Tech Republic

Network Address Translation (NAT) is one of the key technological concepts behind the performance of communication networks and the internet at large. NAT is a mechanism for converting private (local) IP addresses into public (global) IP addresses and vice versa. There are six main NAT types: static, dynamic, port address translation, overlapping, and masquerade. Understanding the functionality of each NAT type — as well as its purpose — is vital in helping you choose the right one to reap the most benefits. 1 RingCentral RingEx Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Medium, Large, Enterprise Features Hosted PBX, Managed PBX, Remote User Ability, and more 2 Talkroute Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Call Management/Monitoring, Call Routing, Mobile Capabilities, and more Network Address Translation, IPv4, and IPv6 It’s helpful to understand a little bit about how IP addressing works in order to understand the different types of NAT and the problems they solve. NAT enables efficient use of limited IPv4 addresses — there are only 4,294,967,296 possible 32-bit IPv4 addresses, which is not enough for every device worldwide — NAT allows organizations to maintain numerous private devices while requiring only a small number of public addresses for internet access. IPv6 is the next generation of internet protocol, designed to solve the IPv4 address shortage. Instead of 32-bit addresses, IPv6 uses 128-bit addresses. This creates an almost unlimited number of addresses — enough for every device on Earth to have its own unique identifier. IPv6 reduces the need for NAT, but it is still important in networks where IPv4 and IPv6 coexist. These mixed environments often rely on NAT to ensure smooth communication between devices using different protocols. As organizations transition to IPv6, understanding when and how to use NAT remains essential for maintaining efficient and reliable connections. The six types of Network Address Translation and what they do Once again, NAT is a technology that allows the use of private and public TCP/IP addresses by facilitating the translation between internal and external IP addresses. It involves routing and remapping IP addresses via routing devices such as firewalls and routers. Since you can’t use a private IP address to gain access to an external network like the internet, NAT ensures that a local host has internet access by translating local IP addresses into one or multiple global IP addresses. Conveniently, NAT allows a unique IP address to represent a whole group of devices and computers. In other words, NAT is what enables you to connect multiple electronic devices to your home router while using the same public IP address to access the internet. NAT is typically implemented by a router. In addition to facilitating address translation, NAT can serve a number of important additional purposes: Network security: Obscures internal IP addresses, adding a layer of protection against external threats. Firewall functionality: Filters traffic and blocks unauthorized access based on security rules. Port forwarding: Enables external access to internal services by forwarding specific ports to the appropriate devices. Load balancing: Distributes traffic across multiple servers for better resource utilization and traffic management. Session tracking: Ensures proper routing of incoming data by tracking active connections. Simplified network management: Reuses private IP addresses, reducing the need for public IP allocation. VPN support: Allows secure communication between devices on different networks by translating IP addresses. The following six types of Network Address Translation offer different means of improving network security, addressing connectivity issues, and solving performance problems. 1. Static NAT Description: This is a straightforward translation that maps a single private IP address to a corresponding public IP address. A static NAT must match the number of IP addresses on the local area network (LAN) with an equal number on the outside network. For this reason, Static NAT is also called balanced NAT. Purpose: Static networks are fixed because they provide one-to-one (or many-to-many) mapping, allowing the creation of a fixed translation to an actual address. As a result, their mappings provide a consecutive connection to the same address. Ultimately, Web and FTP servers favor using Network Address Translation because of its consistency and reliability. Benefits: Static networks reduce the problem of overlapping addresses while also providing a degree of protection for your registered public addresses. Static NAT can be more challenging to set up, but it is usually easier to manage and troubleshoot — leaving you with a low-maintenance network. Also, when you switch networks, you won’t face the hassle of having your IP addresses renumbered. Limitations: Since static networks have fixed IP addresses that don’t change, they are more susceptible to spoofing and hacking, as malicious actors can easily target them. These security risks make it critical to protect your network with firewalls and encryption. Additionally, a static NAT is bi-directional, meaning hosts can initiate connections both inside and outside the network. Of course, you need a policy to allow this, but it could still expose you to a significant security loophole. Finally, static Network Address Translation is also more expensive than its dynamic counterpart because it requires more public IP addresses for its implementation. These increased costs extend to your internet service provider (ISP), which will typically charge you more for the privilege of a dedicated IP address. Meanwhile, the inflexible nature of static IPs also forces you to change them manually if you ever move to another location. Best for: Static IP addresses are best for applications, processes, and protocols that require a consistent IP, such as web hosts, application servers, printers, routers, and gaming consoles. Example: In addition to one-to-one mapping, static NAT is bi-directional, allowing connections between an inside and outside address. For instance, assume you have a web server in your LAN with a private inside address of 172.17.1.0. Perhaps you want to make it accessible when a remote host makes a request to 209.165.200.10 (an

