VMWARE
VMware | November 01, 2021
VMware Inc. announced it will collaborate with eero, an Amazon company, on work-from-home capabilities that will boost remote network connectivity while extending critical security services to devices connecting to an at-home corporate network. Designed for work-from-home employees in the U.S. and delivered by strategic channel partners, the collaboration is designed to pair eero 6 series mesh Wi-Fi systems with VMware SASE Work from Home solution. In addition, as part of this agreement, VMware is announcing eero is a preferred Wi-Fi provider.
“We ask a lot of our home Wi-Fi these days. At any given moment it may be supporting multiple data-intensive tasks: from joining a work video-conference call, to streaming and gaming in 4K, to supporting an online learning environment, and more. When your network is stretched too thin, your work-from-home performance can suffer,” said Sean Harris, vice president of sales and marketing, eero. “Through this collaboration with VMware, we’re able to offer fast, reliable, and more secure Wi-Fi for remote workers.”
Deploying VMware and eero solutions together will enable IT teams to extend a better at-home Wi-Fi experience for their employees, working alongside VMware’s solution to deliver cloud networking and cloud security services. Channel partners will be able to offer customers a solution that brings together:
eero 6 series mesh Wi-Fi systems featuring Wi-Fi 6: Employees need not be limited to working from one location in the home. eero 6 series mesh Wi-Fi systems feature Wi-Fi 6, delivering fast speeds and solid coverage for simultaneous device usage throughout the home so employees will be able to say goodbye to dead spots in the home and enjoy strong app performance. Employers will have the option to offer eero Pro 6, a tri-band, high-performance mesh Wi-Fi 6 router designed for homes with Gigabit internet connections, or eero 6, a dual-band mesh Wi-Fi 6 router designed for homes with internet connections up to 500 Mbps.
With eero Secure, employees will receive an added layer of security for their home Wi-Fi, including parental controls for safe search, content filters, advanced security preventing access to sites flagged as malicious, ad blocking to protect their privacy and speed up their browsing experience, and now data usage insights to better manage time online.
VMware SASE is a cloud-hosted solution that will help enable more secure, reliable, and efficient connectivity between user traffic from the eero Wi-Fi network in the home to the applications in public cloud, SaaS cloud and on-premises data centers. VMware SASE brings dynamic remediation capabilities when broadband networks experience packet loss, latency, and jitter. The solution recognizes over 3,000 apps automatically, and intelligently prioritizes business-critical application traffic, providing a better user experience. The solution handles latency-sensitive, real-time traffic like audio, video, VDI and IoT, providing a low-latency optimal path using a global network of SASE Points of Presence (PoPs) close to the eero Wi-Fi users. These PoPs are strategically placed at the doorstep of major SaaS and IaaS providers to offer under 15 milliseconds of latency between users and their applications in the majority of deployments.
For IT teams, VMware SASE helps deliver operational simplicity leveraging the centralized Orchestrator to drive networking and security policies. IT can configure these policies and push them to all the remote sites powered by eero Wi-Fi systems. In addition, VMware SASE uses AIOps to give IT teams the visibility they need to determine the actual user experience when users access cloud applications. The solution compares performance benchmarks between different sites and identifies opportunities for improvement. The solution is not limited to simply identifying and analyzing issues, it also helps remediate these issues proactively with a path to self-healing.
“This collaboration brings together two work-from-home technology leaders. We share a common vision to have technology be an enabler of a great remote work experience rather than an obstacle. Our technologies have played a critical role in empowering remote workers everywhere and we look forward to bringing our capabilities together to deliver a differentiated mesh Wi-Fi solution to our customers.”
Craig Connors, vice president and CTO, Service Provider and Edge, VMware
About VMware
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.
Read More
VPN
Teradic | November 17, 2021
Teradici, the creator of industry-leading PCoIP technology and Emmy Award-winning Cloud Access Software (CAS), announced results from its first-annual Corporate Cybersecurity Report – Securing the Hybrid Workplace in 2022 and Beyond. The survey, which polled more than 8,000 respondents across a range of industries, found that hybrid workplaces are the new norm, with 99% of respondents’ reporting their workforces will split time between the office and remote settings post-pandemic. The survey also found that concerns about endpoint security and data integrity are skyrocketing as Bring Your Own Device (BYOD) makes a comeback and employees commute with their devices.
“The pandemic has caused a fundamental shift in how people work, and the ‘office’ will never be the same. As a result of the enormous security concerns associated with unmanaged devices, as well as BYOD, organizations are changing how they think about securing their corporate assets. Expect to see companies move away from traditional VPNs to Zero Trust architectures to shore up their endpoints and protect their data.”
Ziad Lammam, Global Head of Teradici Product Management, HP
Key Findings
According to the survey:
Hybrid work is here for the long term: Virtually all respondents (99%) reported their companies will have a hybrid workforce, and nearly 40% expect half of their workforce to operate remotely at least twice a week post-pandemic. This will precipitate a number of changes to network environments and architecture due to significant security concerns. Device authentication and authorization must be taken seriously.
Even with fewer commuting days, workers’ treks are a security concern: The survey showed that 53% of respondents plan to enable employees to commute with endpoint devices, and this is a hot button of concern for IT. Nearly all respondents (98%) are concerned about security and/or data integrity as a result of employees commuting with endpoint devices.
BYOD is back: Of survey respondents, 90% say their companies are using a mix of employee- and corporate-owned devices; only 10% are predominantly using corporate-owned devices. The mix of devices will likely continue to escalate, with 74% of respondents reporting they expect more use of BYOD, and nearly 25% seeing increased need for device authorization to protect against data breaches.
