Blog Archives

The Basics Of Out-Of-Band Management

Out-of-Band management provides enterprises with secure access to critical devices, even during a disruption. When was the last time you had an outage? Everyone’s gotten that call at 3 AM telling them that a server or a network device is down. Driving or even flying to a data center or remote site can be time consuming and expensive, with just one hour of downtime costing an average of $260,000 per hour.[1] The site could be far and without the proper network visibility, they might not have what’s needed to remediate the problem. An Out-of-band network solves that challenge.

In-Band Management

In-Band management involves managing network devices through protocols such as https, web browser, telenet or SSH, administering the network via the LAN. Data and control commands travel across the same network route which means it has the same security vulnerabilities as the data plane. If that occurs, engineers could be locked out of the management plane. When an organization relies on their production network to manage their everyday network, if a disruption occurs, critical devices can’t be accessed, which puts business at a standstill.

Many enterprises that aren’t using an Out-of-Band management system are reliant on Plain Old Telephone Service (POTS) lines. Cost and reliability are some of the main reasoning in moving from this solution because maintaining these copper lines for carriers is expensive. Since 2018, the major carriers are no longer installing or maintaining existing POTS lines. This means that services and maintenance prices, which are already costly, may increase.[2] Any IT team that needs to maintain POTS lines is faced with expenses incurred from purchasing everything needed for onsite hardware. On average, it can cost between $50 and $100 a month for one POTS line, keep in mind, you’ll need two.[3] These are just a few reasons why organizations are looking at alternate, more reliable solutions to provide network resilience.

Out-of-Band Management and Failover To Cellular

Out-of-Band management provides a secure, remote connection to IT network environments during outages or disruptions in communications to the primary WAN/LAN connection. This is accomplished through the use of serial console servers (sometimes called terminal servers) which provide an alternate path of remediation for critical network devices through a separate management plane, often through a 4G LTE cellular connection. This ensures organizations with uninterrupted availability and network resilience. Implementing Out-of-Band management is simple, it’s done by placing console servers at each location and connecting them to routers, switches, and other key hardware.

Out-of-Band provides presence and proximity to these devices, with an appliance at every compute location, physically connected to critical network devices at the site. The independent management plane provides the core team with secure access to equipment remotely. This can be used for Day One, everyday management, and during network events. Remote equipment such as routers, switches, and servers are accessed through the management plane, without the need of directly accessing the device’s production IP address, also it is independent of the primary ISP connection that an organization uses. It is completely separate from the production network and allows engineers to monitor and manage devices without relying on the data plane.

Why You Need An Out-of-Band Network

So what are some other reasons why an enterprise would want an alternate way to access their equipment? There are a few reasons:

Security: Breaches are increasing, and a threat to organizations in every industry. If all of the administration or management ports are connected to the production network and an attack occurs, they can try to access your IT infrastructure. Whereas if the port is connected to an Out-of-Band management system, the LAN can’t access any administration consoles on that equipment. Since it separates the user and management traffic, engineers can lock down parts of the network, restrict access, and secure the management plane.

Business Continuity: If an incoming network feed is compromised – maybe a backhoe cuts it, and an organization’s ISP connection goes down –  how do business functions continue without being impacted? Out-of-Band management ensures that a tech doesn’t need to be sent onsite and remediation can be done remotely. Combined with 4G LTE, enterprises have a secure, alternate access path and Failover to Cellular provides the bandwidth necessary to ensure processes continue to operate during a disruption.

Enterprises are constantly looking at IT teams to cut costs and still provide always-on network availability. The initial expenses incurred during the rollout of Out-of-Band management will pay for themselves once deployed. Organizations will have better availability, reliability, and dependability, all at a fraction of the cost of POTS lines.

