Hyper-V ConceptsIt's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
Windows 10 latest update 1607 code named Anniversary update promises to introduce a number of significant enhancements including breaking your trustworthy Cisco IPSec VPN client. After installing the Anniversary update users will receive a familiar message from the Compatibility Assistant:
Figure 1. This app can’t run on this PC. Cisco VPN Client doesn’t work on this version of Windows
The good news is that what you’re reading is not true – While Windows 10 does in fact disable the application, getting it to work again is a very easy process and very similar to installing the client on the Windows 10 operating system.
The following steps will help rectify the problem and have your Cisco IPSec VPN client working in less than 5 minutes.
Windows 7 32bit & 64bit users can read our Cisco VPN Client Fix for Windows 7 Operating System.
Windows 8 32bit & 64bit users can read our Cisco VPN Client Fix for Windows 8 Operating System.
Windows 10 Anniversary users without the Cisco VPN Client should read our article How to Install and Fix Cisco VPN Client on Windows 10.
Head to the Firewall.cx Cisco Tools & Applications download section to download and extract the Cisco IPSec VPN Client installation files on your computer. The Cisco VPN installation files will be required for the repair process that follows.
Note: The Cisco IPSec VPN Client is offered in a 32Bit and 64Bit version. Ensure you download the correct version for your operating system.
After the file extraction process is complete, go to the Windows Control Panel and select Programs and Features. Locate the Cisco Systems VPN Client, select it and click on Repair:
Figure 2. Initiating the Repair of the Cisco IPSec VPN Client
The repair process will ask for the location of the Cisco VPN installation files – simply point it to where the files were extracted previously e.g c:\temp\vpnclient.
At this point the Windows 10 User Account Control will prompt for confirmation to allow the Cisco VPN application to make changes to your device. Click Yes to continue:
This article shows how to reset a password on a Cisco Catalyst 3750-X (stacked or single unit) and Cisco Catalyst 3560-x switch without losing its startup configuration. The Cisco password recovery procedure involves interrupting the switch’s normal boot procedure, renaming the flash:config.text (that’s the startup-config file for switches) to something else e.g flash:config.text.old so that the configuration file is skipped during bootup.
Once the switch has loaded its operating system we can enter privileged-exec mode, rename back the flash:config.text.old to flash:config.text (startup-config), copy the startup-config file to memory (DRAM), make the necessary password changes and save the configuration.
The procedure described below assumes the password recovery mechanism is enabled (by default, it is) and there is physical access to the switch or stack (3750-X only).
Note: If this procedure is being performed on a 3750-X stack, it is important to understand that all switches participating in the stack should be powered off and only the Master switch is powered on when initiating the password recovery procedure. The Master switch can be easily identified by searching for the switch with the green “Master” LED on.
On a 3750-X switch, Power off the entire stack or standalone switch. On a Catalyst 3560-X switch, power off the switch. Connect your console cable to the switch – 3750-X Master or the standalone switch.
Reconnect the power to the switch (standalone 3750-X or 3750-X) or stack master (3750-X stack only). Within 10 seconds, press and hold the Mode button while the System LED is flashing green. After the System LED turns amber and then solid green, release the Mode button.
Now initialize the flash file system, rename the startup configuration file (config.text) and boot the IOS:
According to Wikipedia, security is defined as the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset which in almost all cases, will include an organizations’ website, web service and IT infrastructure.
At the same time, it is important to realize that security is a very broad term. Many people mistakenly associate network security with web application security. While there are some similarities, there are also many distinct differences that necessitate a unique approach to each. The assumption that a secure network results in a secure web application and vice versa is a critical mistake.
In this article, we are going to look at what makes web application security different from network security and why an approach that addresses both is the only way forward when it comes to maintaining an effective overall IT security posture.
Network security can be either hardware based (routers with a built-in firewalls, network intrusion and detection systems) or software based. Because network security has been around for a very long time, it’s often the first thing that comes to mind when people think about security. Web application security on the other hand, is a relatively new challenge.
Much like a moat, curtain wall and portcullis protect a castle, network security plays the important but restrictive and limited role of keeping the bad guys (hackers) out and allowing the “good guys” to enter. In the DMZ environment there’s an overall focus on protecting the perimeter that surrounds the website, web application or web service with the help of a Firewall security appliance. Although this works well in some instances, Firewall security appliances are no longer considered an adequate solution because they are unable to protect organizations from their own vulnerable web services or web application servers.
For every business, established or emerging, the Internet is an essential tool which has proved to be indispensable. The usefulness of the internet can be counteracted by abuse of it, by a business’s employees or guests. Activities such as downloading or sharing illegal content, visiting high risk websites and accessing malicious content are serious security risks for any business.
There is a very easy way of monitoring, managing and implementing effective Internet usage. GFI WebMonitor can not only provide the aforementioned, but also provide real – time web usage. This allows for tracking bandwidth utilisation and traffic patterns. All this information can then be presented on an interactive dashboard. It is also an effective management tool, providing a business with the internet usage records of its employees.
Such reports can be highly customised to provide usage information based on the following criteria/categories:
Some of the sources for web abuse that can be a time sink for employees are social media and instant messaging (unless the business operates at a level where these things are deemed necessary). Such web sites can be blocked.
GFI WebMonitor can also achieve other protective layers for the business by providing the ability to scan and block malicious content. WebMonitor helps the business keep a close eye on its employees’ internet usage and browsing habits, and provides an additional layer of security.
On its main dashboard, as shown below, the different elements help in managing usage and traffic source and targets:
Figure 1. WebMonitor’s Dashboard provides in-depth internet usage and reporting
WebMonitor’s main dashboard contains a healthy amount of information allowing administrators and IT managers to obtain important information such as:
Knowing which applications are used to access the internet is very important to any business. Web applications like YouTube, Bittorrent, etc. can be clearly identified and blocked, providing IT managers and administrators a ringside view of web utilisation.
The Cisco ASA Firewall 5500-X series has evolved from the previous ASA 5500 Firewall series, designed to protect mission critical corporate networks and data centers from today’s advanced security threats.
Through sophisticated software and hardware options (modules), the ASA’s 5500-X series Firewalls support a number of greatly advanced next-generation security features that sets them apart.These include:
Our previous article examined Cisco’s ASA 5500 series Firewall hardware modules, which include the Content Security CSC-SSM & Intrusion Prevention System (IPS) / Intrusion Detection System (IDS) AIP-SCC / AIP-SSM modules. While these solutions are no longer sold by Cisco, they have been widely deployed in data centers and corporate networks around the world and will be supported by Cisco until 2018.
Note: To download datasheets containing technical specifications and features offered by the Cisco 5500-X Series Firewalls with FirePOWER, IPS and CX Context-aware services, visit our Cisco ASA 5500 & 5500-X Series Adaptive Security Appliances Download Section.
Since Cisco’s announcement back in 2013 regarding the discontinuation of its ASA 5500 series firewall appliances in favour of the newer 5500-X Next Generation Firewalls, customers have been contemplating when to upgrade to the newer 5500-X series. Given the fact that Cisco is no longer providing major firmware upgrades to the older ASA 5500 series and the appearance of new advanced security threats and malware (e.g ransomware), it is now considered imperative to upgrade to the newer platform so that security is maintained at the highest possible level.
Customers seeking advanced protection are likely to consider expanding their ASA Firewall capabilities with the purchase of an IPS module, CX Context-aware or FirePOWER services.
Figure 1. The Cisco FirePOWER hardware module for the ASA-5585-X Firewall
Cisco’s FirePOWER advanced security threat protection solution was introduced late 2014 and its purpose is to replace the current ASA 5500-X IPS and ASA CX 5500-X Context-aware offerings.
The diagram below shows key security features provided by most Cisco ASA Firewall appliances. Features such as Clustering, High Availability, Network profiling, Identity-Policy Control, VPN and advanced access lists have until today been fairly standard offerings across the ASA Firewall series, however, the newer 5500-X can now offer the additional FirePOWER services marked in red below: