Blog

Security teams managing Cisco infrastructure have yet another reason to stay on high alert. The networking giant has disclosed a newly discovered vulnerability that is already being exploited by attackers, despite the absence of an official security patch. The flaw affects Cisco Catalyst SD-WAN Manager and adds to a growing list of security incidents targeting enterprise networking platforms in recent months.

A few days ago, a fascinating — and honestly terrifying — story emerged from Luxembourg.

According to investigations reported by The Record, a previously unknown vulnerability affecting Huawei enterprise routers allegedly caused a nationwide telecom outage that disrupted mobile networks, landlines, Internet access, and even emergency communications for more than three hours.

Let that sink in for a second.

Not a ransomware attack.
Not a datacenter fire.
Not a massive DDoS.

A router vulnerability.

More specifically, specially crafted network traffic reportedly triggered Huawei devices into continuous reboot loops, effectively collapsing critical telecom infrastructure across the country.

And the most concerning part?

Almost a year later:
- no public CVE exists,
- no public advisory was released,
- no clear disclosure process happened,
- and operators worldwide still have very limited visibility into whether similar infrastructure remains exposed.

This incident should be a wake-up call for the entire industry.

The Internet relies on IP (Internet Protocol) addresses to allow devices to communicate. However, the rapid growth of connected devices has created a major issue: the exhaustion of available IP addresses.

While IPv6 was introduced to solve this, its adoption has been slow. A new proposal, IPv8, aims to provide a simpler and more practical solution.

Servers get patched. Workstations get patched. But firmware on your switches, routers, firewalls, and access points? That's the blind spot that attackers know about — and most security teams don't.
ConnectMyAssets is the only platform that gives network teams real firmware-based vulnerability tracking — including End-of-Life detection — across their entire network infrastructure.

Digital sovereignty is no longer just a strategic concept—it’s a critical requirement for any organization that wants to stay in control of its infrastructure, its data, and ultimately its future.

Yet today, many companies unknowingly give up that control.

They rely on vendor platforms to manage their network equipment, store their data, and define how their infrastructure operates. What seems convenient at first quickly turns into dependency.

Modern enterprise networks are more complex than ever.
Switches, routers, firewalls, trunk links, VLAN segmentation, wireless infrastructure… all these components create environments where understanding the real network architecture becomes difficult.
Yet many organizations still rely on static network diagrams created in tools like Visio or Draw.
The reality is simple:
Static diagrams cannot keep up with modern networks.

Managing network infrastructure securely is a critical responsibility for IT and network teams. Firewalls, routers, switches, and other infrastructure devices are the backbone of an organization's connectivity, and unauthorized access to these systems can lead to serious security incidents.
One effective approach to strengthen security and control administrative access is the use of an SSH bastion host.

In today’s cybersecurity landscape, corporate networks are under constant pressure from internal and external threats. While firewalls and antivirus solutions remain essential, they are no longer sufficient on their own.

One of the most critical — yet often underestimated — security mechanisms is Network Access Control (NAC).

NAC ensures that only authorized and compliant devices can access your internal network.

Without it, your LAN becomes an open door.

As enterprise networks grow in size and complexity, traditional manual provisioning methods are no longer sustainable. Configuration errors, security gaps, and slow deployments can quickly become major operational risks. Zero Touch Provisioning (ZTP) addresses these challenges by automating device onboarding, ensuring configuration conformity, strengthening security, and dramatically reducing deployment time.

In large enterprise environments, firewall rule bases rarely fail because of a single bad decision. They fail because of accumulated complexity, lack of discipline, and rules that outlive their original purpose.

As networks grow — more zones, more applications, more cloud connectivity — firewall rules often turn into a catch-all configuration layer. What started as a structured security policy slowly becomes a maze no one fully understands anymore.

This is not just messy. It is dangerous.

For decades, SNMP (Simple Network Management Protocol) has been the backbone of network monitoring. It powered dashboards, alerts, capacity planning, and fault management across enterprises and service providers alike.
And yet, despite its long reign, a growing consensus is emerging in the networking community:
SNMP is no longer fit for modern networks.
It’s not that SNMP suddenly stopped working. It’s that the world around it has fundamentally changed — and SNMP hasn’t kept up.

In modern network design, Virtual Local Area Networks (VLANs) are essential for improving performance, enhancing security, and simplifying management. By segmenting traffic into logical groups, VLANs isolate network domains, reduce broadcast traffic, and give administrators granular control over data flow.

In today’s networked enterprises, the real challenge isn’t just connecting devices — it’s governing complexity.
With multiple vendors, evolving firmware, and growing compliance requirements, IT teams often lose visibility and control.
This article explores how ConnectMyAssets brings back operational freedom through open standards, compliance, and interoperability, breaking away from the limitations of vendor-locked solutions.

Access Control Lists (ACLs) are a quick, low-cost, high-impact way to restrict who can reach your devices’ management interfaces. Apply ACLs to management VLANs or interfaces to allow only a well-defined admin subnet.

Ever caught yourself typing “enable” on a switch that still uses a local admin password from 2012? Yeah… same.
The truth is, most of our network gear still trusts anyone who knows a single password — and that’s terrifying.
Enter TACACS+, the protocol that gives your switches trust issues (in a good way). It centralizes authentication, tells each admin exactly what they can or can’t do, and keeps a detailed log of who did what. Because when something goes wrong, “I don’t know who changed that” isn’t an acceptable answer anymore.

In 2025, cybersecurity giant F5 Inc. confirmed that it fell victim to a highly sophisticated, nation-state–level cyberattack.
The attack, described as one of the most significant in the company’s history, exposed critical internal assets and triggered an international cybersecurity response.

DHCP Snooping is a security feature that plays a critical role in protecting local area networks (LANs).
Commonly enabled on access or distribution switches, it acts as a barrier against rogue DHCP servers and ensures that clients receive legitimate IP addresses.
This article explains:
- What DHCP Snooping is
- Why it is essential in enterprise networks
- How to configure it correctly, with a practical Aruba CX example
---

VLAN 1 may look harmless — it’s the default VLAN on almost every switch.
But tagging VLAN 1 on uplinks can cause interoperability issues, packet drops, or even security risks.
Here’s why you should never tag VLAN 1 — and how Aruba CX handles native VLANs differently.

A critical vulnerability (CVE-2025-20352) in the SNMP subsystem of Cisco IOS and IOS-XE is being actively exploited by threat actors.
This flaw enables remote code execution or Denial of Service through a single crafted SNMP packet.
With over 2 million Cisco devices exposed online, the attack surface is massive — and the urgency to patch is immediate.

In modern network environments, visibility and logging are critical. Whether managing a LAN, data center, or WAN backbone, Syslog provides a standardized, lightweight, and powerful way to collect and centralize event data from routers, switches, and firewalls — essential for troubleshooting and cybersecurity.

The NIS2 Directive introduces stricter cybersecurity requirements for critical infrastructure. Learn how to ensure compliance for your network operations.

Network configuration backups are more than disaster recovery — they’re a pillar of operational resilience and compliance. Learn how to design, automate, and secure configuration backups across multi-vendor environments with proven industry best practices.

Managing networks built from different vendors is a daily challenge for enterprises. Learn how to overcome fragmentation, improve automation, and standardize operations across heterogeneous infrastructures.