So let’s go back to our original question, when you’re woken up with a phone call in the middle of the night, how are you addressing the issue? If you don’t have Out-of-Band, you’ll have to roll a truck, the cost of this is $1,000 or more per event. [1] This is costly and with current travel restrictions in place, getting on-site is even more time-consuming. Every minute the network is down, money is lost and there’s no business continuity.

Out-of-Band allows you to identify and remediate the issue remotely, reducing the need for a truck roll. The increased visibility and remote management capabilities will help make your life easier, without having to rely on antiquated modems. Allowing for configurations to uploaded remotely, powering cycling routers and resetting equipment engineers can do all necessary tasks from one central location. You need a network that is always on and constantly available, go here to learn how Opengear’s Smart Out-of-Band management can help.





The Necessity Of Network Resilience in a Distributed Enterprise

distributed network with headquarters and multiple branch offices on a hexagonal gridThe choice of a distributed architecture for an organization is usually determined by the business requirement to support its remote office base at the same level as its main office. Branch offices broaden the reach of the business and are usually a sign of successful business growth. However once the decision to expand with branch offices has been taken, these offices instantly increase the responsibility of the IT/Network Manager who has to ensure (more…)

NetOps For Your Network

We’re proud to be the market leader in Out of Band Management, knowing that our customers rely on us to ensure always on access to their network. As demands increase and new network requirements emerge, we’ve continually evolved our solutions to meet those needs, such as being the first to offer an embedded LTE cellular module. And now, we’re excited to announce the next evolution of Smart OOB, with our new NetOps Console Server.

NetOps For Your Network

An Out-of-Band network is no longer just a response for those 3am calls, to get quick access to your network in an outage. From secure Day One deployments, to every day management of your devices, Out-of-Band and NetOps functionality is always useful 24/7, no matter what is happening.

The new NetOps Console Servers (our OM appliances) provide the secure access to console ports you expect from an Opengear solution, plus the automation ability of standard NetOps tools. Engineers can now deploy one appliance at each location, which will provide them with secure remote access. It will also enable presence and proximity which will serve as a base for programmability and automation of network management. Running on a x86 CPU, they support off the shelf Docker applications and a Python runtime environment.

These new console servers add a level of intelligence beyond normal Out-of-Band management:

OM1200 NetOps Console Server

Providing presence and proximity at every location, the OM1200 appliance is specifically designed for secure edge deployments, with 4-8 serial ports and a 4-8 port ethernet switch. Used in combination with Lighthouse Management Software, it is a key component of Opengear’s Network Resilience Platform, supporting the emerging requirements of network management and automation.

OM2200 NetOps Console Server

Combining the capabilities of Smart Out-of-Band and the flexibility of NetOps automation, the OM2200 appliance is built to meet the demands of data centers and high density locations, with 8-48 serial console ports. Like the smaller OM1200, it enables secure automated provisioning over LTE-A before the production network is live

The Network Resilience Platform, from Opengear

The Network Resilience Platform is built on the Lighthouse management software which orchestrates a remote network of Smart OOBTM Opengear appliances and NetOps Console Servers. The platform provides secure access to network devices, and automates common NetOps processes, via a separate management plane independent of the production network.

Why is a separate management plane so important? Current architecture assumes that an organization relies on their production network to manage that same network. This is dangerous because when an issue occurs, an engineer may not have access to that production network. The production network is also accessed by a wide group of users making it vulnerable to hacking. A separate, secure management plane, in the form of an out-of-band management network, ensures access to remediate even during an outage or network congestion. It also allows administrators to lock down many features in the production network to improve security. All network configuration and management is carried out on the management plane, of which access is restricted to only the core network team. You can think of it as “The Network Admin’s Network”.

The Network Resilience Platform allows Out-of-Band to move beyond just emergency access. The platform extends management access to the edge of the infrastructure through an always on management plane that is resilient to disruptions in the production network. Whether it’s for Day One provisioning, responding to a network outage, or every day management of devices, Opengear can handle it. It’s Smart Out-of-Band and NetOps. Together.