This year has not been quiet for the cybersecurity field. We have seen record-breaking data breaches, huge ransomware payouts, and illuminating studies about the impact of the increasingly complex and ever-evolving threat landscape. As we approach the new year, TechRepublic revisits the biggest cybersecurity stories of 2024. 1.  Midnight Blizzard’s attack on Microsoft In January, Microsoft disclosed that it had been a victim of a nation-state-backed attack beginning in November 2023. The Russian threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. Later, Microsoft revealed they had also accessed some source code repositories and internal systems. Midnight Blizzard gained access through a successful password spray attack on a legacy test tenant account without multi-factor authorisation. Password spraying is a brute force attack in which threat actors spam or “spray” commonly used passwords against many different accounts in one organisation or application. From there, they could use that account’s permissions to access a small number of Microsoft corporate email accounts—some of those accounts were for senior leadership team members. Midnight Blizzard was particularly active this year. In October, it launched targeted spear-phishing attacks on over 100 organisations worldwide. Spear-phishing emails contained RDP configuration files, allowing the attackers to connect to and potentially compromise the targeted systems. 2.  Record ransomware payouts and active groups In February, Chainalysis announced that global ransomware payments exceeded $1 billion for the first time in 2023. “Big game hunting,” where groups go after large organisations and demand ransoms of over $1 million, is on the rise, and affected organisations are often tempted to pay. Furthermore, in October, it was announced that the second quarter of this year saw the highest number of active ransomware groups on record. This suggests that law enforcement takedowns are proving effective against the more established gangs, opening up new opportunities for smaller groups. Indeed, artificial intelligence could be lowering the barrier to entry to stage ransomware attacks, widening the pool of individuals who might do so. 3.  LockBit’s clash with law enforcement The notorious ransomware group LockBit was subject to a law enforcement takedown in February. The U.K. National Crime Agency’s Cyber Division, the FBI, and international partners cut off their website, which had been used as a large ransomware-as-a-service storefront. The LockBit ransomware was the most common type of ransomware deployed globally in 2023. However, a few days later, the group resumed operations at a different Dark Web address and claimed responsibility for ransomware attacks worldwide. This is despite Britain’s National Crime Agency claiming the ransomware gang was “completely compromised,” according to Reuters. Whether it remained fully or partially operational, the takedown did have positive ripple effects. NCC Group noted a year-over-year decline in ransomware attacks in both June and July this year, which experts linked to the LockBit disruption. A report from Cyberint also said that the third quarter of this year saw the lowest number of quarterly attacks from the group in a year and a half. Research from Malwarebytes also found that the proportion of ransomware attacks LockBit claimed responsibility for decreased from 26% to 20% over the past year despite carrying out more individual attacks. 4.  World’s largest compilation of passwords leaked In July, the world’s largest compilation of leaked passwords, containing 9,948,575,739 unique plaintext entries, was posted on a hacking forum. The credentials were discovered in a file named “rockyou2024.txt,” and many of the passwords had already been leaked in previous data breaches. RockYou is a defunct social application site. In 2009, more than 32 million of its users’ account details were exposed after a hacker accessed the plaintext file where they had been stored. In June 2021, another text file named “rockyou2021.txt ” was posted. This 100GB file contained 8.4 billion passwords, making it the largest-ever password dump at the time. Must-read security coverage 5.  Nearly all AT&T phone numbers exposed In July, AT&T revealed that data from “nearly all” of customers from May to October 2022 and on Jan. 2, 2023, was exfiltrated to a third-party platform in April this year. Threat actors accessed phone call and text message records but not their context or any personally identifiable information. AT&T paid 5.7 Bitcoin — about $374,000 — to a threat actor to delete the stolen data, according to Wired. The threat actor was allegedly part of the ShinyHunters group, which broke into the data warehousing platform Snowflake to get the data. One person was apprehended by law enforcement in connection with the cyberattack, and the access point has since been secured, AT&T said. 6.  CrowdStrike outage caused global disruption In July, about 8.5 million Windows devices were disabled worldwide, causing huge disruption to emergency services, airports, law enforcement, and other critical organisations. This was because an error occurred when cloud security firm CrowdStrike issued an update to the Falcon Sensor. SEE: What is CrowdStrike? Everything You Need to Know Affected organisations saw the infamous “Blue Screen of Death,” the Windows system crash alert. The incident led to CrowdStrike being presented with the “Epic Fail” award at Black Hat U.S.A. 2024 in August. SEE: Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds 7.  National Public Data breach one of the biggest in history August saw the 2.7 billion data records, including Social Security numbers, posted on a dark web forum in one of the biggest breaches in history. National Public Data, a background-checking company that owns the data, acknowledged the incident and blamed a “third-party bad actor” who hacked the company in December 2023. Troy Hunt, security expert and creator of the “Have I Been Pwned” breach checking service, investigated the leaked dataset and found it only contained 134 million unique email addresses and 70 million rows from a database of U.S. criminal records. The email addresses were not associated with the SSNs. According to a class-action complaint, National Public Data scrapes the personally identifying information of billions of individuals from non-public sources to create their profiles for its background-checking service. It was also

TL;DR: Get a powerful grade-A refurbished MacBook Air M1 for just $514.99 during this limited pre-holiday sale. Start 2025 strong with the powerful yet affordable Apple MacBook Air M1. Featuring Apple’s groundbreaking M1 chip, this sleek and lightweight laptop offers impressive performance for professionals, students, and creatives alike. For this pre-holiday sale, you can score a grade-A refurbished MacBook Air for just $514.99 (reg. $1,499). With limited stock, now is an ideal time to upgrade your tech without breaking the bank. Features The MacBook Air M1 redefines what a lightweight laptop can do. Its 8-core CPU delivers up to 3.5x faster performance, ideal for tackling demanding projects and multitasking with ease. Paired with an 8-core GPU, graphics-intensive applications and video editing run smoother than ever. The M1 chip’s 16-core Neural Engine also brings advanced machine learning capabilities to your work, making this laptop a truly professional tool. The 13.3-inch Retina display delivers vivid colors and sharp text, ideal for editing photos, designing presentations, or working on spreadsheets. With up to 18 hours of battery life, you can power through long days without constantly reaching for the charger. And thanks to its fanless design, the MacBook Air operates in complete silence—no distractions during your video calls or focused work sessions. This refurbished model is from 2020 and is graded A, meaning it should arrive in near-mint condition with minimal or no visible wear. It’s the ultimate combination of premium Apple performance and terrific value. Head to TechRepublic Academy to get the powerful MacBook Air M1 for just $514.99 during this pre-holiday sale while supplies last. Prices and availability subject to change. source

