Hyper-V ConceptsIt's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
For every business, established or emerging, the Internet is an essential tool which has proved to be indispensable. The usefulness of the internet can be counteracted by abuse of it, by a business’s employees or guests. Activities such as downloading or sharing illegal content, visiting high risk websites and accessing malicious content are serious security risks for any business.
There is a very easy way of monitoring, managing and implementing effective Internet usage. GFI WebMonitor can not only provide the aforementioned, but also provide real – time web usage. This allows for tracking bandwidth utilisation and traffic patterns. All this information can then be presented on an interactive dashboard. It is also an effective management tool, providing a business with the internet usage records of its employees.
Such reports can be highly customised to provide usage information based on the following criteria/categories:
Some of the sources for web abuse that can be a time sink for employees are social media and instant messaging (unless the business operates at a level where these things are deemed necessary). Such web sites can be blocked.
GFI WebMonitor can also achieve other protective layers for the business by providing the ability to scan and block malicious content. WebMonitor helps the business keep a close eye on its employees’ internet usage and browsing habits, and provides an additional layer of security.
On its main dashboard, as shown below, the different elements help in managing usage and traffic source and targets:
Figure 1. WebMonitor’s Dashboard provides in-depth internet usage and reporting
WebMonitor’s main dashboard contains a healthy amount of information allowing administrators and IT managers to obtain important information such as:
Knowing which applications are used to access the internet is very important to any business. Web applications like YouTube, Bittorrent, etc. can be clearly identified and blocked, providing IT managers and administrators a ringside view of web utilisation.
The Cisco ASA Firewall 5500-X series has evolved from the previous ASA 5500 Firewall series, designed to protect mission critical corporate networks and data centers from today’s advanced security threats.
Through sophisticated software and hardware options (modules), the ASA’s 5500-X series Firewalls support a number of greatly advanced next-generation security features that sets them apart.These include:
Our previous article examined Cisco’s ASA 5500 series Firewall hardware modules, which include the Content Security CSC-SSM & Intrusion Prevention System (IPS) / Intrusion Detection System (IDS) AIP-SCC / AIP-SSM modules. While these solutions are no longer sold by Cisco, they have been widely deployed in data centers and corporate networks around the world and will be supported by Cisco until 2018.
Note: To download datasheets containing technical specifications and features offered by the Cisco 5500-X Series Firewalls with FirePOWER, IPS and CX Context-aware services, visit our Cisco ASA 5500 & 5500-X Series Adaptive Security Appliances Download Section.
Since Cisco’s announcement back in 2013 regarding the discontinuation of its ASA 5500 series firewall appliances in favour of the newer 5500-X Next Generation Firewalls, customers have been contemplating when to upgrade to the newer 5500-X series. Given the fact that Cisco is no longer providing major firmware upgrades to the older ASA 5500 series and the appearance of new advanced security threats and malware (e.g ransomware), it is now considered imperative to upgrade to the newer platform so that security is maintained at the highest possible level.
Customers seeking advanced protection are likely to consider expanding their ASA Firewall capabilities with the purchase of an IPS module, CX Context-aware or FirePOWER services.
Figure 1. The Cisco FirePOWER hardware module for the ASA-5585-X Firewall
Cisco’s FirePOWER advanced security threat protection solution was introduced late 2014 and its purpose is to replace the current ASA 5500-X IPS and ASA CX 5500-X Context-aware offerings.
The diagram below shows key security features provided by most Cisco ASA Firewall appliances. Features such as Clustering, High Availability, Network profiling, Identity-Policy Control, VPN and advanced access lists have until today been fairly standard offerings across the ASA Firewall series, however, the newer 5500-X can now offer the additional FirePOWER services marked in red below:
Cisco’s Adaptive Security Appliance (ASA) Firewalls are one of the most popular and proven security solutions in the industry. Since the introduction of the PIX and ASA Firewall into the market, Cisco has been continuously expanding its firewall security features and intrusion detection/prevention capabilities to adapt to the evolving security threats while integrating with other mission-critical technologies to protect corporate networks and data centers.
In recent years, we’ve seen Cisco tightly integrate separate security technologies such as Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) within the ASA Firewall appliances in the form of hardware module add-ons (older 5500 series & newer 5500-X series) and, recently, software modules supported only by the newer ASA 5500-X series security appliances.
With the addition of the software or hardware module, customers are able to increase the firewall’s security and protection capabilities while at the same time simplifing security management and administration by dealing with a single firewall device instead of multiple firewall, IPS or IDS devices.
While this article covers the hardware modules available for the Cisco ASA 5500 Firewall series, upcoming articles will cover both software and hardware modules along with Cisco FirePOWER & FireSIGHT management services for the newer ASA 5500-X series.
Note: The Cisco ASA 5500 series hardware modules for ASA-5505, ASA 5510, ASA 5520 & ASA 5540 have been announced as End-of-Sale & End-of-Life. Modules below are no longer sold by Cisco, however, they will be fully supported until 30th of September 2018.
Users interested in the newer ASA 5500-X IPS, Context-Aware and FirePOWER services can read our article Cisco ASA 5500-X Series Firewall with IPS, ASA CX & FirePower Services. Application Visibility and Control (AVC), Web Security, Botnet Filtering & IPS / IDS.
The ASA 5500 series Firewalls (ASA-5505, ASA 5510, ASA 5520, ASA 5540 etc) were the first security appliances with the capability to integrate hardware modules for enhanced security and threat protection.
To help target different markets and security requirements, Cisco split its hardware module offerings into two distinct categories:
Each hardware module card is equipped with its own CPU, RAM and Flash storage space, running a separate operating system that integrates with the ASA Firewall via its internal network ports.
Let’s take a brief look at each category.
The Content Security and Control Security Services module aims to cover corporate environments where comprehensive malware, advanced content filtering (including Web Caching, URL filtering, anti-phishing), and anti-spam filtering is required. This all-in-one hardware module solution is capable of providing a wealth of security and control capabilities essential for all size networks.
Following are the hardware modules supporting Content Security and Control Security Services:
The new Hyper-V virtualization features offered by Windows Server 2016 are planning to make major changes in the virtualization market. From Nested Hyper-V, revolutionary security, new management options to service availability, storage and more.
Learn all about the new hot virtualization features offered by Windows Server 2016 by attending the free webinar hosted by Altaro and presented by two Microsoft Cloud and Datacenter Managerment MVP’s Andy Syrewicze and Aidan Finn.
It’s a reality – Australia now has its own Official Cisco Data Center User Group (DCUG) and it’s growing fast! Originally inspired by Cisco Champions Chris Partsenidis and Derek Hennessy, the idea was fully backed by Cisco Systems as they happened to be looking to start up something similar on a global scale.
The idea was born in the morning hours of the 18th of March 2016 over a hot cup of coffee when Chris Partsenidis and Derek Hennessy met for the first time, after Cisco’s Live! in Melbourne Australia. Both Chris and Derek agreed that it was time to create a friendly professional Cisco community group that would gather Cisco professionals and encourage users to share knowledge and experience.
The proposal was sent to Lauren Friedman at Cisco Systems, who just happened to be working on a similar concept on a global scale. Lauren loved the idea and, with her help, Australia got its first official Cisco Data Center User Group!
Becoming part of the Melbourne Cisco Data Center User Group is absolutely free and, by joining, you’ll be part of Australia’s first official Cisco user group, which is currently the largest in the world!
The user group will catch up on the first Tuesday of every month at the The Crafty Squire at 127 Russell Street in Melbourne CBD. We’ll be located upstairs in Porter Place. Our first meeting will be on Tuesday June 7th 2016 and all meetings will take place between 17:30 and 19:30.
For the duration of the meeting, we’ll have free beer for all registered members, food and if we are lucky – free Cisco beer mugs! The mugs are actually on their way from the USA and we are hoping to have them in time before the meeting otherwise we’ll be handing them out during the following meeting.
Figure 1. The Porter Place - Crafty Squire
For more details about our regular meet ups and join our community, head over to the Cisco Data Center User Group page on Meetup.com.
We're really excited to start building a Data Center community in Melbourne so come along and join us!
Vendor Session: Infrastructure as Code and DevOps
Speaker: Chris Gascoigne - Technical Solutions Architect, Cisco Systems Melbourne, Australia
Chris Gascoigne is a Technical Solutions Architect with Cisco Systems working in the Australia/New Zealand Data Centre team. Chris has been with Cisco for nine years and specialises in Application Centric Infrastructure.
Community Session: GNS3 Connectivity
Speaker: Will Robinson - Senior Systems Engineer, Cube Networks
Will Robinson is a Senior Systems Engineer with Cube Networks and has extensive networking and data center experience. Will is an active community member and is the only Australian member of the NetAppATeam group.