main

Attack Types & VectorsSecurity

My Network has High Cholesterol

June 22, 2017 — by Ben Zilberman0

network-high-cholesterol-960x601.jpg

5 out of 6 businesses struggle daily with low profile DDoS attacks that consume their bandwidth and resources and pose a burden, resulting in poor service level and customer experience

You know how when you get to a certain age, feeling ‘good’ is not good enough? Well it might be good for your everyday life – obviously, you don’t need to extract the most out of your brain and muscles for the day-to-day to-do’s, but there is no guarantee that there is nothing there that negatively impacts your performance, or may be silently growing.

Attack Types & VectorsSecurity

Eliminating Single Points of Failure, Part 1

June 21, 2017 — by Louis Scialabba0

ddos-primer-part-1-960x788.jpg

The Risk DDoS Attacks Pose to Enterprises

The Role of the Firewall

A Firewall is a necessary first step in protecting an enterprise network by establishing a barrier between a trusted, secure internal network and another outside untrusted network such as the Internet. Firewalls have evolved considerably over the years, with the advent of next-generation firewalls to add application-aware filtering and intrusion detection capabilities and help customers improve their first line of defense. However, DDoS attacks are one vector where Firewalls are commonly the point of failure. In fact, Radware’s own research shows that the firewall is the cause of downtime during DDoS attacks roughly one-third of the time. The reason for this is the stateful nature of these devices, required to keep track of open sessions and transactions on the network. Maintaining session state requires use of session tables as well as other CPU resources that are finite and also responsible for other security features. Therefore under attack, the session table can be exhausted causing the firewall to fail.

SecurityService Provider

Enterprises are asking for help to protect their data. Here’s the answer service providers should provide.

June 20, 2017 — by Mike O'Malley0

carrier-mssp-960x637.jpg

Big. Small. Public. Private. Government. Retail. B2B. Non-profit.

Hackers don’t care about the size or purpose of the organizations they attack. They’re bombarding networks all over the globe with sophisticated multi-vector DDoS attacks, looking to grab any data from which they can profit.

Attack Types & VectorsSecurity

SMB Vulnerabilities – WannaCry, Adylkuzz and SambaCry

June 15, 2017 — by Daniel Smith1

smb-vulnerabilities-960x638.jpg

Last month on Friday, May 12th a global incident related to a ransomware variant named WannaCry broke out, targeting computers around the world. Everything from personal computers to corporate and university networks were affected by this campaign. The campaign spread across networks leveraging a recently disclosed vulnerability in Microsoft SMB service. On March 14th 2017, Microsoft released MS17-010, a security update, that addressed and patched six CVEs. Five were remote code executions and the sixth was related to information disclosure.

NFVSecurity

The Changing World of Service Provider CPE (Part 2)

June 13, 2017 — by Mike O'Malley0

ucpe-service-providers-960x648.jpg

For Service Providers, Universal Customer Premise Equipment (uCPE) is getting more interesting every day.  IHS Market analyst, Michael Howard, said in a recent SDxCentral article that “the uCPE [universal customer premises equipment] phenomenon is an almost perfect storm of five trends, whether it is white box, grey box, or more proprietary. This new uCPE market is resulting from enterprise demand that virtualized security functions reside physically inside the walls of enterprise locations.”  The trends that Howard cites are:

Security

Risk Management from the CISO Perspective

June 8, 2017 — by Ron Winward0

risk-management-960x534.jpg

One of my favorite aspects of my role as a Security Evangelist for Radware is that I get the chance to really talk with business leaders about the challenges they face every day when protecting their business. I do a lot of listening, honestly, and I get the chance to learn a lot from these conversations.

Over the past few weeks, Risk and Risk Management have been common topics of discussion. They can be challenging because every business is different and we all face different risks or threats. Some of us have regulatory or compliance controls that we must operate within, which define how we handle certain risks. Others have customers who require that we maintain certain protocols and certifications as a method of protecting their data. Still, others have no programs in place at all.

Application DeliverySSL

The World is Changing

June 7, 2017 — by Daniel Lakier0

alteonD-blog-1-960x574.jpg

The world is changing; it always has but the world is changing faster now than it ever has before. This general change is translating into even bigger changes in the cyber world. Some of the key areas that are evolving aren’t new, like availability or security. Others like automation are maturing quickly, and then there is the ever-present need for “easy.” Easy is a nebulous term, but in this case it refers to ease of procurement, ease of set up, flexibility in platform and ease of ongoing management.

This accelerated change is being driven by different market and business drivers. Some of the key market drivers are compliance, time to market, cyber loss risk, and increased competition around the user experience. This change is acutely felt in the ADC space.

SecuritySSL

To stay secure: Four new SSL implementation thoughts

June 1, 2017 — by David Hobbs0

ssl-implementation-960x640.jpg

10 years ago, I left my position as the principal architect at a major U.S. financial institution. We developed the standards for how SSL was used inside the bank and their systems. Because of the weakness of ADC hardware at the time, we standardized on the “fastest and lightest” ciphers that would allow us to be compliant for online banking. In today’s age, many would argue that is absolutely foolish. But is it?

We know that SSL has changed a lot in the last 10 years. Old ciphers are now considered insecure, obsolete, and out of PCI compliance. In looking at what many companies have shared about how they deal with SSL, we know there’s a blend of “just enough” cryptography to pass, and “Next-Gen” crypto, as some are calling it. According to Gartner, 50% of traffic in enterprises today is encrypted.