• Best VPN Service

    Top VPNs that Unlock Netflix, provide Secure Torrenting, Strong Encryption, Fast Downloads, DNS Leak Protection, Identity Protection and have Cheap VPN prices.

    read more

    Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

Hot Downloads

Netflow: Monitor Bandwidth & Network Utilization. Detect LAN, WAN, Wi-Fi Bottlenecks, Unusual Traffic Patterns, Problems and more

Posted in Netflow

netflow analyzer introMonitoring network traffic & bandwidth usage via Netflow is mandatory for any type and size network. Gaining visibility into user traffic, application traffic and data flows allows network engineers, administrators and security specialists detect bottlenecksnetwork congestion, unusual traffic patterns, monitor SLA agreements with providers, verify bandwidth availability, detect Quality of Service (QoS) issues, Wi-Fi Network monitoring, plus much more.

Here’s what we’ve got covered in this article:

 

Netflow: Discovering & Monitoring Your Network Traffic

Netflow is a network protocol developed by Cisco used to collect IP traffic information and monitoring network traffic. It’s used and supported in almost any network and has become the de-factor industry standard.

Other vendors support similar flow technologies, here are a few examples:

  • HP/3Com, Dell and Netgear: s-flow
  • Juniper: Jflow
  • Ericsson: Rflow
  • Alcatel-Lucent: Cflow
  • Huawei: NetStream

IT infrastructure has become much more sophisticated in the last decade and equally complicated. With the market growing every day, customer expectations are higher than ever. Networks are no more limited within a firewall. Now it extends to public and private clouds, and SaaS. This makes it more important for network admins to ensure faster connectivity between the user, and the public and private clouds or data centres.

The primary objective of bandwidth analysis is to monitor the performance of your network, and this can include different types of bandwidth utilization such as application traffic, wireless network, Wide Area Network (WAN) or Local Area Network (LAN) utilization, etc., where every device, service, and individual user is competing for their share of bandwidth. While the immediate solution for traffic congestion could be increasing your bandwidth capacity, the challenge is in realizing if your enterprise even requires that extra bandwidth. And in case you find yourself unable to provide sufficient bandwidth to users based on their needs or unable to control non-business traffic, you are not alone.

Network admins cannot manually keep track of everything going on in your network 24x7, and according to reports and surveys conducted by Packeteers, at least sixty to seventy percent of network managers don’t know what is traversing their networks. Your network is prone to various attacks, and congestions or spikes in your network could be caused by internal or external threats that can vary from DDoS attacks to your own business-critical applications.

As we can appreciate, it is extremely important the network tools used are capable of providing enough information and visibility so we can monitor, identify and troubleshoot effectively and efficiently as possible.

A common question is what capabilities should the bandwidth monitoring tool provide?

Important Features in a Netflow Monitoring Tool: Visibility

How To Secure Your SD-WAN. Comparing DIY, Managed SD-WAN and SD-WAN Cloud Services

Posted in SD-WAN

how to secure your sd-wanWith so much enterprise network traffic now destined for the cloud, backhauling traffic across an expensive MPLS connection to a data center to apply security policy no longer makes sense. Software-defined WANs (SD-WAN) promise lower transport costs with direct, higher-performing connections to cloud and Internet resources. But what are the security implications of moving traffic off of private MPLS VPNs and onto public broadband links?

This article tackles the above and many more questions around enterprise WAN network connectivity options and the different type of SD-WAN network implementations along with their advantages and disadvantages.

Here’s what we’ve got covered for you:

Directly connecting branch offices to the cloud increases your exposure to malware and Internet-borne attacks, expanding your attack surface across many sites. If not adequately addressed, these risks could outweigh the cost and performance benefits of SD-WAN. Let’s take a look at the SD-WAN options for securing your sites.

SD-WAN Deployment Options

There are a few SD-WAN options available. Each requires a different approach to branch security:

  • Do it yourself (DIY): It’s possible to build and manage your own SD-WAN by deploying firewalling and unified threat management (UTM) capabilities yourself at each branch site. You can install separate physical appliances for each type of security you need or run the security tasks as virtual network functions (VNFs) in software. VNFs usually run in a special CPE appliance, but it may also be possible to run the VNFs in your branch router, depending on which router vendor you use.
  • Telco managed SD-WAN services: This option mirrors the DIY approach above; however, a telco resells the needed SD-WAN appliances and software to you and manages the installation on your behalf. The SD-WAN setup is the same but lightens the load on your IT staff and reduces the need for specialized SD-WAN skill sets in-house.
  • SD-WAN as a cloud service (“SD-WANaaS”) from a software-defined carrier (SDC): With this option, most SD-WAN functions run as a distributed, multi-tenant software stack in a global, private cloud maintained by your SDC. The provider integrates multiple levels of security into the network in the cloud, and your traffic traverses the SDC provider’s own IP backbone, avoiding the risk and best-effort performance challenges of the public Internet.

Let’s take a closer look at each approach.

Precision Web Application Vulnerability Scanning with Interactive Application Security Testing (IAST)

Posted in Web Application Vulnerability Scanners

web application vulnerability testingThere are two primary approaches to web application security testing. Dynamic Application Security Testing (DAST), also called black box testing, imitates an attacker.