To combat security concerns, organizations will move to remote access and Zero Trust architectures. Companies have largely relied on VPNs for employees to connect remotely, as many organizations have not yet completed their migration to the cloud. As hybrid work becomes the norm over the long term, remote desktop technologies with Zero Trust architectures will replace VPNs in an effort to better protect corporate networks. On top of this, IT will need to enhance the security awareness of employees to prevent human leaks and breaches.
About Teradici
Teradici, an HP company, is the creator of the PCoIP remote display protocol, which delivers desktops and workstations from the data center or public cloud to end users with the highest levels of security, responsiveness, and fidelity. Teradici CAS, which won an Engineering Emmy from the Television Academy in 2020, powers the most secure remote solutions with unparalleled performance for even the most graphics-intensive applications. Teradici technology is trusted by leading media companies, design houses, financial firms and government agencies and is deployed to more than 15 million users worldwide.
Read More
Cisco | June 01, 2020
Cisco gave no details on exactly what, if any, damage was done as a result of the attacks, but said a "limited set of customers" was impacted.
Despite this warning, Cisco placed six servers in service on May 7 that were not patched against these vulnerabilities, and the servers were immediately attacked.
The vulnerabilities in SaltStack were originally uncovered by security firm F-Secure.
Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities, according to a security advisory sent to customers this week.
Cisco gave no details on exactly what, if any, damage was done as a result of the attacks, but said a "limited set of customers" was impacted. If exploited, these zero-day vulnerabilities potentially could have allowed an attacker to gain full remote code execution within the servers.
In its Thursday advisory, Cisco states that on April 29, the Salt Open Core team informed those using the SaltStack open-source configuration management and orchestration tool about two critical-rated vulnerabilities, an authentication bypass flaw, CVE-2020-11651, and a directory traversal problem, CVE-2020-11652.
Read More: Virtualized Desktop Infrastructure and Storage Solutions Driving Intel's Optane Memory & Storage Sales
Despite this warning, Cisco placed six servers in service on May 7 that were not patched against these vulnerabilities, and the servers were immediately attacked, the company acknowledges.
"A software component of the Cisco Virtual Internet Routing Lab service was affected by a third-party software vulnerability that was disclosed in late April. Cisco applied the patch in May, and a limited set of customers were impacted by exploitation attempts of the vulnerability," a company spokesperson tells Information Security Media Group.
SaltStack Vulnerabilities
The vulnerabilities in SaltStack were originally uncovered by security firm F-Secure, which describes them as allowing an attacker "to bypass all authentication and authorization controls and publish arbitrary control messages, read and write files anywhere on the 'master' server file system and steal the secret key used to authenticate to the master as root. The impact is full remote command execution as root on both the master and all minions that connect to it."
SaltStack published its own advisory on April 20 and patched the vulnerabilities the following week with the release of versions 2019.2.4 and 3000.2, Alex Peay, a senior vice president at SaltStack, tells ISMG.
Cisco's six servers that were compromised are used to support Internet Routing Lab Personal Edition, or VIRL-PE, and Modeling Labs Corporate Edition, or CML, a platform that enables engineers to emulate various Cisco operating systems, including IOS, IOS XR, and NX-OS, Cisco says in the advisory. The servers are:
• us-1.virl.info
• us-2.virl.info
• us-3.virl.info
• us-4.virl.info
• vsm-us-1.virl.info
• vsm-us-2.virl.info
The exploitability of the vulnerabilities in the six servers depends upon how the products that the servers' support are enabled. The company advises those using Cisco CML and Cisco VIRL-PE software releases 1.5 and 1.6, which have the salt-master service reachable on TCP ports 4505 and 4506, to inspect the software for compromise, re-image it and then patch it with the latest update.
F-Secure described the unpatched vulnerabilities as particularly easy to exploit.
"We expect that any competent hacker will be able to create 100% reliable exploits for these issues in under 24 hours," F-Secure says.
Attackers Looked for Easy Exploits
Peay of SaltStack added that exploits immediately began to show up after the patches were released and publicized as malicious actors attempted to take advantage of the zero-day vulnerabilities before companies were able to install patches.
Scott Caveza, research engineering manager at the security firm Tenable, offers a quick rundown of how threat actors use patch information to crack a system.
Attackers will often review the code and look at what changes have been made in a patch or release update to determine how the fix was applied. Then working backwards, they can use this information to develop a working exploit and begin scanning and probing for targets across the internet,
Scott Caveza, research engineering manager at the security firm Tenable.
SaltStack went to great lengths to communicate the problem to its users and offer tools so mitigation efforts were conducted properly, Peay says. This included direct assistance for those lacking skills handling SaltStack along with a service that would scan to validate that the patches were properly applied, he adds.
Some security experts question why Cisco did not immediately patch its servers when it was notified of the zero day vulnerabilities.
There are management tools that can help with the automation of checking, but even that requires someone setting it up to check for a version of software on a set of servers, so in the end it's the IT person who has to do the work,
Jayant Shukla, CTO and co-founder of K2 Cyber Security.
Caveza of Tenable notes identifying systems that need a patch involves IT staff checking the version of SaltStack and verifying that versions 2019.2.4, 3000.2 or later have been applied. He points out that plugins are available to assist with this task.
Read More: How Virtualization Helps Businesses Overcome Cloud Migration Problems
About Cisco
Cisco enables people to make powerful connections--whether in business, education, philanthropy, or creativity. Cisco hardware, software, and service offerings are used to create the Internet solutions that make networks possible--providing easy access to information anywhere, at any time.
Read More