forward with adoption plans. Continue Reading
Answer 10 Dec 2020

Inbound vs. outbound firewall rules: What are the differences?

Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Tip 04 Dec 2020

Counter threats with these top SecOps software options

SecOps tools offer many capabilities to address common threats enterprises face, including domain name services, network detection and response, and anti-phishing. Continue Reading
Tip 20 Nov 2020

What are the biggest hardware security threats?

Hardware security threats -- and strategies to overcome them -- are evolving as enterprises increasingly install autonomous capabilities for smart building and IoT projects. Continue Reading
Tip 03 Nov 2020

Using SDP as a VPN alternative to secure remote workforces

Software-defined perimeter has been touted as a VPN alternative for secure remote access. How do you know if SDP or a traditional VPN is right for your company? Continue Reading
Feature 02 Nov 2020

Weighing the future of firewalls in a zero-trust world

Cybersecurity pros have been predicting the firewall's demise for years, yet the device is still with us. But does it have a place in zero-trust networks? One analyst says yes. Continue Reading
02 Nov 2020

Weighing the future of firewalls in a zero-trust world

Continue Reading
Opinion 02 Nov 2020

Cybersecurity for remote workers: Lessons from the front

Tackle the security challenges COVID-19 wrought by using this playbook from an experienced disaster-zone responder. Continue Reading
02 Nov 2020

Cybersecurity for remote workers: Lessons from the front

Continue Reading
Tip 29 Oct 2020

Understanding the zero trust-SDP relationship

Zero trust is a complicated framework that spans the IT stack. Find out how software-defined perimeter can address zero trust's network-level access requirements. Continue Reading
Guest Post 23 Oct 2020

Why SASE should be viewed as an evolution, not revolution

The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals. Continue Reading
Tip 22 Oct 2020

How to prepare for a zero-trust model in the cloud

Zero-trust security in the cloud is different than it is on premises. Learn the concepts and policies to effectively achieve a zero-trust model in the cloud. Continue Reading
Tip 19 Oct 2020

Zero-trust implementation begins with choosing an on-ramp

Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, enterprises need to choose their on-ramp wisely. Continue Reading
Tip 16 Oct 2020

How enterprise cloud VPN protects complex IT environments

Do you know how enterprise cloud VPN differs from a traditional VPN? Explore how cloud VPN works and whether it's the right option for your hybrid IT environment. Continue Reading
Feature 30 Sep 2020

CASB, CSPM, CWPP emerge as future of cloud security

Complexity has introduced new needs and challenges when securing cloud environments. Find out how CASB, CSPM and CWPP tools have evolved to meet the changing cloud landscape. Continue Reading
Tip 28 Sep 2020

Critical IIoT security risks cloud IoT's expansion into industry

The convergence of IoT with industrial processes increases productivity, improves communications and makes real-time data readily available. But serious IIoT security risks must be considered as well. Continue Reading
Tip 18 Sep 2020

Top 4 firewall-as-a-service security features and benefits

Firewall-as-a-service offerings implement security policies across consolidated traffic headed to all locations. Learn about four security features and benefits of FWaaS. Continue Reading
Tip 10 Sep 2020

Combination of new, old tech driving remote access security

The massive shift to home-based workforces left IT vulnerable to unexpected threats, but organizations are combining old and new strategies to maintain remote access security. Continue Reading
News 31 Aug 2020

Cisco issues alert for zero-day vulnerability under attack

Cisco discovered attempted exploitation of a high-severity vulnerability found in the IOS XR software used in some of its networking equipment. Continue Reading
Answer 28 Aug 2020

Site-to-site VPN security benefits and potential risks

Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk. Continue Reading
Tip 25 Aug 2020

Infrastructure as code's security risks and rewards

Infrastructure as code can yield some exciting security benefits for enterprises, but they each come with drawbacks. Learn more about the most critical IaC security impacts. Continue Reading
Feature 21 Aug 2020

Cybersecurity new normal needs change in process, CISOs say

As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal. Continue Reading
Tip 18 Aug 2020

10 RDP security best practices to prevent cyberattacks

Securing remote connections is critical, especially in a pandemic. Enact these RDP security best practices at your organization to prevent ransomware, brute-force attacks and more. Continue Reading
News 06 Aug 2020

Ripple20 vulnerabilities still plaguing IoT devices

Months after Ripple20 vulnerabilities were reported, things haven't gotten much better, say experts at Black Hat USA 2020. In fact, the world may never be fully rid of the flaws. Continue Reading
Feature 22 Jul 2020

Zero-trust framework ripe for modern security challenges

What is zero-trust security, and why deploy it now? Analysts explain its importance in the current IT era and how to get started with evaluation and implementation. Continue Reading
Answer 08 Jul 2020

Stateful vs. stateless firewalls: Understanding the differences

Examine the important differences between stateful and stateless firewalls, and learn when each type of firewall should be used in an enterprise setting. Continue Reading
News 29 Jun 2020

Record-setting DDoS attacks indicate troubling trend

Akamai Technologies recently mitigated two of the largest DDoS attacks ever recorded on its platform, including a massive 809 million packets per second attack against a bank. Continue Reading
News 22 Jun 2020

