Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
Tutorial
25 Jul 2024
How to use PuTTY for SSH key-based authentication
This tutorial on the open source PuTTY SSH client covers how to install it, its basic use and step-by-step instructions for configuring key-based authentication. Continue Reading
-
News
24 Jul 2024
KnowBe4 catches North Korean hacker posing as IT employee
KnowBe4 says it hired a new principal security engineer for its internal AI team, but quickly detected suspicious activity originating from the employee's workstation. Continue Reading
-
Tip
29 Oct 2020
Understanding the zero trust-SDP relationship
Zero trust is a complicated framework that spans the IT stack. Find out how software-defined perimeter can address zero trust's network-level access requirements. Continue Reading
-
Guest Post
23 Oct 2020
Why SASE should be viewed as an evolution, not revolution
The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals. Continue Reading
-
Tip
22 Oct 2020
How to prepare for a zero-trust model in the cloud
Zero-trust security in the cloud is different than it is on premises. Learn the concepts and policies to effectively achieve a zero-trust model in the cloud. Continue Reading
-
Tip
19 Oct 2020
Zero-trust implementation begins with choosing an on-ramp
Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, enterprises need to choose their on-ramp wisely. Continue Reading
-
Tip
16 Oct 2020
How enterprise cloud VPN protects complex IT environments
Do you know how enterprise cloud VPN differs from a traditional VPN? Explore how cloud VPN works and whether it's the right option for your hybrid IT environment. Continue Reading
-
Tip
28 Sep 2020
Critical IIoT security risks cloud IoT's expansion into industry
The convergence of IoT with industrial processes increases productivity, improves communications and makes real-time data readily available. But serious IIoT security risks must be considered as well. Continue Reading
-
Tip
18 Sep 2020
Top 4 firewall-as-a-service security features and benefits
Firewall-as-a-service offerings implement security policies across consolidated traffic headed to all locations. Learn about four security features and benefits of FWaaS. Continue Reading
-
Tip
10 Sep 2020
Combination of new, old tech driving remote access security
The massive shift to home-based workforces left IT vulnerable to unexpected threats, but organizations are combining old and new strategies to maintain remote access security. Continue Reading
-
News
31 Aug 2020
Cisco issues alert for zero-day vulnerability under attack
Cisco discovered attempted exploitation of a high-severity vulnerability found in the IOS XR software used in some of its networking equipment. Continue Reading
-
Answer
28 Aug 2020
Site-to-site VPN security benefits and potential risks
Not every enterprise needs the functionality of a standard VPN client. A site-to-site VPN may be a better choice for some companies, but it's not without risk. Continue Reading
-
Tip
25 Aug 2020
Infrastructure as code's security risks and rewards
Infrastructure as code can yield some exciting security benefits for enterprises, but they each come with drawbacks. Learn more about the most critical IaC security impacts. Continue Reading
-
Feature
21 Aug 2020
Cybersecurity new normal needs change in process, CISOs say
As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal. Continue Reading
-
Tip
18 Aug 2020
10 RDP security best practices to prevent cyberattacks
Securing remote connections is critical, especially in a pandemic. Enact these RDP security best practices at your organization to prevent ransomware, brute-force attacks and more. Continue Reading
-
News
06 Aug 2020
Ripple20 vulnerabilities still plaguing IoT devices
Months after Ripple20 vulnerabilities were reported, things haven't gotten much better, say experts at Black Hat USA 2020. In fact, the world may never be fully rid of the flaws. Continue Reading
-
Feature
22 Jul 2020
Zero-trust framework ripe for modern security challenges
What is zero-trust security, and why deploy it now? Analysts explain its importance in the current IT era and how to get started with evaluation and implementation. Continue Reading
-
News
29 Jun 2020
Record-setting DDoS attacks indicate troubling trend
Akamai Technologies recently mitigated two of the largest DDoS attacks ever recorded on its platform, including a massive 809 million packets per second attack against a bank. Continue Reading
-
News
22 Jun 2020
Microsoft acquires CyberX to strengthen IoT security offering
Microsoft is acquiring CyberX to boost its IoT security offerings, though it's unknown whether CyberX will remain a separate entity or be integrated into Microsoft. Continue Reading
-
Answer
19 Jun 2020
How to prevent network eavesdropping attacks
One of the biggest challenges of network eavesdropping attacks is they are difficult to detect. Read about prevention measures to help keep your network safe from snoopers and sniffers. Continue Reading
-
News
16 Jun 2020
ZDI drops 10 zero-day vulnerabilities in Netgear router
Trend Micro's Zero Day Initiative published 10 vulnerabilities in Netgear's R6700 router that have gone unpatched for seven months. Continue Reading
-
Feature
11 Jun 2020
VPC security best practices and how to implement them in AWS
To best secure network access, AWS administrators need to create rules for network resources. Learn how to implement Amazon VPC security best practices in this book excerpt. Continue Reading
-
Feature
11 Jun 2020
Overcome AWS security vulnerabilities with VPCs, IAM
Securing network access in AWS requires the right rules to be in place. Learn more about Virtual Private Clouds and how implementing them can prevent common cloud security attacks. Continue Reading
-
Answer
11 Jun 2020
Identifying and troubleshooting VPN session timeout issues
Troubleshooting VPN session timeout and lockout issues should focus first on isolating where the root of the problem lies -- be it the internet connection, the VPN vendor or the user device. Continue Reading
-
News
09 Jun 2020
'CallStranger' vulnerability affects billions of UPNP devices
A new vulnerability in the Universal Plug and Play protocol could be used to exfiltrate enterprise data and launch DDoS attacks, and patches may not arrive for a long time. Continue Reading
-
News
04 Jun 2020
Remote work cybersecurity a concern during pandemic
Recent surveys by NordVPN and Kaspersky found that more than 60% of employees use personal devices as they work from home due to the coronavirus -- which creates cybersecurity issues. Continue Reading
-
Tip
01 Jun 2020
How to fortify IoT access control to improve cybersecurity
Security technology is still playing catch-up with the new risks and attack vectors associated with IoT. Learn how to improve IoT access control and identity management here. Continue Reading
-
Feature
01 Jun 2020
SASE adoption accelerating as workforce goes remote
Experts suggest enterprises should consider SASE adoption for network security as the remote workforce grows in order to reduce cost and complexity. Continue Reading
-
Answer
27 May 2020
Is VPN split tunneling worth the security risks?
Enabling VPN split tunneling may increase speed and decrease bandwidth use and costs, but it also increases the number of security vulnerabilities faced. Continue Reading
-
News
18 May 2020
Advent calls off Forescout acquisition
On what was scheduled to be the closing day, Forescout Technologies instead announced Advent International will not proceed with the $1.9 billion acquisition as planned. Continue Reading
-
Tip
18 May 2020
How to balance secure remote working with on-site employees
Post-pandemic, organizations must strike the right balance between on-site and remote work security. Here's how to make sure your cybersecurity program is prepared. Continue Reading
-
Quiz
06 May 2020
Test your cyber-smarts with this network security quiz
Show what you know about the topics covered in the May 2020 issue of Information Security magazine. If you get nine of 10 answers right, you'll also receive CPE credit! Continue Reading
- 01 May 2020
-
Feature
01 May 2020
AI-powered cyberattacks force change to network security
Companies now face sophisticated enemies using AI and machine learning tools for their attacks. It's a world of new dangers for those defending network systems and data. Continue Reading
-
Opinion
01 May 2020
Plan now for the future of network security
How to battle well-funded, technologically sophisticated threats and ensure high-quality network performance? CISOs need a plan to meet network challenges now and in the future. Continue Reading
- 01 May 2020
- E-Zine 01 May 2020
-
News
27 Apr 2020
Zero-day flaw in Sophos XG Firewall exploited in attacks
Sophos released an emergency patch over the weekend for its XG firewalls after threat actors exploited a zero-day SQL vulnerability in the products to steal customer data. Continue Reading
-
Feature
27 Apr 2020
Securing a remote workforce amplifies common cybersecurity risks
Securing a remote workforce during the pandemic has not only created unforeseen cybersecurity risks, but also magnified old ones with more employees using home networks. Continue Reading
-
News
20 Apr 2020
Google unveils BeyondCorp Remote Access as VPN alternative
Google unveiled a new iteration of its zero-trust network offering with BeyondCorp Remote Access, which is designed to help remote workers securely connect to critical web apps. Continue Reading
-
Tip
14 Apr 2020
Use an IoT security architecture to protect networks end to end
Organizations can reap benefits from IoT technology but only if it is properly secured. Learn the components of IoT network architecture and the unique security considerations of each. Continue Reading
-
Tip
13 Apr 2020
Building security, privacy and trust in IoT deployments
The T in IoT doesn't stand for trust, but it's a critical component of any IoT deployment. Follow the AEIOU vowel framework for an actionable blueprint of building trust in IoT. Continue Reading