Best provider offering robust AI-powered features: HubSpot Best for giving agents access to real-time data: Pipedrive Best for ticketing management and routing: Zendesk Best solution offering a self-service portal: Zoho Desk Best for managing employees and agents: Bitrix24 Best offering free live chat: Engagebay Best for providing omnichannel support: Kustomer Call center representatives use CRM software specifically designed for contact or help centers. These platforms host all customer information, including contact information, interaction history, purchase orders, and more. Call center CRM software helps manage ongoing customer relationships by streamlining support throughout the sales process. 1 monday CRM Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Calendar, Collaboration Tools, Contact Management, and more 2 Creatio CRM Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Medium, Large, Enterprise Features Dashboard, Document Management / Sharing, Email / Marketing Automation, and more 3 HubSpot CRM Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees) Micro, Small, Medium, Large Top contact center CRM software comparison In addition to standard CRM features and capabilities, contact center CRM software include in-depth customer profiles, ticketing systems, multiple communication channels, and advanced reporting and analytics. Typically, a good general CRM provider can have all of these call center functionalities with the right configuration and integrations. Following CRM software best practices can assist in shaping top providers like HubSpot, Pipedrive, Zendesk, and more into effective contact center CRM. Software Starting premium price* Customer profiles Ticket management Communication channels Reporting and analytics HubSpot $15 per seat per month Yes Yes Yes Yes Pipedrive $34 per seat per month Yes Limited Yes Limited Zendesk $19 per seat per month Yes Yes Yes Yes Zoho Desk $14 per seat per month Yes Yes Yes Yes Bitrix24 $49 per 5 users per month Yes Yes Yes Yes Engagebay $12.74 per seat per month Yes Yes Limited Yes Kustomer $89 per seat per month Yes Yes Yes Limited *Price when billed annually. HubSpot: Best provider offering robust AI-powered features Image: HubSpot Within HubSpot’s Service Hub, the entire helpdesk and ticketing dashboard empowers reps and agents to manage and resolve queries in an AI-first and fully integrated workspace. Users can utilize AI-powered tools throughout their experience with the platform. With conversation intelligence, chatbots, and messaging, users can use AI to assist in not only strategizing support efforts but actually engaging with clients as well. Why I chose HubSpot HubSpot is a very popular CRM platform that offers a robust free version of its software. The call tracking, analytics, reporting, and playbook features help users manage end-to-end sales processes, including post-sale support. HubSpot also offers over 1,500+ potential integrations, making it an easy CRM provider to implement into any businesses’ current sales process and tech stack. While the HubSpot free tier is feature-rich, there still might be some advanced tools that are only accessible in premium plans. HubSpot’s premium subscriptions can be considered costly for startups or small businesses, so if that’s the case, we’d consider looking into Engagebay for similar support features. For more information, read the full HubSpot review. Pricing Free CRM: Free for up to 5 users with contact management, quotes, live chat, and more. Service Starter: $20 per seat per month, billed annually. The Starter plan includes all free tools, simple automation, e-signature, conversation routing, and more. Service Professional: $100 per seat per month, billed annually. This plan includes all Starter features, prospecting workspace, playbooks, forecasting, and more. Service Enterprise: $130 per monthly seat, with an annual commitment. Users of this plan receive all Professional tools plus advanced permissions, predictive lead scoring, conversation intelligence, and lead form routing. Features AI assistant: Increase rep and agent productivity and efficiency with AI built directly into the platform with response suggestions. Feedback management: Create NPS, CSAT, CES, and custom surveys to gather critical client feedback. Omnichannel messaging: Communicate with customers wherever they want by accessing multiple channels through one inbox and seamlessly switching between them. HubSpot content AI-assistant. Image: HubSpot HubSpot pros and cons Pros Cons 1,500+ app integrations. Premium plans can be costly compared to others on this list. Users report easy software deployment. Users report occasional bugs around data. HubSpot acts as an all-in-one software for sales, marketing, and administration support. Doesn’t offer live support for free users. Pipedrive: Best for giving agents access to real-time data Image: Pipedrive With Pipedrive as a contact center CRM, agents or sales reps can access real-time customer information and use the CRM data to better understand the customer’s needs and solve their submitted queries efficiently. Pipedrive offers this customer tracking software that collects data from every interaction with the customer, including emails, website visits, and more, and then provides valuable insights into their buying decisions. This will help reps close deals quickly and keep clients engaged and satisfied post-sale. Why I chose Pipedrive Pipedrive assists businesses that wish to prioritize customer satisfaction through contact management, real-time data, lead management and retention, and more. It is an easy-to-use sales CRM with powerful integrations, intuitive pipeline tracking, and more. With pricing tiers made for growing small businesses, Pipedrive is a scalable solution that can supercharge every step of your business’s sales cycle. Pipedrive doesn’t offer a totally free version of its platform, and some add-on features can quickly increase the monthly subscription. If you’re looking for a basic CRM with robust customer support features, starting with a free-for-life plan, consider looking into HubSpot for its robust free tier. What to learn more? Read our detailed Pipedrive review. Pricing Essential: $14 per user per month, billed annually, or $24 monthly. This plan supports 3,000 open deals, 15 reports per user, and multiple communication tracking features. Advanced: $34 per user per month, billed annually, or $44 per user when billed monthly. This plan offers all