Microsoft acquires CyberX to strengthen IoT security offering

Microsoft is acquiring CyberX to boost its IoT security offerings, though it's unknown whether CyberX will remain a separate entity or be integrated into Microsoft. Continue Reading
Answer 19 Jun 2020

How to prevent network eavesdropping attacks

One of the biggest challenges of network eavesdropping attacks is they are difficult to detect. Read about prevention measures to help keep your network safe from snoopers and sniffers. Continue Reading
News 16 Jun 2020

ZDI drops 10 zero-day vulnerabilities in Netgear router

Trend Micro's Zero Day Initiative published 10 vulnerabilities in Netgear's R6700 router that have gone unpatched for seven months. Continue Reading
Feature 11 Jun 2020

VPC security best practices and how to implement them in AWS

To best secure network access, AWS administrators need to create rules for network resources. Learn how to implement Amazon VPC security best practices in this book excerpt. Continue Reading
Feature 11 Jun 2020

Overcome AWS security vulnerabilities with VPCs, IAM

Securing network access in AWS requires the right rules to be in place. Learn more about Virtual Private Clouds and how implementing them can prevent common cloud security attacks. Continue Reading
Answer 11 Jun 2020

Identifying and troubleshooting VPN session timeout issues

Troubleshooting VPN session timeout and lockout issues should focus first on isolating where the root of the problem lies -- be it the internet connection, the VPN vendor or the user device. Continue Reading
News 09 Jun 2020

'CallStranger' vulnerability affects billions of UPNP devices

A new vulnerability in the Universal Plug and Play protocol could be used to exfiltrate enterprise data and launch DDoS attacks, and patches may not arrive for a long time. Continue Reading
News 04 Jun 2020

Remote work cybersecurity a concern during pandemic

Recent surveys by NordVPN and Kaspersky found that more than 60% of employees use personal devices as they work from home due to the coronavirus -- which creates cybersecurity issues. Continue Reading
Tip 01 Jun 2020

How to fortify IoT access control to improve cybersecurity

Security technology is still playing catch-up with the new risks and attack vectors associated with IoT. Learn how to improve IoT access control and identity management here. Continue Reading
Feature 01 Jun 2020

SASE adoption accelerating as workforce goes remote

Experts suggest enterprises should consider SASE adoption for network security as the remote workforce grows in order to reduce cost and complexity. Continue Reading
Answer 27 May 2020

Is VPN split tunneling worth the security risks?

Enabling VPN split tunneling may increase speed and decrease bandwidth use and costs, but it also increases the number of security vulnerabilities faced. Continue Reading
News 18 May 2020

Advent calls off Forescout acquisition

On what was scheduled to be the closing day, Forescout Technologies instead announced Advent International will not proceed with the $1.9 billion acquisition as planned. Continue Reading
Tip 18 May 2020

How to balance secure remote working with on-site employees

Post-pandemic, organizations must strike the right balance between on-site and remote work security. Here's how to make sure your cybersecurity program is prepared. Continue Reading
Quiz 06 May 2020

Test your cyber-smarts with this network security quiz

Show what you know about the topics covered in the May 2020 issue of Information Security magazine. If you get nine of 10 answers right, you'll also receive CPE credit! Continue Reading
01 May 2020

AI-powered cyberattacks force change to network security

Continue Reading
Feature 01 May 2020

AI-powered cyberattacks force change to network security

Companies now face sophisticated enemies using AI and machine learning tools for their attacks. It's a world of new dangers for those defending network systems and data. Continue Reading
Opinion 01 May 2020

Plan now for the future of network security

How to battle well-funded, technologically sophisticated threats and ensure high-quality network performance? CISOs need a plan to meet network challenges now and in the future. Continue Reading
01 May 2020

Plan now for the future of network security

Continue Reading
E-Zine 01 May 2020

Why CISOs need advanced network security strategies now

Continue Reading
News 27 Apr 2020

Zero-day flaw in Sophos XG Firewall exploited in attacks

Sophos released an emergency patch over the weekend for its XG firewalls after threat actors exploited a zero-day SQL vulnerability in the products to steal customer data. Continue Reading
Feature 27 Apr 2020

Securing a remote workforce amplifies common cybersecurity risks

Securing a remote workforce during the pandemic has not only created unforeseen cybersecurity risks, but also magnified old ones with more employees using home networks. Continue Reading
News 20 Apr 2020

Google unveils BeyondCorp Remote Access as VPN alternative

Google unveiled a new iteration of its zero-trust network offering with BeyondCorp Remote Access, which is designed to help remote workers securely connect to critical web apps. Continue Reading
Tip 14 Apr 2020

Use an IoT security architecture to protect networks end to end

Organizations can reap benefits from IoT technology but only if it is properly secured. Learn the components of IoT network architecture and the unique security considerations of each. Continue Reading
Tip 13 Apr 2020

