VPN

Zscaler Announces New Study to Examine Hidden Vulnerabilities Found in Enterprise VPNs

Zscaler | February 17, 2021

Zscaler, Inc. (NASDAQ: ZS), the pioneer in cloud security, today announced another examination that analyzes hidden vulnerabilities found in big business virtual private organizations (VPNs) and spotlights the requirement for a zero-trust security way to deal with alleviate dangers. Distributed as a team with the Cybersecurity Insiders, the report incorporates discoveries from a worldwide study of in excess of 350 cybersecurity experts on the present status of far off access conditions, the ascent in VPN vulnerabilities, and the job zero-trust security models play in giving admittance to big business applications. To download the full examination, see the Zscaler 2021 VPN Risk Report.

Throughout the previous thirty years, VPNs have been conveyed to furnish far off clients with admittance to assets on corporate organizations. Notwithstanding, the expanded interest for distant work arrangements, a move to the cloud, and progressions in advanced change have revealed expanded inconsistency among VPNs and genuine zero-trust security designs. These inconsistencies, generally because of VPNs natural requirement for admittance to the organization, and should be presented to the Internet, have expanded the venture assault surface permitting danger entertainers to misuse these heritage models dependent on their innate trust of clients.

The 2021 Zscaler VPN Risk Report features the current VPN utilization by endeavors and uncovered the rundown of top difficulties looked by IT overseers who oversee VPNs. It suggests security options that exist for organization and security pioneers needing to give quick, consistent and secure admittance to business applications without bargaining their current zero trust security methodologies, and incorporates information that gives a brief look into the job that zero trust will play later on for far off access. The review discoveries show:

• 93 percent of companies surveyed have deployed VPN services, despite 94% of those surveyed admitting that they are aware that cybercriminals are exploiting VPNs to access network resources.
• Respondents indicated that social engineering (75%), ransomware (74%), and malware (60%) are the most concerning attack vectors and are often used to exploit users accessing VPNs.
• With nearly three out of four businesses concerned with VPN security, 67% of organizations are considering remote access alternatives to the traditional VPN.
• As a result of growing VPN security risks, 72% of companies are prioritizing the adoption of a zero-trust security model, while 59% have accelerated their efforts due to the focus on remote work.
• Looking at the future need for zero trust services, the report states that 77% of respondents indicated that their workforce will be hybrid, with greater flexibility for users to work remotely or in the office.

“It’s encouraging to see that enterprises understand that zero-trust architectures present one of the most effective ways of providing secure access to business resources,” said Chris Hines, Director, Zero Trust Solutions, Zscaler. “As organizations continue on their journey to cloud and look to support a new hybrid workforce, they should rethink their security strategy and evaluate the rising cybersecurity threats that are actively exploiting legacy remote access solutions, like VPN. The more secure approach is to completely leave network access out of the equation by taking the users securely and directly to the applications by brokering all user to app connections using a cloud-delivered zero trust access service instead.”

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Spotlight

Virtualization helped datacenters provide rapid deployment, increased business continuity, and provided a tremendous amount of capital savings with the reduction of hardware. However, with the substantial benefits and ease of deployment came virtualization sprawl and resource proliferation. “Right Sizing” is the process of reclaiming under-utilized resource components, such as compute and memory resources. In conjunction, there should be a process in place to validate that a guest virtual machine is still required by the business, this is typically considered a recertification.

Spotlight

Virtualization helped datacenters provide rapid deployment, increased business continuity, and provided a tremendous amount of capital savings with the reduction of hardware. However, with the substantial benefits and ease of deployment came virtualization sprawl and resource proliferation. “Right Sizing” is the process of reclaiming under-utilized resource components, such as compute and memory resources. In conjunction, there should be a process in place to validate that a guest virtual machine is still required by the business, this is typically considered a recertification.

