Juniper Networks has announced a patch in response to unauthorized code detected in its ScreenOS software, which...
is used in NetScreen products. The code -- linked by some to the U.S. National Security Agency -- was included in multiple versions of ScreenOS, stretching back to 2012, and could permit hackers to decrypt traffic running through a VPN over Juniper firewalls.
"This malicious code could allow a knowledgeable attacker to circumvent the security of those products. Once we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of ScreenOS," said a spokesperson in a statement about the Juniper firewalls patch.
In response to user queries suggesting that the new code was insufficient to seal the vulnerability, Juniper insisted that it is confident in the patch. According to Juniper, the Dual EC and ANSI X9.31 patches in ScreenOS will remediate VPN decryption and unauthorized administrative access issues. The changes will incorporate random number generation technology seen across other Junos OS products, aimed at improving the integrity of Juniper firewalls.
IT employment statistics show uneven IT growth
In a recent analysis issued by Foote Partners, the research group took a closer look at U.S. IT employment statistics based on December 2015 figures issued by the Bureau of Labor Statistics. While unemployment overall stabilized at a healthy 5% nationwide -- down significantly from the 2008 recession -- the end of 2015 witnessed very little growth overall in IT jobs. Looking across four career categories -- management and technical services, data processing, telecommunications and computer systems design -- the number of jobs added in November and December stood at 11,300 and 6,100, respectively, far lower than the 16,300 IT jobs added in October.
According to Foote Partners, 93% of all IT job growth in the past 12 months has occurred in just two categories -- management and technical consulting services, which added 4,200 jobs, and computer systems design, which added 3,000 jobs in the final two months of the year. In stark contrast, categories such as telecommunications and data processing, hosting and related services lost several thousand positions at the end of the year, and averaged growth of only 1,058 jobs per month.
Aruba equips the U.S. Army
Aruba Networks said the U.S. Army will roll out its Command Post Wi-Fi software to support its units worldwide. The move to the 802.11ac-compatible platform is expected to substantially cut the time needed for a unit to set up a Wi-Fi network, and will eliminate the need for specialized CAT5 cabling and flooring during operations.
The software also supports NSA Suite B, also known as Commercial Solutions for Classified, which is a system of publicly available algorithms that support encrypted data transmission over military Wi-Fi. The NSA-supported Command Post Wi-Fi will be delivered to the Army in kits, comprising indoor and outdoor Gigabit Wi-Fi access points, Aruba's 7000 series cloud services controllers, and firewall and policy applications. Aruba's AirWave will be used to manage the networks, Aruba said.
IT trends for 2016 and 2017
Juniper breach drives encryption debate