Building security, privacy and trust in IoT deployments

The T in IoT doesn't stand for trust, but it's a critical component of any IoT deployment. Follow the AEIOU vowel framework for an actionable blueprint of building trust in IoT. Continue Reading
Tip 03 Apr 2020

Comparing SASE vs. traditional network security architectures

Today's dispersed environments need stronger networking and security architectures. Enter cloud-based Secure Access Service Edge -- a new model for secure network access. Continue Reading
Answer 02 Apr 2020

Considering the differences in LAN vs. WAN security

Given the differences in the security of LAN and WAN, enterprises need to guard against insider threats, secure against unauthorized access and potentially secure the edge, too. Continue Reading
Tip 25 Mar 2020

Answering the top IoT risk management questions

Vulnerable IoT devices are commonly installed on enterprise networks, putting IT on the lookout for security issues. Here are answers to the biggest IoT risk management questions. Continue Reading
Tip 17 Mar 2020

4 tips to ensure secure remote working during COVID-19 pandemic

Don't let teleworkers compromise your enterprise's security. Follow these tips to ensure secure remote working in the event of a teleworker boom during a pandemic. Continue Reading
News 05 Mar 2020

Amid expansion, BlackBerry security faces branding dilemma

BlackBerry continues its push into security by addressing a number of endpoint devices. But analysts discuss whether the former mobile device maker has a perception problem. Continue Reading
Answer 26 Feb 2020

Wired vs. wireless network security: Best practices

Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Feature 05 Feb 2020

The Mirai IoT botnet holds strong in 2020

More than three years after its first appearance, the Mirai botnet is still one of the biggest threats to IoT. Learn about its variants and how to protect against them. Continue Reading
News 05 Feb 2020

Cisco Discovery Protocol flaws jeopardize 'tens of millions' of devices

Armis Security disclosed five vulnerabilities, dubbed 'CDPwn,' in Cisco's Discovery Protocol, which impact 'tens of millions' of Cisco devices such as routers and IP phones. Continue Reading
News 22 Jan 2020

Netgear under fire after TLS certificates found in firmware -- again

Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor. Continue Reading
News 17 Jan 2020

Unpatched Citrix vulnerability expands as mitigations fall short

Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability. Continue Reading
News 14 Jan 2020

Citrix patches for ADC and Gateway flaw to begin rolling out next week

Citrix announced security fixes on the way one month after disclosing a vulnerability in its ADC and Gateway appliances, which has already seen preliminary attacks in the wild. Continue Reading
News 10 Jan 2020

Threat actors scanning for vulnerable Citrix ADC servers

Scans for vulnerable Citrix servers were discovered by security researchers following the disclosure of a remote code execution flaw in Citrix ADC and Gateway products. Continue Reading

1
2
3
4
5
6
7
8

Networking

Google interconnects with rival cloud providers
Video platform provider Pexip said Google's Cross-Cloud Interconnect reduced the cost of connecting Google Cloud with Microsoft ...
How to interact with network APIs using cURL, Postman tools
Network engineers can use cURL and Postman tools to work with network APIs. Use cases include getting interface information and ...
Modular network design benefits and approaches
Modular network design is a strategic way for enterprises to group network building blocks in order to streamline network ...

CIO

AI transparency: What is it and why do we need it?
As the use of AI models has evolved and expanded, the concept of transparency has grown in importance. Learn about the benefits ...
How to write an RFP for a software purchase, with template
Software buying teams should understand how to create an effective RFP. Here's a look at what components to include, along with a...
What are the 4 different types of blockchain technology?
Public, private, hybrid or consortium, each blockchain network has distinct pluses and minuses that largely drive its ideal uses ...

Enterprise Desktop

Best practices for a PC end-of-life policy
Organizations that deploy PCs need a strong and clear policy to handle hardware maintenance, end of life decisions, sustainable ...
What does the new Microsoft Intune Suite include?
With all the recent name changes with Microsoft's endpoint management products and add-ons, IT teams need to know what Intune ...
Does macOS need third-party antivirus in the enterprise?
Macs are known for their security, but that doesn't mean they're safe from viruses and other threats. IT teams can look into ...

Cloud Computing

Cloud experts weigh in on the state of FinOps
Surprised by your cloud bill? Experts weigh in on the rising popularity of FinOps, the art of building a FinOps strategy and the ...
Dell Apex updates support enterprise 'cloud to ground' moves
Dell's latest Apex updates puts the company in a position to capitalize on the hybrid, multi-cloud and edge computing needs of ...
Prepare for the Azure Security Engineer Associate certification
Are you ready to boost your resume or further your cloud career path? Review this preparation guide to get ready for Exam AZ-500 ...

ComputerWeekly.com

Discovering the Diversity Process Flow in cyber
The UK Cyber Security Council's Simon Hepburn explains the Council's new Diversity Process Flow framework, and outlines its ...
NBN unveils uncapped data plan for remote Australia
Following a successful trial to examine delivery of an improved satellite service, including the capability to achieve faster ...
Qualcomm beefs up Snapdragon Space XR Developer Platform for immersive future
Mobile platform technology giant launches immersive technology designed to create a cross-device, extended and augmented reality ...

Close