Network security
With the growth of malware and data breaches, enterprises must ensure their networks -- and the applications and traffic on those networks -- are secure. Learn about important network security strategies and technologies, such as VPNs, Secure Access Service Edge (SASE), zero trust and software-defined perimeter (SDP).
Top Stories
-
Tip
22 Jul 2024
Where to place a firewall in an enterprise network
Firewalls are a foundational element of a strong security posture, and their positioning affects both enterprise performance and cyberdefense. Continue Reading
-
Answer
19 Jul 2024
How to protect port 139 from SMB attacks
Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
-
Tutorial
11 Jul 2022
How to use SSH tunnels to cross network boundaries
The Secure Shell protocol authenticates and encrypts network connections. Find out how it's used to build tunnels while crossing private networks and even firewalls. Continue Reading
-
Tutorial
23 Jun 2022
Use ssh-keygen to create SSH key pairs and more
Learn how to use ssh-keygen to create new key pairs, copy host keys, use a single login key pair for multiple hosts, retrieve key fingerprints and more in this tutorial. Continue Reading
-
Opinion
22 Jun 2022
What's driving converged endpoint management and security?
Security and IT teams face challenges in managing and securing a growing number of endpoints, which is driving organizations to look for converged capabilities, according to ESG. Continue Reading
-
News
20 Jun 2022
Cisco customers eager for Meraki's Catalyst management
IT professionals were excited to see cloud-based Meraki management for Catalyst switches but were less enthusiastic over the new Cisco Security Cloud. Continue Reading
-
Tip
15 Jun 2022
How to evaluate security service edge products
As organizations become more cloud-centric and adapt to remote work, a new technique known as security service edge is gaining traction. Continue Reading
-
Feature
07 Jun 2022
Using SSH tunneling for good and evil
Secure Shell tunneling takes the secure application protocol to the next level for bypassing firewalls and creating secure connections everywhere. Continue Reading
-
Tip
01 Jun 2022
How zero trust unifies network virtualization
The combination of zero trust and network virtualization creates opportunities to strengthen security policies, increase cross-domain collaboration and improve overall visibility. Continue Reading
-
Definition
10 May 2022
Top 10 spyware threats
The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot's Spy Audit, a free spyware scanner tool. Continue Reading
-
Definition
09 May 2022
parameter tampering
Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's authorization. Continue Reading
-
Definition
04 May 2022
SYN flood attack
A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. Continue Reading
-
Definition
28 Apr 2022
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is a protocol designed to restrict who can use an organization's domain as the source of an email message. Continue Reading
-
Answer
25 Apr 2022
What are the benefits and challenges of microsegmentation?
Administrators are assessing microsegmentation to beef up access control and security. But deploying microsegmentation can be complex. Continue Reading
-
Answer
21 Apr 2022
Comparing network segmentation vs. microsegmentation
Network segmentation and microsegmentation both control access but vary in how they do it, as well as how granular their approach is. Learn the differences here. Continue Reading
-
Definition
21 Apr 2022
security information management (SIM)
Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs and various other data sources. Continue Reading
-
Tip
11 Apr 2022
Zero trust, wireless WAN affect the future of IoT networking
Zero-trust security models, wireless WAN evolution and the emergence of pop-up businesses are all helping to fuel innovation in IoT networking capabilities. Continue Reading
-
News
08 Apr 2022
Fortinet, Cato Networks add security for distributed SD-WANs
Fortinet updated FortiOS with an inline sandbox and a cloud access security broker. Cato has added new network access controls to its SASE service. Continue Reading
-
Tip
01 Apr 2022
The pros and cons of Netskope SASE
Netskope is undoubtedly a leader in the CASB market, but its limited security capabilities and lack of SD-WAN make Netskope an incomplete SASE offering. Continue Reading
-
Answer
29 Mar 2022
What is the role of machine learning in networking?
Incorporating machine learning tools into a network can help teams predict traffic flows, generate smarter analytics, monitor network health, tighten security measures and more. Continue Reading
-
Feature
24 Mar 2022
SecOps and cybersecurity basics for NetOps teams
To bridge the gap between NetOps and SecOps teams, network pros should know security fundamentals, including different types of attackers, attacks and available security services. Continue Reading
-
Tutorial
21 Mar 2022
NetOps vs. DevOps vs. NetSecOps: What's the difference?