To learn more about adding the new NetOps Console servers to your existing IM7200, ACM700 and CM7100 deployments visit:

Ensuring Connectivity In The Age Of SD-WAN

The Software Defined Wide Area Networks (SD-WAN) market is rapidly expanding, becoming the standard in enterprise deployments.  According to MarketsandMarkets1, the global SD-WAN market size is expected to grow from $1 billion in 2018 to $ 4 billion by 2023.

In just the past year alone, we’ve seen a considerable trend when it comes to choosing to deploy SD-WAN and for many reasons. Allowing traffic to be routed over the most cost-effective services, such as broadband, an SD-WAN network can manage multiple types of connections including LTE, broadband and multiprotocol label switching (MPLS) links. Services that require high quality, such as video or voice, or high security, with sensitive information, can still be routed over remaining MPLS lines, although many enterprises are freeing themselves of MPLS entirely, allowing them to invest in Smart Out-of-Band with the savings. Because of this flexibility, SD-WANs can dramatically lessen the cost and minimise the complexity of traditional WANs. However, despite it’s gaining popularity, with deployments in data centers and at the edge, it still needs an alternative path of access to the network in the event of an outage.

SD-WAN Points Of Failure

In traditional branch networking, branch routers can go for years without needing any intervention like configuration changes or firmware updates. But SD-WAN routers are more sophisticated and run a larger software stack. Firmware updates are common which means that there are many more opportunities for things to go wrong. Updates can leave organizations vulnerable to potential downtime; and visibility blind spots can decrease the effectiveness of deployments, creating security challenges.

SD-WAN also needs additional security offerings to protect an enterprise. The primary SD-WAN connection must be secure and must be added to any other security solution being deployed. These devices are usually fully meshed which means that compromising one device can give attackers visibility into the traffic flow from across the enterprise.

The Smart Solution

Smart out-of-band management by Opengear allows enterprises to bypass these common limitations. Not only does it provide an alternative path to devices located at remote sites when the primary network is down, helping mitigate the risk that SD-WAN can bring, it can also help facilitate access to edge infrastructure to ensure business continuity.

Attaching Opengear to SD-WAN deployments:

Diagnoses the issue: If a disruption occurs and the internet link isn’t connected, outages are detected immediately. Paired with Lighthouse Centralized Management, administrators are able to identify issues and remediate them remotely without having to roll a truck out to a site.

Allows for always-on access: Failover to Cellular paired with Smart Out-of-Band ensures uninterrupted availability for remote networks with 4G LTE. This allows organizations to continue business as usual while the primary internet connection is down.

Decrease costs: A Smart Out-of-Band solution costs less to deploy and operate. A truck roll and a few hours offline can cost an organization thousands of dollars.

Designed to provide the needed resilience at the edge, Smart Out-of-Band by Opengear is scalable, providing the ability to manage infrastructure at distributed sites. Troubleshooting and remediation at the network’s edge enables organizations to detect faults before they become failures which minimizes downtime and operating costs.

Providing organizations with always-on connectivity and increased resilience in the event of an SD-WAN network failure, Smart Out-of-Band is able to ensure that infrastructure is accessible from anywhere during an outage. This resilient backup connectivity allows enterprises to reduce the time-consuming nature of dispatching engineers to data centre sites to make configuration changes and trouble-shoot issues for business continuity. Smart Out-of-Band and Failover to Cellular™ ensures that SD-WAN continues to operate when all other circuits are unavailable, providing the always-on access needed at the edge. So the next time you’re deploying SD-WAN, remember to attach Smart Out-of-Band.


The New Americas 2020 Value-Added Reseller Partner Program

Bryan Keepers
Director, Channel Sales Americas

Opengear’s channel program has continued to see exponential growth over the past few years. To continue to facilitate this and show our commitment to our partners, we’ve built a new Americas Value-Added Reseller Partner Program. Launched on March 1st, the enhanced Partner Program includes a new Reseller Elite tier and wide array of new benefits for all Opengear resellers. To learn more about it, I sat down with Bryan Keepers, Director of Channel Sales, Americas.

