Monday, August 26, 2013

Protecting Your Network: The Policy

In order to successfully defend any network from potential attackers, it’s important to take a layered approach to security. There are many different layers to network security ranging from physical security to network device security to user device security to logging and analysis.

The most important part of any network security implementation should be the written Network Security Policies. Network Security Policies are written with specific items in mind. Some examples of Network Security Policies would be an “Acceptable Use” policy or “Equipment Disposal” policy.  These policies contain rules and regulations and can provide instruction for performing certain tasks within an organization. They are meant to ensure that people follow a designed procedure to prevent any type of breach that could come from not following a specific policy. Additionally, policies must be created and / or updated as technology changes, and those policies must be reviewed and understood by pertinent users in the organization. Having policies is pointless if no one knows you have them or if they don’t understand them.

Network Security as a whole can be a daunting task for even the most security-conscious engineers, managers, and executives. There are a great many pieces and parts that mesh together to form the overall security infrastructure for any business. Think of network security as being much like a medieval knight’s armor. If there are “chinks” in the armor, you may or may not be able to see them - but they are still there. It’s really not a matter of “if” someone will find those “chinks”, but more a matter of “when”. The only major difference between armor and network security is that you know instantly if an attacker penetrates your armor. You may not know an attacker has penetrated your network until it’s too late.

Thursday, August 22, 2013

Great Lakes Computer Achieves Healthcare Certifications from Juniper Networks and VMware

Great Lakes Computer has recently achieved Healthcare certifications from Juniper Networks and VMware. As one of only eleven partners throughout the U.S. to achieve the Healthcare Accreditation from Juniper, this accreditation reflects Great Lakes Computer’s in-depth knowledge of the unique challenges facing the healthcare industry. It also reflects a comprehensive understanding of how Juniper Networks Healthcare solutions can be leveraged to cost-effectively deliver the extra capacity, security, and capabilities healthcare organizations require across both wired and wireless infrastructures.

Great Lakes Computer has also attained a Healthcare specialization from its virtualization partner, VMware, in recognition of their expertise in the Healthcare marketplace. As an expert in leveraging VMware virtualization and cloud solutions for the benefit of Healthcare customers, Great Lakes Computer is one of ten partners in Michigan and 142 nationwide to achieve the Healthcare specialization from VMware.

Through these accreditations, Great Lakes Computer offers the specific expertise to address issues such as:
  • Unreliable or unsustainable legacy networks resulting in loss of connection, lack of coverage, and lack of support
  • The influx of tablets and smartphones placing additional burden on the network and increasing the risk of security breaches
  • Significant increases in data traffic resulting in slow or failed applications, decreasing the speed of response times for clinicians
The healthcare certifications through Juniper Networks and VMware are about more than simply understanding what products allow healthcare organization to meet compliance and budget requirements, but about how to enable better patient care. And for many healthcare organizations, the benefit of having a technology partner that truly understands their specific issues is unparalleled.

For more information, check out the official press release here

Thursday, August 15, 2013

Increase Efficiency with Veeam Backup and Replication v7

Announced in June, the new and improved Veeam Backup and Replication version 7 was engineered to make backups of virtual machines more efficient. Designed for both VMware and Microsoft virtualized environments, Veeam Backup and Replication v7 features seven major modifications and approximately 50 minor tweaks.

Of all of these changes, there are three that seem to be the most promising in terms of expanding Veeam’s existing customer base: built-in Wide Area Network (WAN) acceleration, long-term retention to tape, and backup from storage snapshots.

The built-in WAN acceleration offered by Veeam Backup and Replication v7 boasts an improvement of up to 50 times the speed of a traditional file copy across the WAN by decreasing the amount of data sent across the connection. By pre-determining what data blocks are already there and sending less data, the process is much quicker and more efficient. 

The primary advantages offered by Veeam Backup and Replication v7’s support for long-term retention to tape is the ability to tier levels of backup by archiving long-term data and moving it to cheaper storage. This feature was largely brought about by customer demand, and allows Veeam to perform this function in house, where in the past they would have had to work with a partner.