The U.S. has sanctioned Sichuan Silence, a Chinese cybersecurity firm involved in ransomware attacks targeting critical infrastructure in 2020. One of its employees, Guan Tianfeng, has also been charged individually. Guan, a security researcher, discovered a zero-day vulnerability in a firewall product developed by U.K.-based security firm Sophos. He exploited the vulnerability, designated CVE 2020-12271, using a SQL injection attack that retrieved and remotely executed a script from a malicious server. Guan and his co-conspirators had registered legitimate server domains, such as sophosfirewallupdate.com. This script, part of the malicious Asnarök Trojan toolkit, was initially designed to steal data like usernames and passwords from the firewalls and the computers behind them and send them to a Chinese IP address. If the victim attempted to reboot their device, Ragnarok ransomware would automatically install, disabling antivirus software and encrypting every Windows device on the network. However, within two days of the attack, Sophos deployed a patch to impacted firewalls that did not require a reboot and removed all malicious scripts. Guan then modified the malware to install ransomware when it detected Sophos’ mitigation, but the patch prevented this from working. According to a now-unsealed indictment on Guan, his conspirators viewed information about the Sophos patch on the company’s website in May 2020 before testing an updated version of its exploit a few days later. The Treasury has sanctioned both Sichuan Silence and Guan Tianfeng, meaning all their U.S.-based assets will be blocked, and organizations and individuals will be prohibited from engaging in transactions of funds, goods, or services with them. “Today’s action underscores our commitment to exposing these malicious cyber activities—many of which pose a significant risk to our communities and our citizens—and to holding the actors behind them accountable for their schemes,” Bradley T. Smith, acting undersecretary of the Treasury for terrorism and financial intelligence, said in a press release. Rewards of up to $10 million are available for information about Guan or other state-sponsored cyber attackers. Guan is believed to reside in Sichuan Province, China, though he may also travel to Bangkok, Thailand. Tens of thousands of firewalls used by critical infrastructure companies were compromised Between April 22-25, 2020, around 81,000 Sophos XG firewalls used by global companies were compromised. Over 23,000 of these firewalls were used by U.S. organizations, and 36 were used for critical infrastructure. Compromising critical infrastructure — such as utilities, transport, telecommunications, and data centres — can lead to widespread disruption, making it a prime target for cyberattacks. A recent report from Malwarebytes found that the services industry is the worst affected by ransomware, accounting for almost a quarter of global attacks. SEE: 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year One victim was a U.S. energy company drilling for oil when the Sichuan Silence ransomware was deployed. The Department of the Treasury’s Office of Foreign Assets Control says that human life could have been lost if the attack had caused oil rigs to malfunction. Must-read security coverage Who is Sichuan Silence? Sichuan Silence is a Chengdu-based cybersecurity contractor primarily hired by Chinese intelligence services. China has denied hacking charges made by the U.S. in the past but has been consistently linked with cyber attacks in the U.S. This month, the Federal Bureau of Investigations and Cybersecurity and Infrastructure Security Agency identified that China-affiliated threat actors had “compromised networks at multiple telecommunications companies.” SEE: China-Linked Attack Hits 260,000 Devices, FBI Confirms According to the Treasury, Sichuan Silence provides clients tools and services for hacking networks, monitoring emails, brute-force password cracking, and exploiting network routers. The organization’s website also states it has products that can scan overseas networks for intelligence information. A pre-positioning device — a tool that installs malicious code in a target network to set up a future cyber attack — was used by Guan in April 2020 and was found to be owned by Sichuan Silence. The attacker also competed on behalf of his company in cybersecurity tournaments and posted zero-day exploits he’d discovered on forums using the handle “GbigMao.” In November 2021, Meta reported dismantling a coordinated disinformation campaign linked to Sichuan Silence that falsely claimed the U.S. was interfering with World Health Organization investigations into COVID-19 operations. The disinformation was spread by hundreds of fake Facebook and Instagram accounts and amplified by Chinese state media and government-linked organizations. “The scale and persistence of Chinese nation-state adversaries pose a significant threat to critical infrastructure, as well as unsuspecting, everyday businesses as noted in Sophos’ Pacific Rim investigation report,” Ross McKerchar, CISO at Sophos, told TechRepublic. “Their relentless determination redefines what it means to be an Advanced Persistent Threat; disrupting this shift demands individual and collective action across the industry, including with law enforcement. “We can’t expect these groups to slow down if we don’t put the time and effort into out-innovating them, and this includes early transparency about vulnerabilities and a commitment to develop stronger software.” Critical infrastructure attacks are on the rise Attacks on critical infrastructure are ballooning in popularity. At the end of 2023, the FBI uncovered a wide-ranging botnet attack by the Chinese hacking group Volt Typhoon, created from hundreds of privately owned routers across the U.S. and its overseas territories. The threat actors targeted and compromised the IT environments of U.S. communications, energy, transportation, and water infrastructure. Volt Typhoon has conducted hundreds of attacks on critical infrastructure since it became active in mid-2021. SEE: Why critical infrastructure is vulnerable to cyberattacks Other notable attacks on critical infrastructure from recent years include the 2021 Colonial Pipeline incident. The company — responsible for 45% of the East Coast’s fuel, including gas, heating oil, and other forms of petroleum — discovered it was hit by a ransomware attack and was forced to shut down some of its systems, stopping all pipeline operations temporarily. Sandworm and affiliates of the Black Basta ransomware-as-a-service organization have also targeted critical infrastructure worldwide. Both firms have links to Russia. In May, the U.S. CISA and several international cyber authorities warned of