-
Tip
03 Apr 2020
Comparing SASE vs. traditional network security architectures
Today's dispersed environments need stronger networking and security architectures. Enter cloud-based Secure Access Service Edge -- a new model for secure network access. Continue Reading
-
Answer
02 Apr 2020
Considering the differences in LAN vs. WAN security
Given the differences in the security of LAN and WAN, enterprises need to guard against insider threats, secure against unauthorized access and potentially secure the edge, too. Continue Reading
-
Tip
25 Mar 2020
Answering the top IoT risk management questions
Vulnerable IoT devices are commonly installed on enterprise networks, putting IT on the lookout for security issues. Here are answers to the biggest IoT risk management questions. Continue Reading
-
Tip
17 Mar 2020
4 tips to ensure secure remote working during COVID-19 pandemic
Don't let teleworkers compromise your enterprise's security. Follow these tips to ensure secure remote working in the event of a teleworker boom during a pandemic. Continue Reading
-
News
05 Mar 2020
Amid expansion, BlackBerry security faces branding dilemma
BlackBerry continues its push into security by addressing a number of endpoint devices. But analysts discuss whether the former mobile device maker has a perception problem. Continue Reading
-
Answer
26 Feb 2020
Wired vs. wireless network security: Best practices
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
-
Feature
05 Feb 2020
The Mirai IoT botnet holds strong in 2020
More than three years after its first appearance, the Mirai botnet is still one of the biggest threats to IoT. Learn about its variants and how to protect against them. Continue Reading
-
News
05 Feb 2020
Cisco Discovery Protocol flaws jeopardize 'tens of millions' of devices
Armis Security disclosed five vulnerabilities, dubbed 'CDPwn,' in Cisco's Discovery Protocol, which impact 'tens of millions' of Cisco devices such as routers and IP phones. Continue Reading
-
News
22 Jan 2020
Netgear under fire after TLS certificates found in firmware -- again
Security researchers revealed Netgear firmware exposed TLS certificate keys, but SearchSecurity discovered it wasn't the first time the issue had been reported to the vendor. Continue Reading
-
News
17 Jan 2020
Unpatched Citrix vulnerability expands as mitigations fall short
Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability. Continue Reading
-
News
14 Jan 2020
Citrix patches for ADC and Gateway flaw to begin rolling out next week
Citrix announced security fixes on the way one month after disclosing a vulnerability in its ADC and Gateway appliances, which has already seen preliminary attacks in the wild. Continue Reading
-
News
10 Jan 2020
Threat actors scanning for vulnerable Citrix ADC servers
Scans for vulnerable Citrix servers were discovered by security researchers following the disclosure of a remote code execution flaw in Citrix ADC and Gateway products. Continue Reading
-
Tip
30 Dec 2019
IT vs. OT security -- and how to get them to work together
While IT and OT security have historically been separate, the advent of IoT is forcing the two together. Cross-pollinating IT with OT is critical to ensuring IoT security. Continue Reading
-
Tip
19 Dec 2019
What cloud workload security tools and controls work best?
Read on to learn how to build a cloud security model that allows your team to embed controls and monitor deployment without getting in the way of business processes. Continue Reading
-
Feature
19 Dec 2019
ICS security challenges and how to overcome them
Security cannot be an afterthought in internet-connected industrial control systems. IEEE member Kayne McGladrey offers best practices to stay safe in a connected world. Continue Reading
-
Answer
19 Dec 2019
Host IDS vs. network IDS: Which is better?
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
-
Tip
17 Dec 2019
Perimeterless security still has borders -- and APIs need it
Many people believe perimeterless security means borders are a thing of the past. But virtual borders secure APIs needed by mobile users and cloud workloads. Check out how to manage them. Continue Reading
-
Tip
12 Dec 2019
Master IoT and edge computing security challenges
Edge devices are not necessarily designed with security in mind. Organizations need to think critically about how to approach today's edge computing security challenges. Continue Reading
-
Tip
05 Dec 2019
How to implement zero-trust cloud security
The nature of cloud environments and workloads is changing. Security team approaches must evolve in response. Learn how to implement zero-trust cloud security from expert Dave Shackleford. Continue Reading
-
News
04 Dec 2019
NSS Labs drops antitrust suit against AMTSO, Symantec and ESET
NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market. Continue Reading
-
Answer
22 Nov 2019
What are the top network security techniques for modern companies?
