Network World

How to deploy 802.1x for Wi-Fi using WPA3-Enterprise

Network World - Mon, 12/28/2020 - 6:00am

Wi-Fi Protected Access 3 (WPA3) has brought significant security improvements to Wi-Fi networks, particularly WPA-3Enterprise, which includes tweaks to make authenticating to the network more secure. One of these is has to do with 802.1x authentication that is used to determine whether Wi-Fi clients will be granted access to the enterprise network.

Wi-Fi resources

The enterprise mode of WPA has always allowed you to give each user a unique username/password to login to the Wi-Fi or to utilize unique digital certificates for each user to install on devices for even more security. Now with WPA3-Enterprise, the security is increased as clients are now required to make sure it’s communicating with the real authentication server before sending login credentials. That verification was optional with the earlier two versions of WPA.

To read this article in full, please click here

Categories: Network World

SolarWinds roundup: Fixes, new bad actors, and what the company knew

Network World - Wed, 12/23/2020 - 8:13am

The SolarWinds Orion security breach is unfolding at a rapid pace, and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern are the rate of infection and impact on government systems.

In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework, was found to contain a backdoor that communicates via HTTP to third-party servers.

[Get regularly scheduled insights by signing up for Network World newsletters.]

After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.

To read this article in full, please click here

Categories: Network World

SolarWinds roundup: Fixes, new bad actors, and the company knew

Network World - Wed, 12/23/2020 - 8:13am

The SolarWinds Orion security breach is unfolding at a rapid pace and the number of vendors and victims continues to grow. Each day brings new revelations as to its reach and depth. Of particular concern is the rate of infection and impact on government systems.

In case you missed it, a backdoor was found in the SolarWinds Orion IT monitoring and management software. A dynamic link library called SolarWinds.Orion.Core.BusinessLayer.dll, a SolarWinds digitally-signed component of the Orion software framework was found to contain a backdoor that communicates via HTTP to third-party servers.

[Get regularly scheduled insights by signing up for Network World newsletters.]

After an initial dormant period of up to two weeks, the Trojan retrieves and executes commands, called jobs, that include the ability to transfer files, execute files, profile the system, reboot, and disable system services. In short, a total takeover of the machine.

To read this article in full, please click here

Categories: Network World

SASE check list: 7 key evaluation criteria

Network World - Wed, 12/23/2020 - 6:00am

The marriage of networking and security into the secure-access service edge stands to improve application performance, reduce infrastructure complexity, and protect sensitive data, and as such SASE is an attractive architecture for enterprises large and small.

Due to the newness of SASE offerings, though, providers are still building and refining the features of their services, so available offerings are complex, often incomplete and require integration with customer organizations’ existing network and security architectures.

To read this article in full, please click here

Categories: Network World