1. What was the catalyst that made you decide to enhance the Partner Program?

As our partnerships and revenue continue to grow, we feel that it’s important to continually add new benefits to the program. We also feel that it’s critical to reward our top partners who are most successful at positioning Opengear solutions as an essential component to network resilience strategies.

2. Can you discuss the new tier?

We’ve added a new tier to our program, Elite and enhanced the benefits in our Premier tier. Partners qualify for those levels based on several factors including the amount of Opengear solutions that they’ve sold in the previous year as well as our access to their sellers. Revenue and access dictate which tier they fall into. The overall relationship is ultimately the deciding factor into where they are placed in our program.

3. What are some of the new benefits of the Partner Program?

To decide on these new benefits, we took a look at what would really reward our partners and how we can better assist them. There’s a wide range of benefits and tier level dictates which are available to each partner.

Premier Partners receive:

Elite Partners receive all the benefits that Premier Partners do along with:

Again, these are just a few of the benefits our partners will have access to with our new program.

4. What are some differentiators between Opengear’s Partner Program and others?

Our new program is unique in that both our partners and Opengear have more skin in the game. This will strengthen our relationships and also allow us to hold each other accountable for success together. Some of our main differentiators are:

5. Looking to the future, what are your ambitions for Opengear’s Partner Program?

Opengear is continually growing, just look at our recent acquisition by Digi, and our channel is a major factor in that growth. For the future, I’d like to continue to add activities and enhance our offerings to help better position our channel partners with the customers to win the business. We’ll realize the greatest success through continual communication and support.

To get all the details on our 2020 Value-Added Reseller Program for the Americas, take a look at our Partner Page!

Top Healthcare Network Challenges

In healthcare, patient needs are constantly evolving. To meet these demands, these institutions are taking advantage of emerging technology which has essentially changed the landscape of the industry.

From IoT devices to Electronic Medical Records to Picture Archiving Systems, bandwidth intensive applications are digitally tying together healthcare systems. The constant addition of new applications can improve greatly improve patient care and also create challenges with the network. Some of the top network challenges are:

System interoperability

In healthcare deployments there are on average more than 20 different operating systems. It’s predicated that by 2025, IoT in the healthcare sector will reach $534 billion.1 As these devices continue to get added to these networks, the ability to exchange and interpret data acquired from each application becomes more challenging. In order to ensure the efficient transmittal of real time data collected, these devices must be able to speak the same language.


Healthcare is one of the top two industries affected by cyberattacks, with more than 190 million patient records stolen since 2009.2 Due to the large amount of patient data being constantly collected, healthcare has become a target for hackers. Not only do applications such as EHRs contain sensitive patient records, they also have valuable financial information. Due to this, the industry has unique compliance and security challenges. Any type of security breach could leave facilities that are not compliant with Health Insurance Portability and Accountability Act (HIPPA) standards could result with up to $1.5 million in fines.3 Governing health related transactions and procedures, healthcare facilities must adhere to these requirements to ensure that patient records are protected. The HIPPA security rule require that each healthcare organization creates a contingency plan to ensure that if a disruption does occur business processes remain uninterrupted.


Connecting devices to the internet and ensuring that they are receiving the strongest signals possible is a constant challenge in healthcare. It’s important to understand that not all mobile and connected devices can be treated the same way. The only way for these devices to function properly is to have constant and dynamic network connectivity.

When Every Minute Counts, Rely On Opengear

Opengear solutions are the foundation of a contingency plan. Lighthouse Enterprise provides full visibility of an entire healthcare network while Smart Out-of-Band enables engineers to remotely monitor and manage any IT issues that may occur. Paired with Failover to Cellular™ which provides always-on availability with 4G LTE, healthcare organizations are able to continue business operations while the issues are remediated.


