Category

Blog

What is NAC-as-a-Service and Why Do You Need It?

By | Cloud Security | No Comments

Network access control (NAC) solutions have been around since the early 2000s, serving the important purpose of authenticating and authorizing access to the corporate network. NAC solutions are historically reliable when it comes to authenticating and authorizing access based on device credentials, but with the onset of digital transformation, including, Bring-Your-Own-Device (BYOD), the Internet of Things (IoT), and a growing mobile workforce, NAC solutions need to adapt to the modern enterprise landscape.

Our new eBook introduces NAC-as-a-Service, offering traditional NAC capabilities including authentication, authorization, and endpoint security assessments from the cloud as-a-Service.

What’s new about NAC-as-a-Service?

  • Pricing: Traditional NAC solutions run on port-based pricing and one-time fees, but NAC as-a-Service serves as subscription-based models
  • Location: On-premise NAC offerings typically control only on-site devices, whereas NAC as-a-Service monitors and control all devices on a network regardless of location
  • Easy 802.1x – A NAC as-a-Service solution allows for simple deployment of 802.1x authentication, without compromising on security across the enterprise and allowing admins to embrace the trustworthy method of authenticating devices on the corporate network
  • Automated control: Instead of manually tracking managed endpoints, NAC as-a-Service offers automated controls based on a device’s risk level
  • Customized Policies: System admins can set up access policies, restricting devices based on qualifications, for example, setting geographical control over where the corporate network can be accessed from or restricting access from a certain operating system

Why your organization needs NAC-as-a-Service?

If you’re looking to adopt digital transformation trends while keeping your network secure, NAC as-a-Service is right for you. IT professionals often want to encourage their employees to use technology and reap the financial benefits that result but are concerned about the digital risks they can expose the organization to. When adopting digital transformation trends like BYOD, IoT and the mobile workforce, visibility and access controls are more important than ever. NAC as-a-Service offers network administrations visibility into all endpoints without the use of an agent, and automatically limits or restricts access if an endpoint appears to put the network at risk. With a cloud service, network access control is easier than ever.

Portnox CLEAR is a cloud -based solution that simplifies the management of emerging cyber risks in the organization, offering all the benefits of a SaaS solution paired with robust access control and network visibility capabilities.

Find out more about how NAC-as-a-Service solution addresses today’s security needs in our  NAC-as-a-Service eBook.

nac as a service webinar

NAC as-a-Service: What it means and how it works? – Webinar

By | Our Technology | No Comments

Watch our webinar to find out what NAC as-a-Service is, how it works and how your company can benefit from it.

As we all know, NAC has been around for a while, but NAC as-a-Service, offered from the Cloud, is the new word in the market. It is true that NAC as-a-Service is still just starting out, but with the demand for current solutions, like our Cloud NAC solution, Portnox CLEAR, it’s clear that organizations are ready to take the leap and start securing access to their networks with an agile cloud-based solution.

So what is NAC-as-a-Service?

NAC-as-a-Service offers all of the same features and capabilities of an on-premise or appliance-based NAC solution with the agility, flexibility and ‘always-on’ benefits of a cloud service. This means that deployment and integration with the corporate network is a seamless zero-touch process, similar to accessing other cloud services, and the pricing model is subscription and use-based – you only pay for the endpoints you need to secure.

That is not all. NAC-as-a-Service is a one-of-a-kind offering in that it enables the strength of what used to be considered the impossibly complex 802.1X authentication protocol, from the cloud as-a-Service. By enabling 802.1X from the cloud, everything is already pre-set up and so organizations can extend strong authentication across their risk-based perimeter and to every location – on and off premise – even at the beach! It is that easy!

With NAC-as-a-Service, controlled access inherently means controlling organizational exposure to digital business risks.

Check out our webinar to learn more about NAC-as-a-Service solution and how your organization can benefit from it.

Try Portnox CLEAR Now!

Portnox Wins Two Cybersecurity Excellence Awards

By | Cloud Security, Network Access Management, Network Security, Our Technology | No Comments

We’re excited to share that Portnox won the Cyber Security Excellence Award in two categories, including:

  • Silver Winner for Most Innovative Cybersecurity Company: Portnox
  • Bronze Winner for Cloud Security category: Portnox CLEAR

“Congratulations to Portnox for being recognized as a winner in the Most Innovative Cybersecurity Company and Cloud Security categories of the 2018 Cybersecurity Excellence Awards,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn that organizes the awards program. “With over 400 entries in more than 70 categories, the 2018 awards are highly competitive and all winners truly reflect the very best in today’s cybersecurity industry.”

