Archive for June, 2017

“What’s Next” Technology in Your Hotel? Start by Building a Solid Foundation

Monday, June 26th, 2017

By: Matthew FitzGerald, Director Systems Engineering at Ruckus

“What’s next for hospitality?” Our answer covers IoT, 802.3bz, 802.11ax, more content options, plus more smaller devices, and it always includes “and whatever you can imagine!” The follow-up question for hotel owners is, “How do we prepare?” Having your network ready for 5GHz and 802.11ac and understanding the value of in-room access points (APs) are some examples of Wi-Fi readiness.

We believe a solid foundation is critical to the future success of your hotel’s technology strategy. Your network should be able to handle today’s demands and scale up to support future requirements.

Ruckus has been working with hotels on Wi-Fi since the early installation of 802.11b/g. Hotels have transitioned through many Wi-Fi standards and advances: 802.11b to 11g, 11g to 11n, 11n to 11ac and eventually placing more emphasis on 5 GHz over 2.4 GHz. While there have been financial outlays, frustration, mistakes and hard lessons, as an industry, we’ve learned that proper AP placement is the cornerstone for a solid foundation. And, while standards and Ethernet switch architecture evolve, cable foundations provide a great conduit for the coming wave of new technology. It’s yet another layer to build on.

As the next big Wi-Fi protocol update, 802.11ax, hits the market in 2018, the physics of the unlicensed 2.4 and 5GHz bands will remain unchanged and should allow for changing AP endpoints, not the cabling. Moreover, 802.11ax will be doing a lot more in the same spectrum and coverage area.

Having the correct cabling media, power sources, design and architecture is one of the most important decisions you will make concerning Wi-Fi protocols. The Layer 1 choices you make today will impact your network for years to come. We are now seeing APs that are truly over the 1 GbE mark, such as the Ruckus R720 and, in the future, 802.11ax APs. These APs will also require greater PoE power budgets—Ethernet switches will need to provide power greater than 802.3af (15.4W) or even 802.3at (30W), and they will need to support PoH (60W).

Ruckus sees this as a staged process unfolding over the course of several years. To help hotels move in this direction, we have rolled out switches in the ICX 7000 series, which support 802.3bz (2.5GbE over CAT 5e and above) and PoH. As you plan your strategy and budget for Ethernet switching, be sure to include switches with the capability of the ICX 7150 Z-series for key applications such as conference areas.

Yes, more wireless is coming to hotels. At Ruckus, we are doing more with 3.5GHz LTE (OpenG) and radio technologies like Zigbee, BLE, Z-Wave and others. These run on top of the Ruckus platform in a Ruckus framework that provides control, visibility and analytics. The foundation of Ruckus wired and wireless products will allow new radio services to be added quickly and cost effectively to your hotel network. We’re very excited about this development, so stay tuned.

Of course, having this great technology in a hotel without a way to manage it would be like letting heat out of the window in winter. Ruckus offers a suite of software solutions—the SmartZone WLAN System, Smart Cell Insight Analytics and SPoT Location—that work together to provide full control of the system, advanced monitoring and detailed analytics. We continue to develop our products with an eye toward allowing holistic views of all our equipment (wireless and wireline). With many available options—from on-premises equipment to hosted solutions—a hotel can choose the model that fits their needs. Plus, the Ruckus architecture and our advanced APIs enable integration with third-party partner solutions, resulting in an end-to-end networking ecosystem.

Ruckus has been committed to the hotel industry since our inception and continues to focus on this sector.

This article has been taken from The Ruckus Room.

Are we done with WannaCry?

Monday, June 26th, 2017

Several customers and industry analysts frequently ask us (and other vendors) about independent validation of our capabilities. We wanted to share information about a recent test conducted by MRG-Effitas to validate the effectiveness of various traditional and next-generation endpoint security suites against the EternalBlue and Doublepulsar exploits/backdoor. These threats were unearthed by “The Shadow Brokers” hacking group and are said to have been used by the NSA-linked Equation Group to launch cyber-attacks. The EternalBlue exploit received recent worldwide attention due to the WannaCry outbreak that used this exploit to infect over 230,000 machines in over 150 countries.

And unfortunately, WannaCry does not seem to be the end of these threats. Attackers can use these same exploits to not only lock up data to demand ransom but also to steal employee credentials to exfiltrate other sensitive information (think of this as two-for-one attack – advanced threat combined with ransomware). Worse yet, as seen in this particular case, attackers can bypass traditional and next-generation security measures, including hundreds of intelligence feeds. Further, security researchers who’ve tested security tools claim that these threats bypass 99% of security tools out there and we’re likely sitting with thousands more computers infected across several industries.

MRG-Effitas tested for these exploits against various traditional and next-generation endpoint security suites, including SentinelOne, Cylance, ESET, Symantec and others. The tests began in May 2017 – two months after Microsoft disclosed the MS17-010 vulnerability (EternalBlue exploit) and within weeks of the WannaCry outbreak.