Related News

VPN

HashiCorp Extends its Zero Trust Security Solution with Secure Remote Access Delivered in the Cloud

HashiCorp | October 10, 2022

HashiCorp, Inc. a leading provider of multi-cloud infrastructure automation software, today announced the general availability of HashiCorp Cloud Platform (HCP) Boundary, a secure remote access product. With this release, Boundary joins HCP Vault and HCP Consul to provide the industry’s first zero trust security solution to secure applications, networks, and people built for the cloud. As organizations move to the cloud and adopt cloud operating models, they require a different approach to security — commonly referred to as zero trust security — where the default security posture is to trust nothing, authenticate and authorize everything. But the gap between legacy security postures and the accelerated move to the cloud is contributing to a significant increase in security breaches. According to the HashiCorp State of Cloud Strategy Survey, 89% of respondents believe security is the number one determining factor for cloud success, which is driving organizations to adopt zero trust security postures. HashiCorp’s approach to zero trust security focuses on using identity to secure applications, networks, and people across multiple clouds, on-premises, and hybrid environments, which reduces the attack surface and automates complex security workflows. This ensures people, machines, and services are authenticated, every action is authorized, and data is protected. “As organizations continue to expand their cloud estates, they must shift their security strategies to keep up with the growth and complexity of applications, network components, and cloud-based systems, At HashiCorp, we have always believed that identity is the foundation for zero trust security for applications, networks, and users. With HCP Boundary, companies now have a modern solution for privileged access management, securing access in dynamic, ephemeral environments for their workforce. We think we’ve reached an important milestone for our customers by delivering a security solution built for today’s threat and infrastructure landscape.” Armon Dadgar, co-founder and CTO, HashiCorp As organizations move out of traditional datacenters and into multiple clouds, hybrid, and edge environments, securing their infrastructure becomes more complex at scale. The HashiCorp zero trust solution covers all three of these aspects: Applications: HashiCorp Vault provides a consistent way to manage application identity by integrating many platforms and identity providers. Vault enables fine-grained access control and authorization between applications and databases, including dynamically rotating credentials, PKI certificates, and API tokens, while also ensuring application data is always secure in transit and at rest. Networks: HashiCorp Consul secures network traffic between applications and services, enabling fine-grained access control policies, observability, and traffic shaping. Consul integrates with Vault’s identity platform to leverage application identity for the policies and to allow dynamic PKI. People: HashiCorp Boundary ensures the right people have access to the right systems and cloud services while removing the need to distribute and issue credentials, expose private networks, or manage static credentials. Boundary integrates with Vault to issue just-in-time credentials and ensure ephemeral access to critical systems. General Availability of HCP Boundary HCP Boundary provides a secure remote access solution for a cloud operating model, offering improvements over existing software-defined perimeter (SDP) solutions, like VPNs, and privileged access management (PAM) solutions that are IP-driven and highly manual. With HCP Boundary, teams gain fine-grained authentication and authorization controls, rapid user onboarding, and automated workflows for target discovery and credential management for ephemeral resources. As a cloud-based service, HCP Boundary benefits organizations struggling with security as they transition to the cloud, driven by people and skills shortages. HCP Boundary allows teams and users to access the critical systems they need while abstracting the session connection, establishment, credential issuance, and revocation. Boundary provides operations and security teams the ability to dynamically pull in cloud service catalogs and on-premises resources and map out policies to which systems, users, and groups should have access. To do this Boundary leverages Vault to provide passwordless connections, and after each use revokes the credentials. This helps ensure critical information like credentials, networks, and resources are never exposed to the user or outside actors. In addition to core secure remote access capabilities, Boundary also offers: Identity platform integration with Microsoft Azure Active Directory and Okta, along with many other identity platforms that support OpenID Connect to onboard trusted identities and delegate authentication Role-based access control (RBAC) to provide broad or fine-grained access to people throughout your organization Passwordless authentication for seamless integration with dynamic secrets and Vault Automated service discovery for streamlined discovery and configuration of targets. Dynamic host catalogs are currently available with Microsoft Azure and AWS, as well as direct HashiCorp Terraform integration to pull in resources under management Session visibility and logging to get insights into session metrics, events, logs, and traces with the ability to export data to business intelligence and event monitoring tools About HashiCorp HashiCorp is a leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows and create a system of record for automating the cloud: infrastructure provisioning, security, networking, and application deployment. HashiCorp’s portfolio of products includes Vagrant™, Packer™, Terraform®, Vault™, Consul®, Nomad™, Boundary™, and Waypoint™. HashiCorp offers products as open source, enterprise, and as managed cloud services. The company is headquartered in San Francisco, though most of HashiCorp employees work remotely, strategically distributed around the globe.