DevOps, NetOps and NetSecOps ... oh my! These IT concepts have their differences, but at the end of the day, they're family. Here's how they relate. Continue Reading
-
Definition
21 Mar 2022
What is NetOps? Everything you need to know
NetOps, also referred to as NetOps 2.0 and NetDevOps, is an approach to networking operations that uses DevOps tools and techniques to make network changes more efficiently and effectively than in the past. Continue Reading
-
News
18 Mar 2022
Startup OneLayer offers IoT security on cellular networks
Israeli startup OneLayer has launched from stealth with $8.2 million in seed funding and a software-based platform to secure IoT devices on private LTE and 5G networks. Continue Reading
-
Definition
16 Mar 2022
network segmentation
Network segmentation is a networking architectural design that divides a network into multiple segments (subnets) with each functioning as a smaller, individual network. Continue Reading
-
Tip
15 Mar 2022
How to secure NetOps initiatives using Agile methodology
As more NetOps teams implement Agile methods, network and security testing must be part of a holistic approach that involves developers, networking and security teams working together. Continue Reading
-
Definition
11 Mar 2022
screened subnet
A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces. Continue Reading
-
Tip
09 Mar 2022
The rise of the NetOps engineer
The need for NetOps engineers with network automation and software development skills is rising with the continued drive to create more flexible networks. Find out what it takes. Continue Reading
-
News
25 Feb 2022
Arista embeds security software in campus switches
Arista Networks will embed network detection and response software in campus switches to provide AI-driven threat detection across the network. Continue Reading
-
Definition
25 Feb 2022
Internet Key Exchange (IKE)
Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN). Continue Reading
-
Tip
25 Feb 2022
A review of Zscaler SASE architecture
Zscaler has a strong cloud-native architecture for secure internet access. But it doesn't deliver SD-WAN or converge internet access and WAN security, leaving it with only part of a SASE platform. Continue Reading
-
Tip
16 Feb 2022
10 API security testing tools to mitigate risk
Securing APIs properly requires testing throughout their design lifecycle. Explore the leading tools that enable automated, continuous API security testing. Continue Reading
-
News
15 Feb 2022
Juniper acquires zero-trust security startup WiteSand
Juniper has acquired zero-trust security company WiteSand. The startup's cloud-native technology could find a home in Juniper's Mist and SASE platforms. Continue Reading
-
News
09 Feb 2022
Palo Alto announces ML-enabled software update and firewalls
Palo Alto's updated PAN-OS software uses machine learning to analyze network traffic in real time, and two firewall appliances provide the processing power to support it. Continue Reading
-
Definition
03 Feb 2022
access control list (ACL)
An access control list (ACL) is a list of rules that specifies which users or systems are granted or denied access to a particular object or system resource. Continue Reading
-
News
01 Feb 2022
Cato Networks adds CASB to growing SASE portfolio
Cato Networks has added CASB app visibility and enforcement capabilities to its growing SASE portfolio, and plans to add data loss prevention in the coming months. Continue Reading
-
Feature
31 Jan 2022
Edge, public cloud, security drive network transformation
Networking is starting to reflect innovations in compute and public cloud. A notable change will be how network teams view networking and security as a holistic platform. Continue Reading
-
Tip
26 Jan 2022
Integrating zero-trust practices into private 5G networks
One of the first steps in deploying a technology is protecting it from potential security threats. Learn how to secure a private 5G network with zero-trust security practices. Continue Reading
-
Tip
18 Jan 2022
How to implement network segmentation for better security