Network Disaster Recovery Planning

Hurricane season is well underway with Barry, Dorian and Humberto having already hit and deluged most of the Bahamas and the southern United States, there’s still a total of 22 more predicted storms to hit before November. These storms leave a large wake in their path and enterprises are not exempt. According to the Small Business Administration, 45% of businesses don’t reopen after they experience a disaster.1 A network Disaster Recovery Plan (DRP) helps to protect IT infrastructure, ascertain organizational stability and establish systematic disaster recovery.

Whether it be to meet compliance requirements, adhere to customer agreements or to implement best practices, many organizations have a network disaster recovery plan in place.

An IT disaster recovery plan must take into account how to:

Types of Plans

There are a variety of disaster recovery plans, each influenced by the systems relied on by an organization.

Virtualization Disaster Recovery

An organization can quickly and easily begin their recovery efforts by placing a virtual server on reserve or in the cloud to reduce the need to recreate an actual server if an issue occurs. Take stock of the virtualization platforms in your environment with the backup and recovery tools used by each. A plan can be created to get virtual workloads back up and running.

Data Center Disaster Recovery

A plan for data center disaster recovery includes IT systems housed in a computing facility. It involves the building itself, utility providers, backup power, security and support personnel. This requires input from IT teams, facilities management and security providers.

Network Disaster Recovery

A disaster can affect servers, applications and services that depend on network connectivity. This type of plan takes into account contacting the proper IT personnel and getting network equipment replacements to get the network back up and running.

The main purpose of a network disaster recovery plan is to ensure services can continue to be delivered despite a disruption through network connectivity. Whatever type of plan you choose to implement for your organization, there must be a solution in place to ensure always-on, secure access.

Disasters come in different forms which makes it difficult to predict what their potential impact could be and how to best address network issues that may arise, however Opengear solutions provide cellular to your critical devices in every situation. Opengear solutions should be the foundation of your plan. Once that is in place and the other necessary considerations are added in, the plan should be documented and tested in advance which will help expedite the process when an actual disaster strikes. The three main components that should be addressed in a recovery plan are data, systems and people.

Creating A Disaster Recovery Plan

To get started with creating a disaster recovery plan to meet the specific needs of your organization there are a few steps to follow.

Complete A Risk Assessment

Create a risk assessment that details the likelihood of a disaster.

Collect Data and Document

Document and collect the information needed to create your plan. This may include taking inventory of servers, network diagrams and floor plans.

Test Your Plan

In general, it’s ill-advised to crank up the heat in a data center or disconnect a critical server, however there are ways to determine if your plan will work. Hands-on technical tests and tabletop simulations are just a few ways to see if your plan will work.

Opengear solutions should be added to every network disaster recovery plan. Smart Out-of-Band and Failover to Cellular ensure that even during a disruption, the network can be accessed. Visit our solutions page to learn more.


Edge Retail Security Challenges


Retail is one of the top targeted industries for cyberattacks, with more than 50% of retailers having experienced a breach within the past year.1  These cyber attacks have double since 2017, putting retailers of all sizes at risk.2 Large volumes of customer data being transferred between devices and other edge locations have created a feeding frenzy where cybercriminals use all types of threats to break into these networks. Home Depot, Macy’s and Chipotle are just a few of the big players that have experienced significant breaches within the past few years.

Home Depot

POS systems were infected with malware that posed as a an anti-virus software. The cyber attackers stole debit and credit card information from more than 56 million customers.3


Logins and passwords were stolen from sites unrelated to the retailers allowing cyber thieves to hack thousands of customer accounts. Continuing for 6 weeks before being shut down, names and credit card numbers were stolen from the site.4


Cyber thieves used malware to access customers’ payment card information on POS devices for a month. Names and credit card numbers were stolen from more than 2,250 restaurants nationwide.5

Threats to Retail Edge Security

New types of attacks are constantly emerging and finding common gaps within retail network systems. Some of these gaps include inadequate vulnerability scanning, poorly designed networks and using legacy systems without the proper controls. As more resources move to the cloud, attack surfaces will continue to grow in size making it easier for cybercriminals to breach security measures that have been put in place. Some of the largest threats to the retail network landscape are:


Malware attacks continue to increase and this method of attack has also become harder to prevent. This type of cyberthreat occurs when malware is installed onto POS devices to steal large amounts of information.


