Security Roundup: Secure SD-WAN, DDoS, Cybersecurity Games, F5-Equinix
Check Point is working with SD-WAN vendors to bring secure networking to their customers.
SD-WAN has played a key role in many organizations’ digital transformations and demand has skyrocketed within the past few years.
However, this evolution brought with it the challenge of securing branch offices. This caught the attention of Check Point Software Technologies.
At Check Point’s CPX360 conference last week in Las Vegas, Aviv Abramovich, its head of security services product management, talked to us about how partnerships are key to Check Point bringing security to SD-WAN.
Check Point is working with SD-WAN vendors like Versa, VMware, Cisco, HPE, Citrix and others, and is cooperating with AT&T, Verizon and other carriers around the world to bring secure SD-WAN to their customers.
Check Point decided it wasn’t practical to develop its own secure SD-WAN, but to work with SD-WAN providers to add security, Abramovich said.
Check Point’s Aviv Abramovich
“There are companies out there that built intellectual property, invested a lot in developing really good products that I think would take several years for us to catch up to become a leader,” he said. “On the other hand, we are a leader in cybersecurity and I believe that any other SD-WAN company, if they want to provide service security, it would take them years as well to develop that expertise. So really the best, most practical thing for us to do with our customers is take the best of both worlds. The customers are expecting a solid, mature solution that is a leading solution in the industry, and from the customer [point of view], they don’t care that the security is coming from there and the networking is coming from there. As long as everything works together, as long as everything is solid and is a leading product, they’re happy.”
Demand for SD-WAN has mounted as organizations move to the cloud and “you need to think differently on how your IT or your networking is connected,” Abramovich said.
“It doesn’t make sense to … go through the data center out to the internet,” he said. “You say, ‘OK, the branch is here, Oracle is there, let’s connect them directly. It makes more sense. I can remove my MPLS maybe altogether and save myself a lot of money in the process. And it’s more efficient because I only consume what I really need out of those cloud services, and I actually keep better service to my customers.’ They use the latest software, always the latest software, it’s always available, it’s close by, and the functionality is much better than if you were to go through the data center.”
Check Point has rolled out a cloud-based SD-WAN network security as a service, and is integrating security as a virtual machine that runs inside the SD-WAN router.
“We have two different concepts, and even the same customer might use both of them in different locations,” Abramovich said. “One of them is to rely on cloud security so you don’t have to install a physical device; I can just get that little SD-WAN device to talk to my cloud service the same way it talks to Office 365. The other option is with a virtual instance. So sometimes cloud is not an option. You might have some regions where it’s really hard to service with a cloud service. It might be far away, some regions in South America and in Africa, some of the Far East countries also don’t have a good cloud infrastructure that you can build inside of them. So for them it makes sense to use a different type of solution or architecture.”
All of this spells …
… big partner opportunities and Check Point is “working very hard, adding more partnerships, he said.
“It means taking two different products from the vendors and combining them, and making this available to their customers,” Abramovich said. “Versa took two products, they combined them together, and now they have a secure SD-WAN offering based on Versa technology and Check Point security available for their customers. This is exactly something a partner can do. Can we nurture business together? Absolutely. For implementation we will have to rely on our partners and their ability to pull it all together for us.”
Kaspersky Lab: DDoS Attacks Increase in Length, Sophistication
A new report by Kaspersky Lab shows a decline in the overall number of distributed denial of service (DDoS) attacks when compared to the previous year, while cybercriminals have been turning to longer, more sophisticated, mixed and HTTP flood-attack techniques.
The report covers statistics from the fourth quarter and all of 2018. In the last quarter, the longest DDoS attack lasted nearly 14 days, the longest since the end of 2015. In addition, the top three countries with the most DDoS attacks remain the same — with China in first place, although its share dropped significantly, the United States in second and Australia in third for the second quarter in a row since reporting began.
In the fourth quarter, Kaspersky Lab also noted changes in the countries hosting the most command and control (C&C) servers. As in the previous quarter, the United States remained the leader, but the United Kingdom and the Netherlands came second and third, replacing Russia and Greece, respectively. Experts believe this is because of the number of active C&C Mirai servers increasing significantly in the aforementioned countries.
Complex attacks, such as HTTP misuse, which require time and money, continue to remain lengthy. As the report revealed, the HTTP flood method and mixed attacks with an HTTP component constituted about 80 percent of DDoS attack time for the whole year.
Accounting for almost half of the DDoS attacks in 2018, the most common type of attack is user datagram protocol (UDP) flooding, but these attacks observed over the year rarely last more than 5 minutes.
Kaspersky’s Alexey Kiselev
“When cybercriminals do not achieve their goals of earning money by launching simple DDoS attacks, they have two options,” said Alexey Kiselev, business development manager on the Kaspersky DDoS protection team. “They can reconfigure the capacities required for DDoS attacks towards other sources of revenue, such as cryptomining, or malefactors who orchestrate DDoS attacks have to improve their technical skills, as their customers will look for more experienced attackers. Given this, we can anticipate that DDoS attacks will evolve in 2019 and it will become harder for companies to detect them and stay protected.”
As more organizations adopt solutions to protect themselves from simple types of DDoS attacks, 2019 likely will see attackers improve their expertise to overcome standard DDoS protection measures and bring overall complexity of this type of threat to the next level, according to Kaspersky Lab.
National Cyber League Offers Cybersecurity Skills Games
Update your cybersecurity skills while having fun with the National Cyber League (NCL) Winter Camp puzzles.
Every Tuesday for the next six weeks, NCL will host a different puzzle on their Facebook and Twitter pages. Challenges run the gamut of …
… steganography and cryptography to open-source intelligence. Anyone who answers correctly will be entered in a drawing for a Starbucks gift card every week.
NCL’s Kaitlyn Bestenheider
“It only takes a few moments to keep yourself at the top of your game,” said Kaitlyn Bestenheider, NCL chief player ambassador. “Enjoy the weekly Winter Camp series puzzles as a way to keep your skills sharp, and enter for your chance to win prizes along the way.”
NCL provides a cybersecurity training ground in a high-fidelity simulation environment that requires participants to work individually in the regular season and in teams during the postseason events. The NCL events are designed for participants to solve real problems with actual deadlines under time, technical and resource constraints. Companies seeking qualified talent can access the NCL’s scouting reports to evaluate potential cybersecurity professionals who have demonstrated skills in the NCL events.
To learn more, visit the NCL website.
F5, Equinix Join Forces to Enhance Multicloud Security
F5 Networks and Equinix have partnered on a solution that provides automated hardware security module (HSM) capabilities as a service.
The integration combines F5 BIG-IP and Equinix SmartKey technologies to simplify encryption key life-cycle management and provide security for organizations hesitant to store their increasing number of keys in the public cloud.
Cyrus Rafii, F5’s senior business development manager, tells us this solution with Equinix will give partners another “arrow in their quiver” for their digital transformation and cloud enablement practices by enhancing the security and lifecycle management of their customers’ cryptographic keys used in multi-cloud deployments.
“Essentially, this solution simplifies the process, without requiring the customer to manage keys for each environment manually,” he said. “F5 partners have a competitive advantage in that F5 is the first and only ADC provider with a validated solution for cloud gateway and key management services in Equinix.”
Today’s enterprises look to embrace the cost and efficiency benefits of cloud but find themselves with the daunting task of securely managing data and encryption capabilities across private, public, hybrid or multicloud environments, F5 noted.
“Through an integrated, out-of-the-box secure sockets layer (SSL) key management solution, F5 and Equinix technologies accelerate the performance of secure network applications,” said Lance Weaver, Equinix’s vice president of platform strategy and emerging services. “This gives customers an innovative way to protect their increasingly distributed digital business assets, without locking them into one set of cloud service-provider capabilities. With many use cases providing attractive cost savings, this latest joint effort between Equinix and F5 enables the automated retrieval of encryption keys without customer intervention, regardless of how specific surrounding infrastructure components have been architected.”
Read more about:
MSPsAbout the Author
You May Also Like