The application is tested from the outside with no access to the source code or the web server. Static Application Security Testing (SAST), also called white box testing, imitates a code reviewer. The application source code is analyzed from the inside.

Before we dive deeper into these interesting web application testing and vulnerability scanning technologies, let's take a quick look at what's covered:

Analyzing Dynamic Security & Static Application Security Testing

Both of these methods have lots of advantages. The DAST approach is very practical and has huge coverage. You can run a black box test on an application written even in the most exotic technology or language. Its coverage is even bigger because detected vulnerabilities can be caused for example by bad configuration and not by mistakes in the source code.

On the other hand, SAST can let you discover some things that are not obvious when seen from the outside. For example, additional URLs or parameters. With white box testing, you also know immediately where the problem is located in the source code so it speeds up fixing.

interactive application security testing

IAST provides precision web vulnerability scanning

Imagine how effective a security scan can be if you were to join the two methods together! And no, this is not just theory, it actually exists. The merger of these two approaches is called Interactive Application Security Testing (IAST) or gray box testing and is available for example in Acunetix (thanks to its AcuSensor technology).

A free trial Web Vulnerability Scanner can be downloaded from: Acunetix

What Can You Do with IAST?

Free Azure IaaS Webinar with Microsoft Azure Engineering Team

Posted in Other Articles

free azure iaas webinar with microsoft azure engineering teamImplementing Infrastructure as a Service (IaaS) is a great way of streamlining and optimizing your IT environment by utilizing virtualized resources from the cloud to complement your existing on-site infrastructure. It enables a flexible combination of the traditional on-premises data center alongside the benefits of cloud-based subscription services. If you’re not making use of this model, there’s no better opportunity to learn what it can do for you than in the upcoming webinar from Altaro: How to Supercharge your Infrastructure with Azure IaaS.

The webinar will be presented by Thomas Maurer, who has recently been appointed Senior Cloud Advocate, on the Microsoft Azure Engineering Team alongside Altaro Technical Evangelist and Microsoft MVP Andy Syrewicze.

The webinar will be primarily focused on showing how Azure IaaS solves real use cases by going through the scenarios live on air. Three use cases have been outlined already, however, the webinar format encourages those attending to suggest their own use cases when signing up and the two most popular suggestions will be added to the list for Thomas and Andy to tackle. To submit your own use case request, simply fill out the suggestion box in the sign up form when you register!

Once again, this webinar is going to presented live twice on the day (Wednesday 13th February). So if you can’t make the earlier session (2pm CET / 8am EST / 5am PST), just sign up for the later one instead (7pm CET / 1pm EST / 10am PST) - or vice versa. Both sessions cover the same content but having two live sessions gives more people the opportunity to ask their questions live on air and get instant feedback from these Microsoft experts.

Save your seat for the webinar!

Free IaaS Webinar with Microsoft Azune Engineering Team

 

Free Web Application Vulnerability Report (2019) – Popular Web Attacks, Vulnerabilities, Analysis, Remediation

Posted in Web Application Vulnerability Scanners

2019 web application vulnerability report – Popular Web Attacks, Vulnerabilities, Analysis, RemediationAcunetix has just released their annual Web Application Vulnerability report which aims to provide security professionals, web application developers, system administrators, web server administrators and other interested parties with an analysis of data on web application vulnerabilities detected the past year via scans run on the Acunetix Online platform.

The extensive report has been compiled from scans performed from more than 10,000 targets and reveals some very interesting results about today's security threats and the percentage of organizations that correctly deal with their vulnerable web applications and exploits. From SQL Injection vulnerabilities to Cross-Site-Scripting (XSS) vulnerabilities, popular CMS platform vulnerabilities to remediation steps and more.

Here are some of the report's highlights that will surely interest every IT security professional and web application developer

  • 46% of websites scanned contained high severity vulnerabilities
  • 87% of websites contained medium severity vulnerabilities
  • SQL Injection vulnerabilities have declined slightly
  • 30% of websites contained Cross-Site-Scripting (XSS) vulnerabilities
  • 30% of websites had vulnerable JavaScript Libraries
  • 30% of websites were WordPress sites with a number of vulnerabilities

The free to download report is a great opportunity for professionals to learn more about the latest and greatest vulnerabilities circling the web and proactively take measures to ensure their own websites and web applications are properly tested and patched against popular vulnerabilities and attacks.

Here’s vital security information the 2019 Web Application Vulnerability Report contains:

  • Vulnerabilities that are rising and falling in frequency
  • Vulnerability findings by type and severity
  • Changes in the threat landscape from both clients and server sides
  • The four major stages of vulnerability analysis
  • Detailed analysis of each discovered vulnerability – how it works, pointers and remediation steps
  • Current security concerns – increasing complexity of new applications, accelerating rate of new versions and the problem of scale
  • Vulnerabilities that are major to the security of all organizations, regardless of their size and location.
  • Plenty of useful information and advice aimed for network security professionals, web application developers, IT Managers, security auditors, application architects and more.

The 2019 Web Application Vulnerability Report is offered completely free to download and is used by leading security professionals and web application developers to help understand how to protect network and applications for the latest security threats and web vulnerabilities.

2019 web application vulnerability report pages

Click image to download

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup