ROUNDUP FireEye has borrowed from the credit card industry to try and detect malicious logins.
The company's reasoning is that someone in Sydney at 9AM can't legitimately log into a system from (say) Hong Kong an hour later.
So the company's announced GeoLogonalyzer to try to detect malicious logins by their source.
A “geo feasibility” analyser, GeoLogonalyzer aims to detect authentication attempts from distant locations; a user account logging on from improbable IP addresses (for example, an IP in one city but the user also has logons from locations they're unlikely to be located); logon attempts from locations nobody's travelling to, and where the business has no contacts; logons from unexpected IPs or ASNs (autonomous system numbers); logons unexpectedly arriving from cloud hosts; and so on.
Cato adds threat hunting
Cato Networks has enhanced its Cato Cloud with a threat hunting capability.
The Cato Threat Hunting System (from the "sushi is cold, dead fish" school of product naming) is part of the company's cloud SD-WAN.
Because customer traffic is visible in Cato's cloud, the threat solution can see traffic that's segmented in an enterprise network by kit like firewalls and NAT (network address translation).
“CTHS has full access to real-time network traffic for every IP, session, and flow initiated from any endpoint to any WAN or Internet resource. Optional SSL decryption further expands available data for threat mining”, the company claimed.
Arlo tells customers "get new passwords"
There's no good time for a data breach, but Netgear's "Arlo" smart home brand has reported one at the same time as it plans its spin-off and IPO.
Back in February, the company started planning the spin-off, and late last week Arlo announced a breach to its customers.
Without detailing the severity of the event, the company told customers to choose a new password.
“From our initial investigation, it appears that attackers may be using credentials obtained from an unknown third-party in an attempt to gain unauthorized access to Arlo accounts. At this stage, we have no reason to believe our own systems have been impacted”, the company said, adding that the “change password” suggestion is precautionary.
Red Hat certs for Ribbon VNFs
Ribbon Communications has had various products added to Red Hat's SDN ecosystem via certification against the Linux outfit's OpenStack Platform 10.
The products in question are Ribbon's Session Border Controller Software Edition, its Insight Element Management system, and its Centralised Policy and Routing Edition.
The three virtualised network functions (VNFs) are in addition to four earlier certifications covering call session control, media software, and intelligent messaging.
Mellanox's mini-hyperscale bundle
Mellanox has rolled a bunch of products into a bundle to try and help customers get hyperscale-like capabilities.
The bundle combines networking hardware and open network software; a converged Ethernet fabric for compute, communications, and storage; software-defined networking, storage, and virtualisation; and integration with (take a breath) OpenStack, vSphere, Azure Stack; and support for SD storage through Ceph, Gluster, Storage Spaces Direct, and VSAN.
Hardware in the bundle includes up to five of the company's Spectrum SN2100 Ethernet switches; ConnectX NICs; LinkX cables and optics; and tech support.
Cisco's still making money, so here, have some
The company has also refreshed its WAN optimisation range, by giving us all the Cisco ENCS-5400-W Series "series of purpose built WAAS hardware appliances which replace the Cisco WAVE appliances and expands the choice of form factors and platform for WAAS services."
Linux Foundation expands open networks training
The Linux Foundation has opened enrolments for its latest open source networking training courses through edX.org.
LFS165x - Introduction to Open Source Networking Technologies kicks off in early August. It covers “the open networking stack from top to bottom”, the foundation says, covering switch disaggregation, network operating systems and controllers, virtualisation and orchestration.
Details are at edX.org here. ®