Archive

Category Archives for "Networking"

How to avoid being the next Yahoo

It’s no longer about whether or not you’ll get attacked, it’s about knowing what the repercussions are and if you have the right controls to minimize or completely eliminate the fallout. In order to be able to do this effectively, you need be attuned with your network controls and architecture. Asking the right questions can get you there and also ensuring that network architects are aligned with business and security goals.VArmour CEO Tim Eades offers a few questions decision makers should be asking to ensure they keep their organizations from being the next Yahoo.If we were subject to a data breach, how would our controls and processes appear when described on tomorrow’s front page news?  Why is this important?To read this article in full or to leave a comment, please click here

How Does NetBeez Rate For Troubleshooting?

Continuing from my previous NetBeez post, I’d like to share some more detail on the charting and reporting capabilities of the product, and my experience using NetBeez to troubleshoot some real network issues.

Ask Me About My Beez!

Incidentally, as advertising slogans go, this one is surprisingly effective; I was surprised at how many people do actually approach and say “Ok go on then, tell me about your beez?”

Hands On Operations

I have been able to spend some time digging around the interface in anger, as it were, and seeing whether the NetBeez tools might raise an alert that otherwise wasn’t caught by other systems. To that end, I have one happy story, but also a number of things I found I wanted to be able to do, but couldn’t. These are things I might not have thought about had I not actually been using them for real, rather than just with test data.

Charts

The actual charts are quite nicely put together, although getting there can be a little cumbersome unless linked directly from an alert or something. For example, here is the top of the list of Resources within one of my Target test sets:

NetBeez Resources

If I click on the PING Continue reading

BrandPost: Evolving communications in a dynamic Software Defined world

In today’s business world, nothing is static. Business is constantly in motion, reconfiguring operations to take advantage of new opportunities and responding to customer needs. For an enterprise with multiple sites, that means that what works today from a networking perspective may not be adequate tomorrow.Meeting the needs of branch offices and remote sites depends on high-speed, powerful wide area network (WAN) capabilities. But for many organizations, the ability to meet peak demands means they would have to invest in capabilities that will at other times be underutilized.Enterprise IT managers are dealing with virtually insatiable demands for broadband. IDC data shows that more than 53% of enterprises expect to support a 20% yearly increase in WAN bandwidth, but within the constraints of flat budgets for connectivity and managed services.To read this article in full or to leave a comment, please click here

BrandPost: Visualizing a business-agile WAN

Businesses striving to achieve new levels of agility and the flexibility to pursue new opportunities are often running up against the restraints of legacy network infrastructure. It can be difficult to envision the pathway to the future.IDG Research Services surveyed more than 100 business and IT decision makers to explore the drivers and obstacles impacting network connectivity strategies. Most are eager to modernize their networks but feel constrained by financial considerations and the fear of getting locked into proprietary solutions.Overcoming network burdensThe typical enterprise today must absorb or outsource a huge burden of installing, configuring, and running wide area network (WAN) hardware that includes switches, routers, load balancers, VPNs, accelerators and firewalls.To read this article in full or to leave a comment, please click here

A dozen extensions to TCP/IP that optimize internet connections

Do you remember when we used multi-protocol routing for IPX, AppleTalk, and TCP/IP running on the same network? In the 1980s and early 1990s many enterprises had multiple protocols running on the physical network infrastructure as “ships in the night”. Cisco routers became highly adept at multi-protocol routing and the company grew in prominence as a result. Then in the early 1990s, TCP/IP won out and the internet took shape as the global network we enjoy today.To read this article in full or to leave a comment, please click here(Insider Story)

A dozen extensions to TCP/IP that optimize internet connections

Do you remember when we used multi-protocol routing for IPX, AppleTalk, and TCP/IP running on the same network? In the 1980s and early 1990s many enterprises had multiple protocols running on the physical network infrastructure as “ships in the night”. Cisco routers became highly adept at multi-protocol routing and the company grew in prominence as a result. Then in the early 1990s, TCP/IP won out and the internet took shape as the global network we enjoy today.To read this article in full or to leave a comment, please click here(Insider Story)