Much like the name implies, ransomware is when cyberattackers break into an organization’s network and encrypt specific information which can only be unlocked by paying a ransom.

Third Party

This type of attack occurs when a network is infiltrated through an outside partner or vendor that has access to an organization’s systems.

Network Resilience at Remote Retail Sites

Retailers at edge store locations rely on corporate offices to provide technology and protection necessary to ensure the network is up and running. When a breach does occur in an advanced technology environment, many organizations choose to address the specific cause instead of evaluating the network as a whole. Retailers need to have full network visibility in order to ensure compliance, data security and network resilience at each location.

Lighthouse Enterprise ensures that in the event of a hack, network engineers have the ability to:

Ensure that your organization is prepared during the event of a cyber attack. To learn more about how Opengear can ensure always-on access for your remote retail sites, download our whitepaper, Building a Resilient Retail Network.







What the Capital One Hack Means for Financial Networks

One of the largest data breaches ever occurred to one of the largest financial corporations in the country, Capital One. Over the span of two days, more than 100 million Capital One credit card applications were accessed.

The hack occurred in March, however it took months before Capital One was aware of the event. The suspect is Paige Thompson, a 33 year old, former software engineer from Amazon Web Services. By exploiting a misconfigured web application firewall, she was able to access the Amazon server hosting Capital One’s customer information. After hacking into the organization’s server, it wasn’t until July 17, that a tipster informed Capital One of the existence of the stolen information.1 Thompson gained access to credit scores, balances and addresses, along with:

Prevalence of Cyber Attacks

Finance is one of the top targeted industries when it comes to cyber-attacks. These types of institutions have a steady stream of sensitive customer information being entered into their databases making them an ideal target for hackers. Letitia James, General Attorney of New York was asked about the Capital One breach and stated, “It has become far too commonplace that financial institutions are susceptible to hacks, which raises questions like, why are these breaches occurring? Are companies doing enough to prevent future data breaches?

Dangers of Cyber Attacks in Finance

Just last year, more than 2 billion people were affected by data breaches and over the past decade some of the largest attacks have occurred with well known financial organizations such as JP Morgan Chase, Equifax and Citi Financial.2

Not only do these cyber attacks pose as a danger to customers, it also threatens the stability of a network. Downtime causes:

Lost Opportunities

Banks depend on the network for a multitude of reasons such as making transactions, transferring funds or processing applications. Not being able to complete such actions can lead to loss of customers and revenue.

Non-Compliance Fines

Highly regulated industries such as finance, have a large number of regulations to comply with in regards to global privacy, data and security. Any type of network downtime can cause non-compliance and result with million dollar fines.

Extending Your Reach

Many times, these types of disruptions occur in a remote branch, where without the proper solutions, network engineers don’t have the ability to quickly diagnose and remediate the issue. During a cyber attack, visibility is a necessity.

Opengear devices extend your reach, providing full visibility to remote sites. Smart Out-of-Band and Failover to Cellular enable engineers to securely access the network and continue to run applications needed to ensure business continuity while the issue is diagnosed. Providing a wide range of capabilities such as the ability to disable access to the impacted network equipment, disconnect the WAN connection to isolate an affected branch and even reconfigure devices to factory default, Opengear devices ensure that normal business operations aren’t effected by a cyber attack.

As these attacks continue to evolve, the likelihood that your bank may be affected increases.

To learn more about ensuring network resilience for your organization, read our white paper.


SD-WAN Deployments in Finance

Download our White Paper today!

There has been a widespread move towards SD-WAN in the financial sector. An industry that embraced features such as online banking and mobile apps, is continuing the tech forward mindset by using technology to improve network performance, communications and speed. IoT and mobile devices are just a few applications that have increased customer expectations and to continue to meet these, financial institutions must build their online engagement model. As more are added to the network, performance can suffer and onsite technicians distributed sites are few and far between. Providing improved security, reliability and performance, SD-WAN ensures a more streamlined solution with less need for a technician onsite. Additional benefits of SD-WAN for financial institutions include:

Bandwidth Optimization

More than 36% of organizations have chosen to move to SD-WAN because of the optimization of bandwidth.1 Providing the ability to utilize a variety of connectivity options, most jump at the chance to eliminate expensive MPLS circuits, it continually searches for the best path as it carries packets across the network. This is an immediate benefit, as other most other solutions have little capability to actually prioritize the data being carried.

This allows financial organizations to use lower priced bandwidth products, without sacrificing quality or consistency. It also provides consistent communications – with the amount of transactions being processed in finance this is a necessity. Now these organizations like credit unions and banks, with distributed locations, can also switch to lower data packages allowing them to reduce costs and improve communications.

WAN Integration

Finance has a variety of business distribution models – each with challenging network needs. Requiring an always-on network, any small disruptions can quickly escalate. In fact, 28% of organizations indicate that the ability to use existing architecture in an aging network is a major concern. SD-WAN provides organizations with greater control over solution used across each network.

Automation at Distributed Sites

Financial institutions have distributed locations and without the proper solution, functioning as a cohesive unit can be a challenge and if not properly managed, it can become a source of operational and financial inefficiency. This makes SD-WAN a perfect fit for these distributed organizations. More than 28% of organizations state a need for improved automation and self provisioning for their network.2 This would allow financial institutions to manage and view the WAN as one entity, instead of treating each endpoint as a standalone resource.

SD-WAN has a variety of benefits, but it does have points of failure. To learn about adding Smart Out-of-Band to your next deployment for always-on access, see our storygraphic.



Top 5 Security Challenges for Financial Institutions

The Federal Financial Institutions Examination Council (FFIEC), oversees five of the largest banking industry regulators, enabling this group to have an in-depth understanding of trends and threats. The FFIEC has recently stated that financial institutions have become increasingly dependent on information technology and telecommunications to deliver services.1 This means that a degradation or disruption to a system or information can impact core processes and undermine confidence in the financial sector. As threats and regulations continually change, to better ensure network resilience, financial institutions must understand the top security challenges.

1. Compliance

Organizations are dealing with a large number of compliance mandates and security regulations – Basel II and the Gramm- Leach-Bliley Act are two that are finance specific. The Gramm-Leach-Bliley Act, also known as the US Financial Modernization Act, ensures that any type of organization that offers financial products or services must explain their information sharing process to customers, including how collected data is safeguarded. Basel II are regulations that aim to reduce the risk of internal and external fraud from unauthorized activity by setting best practices.

There are many reasons why a financial institution should comply with these regulations. Meeting any of these regulations ensures compliance, which creates a framework to help secure company systems and data, and it also secures the business. Demonstrating compliance can be costly but the end result is a more secure organization. This will reassure existing customers that their personal information is safeguarded, improve the organization’s reputation and  help attract new customers. Penalties will occur from non-compliance. Those found to be non-compliant depend on the jurisdiction in which the offense occurs and penalties can vary depending on the failure, and can include fines and even imprisonment.

2. Security

Compliant doesn’t necessarily mean secure – and not all financial organizations identify or classify data based on sensitivity or criticality which can increase the chance of network vulnerabilities. CEO of IBM Ginni Rometty said, cybercrime is the largest threat to every organization in the world.2 Although there are a variety of network security threats, ransomware is the largest and costs associated with it are predicted to reach $11.5 billion in 2019.3 Many times, deploying multivendor solutions without an effective management approach can cause data to be lost or stolen and makes it difficult to support regulatory requirements.