Read More

HYPER-V,SERVER ,CONTAINERS

Verizon expands VRAN leadership position with addition of first Ericsson VRAN cell site into its network

Verizon | December 09, 2022

Verizon, the leader in Virtualized Radio Access Network (VRAN) innovation, announced today it has extended its network virtualization efforts with the addition of the first Ericsson virtualized cell site (also referred to as Ericsson Cloud RAN), with support from Intel and RedHat providing the processing and cloud-native orchestration functions. The advancements in Radio Access Network virtualization allows Verizon to rapidly respond to customers’ varied latency and computing needs, and provides greater flexibility and agility in the introduction of new products and services. The move to a cloud-native, virtualized architecture with standardized interfaces in every part of the network leads to greater flexibility, faster delivery of services, greater scalability, and improved cost efficiency in networks. Verizon has been a global leader in virtualizing its network, announcing recently it already has 8,000 cell sites already virtualized in its network with an eye towards virtualizing 20,000 sites. Virtualizing the far edge of the RAN – the cell sites closest to the customer - is a function of decoupling the hardware and software associated with a cell tower and transitioning the software so that it’s not just stored in the cloud, but is designed for a cloud-native architecture and operation. Just this week, Verizon and Ericsson published a position paper outlining the optimal technology path for VRAN in order to maximize the performance and efficiency of the network, disaggregate hardware from software, and simplify deployment wherever possible. This technology is built into the first Ericsson virtualized cell site deployed in the Verizon network. Components of VRAN Verizon coordinated with many ecosystem partners to welcome Ericsson’s first virtualized cell site. Ericsson provided its commercial 5G Cloud RAN solution, consisting of a virtualized Central Unit (vCU), a virtualized Distributed Unit (vDU), and radio units. This software-based 5G Cloud RAN solution spans across all of Verizon’s frequency bands, utilizing both FDD and TDD 5G spectrum assets, including Massive MIMO support for C-band and interconnecting previously deployed equipment to enable Ericsson Spectrum Sharing between LTE and NR carriers. The Ericsson Cloud RAN solution offers Verizon efficiency and in network deployment and operational management transformation. Intel provided its 3rd Gen Intel Xeon Scalable processor, Intel vRAN Dedicated Accelerator ACC100 and Intel Ethernet Network Adapter E810 to deliver the processing, acceleration and connectivity requirements. Red Hat provided Red Hat OpenShift and Red Hat Advanced Cluster Management for Kubernetes to manage their fleet at scale in collaboration with Red Hat Consulting. As part of the solution, Red Hat Advanced Cluster Management delivers cloud-scale manageability by configuring the 5G RAN using a Distributed Unit (DU) profile, which deploys real-time OS kernel optimizations to run vRAN and other cloud-native application workloads from a single console. Red Hat OpenShift also incorporates zero-touch provisioning to enable distributed deployment at scale required to operate a large scale RAN. Virtualization paves the way for exciting innovation Verizon has been leading the way in virtualization with its vendor partners for years. Verizon began the journey by virtualizing the core of its network. In the years since, Verizon has been working with partners in lab trials and field tests and has been deploying cloud-based cell sites, building programmability into the network to meet the needs of today’s 5G customers and 5G solutions of tomorrow. Key 5G use cases focused on providing the best, most efficient network for customers, will heavily rely on the programmability of virtualized networks. Networks must serve IoT devices that do very little networking and stay in place, smartphones with infinite opportunities to use data in a highly mobile environment, and complex solutions like Augmented Reality that require massive computing capabilities on the edge of the network. These various network solutions rely on a correlated variety of resources from the network, which until recently have been defined rigidly and manually. Using orchestration and automation capabilities at scale on virtual infrastructure, Verizon automates network configuration changes and resource scaling dynamically based on demand. This is one of the greatest benefits of virtualizing a network - essentially building programmability into the network. Verizon Communications Inc. (NYSE, Nasdaq: VZ) was formed on June 30, 2000 and is one of the world’s leading providers of technology and communications services. Headquartered in New York City and with a presence around the world, Verizon generated revenues of $133.6 billion in 2021. The company offers data, video and voice services and solutions on its award-winning networks and platforms, delivering on customers’ demand for mobility, reliable network connectivity, security and control.