Check Point SandBlast takes endpoint protection to another level

Check Point has long been known as a firewall company but it is reaching beyond its roots with a new series of protective technologies under its SandBlast line.SandBlast has been around for several years, but received several significant updates over the past year to make it a truly effective endpoint protection product that can handle a wide variety of zero-day exploits across your entire enterprise.The goal behind SandBlast is simply stated: you want to lock down as many entry points for malware as possible, and make your network less of a target for hackers to establish a beachhead and run these exploits.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 10.17.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.ScreenBeam 960Key features: ScreenBeam 960 is an enterprise-grade wireless display receiver for business professionals, medical practitioners and educators who need wireless display connectivity to collaborate, create and communicate. More info.§  For medium-to-large scale deployments§  Designed specifically for commercial applications and dense wireless environments§  No Wi-Fi network required§  Supports Windows 7/8, 8.1 and 10To read this article in full or to leave a comment, please click here

New products of the week 10.17.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.ScreenBeam 960Key features: ScreenBeam 960 is an enterprise-grade wireless display receiver for business professionals, medical practitioners and educators who need wireless display connectivity to collaborate, create and communicate. More info.§  For medium-to-large scale deployments§  Designed specifically for commercial applications and dense wireless environments§  No Wi-Fi network required§  Supports Windows 7/8, 8.1 and 10To read this article in full or to leave a comment, please click here

New products of the week 10.17.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.ScreenBeam 960Key features: ScreenBeam 960 is an enterprise-grade wireless display receiver for business professionals, medical practitioners and educators who need wireless display connectivity to collaborate, create and communicate. More info.§  For medium-to-large scale deployments§  Designed specifically for commercial applications and dense wireless environments§  No Wi-Fi network required§  Supports Windows 7/8, 8.1 and 10To read this article in full or to leave a comment, please click here

Application tie-ins are taking center stage in collaboration

Combining different forms of collaboration in one platform is only part of the battle when it comes to helping co-workers connect. There’s also integration with productivity applications so that employees don’t have to constantly switch between screens.Cisco Systems scored a win in this area last month when it made a deal to bring its Spark and WebEx systems into Salesforce. But Avaya, an enterprise networking company that lacks Cisco’s heft and high-profile partnerships, says this is where it can stand out in workplace communication. On Monday, it announced an all-in-one collaboration platform called Avaya Equinox, plus an open SDK (software development kit) for making other applications work with it.To read this article in full or to leave a comment, please click here

Freeboard, web dashboards made easy

Amongst all of the things in our digital lives there’s one that’s increased exponentially over the last few years: Status data. Even though many services and devices are highly reliable we still need to keep an eye on everything so we need to monitor our network connections for availability and throughput, our servers and web apps for status, our log files for errors, our sales systems for orders, our trouble ticket systems for backlogs … the list grows every day and because each data source is a silo, we wind up with a ridiculous number of isolated status reports to routinely check . What we need is a dashboard to integrate all of our data sources.To read this article in full or to leave a comment, please click here

Windows SSH client with TPM

I managed to get an SSH client working using an SSH pubkey protected by a TPM.

This is another post in my series in playing with TPM chips:

Optional: Take ownership of the TPM chip

This is not needed, since TPM operations only need well known SRK PIN, not owner PIN, to do useful stuff. I only document it here in case you want to do it. Microsoft recommends against it.

  1. Set OSManagedAuthLevel to 4

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\TPM\OSManagedAuthLevel 2 -> 4

    Reboot.

  2. Clear TPM

    Run tpm.msc and choose “Clear TPM”. The machine will reboot and ask you to press F12 or something for physical proof of presence to clear it.

  3. Set owner password from within tpm.msc

Set up TPM for SSH

  1. Create key

    C:\> tpmvscmgr.exe create /name “myhostnamehere VSC” /pin prompt /adminkey random /generate
    PIN must be at least 8 characters.

  2. Create CSR

    Create a new text file req.inf:

    [NewRequest]
Subject = “CN=myhostnamehere”
Keylength = 2048
Exportable = FALSE
UserProtected = TRUE
MachineKeySet = FALSE
ProviderName = “Microsoft Base Smart Card Crypto Provider”
ProviderType = 1
RequestType = PKCS10
KeyUsage = 0x80

    C:\> certreq -new -f req.inf  Continue reading

Windows SSH client with TPM

I managed to get an SSH client working using an SSH pubkey protected by a TPM.

Optional: Take ownership of the TPM chip

This is not needed, since TPM operations only need well known SRK PIN, not owner PIN, to do useful stuff. I only document it here in case you want to do it. Microsoft recommends against it.

  1. Set OSManagedAuthLevel to 4 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\TPM\OSManagedAuthLevel 2 -> 4

    Reboot.

  2. Clear TPM

    Run tpm.msc and choose “Clear TPM”. The machine will reboot and ask you to press F12 or something for physical proof of presence to clear it.

  3. Set owner password from within tpm.msc

Set up TPM for SSH

  1. Create key

    tpmvscmgr.exe create /name "myhostnamehere VSC" /pin prompt /adminkey random /generate

    PIN must be at least 8 characters.

  2. Create CSR

    Create a new text file req.inf:

    [NewRequest]
Subject = "CN=myhostnamehere"
Keylength = 2048
Exportable = FALSE
UserProtected = TRUE
MachineKeySet = FALSE
ProviderName = "Microsoft Base Smart Card Crypto Provider"
ProviderType = 1
RequestType = PKCS10
KeyUsage = 0x80

    certreq -new -f req.inf myhostname.csr

    If you get any errors, just reboot and try again with the command that failed.

  3. Get the CSR signed by any Continue reading

13% off AmazonBasics High Security 17-Sheet Micro-Cut Paper, CD, and Credit Card Shredder – Deal Alert

This powerful shredder from AmazonBasics micro-cuts a letter-sized sheet of paper into 2,235 useless pieces of confetti, up to 17 sheets at a time. Inserted one at a time into the designated slot, it also destroys credit cards, CDs, DVDs, and Blu Rays, rendering them completely unusable. It features a generous 7-gallon bin that pulls out for easy disposal. This micro-cut shredder averages 4.5 out of 5 stars on Amazon from over 170 people (82% rate a full 5 stars: read reviews). Its typical list price of $165 has been reduced 13% to $144.To read this article in full or to leave a comment, please click here

13% off AmazonBasics 17-Sheet Micro-Cut Paper, CD, and Credit Card Shredder – Deal Alert

This powerful shredder from AmazonBasics micro-cuts a letter-sized sheet of paper into 2,235 useless pieces of confetti, up to 17 sheets at a time. Inserted one at a time into the designated slot, it also destroys credit cards, CDs, DVDs, and Blu Rays, rendering them completely unusable. It features a generous 7-gallon bin that pulls out for easy disposal. This micro-cut shredder averages 4.5 out of 5 stars on Amazon from over 170 people (82% rate a full 5 stars: read reviews). Its typical list price of $165 has been reduced 13% to $144.To read this article in full or to leave a comment, please click here

13% off AmazonBasics 17-Sheet Micro-Cut Paper, CD, and Credit Card Shredder – Deal Alert

This powerful shredder from AmazonBasics micro-cuts a letter-sized sheet of paper into 2,235 useless pieces of confetti, up to 17 sheets at a time. Inserted one at a time into the designated slot, it also destroys credit cards, CDs, DVDs, and Blu Rays, rendering them completely unusable. It features a generous 7-gallon bin that pulls out for easy disposal. This micro-cut shredder averages 4.5 out of 5 stars on Amazon from over 170 people (82% rate a full 5 stars: read reviews). Its typical list price of $165 has been reduced 13% to $144.To read this article in full or to leave a comment, please click here

1 2,184 2,185 2,186 2,187 2,188 3,354