Blog

Hot topics, tested products, and Miercom news

Written by Ed Mier, Founder of Miercom
Does it make sense to implement a router in software? And if so, under what conditions? Hardware routers will always outperform software-based routers, by a factor of 20. It’s like pitting a Maserati against an off-the-lot Chevy. Hardware routers were built for speed.

Cisco has focused its CSR 1000v on public cloud deployment, like AWS. That’s because the customer doesn’t control the networking or their network access to the public cloud service. Putting a software router in a virtual partition on an AWS server can extend your private network reach into the cloud.


Cisco runs its software router over the IOS XE router operating system. It comes as a software module in with the CSR 1000v package. It brings almost all the functionality of IOS XE – some 3,000 features by last count.


Since mobile and personal devices are becoming an increasingly integral part of network endpoints, enterprise networks require a complex, integrated approach to secure valuable information. Without proper prevention, sensitive organizational data is vulnerable to attacks that traverse more than just a network gateway.


So what did we test?


Two different cloud environments. First we created a simulated private-cloud environment, running Red Hat Enterprise Linux atop Cisco UCS C200 series servers. We then tested it on Amazon Web Services (AWS), a public-cloud environment where users don’t have nearly the same access to, or control over, the nuts and bolts of the server hardware or network as in a private-cloud setting.



So, yes, software-based routers do have their place. The technical skill in tuning and tweaking them to achieve optimum performance when running on x86 Intel virtualized servers will remain a major challenge.


How about the settings themselves? What can users do to optimize their Cisco software router’s throughput? Well, there’s some expected configuration settings, and some not so expected.


We did see appreciably more throughput with more virtual CPUs. On AWS, going from two to eight vCPUs increased throughput tenfold. In the private cloud going from two to eight vCPUs usually at least doubled throughput. And a faster CPU will yield higher throughput. It’s almost linear: we saw a 37-percent increase in CPU speed yield a 30 percent increase in throughput.


But did you know that you’ll get better throughput – 10 to 20 percent in fact – by setting the server to a modest Packet Drop Rate (PDR) – we used the industry standard 0.01 percent drops – than using a No Drop Rate (NDR)? And do turn on SpeedStep and Turbo Boost; you’ll see another increase up to 30 percent in throughput.


Want more ways to optimize performance? Download the Cisco CSR 1000v report!

/ Blog

Nearly 1 million new devices are being infected daily by Hummer, a mobile trojan juggernaut, that has earned hackers nearly $500,000. Malicious apps, games, and pop-up adverts are installed onto smartphones remotely, posing as apps like Facebook, WhatsApp, and Uber. And they are almost impossible to get rid of.

This detailed monthly log shows the number of infected devices from 2014 to 2016.



An essential component of today’s communication is mobile devices. As such they are a prime candidate for hacking. The exploitation of these smartphones, tablets and similar devices can cause major disruptions to business services, as well as serious data breaches.


Since mobile and personal devices are becoming an increasingly integral part of network endpoints, enterprise networks require a complex, integrated approach to secure valuable information. Without proper prevention, sensitive organizational data is vulnerable to attacks that traverse more than just a network gateway.


Miercom evaluates Mobile Threat Protection solutions in many scenarios. What techniques are used to detect vulnerabilities? How is malicious activity prevented? Is confidential information stored securely? What type of network communications are used to transfer data? These are but a few of the areas of concern that can be thoroughly evaluated to assuage the concerns of your clients.


With Miercom testing, companies and consumers alike learn what products offer the best protection from the latest malware and which method is the best solution for their specific environment.

Sources: http://thehackernews.com/2016/07/android-hacking-tool.html & href="http://bgr.com/2016/06/30/android-hummer-trojan-malware/

/ Blog

Target, Home Depot, Anthem, what do these companies have in common? They have all been hacked on a massive scale – incurring millions of stolen confidential data files, usernames, personal ID numbers and credit cards. With more of these breaches occurring, and on such a large scale, it is important to know if security products in your enterprise can protect against data loss.

Data Loss Prevention (DLP) testing is available at Miercom, evaluating an integral piece of a comprehensive security solution. Our new testing will assess the DLP of a security product for its ability to determine where in your network sensitive data is being extracted and preventing it from getting into the wrong hands.


Why is this important? With all of our personal information being stored online whether it is in emails, or store accounts it is becoming more and more accessible to hackers. Studies have shown that 87% of people in the United States can be exploited or fall victim of identity theft or cybercrime, just by obtaining a few pieces of personally identifiable information (PII). Using network attacks to extract personal information, or sensitive data, makes identify theft and ransom tactics even easier for criminals.


In 2015, there were a total of 781 data breaches - the highest on record since 2005. Personally Identifiable Information (PII) and Intellectual property are the two largest types of breaches that occur.


Miercom will use a set of yet unique scenarios that will recreate breaches to analyze how secure and efficient a product is against network vulnerabilities that lead to these breaches. With this testing consumers will be able to see how leading products in the industry compare and handle security breaches. And companies will be able to find out whether or not their product will be able to prevent or stop the attack in progress.


Security breaches are becoming more and more common, but now it is time to make them a thing of the past with Miercom’s data loss prevention testing. For more information on Miercom DLP testing please email reviews@miercom.com

/ Blog

Lookout announced yesterday that they will be partnering with Microsoft to integrate Lookout Mobile Threat Protection with the Microsoft Enterprise Mobility Suite (EMS). With the new integration of the two mobile platforms, these two companies aim to give enterprises an easier way to protect and manage sensitive data.

Mobile devices are an essential part of modern day communications, transactions and production. They are one of the target surfaces for hackers today and the threat of exploiting mobile devices poses risks to organizations including data loss, and disruption of business services.


Miercom recently tested Lookout’s consumer product, Lookout Personal for Android, against other leading solutions, and the detection and performance features of their consumer product met or exceeded expectations earning it the Miercom Certified Secure certification. Lookouts ability in this test to detect 100% of Android malware samples delivered via FTP, USB, email, Bluetooth, HTTP/HTTPS and TeamViewer gives us confidence that Microsoft has made a wise choice in their mobile security partnership with Lookout.


Lookout and Microsoft hope to make the lives of IT and security leaders easier with this new partnership, as Michael McBride SVP of Worldwide Field Operations wrote on the Lookout blog: “The Microsoft and Lookout integration will give business customers peace of mind: employees will benefit from the freedom and flexibility of mobile productivity, and mobility teams will get the comfort of knowing those devices are comprehensively secure.”


For more information please visit https://blog.lookout.com/blog/2016/06/07/microsoft-partnership/.


For more information on Miercom Security Testing please visit http://miercom.com/certifications/#secure. Or email reviews@miercom.com

/ Blog, Lookout, Microsoft, Vendor

Leave a Reply