Perimeter 81 fast facts Our rating: 3.9 out of 5 starsPricing: Starts at $8 per user/month (annual)Key features: Zero-trust network access. DNS filtering. Device Posture Check (DPC). Malware protection. Automatic Wi-Fi security. Image: Perimeter 81 Perimeter 81 is a cloud-based network security solution designed to help organizations boost security on corporate networks. The solution takes network security beyond the capabilities of traditional VPNs and firewalls, with over 50 points of presence worldwide and a range of security features. These features include a zero-trust architecture, advanced malware protection, and device posture check. Continue reading to learn more about Perimeter 81 and what it offers as a network security solution. Semperis Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Large, Enterprise Features Advanced Attacks Detection, Advanced Automation, Anywhere Recovery, and more ESET PROTECT Advanced Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Advanced Threat Defense, Full Disk Encryption , Modern Endpoint Protection, and more ManageEngine Log360 Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise Features Activity Monitoring, Blacklisting, Dashboard, and more Perimeter 81 pricing Perimeter 81 offers four paid plans: Essentials, Premium, Premium Plus, and Enterprise. Here’s a brief overview of their feature and price differences: Plans Essentials Premium Premium Plus Enterprise Price $8 per user per month. $12 per user per month. $16 per user per month. Quote available upon request. Users Minimum 10 users. Minimum 10 users. Minimum 20 users. Minimum 50 users. Unlimited network tunnels Yes Yes Yes Yes Split tunneling Yes Yes Yes Yes Single Sign-On capabilities No Yes Yes Yes Logs retention 14 days. 30 days. 30 days. 60 days. Dedicated chat and email support During office hours only. Prioritized response. Prioritized response. 24/7 The Perimeter 81 pricing structure is similar to some of its competitors, like NordLayer. For example, the annual billing in the Premium and Premium Plus cost $12/user/month and $16/user/ month respectively. Meanwhile, their equivalents in NordLayer — Core and Premium — cost $11 per user/month and $14 per user/month, respectively. Perimeter 81 is costlier when you place it side by side with Twingate, whose highest pricing is $10 per user/month for annual billing. While there is no free trial available, I commend Perimeter 81 for offering a 30-day money-back guarantee for each of their plans. I also appreciate how prospective buyers can request a demo to join a call and receive a 15-minute walkthrough of the VPN. SEE: Free VPN vs Paid VPN: Which One Is Right for You? (TechRepublic) Is Perimeter 81 safe? Yes, I found Perimeter 81 to be a safe and secure VPN software solution. Perimeter 81 has a lot of advanced security features that make it a safe VPN for different organizations. The tool features multi-factor authentication (MFA), prompting employees to pass through a multi-step account login process before gaining access to a company’s resources. As an enterprise solution, I appreciate that Perimeter 81 offers single sign-on, which integrates with business services like Azure, Google Suite, LDAP, or OKTA to streamline safe login for company employees working remotely. However, I want to mention that SSO isn’t available on the Essentials plan — so keep that in mind when considering their subscriptions. The solution also employs AES-256 encryption using IPsec or WireGuard protocols and supports network security features such as split tunneling, web filtering, a firewall, and an Always On VPN option. Another notable security feature is Automatic Wi-Fi protection, which ensures that employees don’t get access to company resources when their connection is exposed. SEE: 10 Ways a Zero Trust Architecture Protects Against Ransomware (TechRepublic) One major safety concern I have about Perimeter 81 is its logs policy. The provider keeps IP log data for up to 60 days before it is deleted. However, Perimeter 81 claims only the workspace admin has access to that data. Key features of Perimeter 81 Below are some features of Perimeter 81 I found interesting. Agentless application access One of my favorite Perimeter 81 features is its Agentless Zero Trust Network Access. It works by giving employees or third-party contractors limited access to a company network. The feature can grant specific employees access through the browser to a particular application — not the wider company network. This helps admins monitor employee or third-party contractor access to company networks to know where and how access occurs. Perimeter 81 Agentless Application Access Dashboard. Image: Perimeter 81 SEE: How to Create an Effective Cybersecurity Awareness Program (TechRepublic Premium) DNS Filtering Another Perimeter 81 inclusion I like is its DNS Filtering. This feature limits users’ access to unauthorized websites that could harm a company’s network infrastructure. It helps IT teams determine which content or IP address will be whitelisted or blacklisted on employees’ devices. Perimeter 81 DNS filtering. Image: Perimeter 81 I envision this to be especially beneficial for hybrid workforces and businesses with fully remote workers. Device Posture Check If your department regularly handles sensitive data, I suggest looking into Perimeter 81’s Device Posture Check or DPC. DPC ensures the company’s most important resources are secured by granting access strictly to only devices that meet the security posture requirements. Perimeter 81 DPC rules can check Android, iOS, Windows, MacOS, and Linux devices before and during network access, and remove devices where there is a discrepancy between user policy and posture. Perimeter 81 Device Posture Check. Image: Perimeter 81 Advanced Malware Protection For more traditional threat protection, Perimeter 81’s Advanced Malware Protection is a welcome feature. It uses a combination of signature-based detection, heuristics, and advanced machine learning to identify and block malware and zero-day attacks. Personally, I appreciate how it enables admins to easily track user exposure to malicious content with extensive reports. Reports Dashboard. Image: Perimeter 81 SEE: How to Tell If Your