3. Third Party Risk

Many financial institutions participate in partnerships and outsource services to reduce costs. Doing so, allows these third party entities to access data and internal systems which increases the risk of vulnerabilities and can cause an outage – with one minute of downtime costing $5,500 this is something most organizations don’t want to happen.4 Just a few years ago one of the largest retailers in the world, Target, was attacked when hackers gained access to their network through a third party heating and ventilation company who was hired to monitor their systems.5 Using the HVAC organization’s credentials to install malware on POS devices, credit card information was stolen effecting thousands of customers. How these parties are managed can either greatly decrease or increase the chance of an outage. Most financial organizations centrally manage third parties which includes ongoing monitoring and creating protocols to reduce these risks.

4. Human Error

A 2016 IBM survey found that more than 60% of cyber attacks came from inside financial institutions and because of their large assets, finance was one of the top three industries targeted.6 Three quarters of attacks were by employees and done intentionally, the other remaining quarter of these attacks occurred by human error which could be as simple as opening a suspicious email.

5. Emerging Threats

Just last year, one of the largest Distributed Denial of Service (DDoS)  attacks ever in IoT occurred. Attacks like these can have a large impact on a financial institution, many times customers aren’t able to access accounts, websites or funds until the attack’s complete. To ensure financial institutions can continue to operate without disruption from an attack, regulations are constantly being updated, like the NIST Cybersecurity framework – a set of standards that by 2020, over 5o% of US organizations will use.7 This requires written policies and procedures to protect consumer information from cyber attacks.

Financial institutions are constantly facing a variety of customer demands, emerging threats and updated regulations. Ensure resilience for your financial network, visit our finance page to learn more.




SD-WAN Deployments in Retail

For retailers, meeting growing customer demands can be challenging when factoring in ever-increasing network complexities. Connecting stores, distribution centers and warehouses is a necessity in order to provide improved customer experiences. To enable this, many retailers are turning towards SD-WAN – soon to become the standard deployment for enterprise networks.1

Benefits include:

Better network security

Many legacy WANs don’t have standard security features built-in, so they can’t adequately protect the network. SD-WAN encrypts network traffic which increases security when sending sensitive customer information to dispersed locations.

More flexibility

Bandwidth and network updates can be adjusted depending on needs. This allows retailers to add services at different sites without using any legacy systems or sending a person to the location.

Reduced maintenance

SD-wan reduces the amount of on-premise hardware which decreases the cost of maintenance and downtime.

SD-WAN Points of Failure

SD-WAN does provide many benefits, however running on larger software stacks they require constant firmware updates which can introduce points of failure, leaving retail organizations vulnerable to potential downtime with each deployment. Smart Out-of-Band by Opengear supports SD-WAN deployments. Ensuring secondary access to the router to reflash or power cycle, NetOps staff are able to remotely get the network back up and running. Understanding that branch networks are critical piece to many retailers business strategies, Opengear ensures that if downtime does occur, POS, security systems and other in store devices continue to run seamlessly.

Adding Smart Out-of-Band during SD-WAN deployments:

Diagnoses the issue

If a disruption occurs and the internet link isn’t connected, outages are detected immediately. Lighthouse Centralized Management enables administrators to identify and manage the network remotely without having to roll a truck to a remote retail site.

Allows for always-on access

Failover to Cellular ensures uninterrupted availability for remote networks with 4G LTE. Retailers are able to continue business as usual while the primary internet connection is down.

Decreases costs

A Smart Out-of-Band solution costs less to deploy and operate. A truck roll and a few hours offline can cost a retail organization thousands of dollars.2

Trust your SD-WAN deployment to Opengear, ensure guaranteed access with Smart Out-of-Band.