For a network segmentation strategy to be effective and improve security, network teams need to create detailed security policies, identify each resource and use allowlists. Continue Reading
-
Definition
04 Jan 2022
access log
An access log is a list of all requests for individual files -- such as Hypertext Markup Language files, their embedded graphic images and other associated files that get transmitted -- that people or bots have made from a website. Continue Reading
-
Tip
30 Dec 2021
Explore 9 essential elements of network security
Network security isn't a one-size-fits-all strategy. Dive into the various segments of network security, and learn how they overlap and interact with each other. Continue Reading
-
Infographic
28 Dec 2021
Review the major networking acquisitions of 2021
When a networking vendor announces plans to acquire another company, most people take notice. Explore which vendors made moves in 2021 and what those purchases mean. Continue Reading
-
Tip
17 Dec 2021
5 trends in enterprise networking that defined 2021
In 2020, enterprises shifted to remote work due to the pandemic. The trend continued in 2021, along with four other networking trends that defined the year and will extend into 2022. Continue Reading
-
Definition
10 Dec 2021
virtual local area network hopping (VLAN hopping)
Virtual local area network hopping (VLAN hopping) is a method of attacking the network resources of a VLAN by sending packets to a port not usually accessible from an end system. Continue Reading
-
News
01 Dec 2021
Palo Alto Networks and GTT to launch managed SASE platform
GTT Communications and Palo Alto Networks announced they will partner to offer a managed SASE platform using Prisma Access, Palo Alto's cloud-based security function. Continue Reading
-
Feature
24 Nov 2021
Ultimate guide to secure remote access
This comprehensive secure remote access guide outlines the strategies, tools and best practices to provide anywhere access while protecting data, systems and users. Continue Reading
-
Feature
23 Nov 2021
SecOps' need for traffic data drives NetSecOps collaboration
Security teams want to analyze network traffic data to identify anomalies and threats. As a result, network and security teams need to find ways to work together. Continue Reading
-
Definition
16 Nov 2021
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)
A CAPTCHA is a type of challenge-response system designed to differentiate humans from robotic computer programs. Continue Reading
-
Tip
15 Nov 2021
How zero-trust SDP can work with a VPN for remote work
Implementing software-defined perimeter and zero-trust security models with a corporate VPN adds significant layers of user and device verification and authentication. Continue Reading
-
News
11 Nov 2021
AT&T launches a managed SASE offering with Cisco
AT&T aims its latest managed SASE service at enterprises using Cisco hardware. The offering's features range from firewall and secure web gateway functionality to DNS layer security. Continue Reading
-
Tip
04 Nov 2021
Evaluate the components of Cisco SASE
Cisco's SASE platform, Umbrella, has all the components of a SASE architecture, but it has a lot of integration complexity and a reliance on appliances. Continue Reading
-
Tip
01 Nov 2021
Adopt 5 best practices for hybrid workplace model security
As hybrid workforce models become the norm due to the pandemic, enterprises should look to best practices to ensure secure unified access for on-premises and WFH employees. Continue Reading
-
Tip
29 Oct 2021
Use network standardization to facilitate automation
Network teams can automate and standardize network designs to improve configurations, simplify operations and more easily implement changes within their networks. Continue Reading
-
Definition
25 Oct 2021
payload (computing)
In computing, a payload is the carrying capacity of a packet or other transmission data unit. Continue Reading
-
Definition
05 Oct 2021
Layer Two Tunneling Protocol (L2TP)
Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used by an internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the internet. Continue Reading
-
Answer
04 Oct 2021
Remote access vs. site-to-site VPN: What's the difference?