Tracking your rank history over time is crucial. It helps you understand if your SEO strategy is working and which clusters or keywords you should double down on. Whether you’re looking to maintain the first page or you’re climbing the ladder from the bottom, rank tracker templates are a great way to stay organized. ClickUp: A beginner-friendly rank tracker template ClickUp is a powerful project management platform that you may not immediately associate with SEO work. But it actually works really well because you can turn your ranking insights into actionable tasks and collaborate with your entire team. You can sign up for free to get started and onboard your entire team at no cost. Paid plans are affordable, starting at $7 per user per month. More on ClickUp: ClickUp Review | ClickUp vs Asana | ClickUp vs. Notion. Use this free rank tracking template from ClickUp to see how your SERP positions change month-to-month. Image: Clickup.com Out of the box, this template is set up with a category and subcategory structure — which is useful if you want to track your rankings by month or if you want to group by primary keyword. Alternatively, you can track the ranking of specific pieces of content so you know what to update and when. This works really well if you’re also planning to use ClickUp to manage your content workflow. You’ll be able to manage the complete lifecycle of your assets from ideation through publishing and watch everything move through search results. Overall, I like this template because it’s super versatile, and it works no matter what industry you’re in. It’s also easily extendable — you can add fields to track visits, conversions, and other metrics you want to stay on top of. I also like that there’s a pre-built field that calculates your improvement rate. This makes it easy to understand positive and negative changes over time. If you’re on one of ClickUp’s top plans, you may be able to integrate with SEO software like Ahrefs or SemRush. Another option is using Make or Zapier to pull data into ClickUp via automations. If neither of those work, manual entry is always an option too. Notion: Flexible and powerful rank tracker templates Notion is a collaborative workspace with built-in features for tracking tasks, working on projects, taking notes, and creating flexible documents. It can work well for SEO purposes because it allows you to organize and store information in different ways. Overall, it’s more flexible than most typical project management tools. This means it’s easily adaptable to however you work. If you work by yourself, you can use Notion for free for quite a while. If you share your workspaces with others, the free plan is more like a free trial and you’ll have to upgrade to a paid plan in the near future. More on Notion: Notion Review | Notion vs Asana | Notion vs Todoist. Template 1: A good place to start It’s not uncommon to use multiple SEO tools for different purposes. This template helps you not only track ranking data, but also keep track of information for each of the tools you’re using. Its unique views and flexible nature make it much cleaner than spreadsheets or Google Docs to stay organized. This is especially true if you work with a team who creates different dashboards, uses different tools, and needs access to things from other people. Manage your keywords, SEO tools, and positions in one place with Notion. Image: Notion.com Out of the box, this template includes links to tutorials and resources for various SEO tools, eliminating one more thing you need to hunt down. Below that, there are multiple different views you can use to keep track of keywords, volume, difficulty, CPC, intent, and the software you got it from. You can view the same information as a gallery, board, list, or table. There are also due dates you can use to keep track of content production. If you’re an agency or freelancer, you can use the same template to keep track of keyword research and ranking positions for various clients. Each client has their own card. Inside that card, you’ll be able to enter their budget, contact information, status, and keywords. It’s a simple yet effective way to stay organized. Template 2: A rank tracker template for G2 Instead of keywords, this template helps you keep track of your G2 rankings. As one of the most trusted websites for consumers to find the best software, it’s an important platform to pay attention to, despite how often it’s overlooked. If you’re on G2, this template is an excellent place to start. Monitor G2 rankings using this intuitive template for Notion. Image: Notion.com Whether you’re currently on G2 and want to monitor your positions compared to your competitors or you’ve just recently claimed your G2 profile and need to make up some ground, this template offers an easy way to stay organized. You’ll be able to look at how you’re doing overall and across specific G2 categories. For example, you can quickly look at your current rank based on how many of your competitors qualify for the same category. But you can also see how your rankings change over time. There’s even an area for logging G2 badges, and a place for storing links to relevant quarterly reports you need to revisit again. Stackby: Rank tracker templates that integrate with Ahrefs and Serpstat Stackby is a powerful tool that uses relational databases to connect all of your data together. This is perfect if you’re getting rank data from a third-party source, as Stackby easily integrates with various SEO tools for automated data entry and regular refreshing. It’s free for up to five users, and you’ll even have access to two API connectors at no cost (which is enough to get started with any of these templates). Template 1: Track competitor rankings If you’re using Ahrefs for SEO and keyword research, you can integrate with Stackby to

On Dec. 9, IBM unveiled a breakthrough in co-packaging optics that could reduce GPU downtime and accelerate AI training. IBM’s working prototype significantly increases the number of optical fibers connecting at the edge of a silicon photonics chip by replacing traditional glass with a polymer optical waveguide. This innovative approach could pave the way for faster, more efficient data transfer and allow data centers to handle greater workloads. The idea of co-packaged optics has been around for a long time, but IBM’s process enables what the company calls the world’s first stress-tested prototype. IBM spokespeople didn’t directly address questions about availability or a timeline. Instead, they emphasized their intent to develop a roadmap and expressed their openness to sharing design material with foundries in the future. “At the end, the chip product companies will have to ask for that, and then the product companies will design that into their chip design, and the foundries can manufacture,” Makesh Khare, general manager of IBM semiconductors, said at a briefing. “But it has no special requirement regarding the foundry aspect. It will have a design aspect we can provide to the chip companies.” What makes a polymer optical waveguide stand out? Co-packaged optics with polymer optical waveguides are an alternative to copper connections and are often used to link GPU accelerators in data centers. These sit at the edge of a chip and let many high-density bundles of optical fibers squeeze into a tiny space, with half a micron or less between the fiber and the connector. IBM said this brings a dramatic bandwidth boost between chips compared to electrical connections. The size — a 50-micron pitch — also differentiates the prototype. 