Zyxel | January 05, 2021
At least a hundred thousand Zyxel devices have been delivered with a hardcoded admin-level backdoor account - a security bargain of the most noteworthy seriousness. The vulnerability, later affirmed by the company itself, was first spotted by cybersecurity researchers from Eye Control.
According to their report, the hardcoded account can be utilized to gain root access to many of Zyxel's devices, some of which are utilized by ventures at the edge of their organizations. These incorporate firewalls, VPN gateways, and access point regulators.
According to Eye Control, the account had root access to the gadget because it was being utilized to install firmware updates to other interconnected Zyxel devices through FTP.
Whenever bargained, the affected devices could be utilized by criminals to launch DDoS attacks and ransomware operations, or as a venturing stone to facilitate more perplexing cyberattacks.
Zyxel has already given patches for the Advanced Threat Protection (ATP) arrangements, Unified Security Gateway (USG) arrangement, USG Flex, and VPN arrangement, with a patch for the WLAN access point regulator NXC arrangement coming in April.
Clients are advised to install the relevant patches, which eliminate the backdoor account.
Focused on innovation and customer-centricity, Zyxel has been connecting people to the internet for nearly 30 years. We keep promoting creativity which meets the needs of customers. This spirit has never been changed since we developed the world’s first integrated 3-in-1 data/fax/voice modem in 1992. Our ability to adapt and innovate with networking technology places us at the forefront of understanding connectivity for telco/service providers, businesses and home users.
VIRTUAL SERVER INFRASTRUCTURE
AirHop | February 24, 2022
AirHop Communications, a leader in 4G and 5G real-time (RT) Radio Access Network (RAN) Intelligence software solutions, announced they are delivering their AuptimTM family of 4G/5G xApp and rApp RAN automation and optimization solutions. Auptim is a portfolio of field-proven xApp and rApp software applications compliant with the O-RAN Alliance reference architecture and are deployed on 3rd party RAN Intelligent Controller (RIC) platforms. Airhop will demonstrate Auptim xApps and rApps with several ecosystem partners including VMware, Juniper Networks and the Open Networking Foundation at the upcoming Mobile World Congress in Barcelona.
We have delivered commercially hardened near RT automation and optimization use cases with our cloud-native eSON software platform and AI/ML use cases with eSON360 at Reliance Jio and Rakuten Mobile. This experience has enabled us to rapidly develop important use cases as xApps and rApps supporting the O-RAN architecture. The Open RAN ecosystem is working to enable accelerated delivery of best-in-class disaggregated components. This has been our experience through the integration of Auptim xApps and rApps with RIC platforms from leading RIC vendors and deployments in trials with leading MNOs."
Yan Hui, AirHop Co-Founder and CEO
"AirHop's near real-time RAN automation and optimization applications have provided a key component in Rakuten's journey to drive operations automation and consistent performance across its network," stated Madhukiran Medithe, Head of Network Intelligence & Analytics Department at Rakuten Mobile Inc. "As Rakuten leads the way in making O-RAN RIC (RAN Intelligent Control) a practical reality, we are excited to be working with AirHop and see them bring their capabilities to Rakuten’s O-RAN architecture with the Auptim family of xApps and rApps."
With the growing complexity of 4G & 5G networks and the disaggregation of the RAN stack with Open RAN, the enablement of intelligent automation and optimization solutions has become mandatory for both greenfield and brownfield Mobile Network Operators (MNOs). The industry has recognized the need for both near RT RAN management and AI/ML approaches for intelligent RAN optimization. The O-RAN Alliance is driving a standard architecture and open interfaces to lead this enablement with the Near RT RIC and Non-RT RIC platforms. The Telecom Infra Project (TIP) OpenRAN RAN Intelligence and Automation (RIA) subgroup is enabling an ecosystem of MNOs and vendors to develop of AI/ML based use cases. Auptim near RT xApps and AI/ML based non RT rApps are critical pieces of the puzzle for MNOs to leverage these platforms to realize lower operating costs, improved user experience and provide greater flexibility for service delivery.
"One key objective for Open RAN is the establishment of a rich ecosystem of disaggregated components to drive faster innovation across the layers of the RAN," noted Stéphane Téral, Chief Analyst of Lightcounting Market Research. "The O-RAN RIC platforms in conjunction with xApps and rApps provide promise for greater innovation in performance optimization, improved spectral efficiency, enhanced user experience and lower operation costs. It is intriguing to see AirHop leverage its experience delivering near RT automation and optimization solutions for the Rakuten Mobile Open RAN deployment into xApps and rApps for deployment on RIC platforms across the ecosystem."
Auptim consists of a portfolio of automation and optimization software applications, including solutions available now in addition to a roadmap of solutions available later this year. The Auptim portfolio provides use cases spanning RAN configuration optimization, RAN mobility optimization, RAN coverage and capacity optimization, automated energy savings and RAN operations automation. The following xApps and rApps are available today for RIC integrations and commercial deployments:
Physical Cell Identity (PCI) Optimization for automated detection and resolution of PCI conflict and confusion, available as an xApp or rApp
Random Access CHannel (RACH) Optimization for RACH parameter optimization, available as an xApp or rApp
Mobility Robustness Optimization (MRO) to optimize handover performance, available as an rApp
Mobility Load Balancing (MLB) for dynamic balancing of user load among neighbor cells, available as an xApp or rApp
Multi-Cell Interference Management (MCIM) to dynamically detect and manage interference - increasing spectral efficiency, available as an xApp
Anomaly Detector (AD) for implementation of machine learning based Cell Outage Detection and Smart Diagnostics of network operational anomalies, available as an rApp
Auptim provides MNOs with a leading portfolio of xApps and rApp for use on 3rd party RIC platforms. AirHop is collaborating with a broad ecosystem of Near RT RIC and Non RT RIC platforms, RAN vendors as well as TIP and O-RAN Alliance to accelerate the availability of O-RAN compliant commercial class near RT and non RT RAN automation and optimization solutions. Some Auptim xApps have also been deployed as part of the disaggregated multi-vendor Open RAN field trial conducted by Deutsche Telekom.