Protecting the enterprise network remains integral to overall IT security. Here are the top network security techniques enterprises are using to protect data. Continue Reading
-
Tip
22 Nov 2019
The top 3 use cases for AI endpoint security tools
Endpoint attack surfaces are growing, and cybersecurity pros struggle to keep up. Consider the following use cases for AI endpoint security techniques in the enterprise. Continue Reading
-
Opinion
20 Nov 2019
What's the answer for 5G security?
Learn about the planning of 3GPP in developing specifications for 5G security in this synopsis of 5G Americas' white paper, 'The Evolution of Security in 5G.' Continue Reading
-
Tip
19 Nov 2019
Boost network security visibility with these 4 technologies
The network is where it's at if you want to stop malicious actors. But first you need to up your network visibility. Learn about four technologies that can help. Continue Reading
-
Tip
19 Nov 2019
Network visibility and monitoring tools now amp up security
Three technology trends are currently making network visibility even more central to security tools. Learn more about the impact of big data, AI and APIs. Continue Reading
-
Tip
12 Nov 2019
A fresh look at enterprise firewall management
Enterprises need to know where and how to install firewalls for maximum protection. Find out firewall management best practices that can help protect your organization. Continue Reading
-
News
05 Nov 2019
First BlueKeep attacks in the wild may be dark portents
Following months of warnings from law enforcement and the infosec community, the first BlueKeep exploit campaign was discovered in the wild and experts say it won't be the last. Continue Reading
-
News
29 Oct 2019
Adobe exposure includes data on 7.5 million users
Adobe exposed data on 7.5 million users and employees and one expert says the incident highlights why production data shouldn't be used in test environments. Continue Reading
-
News
22 Oct 2019
Forcepoint Web Security offering reaches for the edge
Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location. Continue Reading
-
News
14 Oct 2019
Imperva breach update puts blame on exposed AWS API keys
Imperva CTO Kunal Anand posted updated information regarding the recent breach affecting Cloud WAF customers and admitted poor security controls led to the compromise. Continue Reading
-
News
11 Oct 2019
Cybersecurity threats on the rise, prey on human nature
Cybersecurity attacks continue to rise, taking advantage of network vulnerabilities -- and human ones. First National Technology Solutions' CISO offers advice. Continue Reading
-
Tip
08 Oct 2019
Defining and evaluating SOC as a service
As cloud use increases, many enterprises outsource some security operations center functions. Evaluate if SOCaaS is the best model for your enterprise. Continue Reading
-
News
08 Oct 2019
NSA warns VPN vulnerabilities exploited by nation-state hackers
Nation-state hackers are exploiting previously disclosed vulnerabilities in VPNs from Pulse Secure, Palo Alto Networks and Fortinet, according to a security advisory from the NSA. Continue Reading
-
Feature
08 Oct 2019
Choosing between an SSL/TLS VPN vs. IPsec VPN
Infosec pros need to know the ins and outs of SSL/TLS VPNs vs. IPsec VPNs to better understand which product's features will fulfill the needs of their organization. Get help comparing here. Continue Reading
-
Feature
03 Oct 2019
How security teams benefit from traffic mirroring in the cloud
Enterprises with the resources to deploy traffic mirroring are gaining security benefits. Frank Siemons explains how traffic mirroring has adapted to new and evolving cyber-risks. Continue Reading
-
Tip
02 Oct 2019
How can DNS privacy issues be addressed?
Learn two techniques for improving end-user DNS privacy protection that prevent DNS from exposing information about websites users visit and the people users communicate with. Continue Reading
-
Tip
30 Sep 2019
The 3 types of DNS servers and how they work
DNS is a core internet technology, instrumental in mapping human-readable domains into corresponding IP addresses. Learn about the three DNS server types and their roles in the internet. Continue Reading
-
Answer
25 Sep 2019
Do network layer and application layer DDoS attacks differ?