A remote access VPN connects remote users from any location to a corporate network. A site-to-site VPN, meanwhile, connects individual networks to each other. Continue Reading
-
Feature
30 Sep 2021
6 reasons unpatched software persists in the enterprise
Patching is like flossing -- everyone knows they should do it, yet too few do it often and well. Explore why unpatched software is still ubiquitous, despite the risks. Continue Reading
-
Feature
23 Sep 2021
Experts debate XDR market maturity and outlook
Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go. Continue Reading
-
Tip
21 Sep 2021
A review of Cato Networks' SASE Cloud platform
Cato's SASE Cloud lacks some features and may require customers to replace point products to fully benefit from the platform. But Cato aligns with SASE’s cloud-native vision and is a strong contender in the market. Continue Reading
-
Definition
17 Sep 2021
VPN (virtual private network)
A virtual private network (VPN) is a service that creates a safe, encrypted online connection. Continue Reading
-
Definition
26 Aug 2021
stateful inspection
Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall. Continue Reading
-
Tip
11 Aug 2021
A deep dive into Fortinet's SASE platform
Despite its strong security foundation, Fortinet's SASE platform lacks a cloud-native strategy and requires teams to stitch the architecture together. Continue Reading
-
Definition
26 Jul 2021
network access control (NAC)
Network access control (NAC), also called network admission control, is a method to bolster the security, visibility and access management of a proprietary network. Continue Reading
-
Definition
22 Jul 2021
SYN scanning
SYN scanning is a tactic that a malicious hacker can use to determine the state of a communications port without establishing a full connection. Continue Reading
-
Definition
13 Jul 2021
passive attack
A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. Continue Reading
-
Answer
13 Jul 2021
The differences between PAP and CHAP
PAP uses a two-way handshake to authenticate client sessions, while CHAP uses a three-way handshake. Both authentication processes are common, but one is more secure. Continue Reading
-
Definition
08 Jul 2021
Snort
Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch. Continue Reading
-
Quiz
30 Jun 2021
12 official practice questions for the CCNA 200-301 exam
These practice questions for CCNA 200-301 lay out what readers need to know about network security and IP routing in the LAN, from 'CCNA 200-301 Official Cert Guide, Volumes 1 and 2.' Continue Reading
-
Feature
25 Jun 2021
How enterprises can close 5 major SASE gaps
Despite five major gaps that hamper SASE implementation, Gartner recommended enterprises should plan their migration timeline and aim to consolidate to a single vendor. Continue Reading
-
Opinion
25 Jun 2021
Hybrid workforce model needs long-term security roadmap
From SASE to ZTNA to EDR to VPNs, enterprises need to deploy the technologies to develop a secure hybrid workforce model now that can work into the future. Continue Reading
-
Answer
22 Jun 2021
How to use two VPN connections at the same time
Network managers and users might opt to set up two VPN connections at the same time, from the same remote device. But that might not be possible -- or safe. Continue Reading
-
Report
15 Jun 2021
Guide to business continuity and pandemic planning
This guide explains the enterprise impact of the COVID-19 pandemic and how business continuity planning keeps organizations safe and in operation. Continue Reading
-
Tip
11 Jun 2021
The pros and cons of Palo Alto Networks' SASE platform
Palo Alto Networks is commonly mentioned in SASE discussions. While the vendor has strong security capabilities, it also brings integration complexities and PoP limitations. Continue Reading
-
Tip
07 Jun 2021
How to pick the best network security service provider
Managed security service providers have different levels of expertise. Be sure to match your organization's security needs with the right network security provider. Continue Reading
-
Tip
04 Jun 2021
5 steps to secure the hybrid workforce as offices reopen
Companies must now face the security challenges of overseeing a hybrid workforce as employees return to the office. Continue Reading
-
News
02 Jun 2021
Microsoft buys ReFirm Labs to bolster IoT firmware security
Microsoft has bought ReFirm Labs in an IoT security play. The company said Refirm's open source-based products would help it address firmware vulnerabilities in IoT devices. Continue Reading
-
Feature
02 Jun 2021
What is secure remote access in today's enterprise?
Out with the old, in with the new. The meaning of secure remote access, and how organizations achieve it, is changing. Here's what you need to know. Continue Reading
-
Tip
01 Jun 2021
Who is responsible for secure remote access management?
