Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



How doNotTrack policies work in the Calico eBPF dataplane

Almost all modern network systems, including stateful firewalls, make use of connection tracking (“conntrack”) because it consumes less processing power per packet and simplifies operations. However, there are use cases where connection tracking has a negative impact, as we described in Linux Conntrack: Why it breaks down and avoiding the problem.


A Brief Introduction to the World of IP Addresses

How many internet-connected devices do you own? If you took a quick inventory around your house, you may be surprised at exactly how many there are. Have you ever wondered how they all communicate, not only with each other, but with the internet as well? This is, in part the result of technology known as IP addressing.

cato networks

Digital Transformation Is a Major Driver of Network Transformation

Many organizations are in the midst of rapid digital transformation. In the past few years, numerous new and promising technologies have emerged and matured, promising significant benefits. For example, many organizations are rapidly adopting cloud computing, and the growing maturity of Internet of Things (IoT) devices has the potential to unlock new operational efficiencies.

Arctic Wolf

CVE-2023-33009 and CVE-2023-33010: Multiple Critical Unauthenticated RCE Vulnerabilities in Zyxel Firewalls

On Wednesday, the 24th of May, 2023, Zyxel released a security advisory for several vulnerabilities capable of granting unauthenticated remote code execution (RCE) in their line of Firewall and VPN products, tracked as CVE-2023-33009 and CVE-2023-33010. These buffer overflow vulnerabilities are also capable of inducing denial of service conditions.


Think Beyond SD-WAN to a Zero Trust, Context-Aware SD-WAN

The enterprise business is now borderless, where users, devices, sites, and clouds are all creating any-to-any connections with new access control requirements. Digital innovation has led to the proliferation of apps and IoT devices where the cloud and web have become an encyclopedia of applications.

Cloudflare WAF and Security Analytics Demo (3 min)

Cloudflare WAF with WAF Attack Score and Security Analytics enhance Cloudflare security capabilities. Security Analytics brings together all Cloudflare security detection capabilities in one place to show a detailed understanding of a site's traffic and threats. WAF Attack Score via machine learning scores every request with a probability of it being malicious. Cloudflare WAF rules can be configured using WAF attack score and/or bot score allowing for granular security policies.

When internet security is a requirement, look to dedicated fiber

With increased dangers lurking in digital spaces, the need for cybersecurity is now a commonly known fact for just about all business owners. When it comes to protecting their network, most start with the basic firewall. While added layers are required, there is something even more fundamental that should not be overlooked: the physical connection itself. It is like making sure you have secure and quality doors and windows prior to putting alarms on them.

Forward Networks

Mergers don't have to be a nightmare for IT teams

When it comes to merger and acquisition activity – 2023 is poised to be an active year despite uncertain macroeconomic conditions. As always, financial due diligence will be the cornerstone of successful M&A endeavors. Unfortunately for IT teams, there’s no similar process for scrutinizing the network.


Make your FortiGate firewalls work with Kubernetes: How Calico enables Fortinet firewalls to secure Kubernetes workloads

FortiGate firewalls are highly popular and extensively utilized for perimeter-based security in a wide range of applications, including monolithic applications developed and deployed using the traditional waterfall model. These firewalls establish a secure perimeter around applications, effectively managing inbound and outbound traffic for the organization. FortiGate relies on IP addresses for implementing “allow/deny” policies.