Filter By:

Recent Blogs & Podcasts

Insights

\ Networking 



October 30, 2017 | Architecture, Configuration and Segmentation

 Internal Network Monitoring Solution Request-for-Proposal (RFP) Template

When creating a request for proposal (RFP) of any kind, the purpose is to ensure prospective vendors can check all of the necessary boxes. This document provides a comprehensive RFP template specifically designed for organizations seeking an internal network monitoring solution.

Read More »


October 16, 2017 | Wireless Networks

 KRACK Weakness in WPA2 Wi-Fi Security Protocol

On October 16, 2017, researchers disclosed a major weakness in the Wi-Fi Protected Access 1 (WPA1) and WPA2 security protocols. WPA2 is the most widely used Wi-Fi security standard in the world. The disclosure was a proof-of-concept, and there are currently no confirmed reports of this vulnerability, known as KRACK (an acronym for Key Reinstallation Attacks), being actively exploited in the wild.

Read More »


October 16, 2017 | Endpoints

 Infosec Quick-Wins Checklist

There's nothing more frustrating than investing in the latest security technologies and "solutions" only to find that a few simple process changes would have accomplished the same things at far less cost. This checklist offers a number of low-cost, high-impact tips for improving your organization's security posture.

Read More »


August 23, 2017 | Architecture, Configuration and Segmentation
By Dave Kennedy, IANS Faculty

 Why Jump Servers Are Important

Developers and system administrators may not like using jump servers to access critical resources, but they are an important layer of security, especially when it comes to disrupting lateral movement. In this Ask-an-Expert written response, IANS Faculty Dave Kennedy explains how using - and configuring - jump servers correctly can slow down attackers and help prevent data loss.

Read More »


July 17, 2017 | Incident Response Planning
By Marcus Ranum, IANS Faculty

 Best Practices for Dynamic Business Unit Isolation

When malware strikes, many companies rush to isolate their critical business units from potentially infected corporate resources, but what are the best ways to go about this? In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum suggests scaling the separation level to match the threat, and pre-positioning key tools to ease after-separation monitoring and response.

Read More »


July 15, 2017 | Networking and Network Devices
By Chris Gonsalves, IANS Director of Technology Research

 Patch Now: Cisco Closes Nine Serious SNMP Holes in IOS, IOS-XE

Cisco Systems this week issued patches for a series of critical SNMP vulnerabilities in its popular IOS and IOS-XE network infrastructure software. The nine publicly disclosed security flaws could enable an unauthenticated attacker to run remote code on – or take complete control of – target systems

Read More »


April 12, 2017 | Network Access Controls (NAC)
By Jennifer Minella, IANS Faculty

 Deploying NAC for Both Wired and Wireless Networks

No two network access control (NAC) solutions are alike, and choosing the right implementation for a complex health care environment that spans both wired and wireless networks is difficult at best. In this Ask-an-Expert written response, IANS Faculty Jennifer Minella provides an overview of current NAC options along with some industry-specific recommendations.

Read More »


April 5, 2017 | Wireless Networks
By Paul Asadoorian, IANS Faculty

 Detecting Rogue Wireless Access Points

Rogue wireless access points (WAPs) are a known attack vector, but correctly detecting and identifying them amid the noise of different wireless networks and protocols can be difficult. In this Ask-an-Expert written response, IANS Faculty Paul Asadoorian steps through the process of detecting rogue WAPs, including those impersonating corporate SSIDs.

Read More »