The pandemic exposed the need for a strong secure remote access strategy. Now, organizations need to figure out which team must make it happen. Continue Reading
-
Feature
28 May 2021
Network reconnaissance techniques for beginners
In this excerpt of 'How Cybersecurity Really Works,' author Sam Grubb breaks down common network reconnaissance techniques used by adversaries to attack wired networks. Continue Reading
-
Feature
21 May 2021
RSA Conference 2021: 3 hot cybersecurity trends explained
In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading
-
Feature
20 May 2021
4 ways to handle the cybersecurity skills shortage in 2021
More than half of cybersecurity pros say their organizations could do more to manage negative effects of the skills shortage, such as overwork and burnout. Find out how. Continue Reading
-
Feature
17 May 2021
Cyber Defense Matrix makes sense of chaotic security market
The Cyber Defense Matrix aims to help CISOs make strategic, informed security investments that weigh cyber risk mitigation in the context of business constraints and goals. Continue Reading
-
News
14 May 2021
Cisco's latest acquisition spree nabs three companies
Cisco's acquisitions, announced this week, would improve event hosting in Webex, boost network speeds for 5G, and enhance its security platform. Deal terms were not released. Continue Reading
-
Tip
14 May 2021
Enterprises mull 5G vs. Wi-Fi security with private networks
While Wi-Fi security can be implemented just as securely as 5G, mechanisms built into 5G offer some compelling benefits to enterprises considering private 5G networks. Continue Reading
-
Feature
10 May 2021
From EDR to XDR: Inside extended detection and response
As the definition of endpoints evolves, so too must the technology to protect them. Enter extended detection and response, or XDR -- one of cybersecurity's hottest acronyms. Continue Reading
-
Feature
07 May 2021
Despite confusion, zero-trust journey underway for many
Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading
-
Tip
26 Apr 2021
8 remote access security risks and how to prevent them
Enterprises face myriad remote access security concerns, but training and clear communication can help them bolster their security programs for the long term. Continue Reading
-
Tip
23 Apr 2021
4 attributes key to network-as-a-service model
For a network-as-a-service model to work for the enterprise, it needs to offer four key attributes: an application-specific, elastic, secure and personalized VPN. Continue Reading
-
News
16 Apr 2021
Aruba product integrations advance its SASE strategy
Aruba's latest SASE-related integrations involve the Silver Peak-based SD-WAN, Threat Defense and the ClearPass Policy Manager. More product integrations are likely. Continue Reading
-
Tip
16 Apr 2021
6 SSH best practices to protect networks from attacks
SSH is essential, but default installations can be costly. Auditing and key management are among critical SSH best practices to employ at any organization. Continue Reading
-
Definition
13 Apr 2021
attack vector
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Continue Reading
-
Definition
12 Apr 2021
endpoint detection and response (EDR)
Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response to discovered or potential threats. Continue Reading
-
Tip
12 Apr 2021
Threat intelligence frameworks to bolster security
Organizations have many threat intelligence frameworks to work with, each with its own advantages. From for-profit to nonprofit, here's help to figure out which ones you need. Continue Reading
-
Tip
09 Apr 2021
Common network vulnerabilities and how to prevent them
It's not possible to eliminate all network vulnerabilities, but network teams can implement best practices to limit potential attacks and protect their networks. Continue Reading
-
Tip
08 Apr 2021
SASE options for the branch of one -- work from anywhere
More than ever, enterprises need to support individual employees that make up a branch of one. These setups require reliable connectivity, application performance and security. Continue Reading
-
Definition
05 Apr 2021
cyber hijacking
Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications. Continue Reading
-
Tip
02 Apr 2021
Best practices for VPN traffic monitoring
VPNs are still a critical part of many enterprise remote access strategies. Networks teams that monitor VPN traffic should look at factors like application usage and overhead. Continue Reading
-
Tip
01 Apr 2021
5 basic steps for effective cloud network security
In hybrid infrastructures, old network security systems won't work. Enterprises must adopt effective cloud network security strategies to keep their assets safe. Continue Reading
-
Feature
31 Mar 2021
How to build a honeypot to increase network security
Create a honeypot that will trap attackers and monitor their activities to enhance your organization's network security. This step-by-step guide takes you through the process. Continue Reading
-
Guest Post
18 Mar 2021
With 5G, security by design is a must
New tech means new security strategies. Deloitte's Wendy Frank and Shehadi Dayekh explain why this is especially true with 5G. Security by design, they advise, is a critical approach. Continue Reading
-
Answer
18 Mar 2021
Compare Azure Firewall vs. NSGs for network security
Traffic to and from resources needs proper security to protect data, but the wrong tool could leave you vulnerable. Explore these two services to find the right level of protection. Continue Reading
-
Tip
15 Mar 2021
Endpoint security vs. network security: Why both matter
As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading