Tech-2 Security

Its been a while since I last posted.  Been pretty busy with work which is good.  I've been playing around with a lot of new products and thought I would write this quick update. Back in the day when the only options were to configure systems via command line your average generalist would leave this type of thing to the "experts".  Now with the number of servers and workstations growing, the generalists have become more multitasking, bringing knowledge from home to the workplace and vice versa.  So what about security ?  Well this is an area in which a lot of people dabble without understanding the complexities of the task.  Just getting something working may be acceptable to get a result but not fully understanding the how and why poses the risk in security.  A GUI somewhat simplifies most tasks but an "invisible" command entered at the CLI of the same device will likely go unoticed. Everyday admins make changes to make their job easier, and often tak...

Microsoft `s final release of Office 2010 is due next month.  Most users with 64 bit machines will dive straight in and choose to install the 64 bit version.  Before doing so, read the following Microsoft recommendations. The recommendations for which edition of Office 2010 to install are as follows: If users in your organization depend on existing extensions to Office, such as ActiveX controls, third-party add-ins, in-house solutions built on previous versions of Office, or 32-bit versions of programs that interface directly with Office, we recommend that you install 32-bit Office 2010 (the default installation) on computers that are running both 32-bit and 64-bit supported Windows operating systems. If some users in your organization are Excel expert users who work with Excel spreadsheets that are larger than 2 gigabytes (GB), they can install the 64-bit edition of Office 2010. In addition, if you have in-house solution developers, we recommend...

Google have been asked to hand over hard disks from their street cars for investigation by the German Authorities to find the extent of data collection from Wi-Fi hostspots . Google have not yet responded to this request.

Google are reported to be under investigation in response to Street View cars inadvertantly collecting wi-fi data from broadcasting wi-fi systems.  Cars equiped to collect street view images were incorrectly loaded with experimental wi-fi software which enabled them to collect MAC addresses and SSID`s from wi fi devices. Publicly accessible systems may also have unknowingly given up payload data as well. Google have said that they are very sorry for the error and are to employ the services of a third party to confirm that the data has been securely deleted. It is interesting that this type of event  highlights the many issues users face.  Publicly accessible "free" wi fi hot spots always seem like a useful convenient tool, ideal for a bit of web browsing maybe, however anything remotely sensitive should never be carried out over these systems as we never know who is listening both through the airwaves and on the hardwired end of the access point. Man In The Middle (MITM) ...

I just read an article stating that the US military is looking to setup a cyber warfare division with the ability to defend and react to cyber attacks.  Although interesting reading I would have assumed that this sort of system would have been inplace already.  It obviously has a big task ahead in determining at what level they consider an attack to be taking place, when and how to respond. Presumably we are talking about a major targeted attack on military systems.  Judging by recent news coverage of NASA systems being snooped on for UFO evidence, setting decent passwords on their systems seems like a good starting point.

Another Fortinet announcement FortiGate-3950 Series Benefits (Lifted from Fortinet website) 120 Gbps firewall throughput ensures your policy enforcement won't affect network performance Modular design makes it easy for you to deploy exactly the performance you need today and in the future Advanced FortiASIC designs maximize throughput and deliver very low latency, delivering wire-speed firewall performance at 10-GbE and GbE link speeds Redundant, hot-swappable power supplies minimize single-point failures  Available FortiManager and FortiAnalyzer integration simplifies security management, reporting, and analysis while reducing operating expenses FortiGuard Subscription Services deliver automated, real-time, and up-to-date protection against security threats

Well, it's here at last. Just like the new government, Fortinet releases the all new Version 4 MR2 OS with its updated GUI. (In all fairness, it was released on April 1st but I like to leave things to settle before singing it`s praises). For those of you, like myself who have worked with Fortinet products for many years, the new GUI takes all of 5 minutes to figure out. The GUI is a major overhaul with vast improvements to the granularity of protection profiles to name but one of the many features. Under the hood there are a bunch of additonal features as well.  Too many to discuss here. For more information on the complete product range and features visit the Fortinet website. www.fortinet.com