Network layer and application layer DDoS attacks are significant threats. Learn about the differences between them and what you can do to reduce their effects. Continue Reading
-
Tip
23 Sep 2019
How software-defined perimeter authentication ups security
Find out how the emerging software-defined perimeter model increases security by its design and how it can serve as a building block to zero-trust security. Continue Reading
-
Tip
20 Sep 2019
Create a manageable, secure IT/OT convergence strategy in 3 steps
An effective IT/OT strategy requires at least three things: an evangelist, an infrastructure reference architecture and a plan to sanely divide operations between IT and OT. Continue Reading
-
Tip
20 Sep 2019
Tips and tricks to integrate IT and OT teams securely
IT and operational teams can work in tandem to support IoT projects, but their separate roles and responsibilities to one another must be clearly defined. Continue Reading
-
Tip
20 Sep 2019
What's the role of people in IT/OT security?
To enable a smoother, more secure IT/OT convergence, get wise to the potential conflicts between IT and OT historical priorities and traditional work cultures. Continue Reading
-
Feature
10 Sep 2019
Designing IoT security: Experts warn against cutting corners
Security, though costly, is essential for IoT devices; a single breach can destroy a company's reputation. IoT security by design can avoid devastating incidents. Continue Reading
-
News
06 Sep 2019
Trustwave security platform provides visibility, control
Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored. Continue Reading
-
News
05 Sep 2019
Hackers earn nearly $2M in HackerOne's hacking event
One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub. Continue Reading
-
Tip
04 Sep 2019
IoT security risks persist; here's what to do about them
Nontech manufacturers building IoT devices combined with resource constraints is a recipe for disaster. It's the reality of IoT security issues, and the problem isn't going away. Continue Reading
-
News
04 Sep 2019
USBAnywhere vulnerabilities put Supermicro servers at risk
Security researchers discovered BMC vulnerabilities -- dubbed USBAnywhere -- in Supermicro servers that could put systems at risk of remote attacks via virtualized USB drives. Continue Reading
-
Feature
28 Aug 2019
VMware's internal Service-defined Firewall reimagines firewalling
VMware's internal firewall uses a global view of known-good behavior at the network and host level to minimize the attack surface for on-premises and cloud environments. Continue Reading
-
News
28 Aug 2019
Imperva security incident exposes cloud WAF customer data
Imperva told its cloud WAF customers to change passwords and SSL certificates after a security incident exposed data and potentially put customers at risk for further attacks. Continue Reading
-
News
23 Aug 2019
Carbon Black acquisition bolsters VMware's security play
VMware announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings; the all-cash deal is valued at $2.1 billion. Continue Reading
-
Opinion
23 Aug 2019
Securing IoT involves developers, manufacturers and end users alike
Who's to blame for the IoT security problem: manufacturers creating devices, end user deploying them or governments not creating legislation enforcing security measures? Continue Reading
-
Opinion
14 Aug 2019
IoT botnets reach new threshold in Q2 of 2019
Defending against the rising number and increasing sophistication of IoT botnet attacks isn't an easy task. Learn about the latest threats and the techniques to mitigate them. Continue Reading
-
News
12 Aug 2019
Black Hat 2019 brings out new security, protection offerings
The 22nd Black Hat conference in Las Vegas brought together a slew of vendors in network and data security with a variety of security offerings to pitch. Continue Reading
-
News
05 Aug 2019
New features added to Juniper Networks security platform
New features include containerized firewalls and the incorporation of SecIntel into MX Series routers as part of Juniper Networks' effort to provide security throughout a network. Continue Reading
-
Infographic
01 Aug 2019
IoT cybersecurity: Do third parties leave you exposed?
IoT's vast vendor landscape drives innovation, but working with so many third parties also comes with baggage in the form of third-party cybersecurity issues. Continue Reading
-
News
31 Jul 2019
Qualys IOC 2.0 update improves threat detection and response
Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks. Continue Reading
-
News
30 Jul 2019
URGENT/11 VxWorks vulnerabilities affect millions of devices
Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system. Continue Reading
-
Tip
29 Jul 2019
SD-WAN security benefits go beyond the obvious
SD-WAN does more than extend corporate networks. Key SD-WAN security benefits that capitalize on the technique's architecture could change the face of SD-WAN in the enterprise. Continue Reading
-
Answer
26 Jul 2019
How can endpoint security features help combat modern threats?
The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
-
News
23 Jul 2019
Researchers fool Cylance AI antimalware with 'simple' bypass
Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." Continue Reading