250-micron pitch is a standard size. Going smaller translates to increased bandwidth. The polymer optical waveguide stacks in up to four layers for up to 128 channels. At the “beachfront” where the connector meets the chip, it presents 51 fibers per millimeter. The waveguide lids and polymer optical waveguide are integrated with a chip. Image: IBM More about data centers “The big deal is not only that we’ve got this big density enhancement for communications on module, but we’ve also demonstrated that this is compatible with stress tests that optical links haven’t been passing in the past,” John Knickerbocker, distinguished engineer at IBM research, said in a press release. “This co-packaged optics innovation is basically bringing the power of fiber optics on the chip itself,” Khare added. IBM’s polymer optical waveguide may compete with novel connectivity processes like the Ranovus Odin electronic and photonic integrated circuit or linear-drive pluggable optics. Researchers are also experimenting with glass ribbons or vertical-graded interconnections in this area. Knickerbocker said in the briefing: “It’s hard to say who is up in front“ between polymer optical waveguides and linear-drive pluggable optics. IBM has manufactured co-packaged optics with polymer optical waveguides at its Bromont testing facility in Quebec. SEE: Data centers will need more power for AI training as hyperscalers offer more advanced models. The proposed market: Data centers used to train AI IBM proposes the new connector could benefit the booming generative AI industry by: Power draw reduction (of up to 5 times) mid-range electrical interconnects, including at long ranges (hundreds of meters). Reduction in the time it takes to train a large language model, from three months to three weeks. Increased energy efficiency. “With this breakthrough, tomorrow’s chips will communicate much like how fiber optics cables carry data in and out of data centers, ushering in a new era of faster, more sustainable communications that can handle the AI workloads of the future,” SVP and Director of Research Dario Gil said in a press release. source

A new survey by CRM software firm Salesforce revealed that 61% of consumers in Singapore believe that companies are reckless with the customer data they provide, while 74% trust companies less than they did a year ago. The State of the AI Connected Customer research also found customers in Singapore were expecting more from companies when they do provide data. For instance, 75% of consumers wanted consistent interactions across departments, while 71% wanted fewer touchpoints to complete tasks. The survey also shows that IT, data, and AI professionals are fighting to retain customer trust while leveraging the power of data and AI in Singapore. Customers now trust organisations less — most likely due to loose data practices and data breaches — and may be less willing to hand over data in the future. Most Singaporeans do not trust businesses with their data Singapore customers appear to be increasingly suspicious of the way companies collect and manage their data. A survey conducted by Ping Identity in 2024, for example, found that of all surveyed Singapore consumers, the vast majority (86%) do not fully trust organisations that manage their identity data. The trust customers have in companies is declining around the globe. Source: Salesforce The trend is unsurprising, given the rising awareness of data mishandling and cyber breaches. In October 2024 alone, Singapore’s Personal Data Protection Commission issued three undertakings after ransomware attacks affected the personal data of over 690,000 individuals. The Commission blamed the undertakings on “various ransomware attacks due to the insufficient security IT measures implemented” by organisations. They join a long list of 44 undertakings given in 2024, all based on potential contraventions of Singapore’s Personal Data Protection Act 2012. The cyber threat environment is not helping trust. A recent cyber security survey from Cloudfare found that 41% of Asia-Pacific respondents, including Singaporeans, said their organisation experienced a data breach in the past 12 months, with 47% suffering from more than 10 data breaches. SEE: Three-quarters of companies retain an increasing amount of sensitive data The problem conditions for data are leading to consumer concerns. An IDC report conducted for APAC-based data management company Affinidi found that 59% of businesses indicated they are still struggling with security concerns from customers during the customer registration process. Must-read big data coverage Personalisation is preferred, but Singapore businesses are ill-prepared While customers are more wary of trusting companies with data, they also want the customer experiences that flow from handing over data. For instance, a 2021 survey from OpenText found 71% of Singaporean consumers are more likely to buy again from brands that provide them with personalised service. “Customers face a dilemma: the desire for personalised experiences… while at the same time, discerning how much data they should share to achieve such a goal,” the IDC report said. “Businesses must navigate the fine line between delivering tailored experiences and proving they can protect customers’ data.” According to IDC research, businesses in Singapore are more focused on achieving profitable growth and customer acquisition than personalising experiences. In other parts of the world, such as North America, competition has driven businesses to make personalisation using data a top priority. SEE: Australian organisations need to build trust with consumers over data and AI Singapore businesses may mature their data management skills to personalise their experiences further in the future. However, 55.5% of businesses surveyed for the IDC report highlighted data collection and management as a key challenge, especially given the current cybersecurity landscape. Perfecting data management a wise first step before AI Salesforce thinks AI could help reinforce customer trust. Its survey showed younger users in Singapore, in particular, were open to interacting with AI agents; millennials (53%) and Gen Z (47%) were most open to AI agents that enhanced the customer experience with personalised and valuable content. However, the successful deployment of AI, with its heavy reliance on underlying data to be effective, may require organisations to get better at managing data first. As IDC’s report said: “Only when a business has earned the customers’ trust do they then feel comfortable enough to share more data.” IDC identified several challenges Singapore businesses must overcome to improve data management: Tenable’s data and cloud security expert, Liat Hayun, recently told TechRepublic that it might be better for APAC organisations to think of data as “fuel” rather than “gold.” Thinking of data this way will allow them to better mitigate risks such as data breaches while leveraging the value of data for their business. “Fuel obviously has a lot of benefits,” Hayun explained. “You can fly an airplane with fuel. But it’s also risky if you don’t store fuel correctly and securely with the right mechanisms, and it spills over or causes a fire. That’s obviously the risk you’re taking, and there is this balance. “With data, I think we’re now starting to understand it is similar; it is not this neutral asset that you just store and accumulate and it has only benefits that allow your business to move faster and forward. It has risk associated with it. So you need to take into account and to balance those two things.” source

