SecurityIntelligence.com: Protecting Your Network Through Understanding DNS Requests

Most of us know how the Domain Name System (DNS) is a critical piece of our network infrastructure and have at least one tool to keep DNS requests current and clear of potential abuses. Sometimes a little common sense and knowledge of your system log files and the DNS requests contained therein can go a long way toward understanding when your enterprise network infrastructure has been breached. I note a tale from the Cisco Talos blog how they just used some common sense research in my latest blog post for SecurityIntelligence.com today.

Coping with Mixed Operating Systems: Strategies for Supporting Enterprise Heterogeneity

Back in October 1993, I wrote a story for Computerworld about how IT shops are dealing with supporting a mixture of OS’s. Back then, we didn’t have Chrome OS, or BYOD, or even a common TCP/IP protocol that was in much use to connect disparate systems. I wrote then:

When it comes to supporting enterprise networks, heterogeneity has become a fact of life, and this is especially true when it comes to supporting operating systems. For better or worse, the networks of today have become a real mixed bag.

How very true. For a look back in time, check out the link above. And for a more modern story, I was interviewed on this topic for NewEgg’s B2B site, in this story: Support Chromebooks in a Windows Domain. This article links to some modern tools that can be used to administer mixed OS’s.

iBoss blog: The IoT Can Be a Potent Insider Threat

Insider threats can come from the most unexpected places. Earlier this year, the hacker Andrew Auernheimer created a script that would scan the Internet to find printers that had port 9100 open. The script then printed out racist documents across the globe

You can read my post here about the threat of Internet-connected printers.

The Evolution of today’s enterprise applications

Enterprises are changing the way they deliver their services, build their enterprise IT architectures and select and deploy their computing systems. These changes are needed, not just to stay current with technology, but also to enable businesses to innovate and grow and surpass their competitors.

In the old days, corporate IT departments built networks and data centers that supported computing monocultures of servers, desktops and routers, all of which was owned, specified, and maintained by the company. Those days are over, and now how you deploy your technologies is critical, what one writer calls “the post-cloud future.” Now we have companies who deliver their IT infrastructure completely from the cloud and don’t own much of anything. IT has moved to being more of a renter than a real estate baron. The raised-floor data center has given way to just a pipe connecting a corporation to the Internet. At the same time, the typical endpoint computing device has gone from a desktop or laptop computer to a tablet or smartphone, often purchased by the end user, who expects his or her IT department to support this choice. The actual device itself has become almost irrelevant, whatever its operating system and form factor.

At the same time, the typical enterprise application has evolved from something that was tested and assembled by an IT department to something that can readily be downloaded and installed at will. This frees IT departments from having to invest time in their “nanny state” approach in tracking which users are running what applications on which endpoints. Instead, they can use these staffers to improve their apps and benefit their business directly. The days when users had to wait on their IT departments to finish a requirements analysis study or go through a lengthy approvals process are firmly in the past. Today, users want their apps here and now. Forget about months: minutes count!

There are big implications for today’s IT departments. To make this new era of on-demand IT work, businesses have to change the way they deliver IT services. They need to make use of some if not all of the following elements:

  • Applications now have Web-front ends, and can be accessed anywhere with a smartphone and a browser. This also means acknowledging that the workday is now 24×7, and users will work with whatever device and whenever and wherever they feel the most productive.
  • Applications have intuitive interfaces: no manuals or training should be necessary. Users don’t want to wait on their IT department for their apps to be activated, on-boarded, installed, or supported.
  • Network latency matters a lot. Users need the fastest possible response times and are going to be running their apps across the globe. IT has to design their Internet access accordingly.
  • Security is built into each app, rather than by defining and protecting a network perimeter.
  • IT staffs will have to evolve away from installing servers and towards managing integrations, provisioning services and negotiating vendor relationships. They will have to examine business processes from a wider lens and understand how their collection of apps will play in this new arena.

 

Network World: Slow Internet links got you down? Try Dyn’s Internet Intelligence

dynAs businesses extend their reach to more corners of the world, wouldn’t it be nice if you could monitor any Internet service provider from any location? Thankfully, Dyn, which sells DNS management tools, acquired Renesys earlier this year and extended the features of the Renesys’ Internet Intelligence product.

You can read the full review in Network World here.

Making IT Monitoring a Snap with CA Nimsoft Monitor Snap

Snap can be used in a wide variety of monitoring situations, such as to track servers, virtual machines, applications, databases, network and storage devices.

We tested version 7.1 of Snap on a network where it quickly discovered our Windows, Mac and Linux machines in February 2014. It is free and fully functional to monitor up to 30 devices, with a paid version for larger networks.
http://ca.com/snap

Cloud Migration Made Easy with CloudVelocity One Hybrid Cloud

One Hybrid Cloud can migrate both physical and virtual servers to the cloud using simple but powerful methods that can preserve an entire application with its networks and services.

One Hybrid Cloud
CloudVelocity Inc.
http://cloudvelocity.com

Supports various Linux and Windows servers and Amazon Web Services
Pricing starts at $15,000/year for a basic application license that can migrate up to 50 servers, based on app complexity and critical services.

Using Cisco ASA CX Firewall To Protect Your Network

Cisco ASA has better application granularity, a more flexible means of policy creation, and easier to use controls and more powerful reports than its predecessors. We tested the ASA-5525-X in January 2013 and found a much improved user interface and lots of content-aware features.

http://cisco.com/go/asacx

 

Pricing starts at $13,500 for hardware and software subscriptions.

Boost your social media intelligence with tracx.com

Tracx is a social intelligence software platform that allows enterprises to manage, share and extract actionable insights, threats and opportunities from the social web —in real time.

www.tracx.com
Price starts at $1000 per month for a single brand, which includes unlimited topics and results.

Solera Helps You Respond Rapidly to Security Events

SoleraSix from Solera Networks will provide greater detail of your network traffic and help you respond quickly – and intelligently – to network-based threats. The SoleraSix product takes the form of a hardware or virtual appliance to capture all network traffic and a Web browser front-end. Prices start at $10,000 for the Virtual Appliance model. We tested SoleraSix on a live network in February 2012.

http://SoleraNetworks.com

877-5Solera