Secure Access Service Edge (SASE)

Secure Access Service Edge, or SASE, is an emerging cybersecurity concept. In this video, you understand how the key capabilities of SASE address the demands of growing network sprawl and the challenges of digitally transforming your business.

Versa for Work-From-Home

Versa has made it simple for organizations to offer Secure SD-WAN for Work-From-Home users on home appliances or working from anywhere

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

 
Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Modern Secure
Network Blog

Research Lab

Detect Zero-Day Exploits in Microsoft’s Exchange Server

versa-threat-research-lab
By Versa Threat Research Lab
Versa Networks
March 9, 2021

Last week, Microsoft released an important blog that details that details how HAFNIUM, a state-sponsored threat actor operating out of China, exploited Microsoft Exchange Servers with zero-day exploits along with other code execution vulnerabilities in the Sharepoint software.

The detailed list of vulnerabilities that Microsoft customers need to update immediately are:

  • CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability
  • CVE-2021-26855 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-26857 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-26877 – Windows DNS Server Remote Code Execution Vulnerability
  • CVE-2021-26897 – Windows DNS Server Remote Code Execution Vulnerability
  • CVE-2021-27076 – Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft has released a special announcement for the March 2021 Exchange Server updates. In this announcement, Microsoft is requesting all customers to take effective security measures to safeguard their Exchange servers. Details about the important patch and the effective path to update older Exchange servers are available here.  

Microsoft advises that these patches are only intended to be a temporary fix. Customers are still required to update their software to the latest version and apply any relevant security patches to their server. Microsoft recommends updating your software and applying the latest security patches here.  

Important takeaways from Microsoft on this recent development:

  • These updated packages contain only fixes for March 2021 CVEs (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065). No other product updates or security fixes are included. Installing these updates does not mean an unsupported cumulative update is now supported.
  • Updates are available only through the Microsoft Download Center (not on Microsoft Update).
  • Microsoft is producing updates only for some older cumulative updates running Exchange 2016 and 2019.
  • If you are running a version of Exchange not covered by these updates, consider either rolling forward to a cumulative update package that has an applicable security update or rolling forward to a supported cumulative update (preferred option). In case you need to go forward with cumulative updates, please see: best practices for the installation of Exchange updates (this applies to all versions of Exchange).
Versa Detects Zero Days with Latest Security Package

Versa customers are protected from these zero-day exploits. As of Security Package 1803, Versa customers can detect all important vulnerabilities discovered in the Microsoft Exchange Server as well as additional detection for other security vulnerabilities in Sharepoint and the DNS server as listed above.

Versa customers looking to activate their Security Package can visit our guidelines here to get detailed instructions on how to download and run the latest in threat detection. Please reach out to your support representative if you have any questions or access our support team here.