OpenAI released its video generator Sora to select tiers of ChatGPT users on Dec. 9 as part of the cascade of “shipmas” announcements. The organization first demonstrated Sora’s capabilities in February 2024. In the intervening months, they’ve built a faster version and explored how to release AI video generators responsibly. OpenAI’s emphasis on safety around Sora is standard for generative AI nowadays. Still, it also shows the importance of precautions regarding AI that could be used to create convincing fake images, which could, for instance, damage an organization’s reputation. As of Dec. 10, account creation on Sora was closed due to high demand. What is Sora? Sora is a generative AI diffusion model. Sora can generate multiple characters, complex backgrounds, and realistic-looking movements in videos up to a minute long. It can also create multiple shots within one video, keeping the characters and visual style consistent and making Sora an effective storytelling tool. Sora could be used to generate videos to accompany content, promote content or products on social media, or illustrate points in business presentations. While it shouldn’t replace the creative minds of professional video makers, Sora could be used to make some content more quickly and easily. “Media and entertainment will be the vertical industry that may be early adopters of models like these,’ Gartner Analyst and Distinguished VP Arun Chandrasekaran Chandrasekaran told TechRepublic in an email in February. “Business functions such as marketing and design within technology companies and enterprises could also be early adopters.” The UK, Switzerland, and parts of Europe won’t get access to Sora for now Currently, Sora is available in every region with access to ChatGPT except the United Kingdom, Switzerland, and the European Economic Area. The Guardian pointed out that Sora still needs to comply with the European Union’s GDPR and Digital Services Act and the UK’s Online Safety Act. OpenAI said in December it plans to expand access “in the coming months.” How do I access Sora? As of December, ChatGPT Plus and Pro users can access Sora at sora.com. Sora videos can be in 1080p resolution, up to 20 sec long, and in widescreen, vertical, or square aspect ratios. The interface allows users to insert their own content, and the “storyboard” tool helps users organize their prompts in sequence. The Sora interface includes the storyboard layout and feeds of featured videos. Image: OpenAI More must-read AI coverage How does Sora work? Sora is a diffusion model, meaning it gradually refines a nonsense image into a comprehensible one based on the prompt and uses a transformer architecture. The research OpenAI performed to create its DALL-E and GPT models — particularly the recapturing technique from DALL-E — were stepping stones to Sora’s creation. SEE: Chief AI officers may be key in APAC in 2025. Sora videos don’t always look realistic Sora still has trouble telling left from right or following complex descriptions of events that happen over time, such as prompts about a specific camera movement. Videos created with Sora are likely to be spotted through errors in cause-and-effect, OpenAI said in February, such as a person taking a bite out of a cookie but not leaving a bite mark. For instance, interactions between characters may show blurring (especially around limbs) or uncertainty in terms of numbers (e.g., how many wolves are in the video below at any given time?). What are OpenAI’s safety precautions around Sora? With the right prompts and tweaking, Sora’s videos can easily be mistaken for live-action. OpenAI is aware of possible defamation or misinformation problems arising from this technology. The company said in December that it has guardrails in place to prevent “child sexual abuse materials and sexual deepfakes.” Uploads of people in general are “limited.” If Sora is released to the public, OpenAI plans to watermark content created with Sora with C2PA metadata. The metadata can be viewed by selecting the image and choosing the File Info or Properties menu options. People who create AI-generated images can still remove the metadata on purpose or may do so accidentally. OpenAI does not currently have anything in place to prevent users of its image generator, DALL-E 3, from removing metadata. “OpenAI’s decision to delay public access to Sora, despite having the opportunity to release it sooner, is certainly commendable,” said Nana Nwachukwu, AI ethics and governance consultant at Saidot, in an email to TechRepublic. However, she said, it’s too early to say how effective OpenAI’s mitigation strategies will be or whether it will be released in the EU. “Governance must evolve alongside the technology to monitor and manage these risks,” said Nwachukwu. “Without continuous oversight and robust industry standards, the promise of innovation risks being overshadowed by the threat of misinformation and harm.” “It is already [difficult] and increasingly will become impossible to detect AI-generated content by human beings,” Chandrasekaran said in February. “VCs are making investments in startups building deepfake detection tools, and they (deepfake detection tools) can be part of an enterprise’s armor. However, in the future, there is a need for public-private partnerships to identify, often at the point of creation, machine-generated content.” What are the competitors to Sora? Sora’s photorealistic videos are quite distinct, but similar services exist. Perhaps the most high-profile among them are Google’s Veo, now in private preview, and Amazon’s upcoming Nova Reels. Runway provides ready-for-enterprise text-to-video AI generation. Fliki can create limited videos with voice synching for social media narration. Generative AI can now reliably add content to or edit videos taken conventionally as well. On Feb. 8, Apple researchers revealed a paper about Keyframer’s proposed large language model that can create stylized, animated images. Editor’s note: This article was originally posted in February and updated in December. source