Read More

VIRTUAL DESKTOP STRATEGIES

MacStadium Debuts Orka Workspace, the Industry’s First Enterprise-grade Remote Desktop Service for Mac

MacStadium | September 28, 2022

MacStadium, the industry-leading Mac private cloud and software-as-a-service provider enabling all macOS workloads, today announced the debut of Orka Workspace to enable high-performance, secure desktop access to cloud-hosted macOS environments — anytime, anywhere and by any device. The unveiling occurs during the 2022 Jamf Nation User Conference (JNUC) occurring from Sept. 27 through Sept. 29 at the Hilton San Diego Bayfront hotel. Companies need to find secure and flexible ways for their employees to access secure work computing environments from anywhere, especially now that 58 percent of American workers work remotely at least one day a week. Orka Workspace represents a revolution in secure desktop virtualization. Until now, no such option existed in the Mac ecosystem. “We are excited to reveal the full advantages of MacStadium’s Orka Workspace platform at JNUC 2022 the largest gathering of Apple enthusiasts in the world, Orka Workspace’s introduction is nothing short of a paradigm shift for professionals who work in Mac environments, giving organizations the ability to easily and securely manage user workspaces wherever they may be, and on any device.” Chris Chapman, MacStadium’s senior vice president and chief technology officer Orka Workspace is designed to connect and manage your macOS computing environment. It uniquely solves Mac virtualization complexities and IT teams’ Mac-virtual secure desktop needs. It leverages MacStadium’s Orka Platform to provide unmatched macOS virtual-machine provisioning and scalability. For more than a decade, MacStadium has supplied reliable private clouds and dedicated resources for macOS workloads, combining patented technology, proprietary configurations and unparalleled expertise in Apple infrastructure. MacStadium has the capability to meet the needs of all customers from individual developers to Fortune 100 companies. DevOps engineers, SaaS professionals, iOS developers, mobile-testing teams and enterprise users rely on MacStadium for its guaranteed uptime with expert support and data centers located worldwide. MacStadium to Present and Demo Orka Workspace at JNUC 2022 JNUC has hosted Apple administrators for more than 10 years. Attendees may look forward to expert product insights, demos, deep-dive education sessions, community camaraderie and presentations. Apple IT professionals, users and InfoSec leaders, in particular, will have the chance to learn new, improved ways to manage and secure Apple devices, simplifying workflows and augmenting worker productivity. About MacStadium Founded in 2011 and headquartered in Atlanta, MacStadium is a private cloud and software-as-a-service leader delivering scalable and secure enterprise cloud solutions exclusively for macOS. The company’s suite of advanced software-enabled infrastructure, combined with its innovative technology, delivers the security, performance, reliability and flexibility its customers require for successful app development on Apple devices. Powered by MacStadium, Orka (Orchestration with Kubernetes on Apple) is the only virtualization layer available for Mac build infrastructure based on Docker and Kubernetes technology. MacStadium is a Summit Partners portfolio company with growing operations in Las Vegas, Silicon Valley and Dublin, Ireland. Additional operations are scheduled to come online in Mumbai, India in early 2023.

Read More