The 2018 Cybersecurity Excellence Awards are an annual program that recognizes products, companies and individuals that exhibit innovation, excellence and noteworthy leadership in the information security space, based on the strength of their nomination and the popular vote from members of the Information Security Community.  You can find Portnox listed among the winners here.

Read more about Portnox CLEAR, Cloud NAC solution or simply Try it Now!

2018 Top Cybersecurity Events Not to Be Missed!

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

You want to stay ahead of the game? The following list of cybersecurity events will help … and they are fun too!

Whether you are a security professional, software developer, security administrator, or any other role in the IT security fields, attending a conference is a great way to network with other professionals and learn about the hottest market trends, new developments, improvements, innovation and information.

Plenty of great cybersecurity conferences are coming up in the months ahead and the Portnox team will attend several of these. We’ve identified these top cybersecurity events that should be on your list. Check them out and update your calendar!

Cybertech Israel

January 29- 31, 2018
Tel Aviv, Israel

The event is positioned as a global meeting place, featuring representatives from organizations of all sizes, from multinational corporations to emerging startups. There will be a special pavilion for startups, as well as a competition in which entrepreneurs will present their ideas to a panel of international judges. Topics under discussion during the conference include the Internet of Things (IoT), big data and Finsec New in 2018 is a sister conference and exhibition, AutoTech, focusing on the future of smart mobility and the automotive.

Oracle CloudWorld

February 16, 2018
New York City, USA

Oracle Cloud World brings together forward-looking professionals responsible for finance, operations, supply chain, human resource, sales, marketing, customer service and IT. Learn how leading companies are leveraging the cloud for competitive advantage. Experience what works, what doesn’t, and identify solutions and approaches to accelerate your innovation.

Gartner Identity & Access Management Summit

March 5- 6, 2018
London, UK

The Gartner Identity and Access Management (IAM) Summit will focus on some of the hottest topics for the coming year, including the role of identity management in securing cloud and mobile apps, the IoT and the importance of privileged access management. For those preparing for the General Data Protection Regulation (GDPR), there is also a focus on the role of IAM as it applies to the privacy regulation.

Infosec World 2018

March 19 -21, 2018
Florida, USA

InfoSec World 2018 Conference & Expo is bringing together CISOs, CIOs, CTOs and other security practitioners who will share hands-on and practical advice on a wide range of security topics. From understanding your adversary to learning about the 0-day exploit market to bridging the gap between the technical and business aspects of security, InfoSec World 2018 will offer a chance for security professionals to learn something new and analyze ideas with peers.

Cloud Security Expo

March 21 -22, 2018
London, UK

Cloud Security Expo is the fastest growing section of the Cloud Expo Europe event series attracting a record-breaking 19,926 Enterprise IT & Security Buyers and Specialists in March this year! Cloud Expo Europe Keynote Theatre hosts foremost international technology leaders, including internationally acclaimed and top-rated visionaries, senior industry speakers and executives driving a global transformative shift towards cloud computing and other disruptive technologies. Speakers will deliver their outlook on the future, plus leading CIOs and senior IT professionals will be sharing their roadmaps to digital transformation, where cloud lives in the heart of the engine room. Cloud Security Expo provides the tools, training & techniques to ensure companies are compliant and secure as they transition their business assets to the cloud.

To register for the event, click here.

RSA
April 16-20, 2018
San Francisco, CA, USA

The largest cybersecurity event in the world today. The RSA Conference USA 2018 is dedicated to information security topics including data breaches, Cyber threats, compliance, social engineering, cloud security, risk management, application security, mobile security, governance, data security, legislation and policy, law, cryptography and identity management. It brings together information security professionals from across the globe working in industries such as Computer Software Development Finance, Banking, Healthcare, Government, Pharmaceuticals, and Manufacturing. Hear from world-class speakers on topics such as “The Most Dangerous New Attack Techniques, and What’s Coming Next”.

Interop ITX
April 30 – May 4, 2018
Las Vegas, NV, USA

Interop ITX combines a trusted Conference program with a vendor-neutral Business Hall and lots of networking events. The event is entering its 32nd year serving the IT community and it is an opportunity to learn about technologies and solutionsץ You may not realize how much the show has evolved during that time, growing from a plugfest ensuring network interoperability to an industry-oriented trade show to its current model: a week-long event centered around its conference program, including educational sessions, long-form tutorials, mainstage keynotes, sponsored content and a business hall showcasing technology.

