5 DNS services to provide a layer of internet security

Having thorough IT security usually means having a layered approach. Basic antivirus, for instance, might catch PC-based malware once a user downloads it, but you could try to block it before it ever reaches the user device, or at least have another security mechanism in place that might catch it if the basic antivirus doesn’t. DNS-based filtering can do this! It can help stop users from browsing to malware and phishing sites, block intrusive advertising to them, and serve as adult content filters. First, a quick primer for those who are unfamiliar with DNS: You utilize the Domain Name System (DNS) every time you surf the Web. Each time you type a site name into the browser, DNS is queried for the IP address corresponding to that particular domain, so the browser can contact the Web server to get the content. The process of converting the domain name to its IP address is called domain-name resolution. To read this article in full, please click here
http://dlvr.it/SdZrPL

Microsoft Azure launches DDoS IP protection for SMBs

DDoS IP Protection for SMBs is designed to provide enterprise-grade distributed denial of service protection at a price that's attractive to small and medium-size companies.
http://dlvr.it/SdFvfP

Mastering Active Directory groups can streamline management, pave way for automation

On the surface, Active Directory groups are a simple and straightforward way to manage identities (users and/or computers) and assign permissions. Users or computers are added as group members, and the group is referenced in access control lists (ACL) on file shares, mailboxes, applications, or other corporate resources. But experienced admins know that this simplicity quickly goes out the window as environments scale. As group memberships grow, management of memberships becomes increasingly complex. Over the years, Microsoft and others have developed best practices for managing groups and permissions in an Active Directory environment. These strategies are something of a lost art, but there’s value to be gained by leveraging these layers of sophistication. To read this article in full, please click here
http://dlvr.it/Sd6mfy

Dell expands data-protection product line

Dell Technologies has announced new products and services for data protection as part of its security portfolio. Active data protection is often treated as something of an afterthought, especially compared to disaster recovery. Yet it's certainly a problem for companies. According to Dell’s recent Global Data Protection Index (GDPI) research, organizations are experiencing higher levels of disasters than in previous years, many of them man-made. In the past year, cyberattacks accounted for 48% of all disasters, up from 37% in 2021, and are the leading cause of data disruption. One of the major stumbling blocks in deploying data-protection capabilities is the complexity of the rollout. Specialized expertise is often required, and products from multiple vendors are often involved. Even the hyperscalers are challenged to provide multicloud data-protection services. To read this article in full, please click here
http://dlvr.it/Sd1BCB

Palo Alto targets zero-day threats with new firewall software

Palo Alto Networks has released next-generation firewall (NGFW) software that includes some 50 new features aimed at helping enterprise organizations battle zero-day threats and advanced malware attacks. The new features are built into the latest version of Palo Alto's firewall operating system – PAN 11.0 Nova – and include upgraded malware sandboxing for the company’s WildFire malware-analysis service, advanced threat prevention (ATP), and a new cloud access security broker (CASB). WildFire is Palo Alto’s on-prem or cloud-based malware sandbox that is closely integrated with Palo Alto’s firewalls. When a firewall detects anomalies, it sends data to WildFire for analysis. WildFire uses machine learning, static analysis, and other analytics to discover threats, malware and zero-day threats, according to the vendor. To read this article in full, please click here
http://dlvr.it/SctMWM

Should security systems be the network?

Recently during a research interview with a small but fast-growing business, for the first time I encountered an organization with a “no-network-vendor” network. That is, instead of using Cisco or Dell or even a white-box solution for switching and routing, the company deployed only Fortinet equipment for its entire network. That is, every network component is part of the security infrastructure for them. They built the network this way not just to bake security into its core (a great idea in itself) but also for: * ease of management: they have one tool, it manages every component * ease of deployment: they have only two or three versions of each appliance, all the same except for capacity and port count * ease of expansion to new locations: every site is the same as any other site of similar size They have a small stock of replacement appliances on the shelf, with which they provide rapid recovery for all locations. They could easily also consume security-operations center as-a-service, and use professional services for nearly all the rest of their network operations. In essence, their security solution could become their complete network solution as well. To read this article in full, please click here
http://dlvr.it/ScZg5V

Researchers show techniques for malware persistence on F5 and Citrix load balancers

Tests show that deploying malware in a persistent manner on load balancer firmware is within reach of less sophisticated attackers.
http://dlvr.it/ScWG9R

VMware adds more security for diverse cloud workloads

VMware has added more security features to its forthcoming on-demand multi-cloud networking and security service called Northstar that it previewed during its August VMware Explore 2022 conference. VMware said then that Northstar will provide a central console for turning up networking and security services across private clouds and VMware Cloud deployments that run on public clouds. It will include VMware services such as Network Detection and Response, NSX Intelligence, advanced load balancing and Web Application Firewall. Within Northstar, Network Detection and Response support will provide scalable threat detection and response for workloads deployed in private and/or public clouds. To read this article in full, please click here
http://dlvr.it/ScSYMB

Qualys previews TotalCloud FlexScan for multicloud security management

Agentless security management system aims to simplify vulnerability management for security teams and developers in cloud and hybrid cloud environments.
http://dlvr.it/ScFckw

Cisco adds a firewall, upgrades security

Security is the name of the game at Cisco’s Partner Summit gathering this week with the rollout of a new firewall and added data-loss prevention (DLP) and passwordless authentication features to its security wares.  On the firewall front, Cisco announced the Secure Firewall 3105 it says is built specifically for hybrid workers and small branch offices.  Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end for the Secure Firewall 3100 family, including the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput. To read this article in full, please click here
http://dlvr.it/Sc46Gy