“Enabling vendors such as AirHop to participate in an ecosystem where MNO needs are defined and prioritized and vendor solutions are tested and validated is a foundational goal of the TIP OpenRAN RIA subgroup”, stated David Hutton, Chief Engineer at Telecom Infra Project. “We welcome AirHop’s participation, through TIP RIA to align their Auptim family of use cases with RIC platform and OpenRAN network element vendors to ensure the success of OpenRAN.”
"Our collaboration with AirHop is an excellent example of the Open RAN ecosystem, enabling innovation across the RAN stack to deliver disruptive solutions for MNOs without impacting their current business operations. We share a common objective in delivering new levels of programmability and automation for the RAN through VMware's Centralized RIC and Distributed RIC platforms in conjunction with AirHop Auptim xApps and rApps" said Lakshmi Mandyam, VP Product Management and Partner Ecosystems, Service Provider and Edge BU at VMware. "We are excited to be showcasing some fruits of our collaboration at MWC Barcelona this month with a demonstration of the Auptim PCI rApp integrated with our Centralized RIC platform."
AirHop and Juniper Networks will demonstrate a Random Access Channel (RACH) parameter optimization use case using the Juniper Near RT RIC and the AirHop RACH optimization xApp at MWC Barcelona. The demonstration highlights the RACH xApp being deployed on the Juniper O-RAN based Near RT RIC and automatically detecting and resolving RACH parameter conflicts in various RAN scenarios.
About AirHop Communications
AirHop Communications is a leading provider of cloud-native Open RAN automation and real-time optimization software solutions that deliver significant gains in spectral efficiency, lower operating costs and improved end-user quality of experience for 4G and 5G mobile networks. AirHop's Auptim family of O-RAN compliant near RT xApps and AI/ML-based rApps provide O-RAN compliant intelligent RAN automation and optimization solutions. AirHop’s eSON and eSON360 solutions provide commercially hardened and massively scalable near RT and AI/ML based RAN automation and optimization for pre-O-RAN architecture deployments. AirHop’s solutions are backed by a comprehensive portfolio of patents and are deployed across more than a million macro and small cells in commercial MNO networks. AirHop is headquartered in San Diego, California.
VIRTUAL DESKTOP STRATEGIES
Sangfor Technologies | September 17, 2021
Sangfor Technologies announced the release of their long-awaited extended protection solution, XDDR Application Containment. Based on Sangfor's XDDR security framework, Application Containment allows the network and endpoints (both on-premise or in-cloud) to work together to identify, control, and report on all applications running on endpoints, or using the network to communicate. Sangfor's XDDR provides an integrated solution that protects against ransomware, malware, APTs, phishing websites and email, and potentially malicious applications.
Controlling and enforcing internet access policies in the workplace has not been easy. Employees want access to the internet for personal use as well as their work, making overly restrictive security solutions difficult to implement and maintain. Organizations deploy proxy servers to control access to the internet and external applications. This access control is necessary to maintain productivity, ensure users do not access malicious sites and unknowingly download malware, and to maximize bandwidth utilization for critical business applications. Many users employ VPN (virtual private network) technology, anonymous browsers, and other proxy avoidance applications to bypass organizational security and content filtering policies enforced by the proxy servers. Sangfor XDDR Application Containment solutions enable the organization to quickly create Proxy Avoidance Protection policies for blocking usage of proxy avoidance tools and applications on the endpoint.
Sangfor's NGAF (Next Generation Application Firewall), IAG (Internet Access Gateway) and Endpoint Secure products work cohesively to provide real-time visualization of all application communication throughout the entire network, quickly identifying proxy avoidance traffic. Proxy Avoidance Protection policies can quickly be built on the NGAF or IAG from Sangfor's extensive library of anti-proxy and proxy avoidance applications. These policies are then deployed by Endpoint Secure to block or monitor anti-proxy applications.
Organizations can also create whitelists and blacklists of applications in Application Containment. This gives administrators granular control of applications running on PCs, laptops, and servers to prevent installation of malware and ransomware, especially with users working from home, to prevent infection of corporate, enterprise, or organizational networks, resources, and critical assets. Peripheral Control manages access to connected USB devices to prevent data leakage.
Traditional extended detection and response (XDR) is network security technology designed to provide increased visibility, analysis functions and response to cyber-threats in the network, cloud, applications, and endpoints. XDR is positioned as the most sophisticated technology available but tends to be more marketing hype than reality, having been developed as the progression of EDR, or endpoint detection and response, to work with non-integrated network security products. Unlike XDR products, Sangfor XDDR Application Containment is the only true solution where network and endpoint work together to identify, control, and report on both allowed and malicious applications running on endpoints and communicating across the network. Sangfor NGAF, IAG and Endpoint Secure coordinate responses so Application Containment can provide real-time blocking and monitoring of unapproved or malicious applications.
Control can be regained from rogue applications delivered by ransomware, malware and APTs that users bring into networks. Sangfor Application Containment blocks the bypassing of internet access controls and prevents users from bringing them in again.
About Sangfor Technologies
Sangfor Technologies is a leading global vendor of IT infrastructure and security solutions, specializing in Cloud Computing & Network Security with a wide range of products & services including Hyper-Converged Infrastructure, Virtual Desktop Infrastructure, Next-Generation Firewall, Internet Access Gateway, Endpoint Protection, Ransomware Protection, Managed Detection and Response, WAN Optimization, SD-WAN, and many others.