Last but not least, Veeam Backup and Replication v7 dramatically improves recovery point objectives (RPOs) with backup from storage snapshots. Backup from storage snapshots also significantly reduces the impact that backup activities have on the production environment by enabling a backup process to keep a virtual machine snapshot for only a brief moment, resulting in instant VM snapshot commit. Unlike existing snapshot backup solutions, Veeam leverages VMware changed block tracking (CBT) to greatly reduce backup time for incremental backups. Currently, Veeam’s backup from storage snapshot feature is only available with HP StoreVirtual Storage and HP 3PAR StoreServ Storage products; however, Veeam’s engineers are hard at work with other storage vendors to expand compatibility.

Thursday, August 8, 2013

What's New in VMware Horizon Workspace Version 1.5

VMware has recently released Horizon Workspace version 1.5, a move designed to simplify the experience for both the end user and the IT guy in an increasingly mobile world. This release extends the simplicity offered by the pre-existing single, aggregated workspace combining data, applications and desktops. It also enables VMware Horizon Workspace to aid in controlling the complexity that has arisen from the BYOD explosion.

VMware Horizon Workspace 1.5 makes it a much simpler task to support the mobile workforce and introduces the advantage of a highly integrated mobile management platform. This integrated management interface is designed to support Android devices, with the goal of supporting Apple iOS devices in iOS 7 in the future.

Since the explosion of BYOD has resulted in a variety of mobile device models and platforms, between smart phones and tablets and Android and Apple, IT has been burdened with more components to manage, adding further layers of complexity and stress. Additionally, Android is notoriously difficult to manage. However, Horizon Workspace easily allows IT administrators to standardize the management of Android devices and alleviates this particular IT burden.

VMware Horizon Workspace is available as a virtual appliance that can easily be deployed on site and integrated with existing enterprise services. Other key advantages offered by the latest version of VMware Horizon Workspace include integration with VMware Horizon Mobile, a policy management engine designed to consolidate, model and rationalize policies across all components, and support for mobile applications that more easily allow IT administrators to entitle and manage applications.

Thursday, August 1, 2013

Protecting Your Network: The “New” Firewall

There are different types of firewalls out there, but they mainly perform some variation of the following tasks:  Filter packets based on port, perform “stateful” packet filtering, and perform application level filtering.  Depending upon manufacturer and age, your firewall may be capable of performing one or all of these functions. 

The best firewalls perform additional functions such as IDP (Intrusion Detection) / IPS (Intrusion Prevention), gateway anti-virus, application level inspection (also called application firewalling), as well as standard features like NAT (Network Address Translation) / PAT (Port Address Translation), routing and VPN.  In small businesses, it’s possible to have a device that performs all of these functions.  For larger enterprises, these functions may be separated to different hardware devices to increase performance.

The problem with basic firewalls, ones that only perform packet filtering and stateful filtering, is that many of the attackers use ports and rules to perform a legitimate function that will inject traffic with malicious intent into the allowed traffic.  One example is a simple web server.  A traditional firewall will allow traffic from the internet to TCP port 80 for web access to this site.  Depending upon what the site is, what hardware it actually runs on, how it’s written / coded, and if it has a connection to another resource (such as an E-Commerce site connecting to a SQL server database for customer records), there may be known or unknown vulnerabilities affecting that server.  A common vulnerability in this example would be SQL Injection.  A traditional firewall would allow this type of traffic because it is unable to differentiate between a normal user of the website and a malicious user injecting their code into the data stream. 

Next-Generation Firewalls help to detect this type of attack by actively inspecting and reading the contents of every packet that is allowed into a network.  These firewalls can determine, based on signature or some other definition, which traffic is legitimate and which is not.  A lot of attacks can be thwarted by using application-level inspection.  These firewalls can also look for anomalies in traffic patterns; that is, traffic that does not match a known good or bad signature.  It then performs an action based on the traffic not matching any known pattern.  This feature offers protection against unknown and “zero-day” exploits.  The bottom line is that the old method of installing a firewall, setting up NAT, and allowing certain port traffic in while blocking other ports, is no longer adequate to protect a network.