Our CEO is Speaking! Sign up for his hands-on IoT workshop here.

Gartner Security & Risk Management Summit
June 4- 7, 2018
National Harbor, MD, USA

The Gartner Security & Risk Management Summit 2018 will focus on practices and strategies that will provide cost-effective security and risk programs in order to support digital business and drive the success of your business or organization.

Among the exhibiting companies are IBM, Thales, Cylance, Varonis, Symantec, HP enterprise, Verizon, Sentinel, AT&T.

InfoSec Europe
June 5-7, 2018
London, UK

Infosecurity Europe (Infosec) is the region’s number one information security event featuring Europe’s largest and most comprehensive conference programme and over 400 exhibitors showcasing the most relevant information security solutions and products to over 19,500 information security professionals. Each year this conference features many sessions on NAC. Watch this space!

BlackHat USA
August 4 – 9, 2018
Las Vegas, NV, USA

Black Hat is the most technical and relevant global information security event series in the world. For more than 18 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and training are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.

Contact us to schedule private product demos (Portnox CORE for on-Premise NAC and Portnox CLEAR for cloud-based NAC) at one of these shows. We look forward to seeing you there and beginning a conversation with you around network security!

 

How NAC Achieves CIS’s Top Security Controls

By | Cloud Security, Network Access Management | No Comments

The value proposition of network access control (NAC) solutions has shifted in recent years due to the onset of wireless networks, coupled with technological advancements in mobile and Internet of Things devices. Together with growing demands for the implementation compliance standards across a number of industries, companies are now required to openly communicate information about their security controls to external auditing authorities.

NAC is well positioned to provide an answer to these concerns by directly addressing the Center for Internet Security’s Top 5 Security Controls, which are a prioritized set of actions to protect organizations and data from cyber threats. NAC solutions address: collecting the inventory of authorized/unauthorized devices and software (including applications); ensuring secure configurations of hardware and software; carrying out continuous vulnerability assessments and remediation measures; and allowing for the controlled use of administrative privileges through role-based access.

Find out how NAC solutions address these security controls in our infographic and “The Importance of a NAC Solution” White Paper!

Portnox’s Predictions for Cybersecurity Trends in 2018

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

2017 was a very busy year for Portnox, yet throughout we aimed to address cybersecurity trends through our product offerings – Portnox CORE and Portnox CLEAR. With the highest number of ransomware attacks on record in 2017, we introduced a Rapid Ransomware Response and Control feature to our on-premise NAC solution, Portnox CORE, as well as the ability to see and control Internet of Things (IoT) devices through the IoT Visibility Radar. Portnox CLEAR, our cloud solution for network access control and risk management, was introduced to the market, and with its features for ensuring business continuity and securing the mobile workforce. The ability of our products to adequately address 2017 received commendation in the form of various industry awards and recognitions from leading publications and security experts.
Looking forward to 2018, the security landscape will shift and focus more heavily on IoT security, blockchain trends, automation and workforce mobility.

Here are some of our insights on what the 2018 cybersecurity landscape will look like:

  1. Extension of Automation: Together with AI and machine intelligence trends, automation will likely take center stage in 2018 as the leading security trend. Microsoft recently announced that it will begin automated anti-virus updates through its Windows Defender, which means that users and organizations will no longer have a choice when it comes to patching endpoints and software. This is good news, because it ensures that more actors have adequate security postures, and it makes sense for modular devices (like IoT) that present difficulties when it comes to firmware upgrades. Yet automation also creates challenges, namely for industries dependent on older versions of software, firmware and operating systems, such as healthcare and finance. Automated security updates could put the business continuity of these organizations at risk, and with potentially life-threatening and economically risky consequences. In addition, automated security updates across the board could actually make it easier for hackers to carry out large-scale attacks that will affect a larger number of endpoints.
  2. Blockchain and the Hacking of Applications: While many believe that the blockchain is “unhackable”, in the last year we have seen an increase in the number of attacks against blockchain-based applications. The vulnerabilities do not arise from the blockchain itself, but rather the applications that run on the blockchain. Social engineering will be used to extract private keys. Another possible blockchain hack, which has already been proven possible, is through other blockchain technologies such as Ethereum, which is an organization that’s committed to being open source for third-party applications. This creates a vulnerability because almost all applications have bugs can be manipulated by hackers as an attack surface.
  3. DDoS Ransomware: Creating a new and more pungent form of blackmail, DDoS and ransomware are joining forces to topple enterprise progress in digital transformation, while reaping monetary benefits. These attacks are made possible by using botnets, or large groups of “zombie” devices – which often happen to be Internet of Things devices, such as webcams – to funnel traffic to a malware-infected web address that, in turn, extract data from the accessing endpoint and demand ransoms for the return of that encrypted data. These attacks are often called “sinkhole” attacks because the DDoS traffic is being directed to sites that contain dangerous malware. With the wide adoption of Internet of Things devices in the enterprise, and the rise in ransomware demands, it’s likely that we’ll be seeing more of these attacks in the next year.
  4. Growing Regulation of IoT Security: Regulations governing IoT security features are beginning to be drafted, but there is still not enough demand from the consumer side to warrant manufacturer investment in security features. This begs a major question in 2018 of whether governments, in similar fashion to the US and EU, will begin issuing security regulations on IoT device manufacturers that protect consumers and companies from digital risk. Together with GDPR and other compliance regulations, we are likely to see more governments and industry authorities stepping up to enforce privacy, safety and security regulations on IoT manufacturers.
  5. Mobility of the Workforce: With more employees working remotely, organizations are enjoying a significant drop in their capital expenditures (many have even given up on the physical office space), while directing operational expenditures at digital transformation trends such as cloud and BYOD. Workforce mobility is a good thing for companies’ balance sheets, but the technological flexibility it affords results in more areas of cybersecurity vulnerability for the enterprise network. Companies that are set on accommodating mobile workforce trends will be investing in more endpoint, network and cloud security solutions that protect access and assets across a variety of locations and in various connected environments.

At Portnox, we will continue innovating our access control offerings to provide solutions to 2018 security trends and challenges, providing our customers with valuable, holistic solutions to protect their networks.
Here’s to a great 2018!

Easy 802.1X

By | Cloud Security | No Comments

The IEEE standard for port-based authentication, 802.1X, has been around since the early 2000’s, but in recent years has been met with frustration from network administrations and architectural experts. While 802.1X is well suited to the needs of the wired, desktop-dependent enterprise, with the shift to wireless networks, together with an upsurge of BYOD and Internet of Things (IoT) devices, deployment of 802.1X has become more of headache than a help.

Much of the criticism for 802.1X centers around the difficulty of deployment, namely that certain hardware infrastructure, such as RADIUS authentication and user repository servers, are required. In addition, with an increase of mobile devices in the enterprise, 802.1X is not able to provide enough contextual information on devices to allow for effective security controls. Finally, the difficulty of deployment involves the allocation of agents, which must be carefully managed on endpoints and could become a nuisance for employees if they are constantly required to enter their access credentials.

So Why Reconsider 802.1X?

Despite these technical difficulties, 802.1X has proven to be the strongest method for authenticating devices on the corporate network due to its continuous and direct communication with authenticating servers as opposed to pre/post scanners or the use of logs. The benefits for centralized management and enhanced security should not be deserted based on the sheer complexity of 802.1X deployments.

802.1X Delivered as a Cloud Service

Now, there is another way. With the growth of cloud computing technologies, Portnox CLEAR offers a solution that allows for simple deployment of 802.1X authentication , without compromising on security across the enterprise. By deploying RADIUS and user repository servers from the cloud, and delivering 802.1X as a software-defined cloud service, admins can embrace the benefits of 802.1X authentication by deploying a zero-touch solution that eliminates geo-redundancies. In a matter of minutes, admins can see and control every device connecting to their network and issue agents to monitor and control those devices with one swift action.

To find out how 802.1X authentication from the cloud works, read more in our White Paper, “802.1X Authentication Is Simpler Than You Think“, or TRY PORTNOX CLEAR NOW!

Four Tips on Keeping Your Network Safe During the Holidays

By | Network Security | No Comments

The holiday season is a busy time for all of us and full of excitement. Yet as employees are likely to be working from home over their vacation, or from other remote locations such as hotels or even near the pool, there are some key steps that organizations should take to secure their network for remote access:

  1. Device Patching: Ensure that all devices accessing the corporate network are up-to-date on their security and anti-virus patches. As there will be managed, and, likely, a good deal of unmanaged devices accessing the network, send out email communication to employees ahead of the holidays with a request to update their devices. In addition, if using a network access control solution, set a policy that requires the latest patch updates in granting access. That way, even if a device isn’t updated, it will be blocked access until its posture is updated.
  2. Take Note of Your Inventory: Take the holiday season as an opportunity to gain a clear understanding of your inventory, namely unmanaged devices that are likely to be used by employees while working remotely. Ask employees to share information on the devices that they use at home to get a better understanding of any potential vulnerabilities, asking employees to patch and update those devices as well. In addition, get an understanding of which managed devices will remain in the office and ensure they are updated.
  3. Multi-factor Authentication is a Must! Deploy a VPN solution that requires MFA for network and cloud access. MFA ensures that employees are more cognizant when accessing the network. In addition, set the security policies for remote VPN access to reflect those of your network. Lastly, let employees know that network security will be on high alert in your holiday message (it could be the same message sent about patch updates).
  4. Automate Where Possible: Network security admins are no different in that they want to enjoy time with their families over the holidays, so automate security actions where possible. By deploying a network access control solution that automates network security actions based on policy, security admins can ensure that their networks are secure, without ever stepping foot into the office. And, as mentioned above, if admins communicate with employees regarding heightened security and patch updates, it’s unlikely that they will receive frantic IT calls over the break. In a word – network security admins that want to enjoy their holiday break should automate, automate, automate!

Of course, the most important tip of them all is – enjoy the holiday season by keeping network access secure and vulnerability free! With Portnox’s network access control solutions you can control access from anywhere to control exposure to digital business risks, wherever and whenever they may arise.

Try Portnox CLEAR – Network Access Control-as-a-Service

Portnox 2018 Security Predictions

By | Network Security | No Comments


Portnox’s CEO and Co-Founder Ofer Amitai shares his 2018 security predictions with Dan Patterson at TechRepublic. The discussion kicks off with the rise of IoT devices and the likelihood of regulations on IoT device manufacturers and why there is a market failure. Next, Ofer continues with the rise of DDoS ransomware attacks and how they might look like in 2018. Then he covers the benefits associated with the rise of automation with security solutions, concluding by touching on the potential hacking of blockchain applications.

Check out the full video here for our predictions on the state of the 2018 security landscape.

Revitalized NAC for LAN and Cloud

By | Cloud Security | No Comments

As long as enterprise organizations try to maintain private networks, the challenge of determining which devices are considered safe for entry will remain. Whether this access decision is made using physical or virtual enforcement controls does not matter much from a policy perspective. Organizations desiring private LANs will simply want something workable to determine which devices are allowed admission, and which are not.

Traditional enterprise local area security teams have relied on a technology known as network access control or NAC to provide such policy enforcement. NAC is sort of like transportation security at your local airport: You arrive at a checkpoint, you present requested credentials, you go through some careful screening, and then an access decision is made. None of this is convenient, and none of it happens instantaneously. But we all agree that it is necessary.

What are the prospects for NAC in a world where the traditional LAN is being rapidly evolved by mobile and cloud? And what of the disappointment many security experts have previously expressed with NAC?

Enterprise NAC faces challenges, and many 802.1X-based implementations burdened by unbridled complexity. But the prospects for NAC in the modern enterprise are dramatically improving, coupled with powerful means for extending such protections to the cloud. “Next generation network access controls for cloud,” according to Portnox CEO Ofer Amitai, “will be a critically important component of the virtual enterprise.”

The original approaches to NAC had several challenges from the outset. First, they tended to be vendor specific, with required endpoint agents, and mitigations based on network traffic manipulation. These methods carried considerable downside; for example, few non-trivial networks are built on the capability and offerings of a single network vendor. Even in the presence of standards, interoperability issues were often the root cause of problems.

Portnox has focused its NAC product efforts on addressing these challenges directly for both the enterprise LAN and the extended hybrid cloud (to include IoT systems as well). Seamless, agnostic coverage of multiple vendor deployments, for example, is one of the focus areas of Portnox – and this should be welcome news to any network security manager supporting complex functional requirements for the hybrid enterprise.

Perhaps the most evolved NAC consideration in the Portnox suite is its emphasis on visibility across access layers. Surprisingly, early attempts at visibility from NAC were downplayed, simply because the (stubborn) presumption was that access policy would be enforced at LAN admission time. This carries the logical assumption that only good devices would ever be permitted entry to the LAN – which we all know is not how things evolved.

All of this is good news for any CISO team operating on an existing perimeter-based LAN (which means essentially every CISO team), with clear transition on-going toward hybrid cloud. The requirements to protect admission and entry to the corporate network remains a control demand in every framework I’ve ever seen. It, therefore, stands to reason that teams should partner with NAC vendors who understand the present – as well as the future.