The summary of the MRG-Effitas tests are as follows:

  1. We’re happy to see that SentinelOne passed this test with flying colours.
    – In the words of MRG-Effitas: “SentinelOne 1.8.4.6202 was able to block every malicious payload DLL or shellcode introduced to the system via the Eternalblue exploit, by blocking it in a generic way. Both original Eternalblue with Doublepulsar and Metasploit port was tested. SentinelOne not only blocks the Meterpreter payload but the original Peddlecheap payload as well. As more and more tests were ongoing, we have seen that multiple (typically next-gen) products were able to block the Meterpreter payload loading in a generic way, but not the Peddlecheap one.”
  2. Other traditional endpoint security suites such as ESET and Kaspersky also stopped the backdoor from being installed.
  3. Symantec EPP seems to have failed with blue-screen-of-death when run within VMWare, but caught the attack on a physical endpoint.
  4. Cylance was the only vendor that failed this test.
    – In the words of MRG-Effitas: “The interesting part of the video starts at 5:00. The Doublepulsar backdoor is already installed and this means the system is already compromised and it would appear that Cylance did not realise this.”
    – The video referenced above is Cylance’s video on WannaCry protection

One of the other pieces explored by the blog is looking beyond the tactics used by WannaCry to other capabilities that may be exploited in the future. For instance, WannaCry is a strain of Windows ransomware that took advantage of the EternalBlue exploit along with a file-based payload. However, the EternalBlue exploit could easily be used with fileless (in-memory) malware that can completely work around the defenses of solutions that miss the exploit or focus on file-based detection. This methodology is discussed in the blog and was also used in the wild by another ransomware family dubbed UIWIX. In other words, customers without holistic protection will leave themselves exposed to another WannaCry-like attack in the future. So look at your security vendors carefully.

Interested in the versions of Windows impacted by MS17-010 – check out the Microsoft Security Bulletin. The most popular versions, such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2016 and Windows 10 all have this vulnerability. It’s obviously wise to get the patches and updates installed as soon as possible.

To learn more about how SentinelOne can help, check out our Endpoint Protection Platform online or our datasheet.

Related Posts

What is Next Generation Endpoint Protection?
By now you have probably heard the term “Next Generation Endpoint Protection. A slew of…

Why Anti-Exploitation Only Solves Part of the Endpoint Security Problem
In July Microsoft introduced an updated version of its Enhanced Mitigation Experience Toolkit (EMET), designed…

The First AV-TEST Certified Enterprise Anti-Virus Replacement and Next Generation Endpoint Protection Platform IS HERE
AV-TEST, a leading independent anti-virus research institute, has awarded SentinelOne EPP the Approved Corporate Endpoint…

Post published by Rajiv Raghunarayan and SentinelOne. View the original article.

Ruckus adds Multi-Gigabit Networking Solution to its High-Performance WiFi Portfolio

Wednesday, June 21st, 2017

Ruckus, announced it now offers both wired and wireless networking for enterprise, hospitality, service provider, government and small-and-medium business (SMB) customers worldwide.

By combining its industry-leading wireless products with the ICX® wired switching portfolio from Brocade, Ruckus now offers a complete line of high-performance access infrastructure designed to optimise the end-user experience, simplify network setup and management for IT managers, and help business leaders deliver great experiences for their employees, guests and customers.

As part of its expanded offering to deliver simply better connections, Ruckus announced a new multi-gigabit solution that delivers more efficient performance while providing flexible scalability and simplified management to meet the needs of businesses and organisations of all types and sizes.

“The expansion of Ruckus to include both wired and wireless products is a tremendous opportunity for us to carry forward the outstanding ICX product line and technology innovation we have gained as part of Brocade,” said Dan Rabinovitsj, chief operating officer of Ruckus

“Combining the product lines means we can offer our partners a comprehensive set of access infrastructure and meet customers’ networking needs beyond simply wireless, without sacrificing performance. Our new multi-gig solution sets the tone for the type of innovation to come.”

The new ICX 7150 Z-Series switch and Ruckus R720 access point (AP) together solve the problems associated with increasing device densities and bandwidth-consuming applications by maximising network access performance with a complete multi-gigabit 802.11ac Wave 2 solution. The Ruckus solution does not require the need to rip and replace existing CAT 5e cabling infrastructure – the switch and AP can simply be dropped into current environments, thus substantially saving costs and installation time while increasing performance.

The latest addition to the Ruckus portfolio also includes Cloudpath Enrollment System software, a security and policy management platform that enables organisations to easily establish secure, policy-based access for all wired and wireless devices. Cloudpath is infrastructure-agnostic, allowing organisations to apply a single unified approach to device security and policy, regardless of client OS or underlying networking infrastructure.

“The announcement that Ruckus will expand its solution set by fully incorporating wired Ethernet switching into its portfolio makes absolute sense and was expected as part of the acquisition announcement from ARRIS earlier this year,” said Nolan Greene, senior research analyst, IDC. “With this new multi-gig solution, Ruckus is formally expressing its intent to be a dominant player in the network access infrastructure market for its target segments—education, hospitality, service provider, government and SMB.”

Optimising Wired and Wireless Access

End-user quality-of-service expectations are increasing but IT budgets and time aren’t rising with them. Ruckus has developed two new products designed to work in combination to deliver the performance end users expect with the scalability, manageability and value IT departments require:

Ruckus ICX 7150 Z-Series Switch. A full-featured layer 3-capable 48-port switch that includes sixteen 2.5 GbE ports and thirty-two 10/100/1000 ports. The 7150-Z includes dual hot-swappable power supplies and fans and is stackable with other switches in the ICX 7150 family. Eight 10 GbE uplink/stacking ports doubles stacking and uplink bandwidth over previous ICX 7150 models.

Ruckus R720 Access Point. A 4×4:4 dual-band 802.11ac Wave 2 AP with one 10/100/1000 and one 2.5 GbE port. Featuring patented BeamFlex+™ and ChannelFly™ technologies, the R720 is capable of 160MHz and 80+80MHz channelization and is designed for use in high-density indoor applications.

When paired, the new switch and AP uniquely solve the IT challenge of accommodating spiking network traffic—caused by increased device density and bandwidth-intensive applications—while minimising deployment time and expense.