Why you need to Network scan & Audit!

Well this week I’m speaking at Multiple Microsoft events. The first is Microsoft Sinergija 2011 in Belgrade and the second is Microsoft Vizija 9 in Skopje in Macedonia.  It’s so amazing to see such passion in numbers. I’m looking forward to it.

As a security guy I’m often asked to look over new products and give my feedback.  This week I was contacted by some of those nice folks over at GFI, you know the ones who produce GFI Essentials to name but one.  Anyway they asked me if they could guest post…hey being a generous guy I said no problem. So here you are J

3 Reasons to Use a Network Scanner

A network scanner will help you keep control of many areas and systems of your company’s network. The main benefits of a network scanner are the ability to audit the hardware connected to the network, the ability to detect the software that is running on the network and provide assurance that you are in compliance with regulatory security requirements.

Hardware Auditing

Modern networks are more or less “plug and play”. An administrator can bring in a new PC, plug it into a free socket and voilà, an IP address is assigned and is the machine is ready to be used without any additional configuration. The ease of adding new network devices is a double-edged sword. It allows for networks that scale easily and rapidly, but this also means that the administrator can quickly lose control of his network assets. A network scanner will greatly aid the administrator in this situation. Network scanners are designed to scan your network and probe every device that is connected to it. This allows the administrator to keep an up-to-date inventory of all his hardware assets and it will also help him monitor and detect devices that should not be there in the first place.

Software Auditing

Every network device can run a piece of software. Hackers very frequently exploit bugs in this software to gain unauthorized access to your systems. To stop this threat, administrators perform a process called patch management, allowing them to look out for vulnerability notifications and download and install patches where necessary. On large networks it is not feasible for a system administrator to monitor every piece of software on every machine. For this task he will need a network scanner. Network scanners probe every single network device that they find, and determine whether a device is running insecure or outdated software. Good network scanners can detect unauthorized software running on client and server PCs. This greatly reduces the risk of cyber-attacks and virus outbreaks.

Regulatory Compliance

Companies that process or store customer credit card data must adhere to strict laws and regulations to ensure that this data is safe. One such regulation is the PCI Data Security Standard (PCI DSS), which is mandatory regardless of how small or big a company is. If a company is processing credit cards, it must comply with PCI DSS. There are stiff penalties for those found not in compliance.

Fighting Fire with Fire

Network scanners are a hacker’s favorite tool and many network scanners are available to them. These tools probe your network allowing a hacker to map-to-map parts of your network infrastructure and look for vulnerabilities. To counter this threat, always use a professional, enterprise quality and up-to-date network scanner and detect vulnerabilities before a hacker does.

This guest post was provided by Jeremy Pullicino on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on the importance of using a network scanner.

All product and company names herein may be trademarks of their respective owners.

Posted in Cybercrime, microsoft, Security | Leave a comment

Jersey Digital Parenting at it’s Best!

With Cybercrime on the increase and social networking sites like Facebook about to reach 600 Million users protecting and informing your loved ones, business and government infrastructure have never been so important. Today I’m in Jersey (the original) and I’m speaking at a digital parenting event. I’m delighted to be part of events like this as I get the opportunity to not only explain some of the dangers but also show them.

Tonight my session is Cybercrime: Inside the mind of a hacker. This 90 or so minute session looks at everything current including social networking, identity theft and of course just who are the bad guys and how to they operate. So if you’re around the event starts at 6.30pm with a BBQ followed by my session at 7.30pm. BTW a few tools to get you started. Protect your PC With Microsoft Security Essentials. It’s as good as any paid anti-virus solution http://www.microsoft.com/en-gb/security_essentials/default.aspx. BEWARE OF A FAKE PRODUCT CALLED SECURITY ESSENTIALS 2011. Only use genuine Microsoft software. Another great “digital parent” is K9. It allows you to easily configure rules for how your kids use the internet and chat services. http://www1.k9webprotection.com/

And finally a great solution that captures the nasty stuff while it’s still out there. Open DNS is a free or at most almost free service which aims to capture all the nasty stuff before it comes knocking at your door. http://www.opendns.com/

There you have it. See you there… http://www.gov.je/News/2011/Pages/DigitalParentingDay.aspx

Posted in Security | Leave a comment

Windows 8 is Here! (Almost)

Well having been shrouded in much secrecy Windows 8 finally came to the table yesterday. BTW I do mean shrouded in secrecy. Even as a Microsoft MVP, we have been kept away from getting a glimpse. Strange as I would have thought that getting your core evangelists on board to tell the world but alias no, like everyone else we have to attend Microsoft Build, which is the new trendy name for its latest developer conference.

On top of the agenda of course was Windows 8, which I am glad to say I’ve been looking forward to for some time. Initially downloadable as a “Developer Release” this version does NOT have all the bits yet and as such it might (does) seem a bit clunky, especially if you don’t have a touch enabled PC. Which let’s face is the vast majority of the population does not (except the IPhone or Ipad of course). First impressions! It’s very Windows phone(ish), so if you’re not a fan then watch out.

However that said my initial reaction is generally good. The installation process on a 64bit Dell Studio XPS was smooth. In terms of hardware requirements MS are not saying very much other than it will run on anything fairly modern. However to get the full functionality you will need a Touch enabled device with technologies like USB3 and a face recognition capable camera etc. In terms of the desktop experience…I like the tiles, although once in an application, if you don’t have touch it’s pretty difficult to get out of. I’m sure they will fix this though.

Once you have access to the desktop things start to look familiar, the start menu (now a square) the taskbar (yawn, come on guy’s it’s almost 7 years old). However I do like the new task manager, which makes me want to look under the surface. Watching the keynote’s various demos’ some pretty impressive trickery was shown, including the new fast boot feature. This I’m sure makes great use of our old friend the Hiberfill.sys file.  One feature I really love is the ability to log in with your Live account and sync your photos and data direct to the cloud. Also in terms of security it looks like face recognition is finally going to see the end of the dreaded username and password.

Now over the coming months we will of course see the Beta release which will no doubt complete the OS with missing features and functionality but, as long as you see this for what it is “A Developer Preview” then I think you will be suitably impressed. Now if you missed the keynote for build you can watch it here http://www.buildwindows.com/

Posted in microsoft, Quality Training News | Tagged | Leave a comment

ADFS V2.0 – The Skill to Have!

This week I’ve been in London teaching one of my favourite classes Implementing Microsoft Active Directory Federation Services 2.0. Now if you like me have a vested interest in cloud computing this is a skill that you must get on board with ASAP.  ADFS can be deployed in a number of Scenarios to allow businesses to:

  1. 1. Connect to and Interact with a cloud provider, Office 365, Google etc.
  2. 2. Deployed to allow staff to connect from the internet to use internal web applications such as SharePoint.
  3. 3. In a business to business scenario which provide the capability for business partners to federate data between them.

Personally I think if you are interested in attending the new Office 365 Ignite training then this is one class that is an obvious compliment. The course is MS 50412 and is a 4 day class.  Now in terms of set up there are a few pre-requisites such as either installing a Certificate Authority )CA) or obtaining a public certificate from the likes of VeriSign or GoDaddy.com. Next download ADFS V2 form the Microsoft website http://www.microsoft.com/download/en/details.aspx?id=10909 For a great deployment  guide click here http://technet.microsoft.com/en-us/library/adfs2-deployment-guide(WS.10).aspx Now as well as the deployment guide check out the design guide http://technet.microsoft.com/en-us/library/adfs2-design-guide(WS.10).aspx John Crtaddock is on of my fellow speakers who presents at TechEd and he is probably of the world most foremost experts on Active Directory and ADFS check out his session videos on TechNet and the TechEd Online website Now a number of bloggers have created step by step guides on hopw to connect AD to Office 365 using ADFS V2.0 so rather thaan replicate them here, this is a good one http://blogs.technet.com/b/danielkenyon-smith/archive/2011/05/10/configuring-adfs-v2-0-for-office-365.aspx Daniel give a great walkthrough. Also I was looking for a good reference point of the claim rule language for ADFS and found this on TechNet, it’s a great primer http://technet.microsoft.com/en-us/library/dd807118(WS.10).aspx Finally in terms of Troubleshooting take a look at this http://www.myitforum.com/absolutenm/templates/Articles.aspx?articleid=21856&zoneid=101 and this http://www.facebook.com/note.php?note_id=488993938234&comments&ref=mf and this http://technet.microsoft.com/en-us/library/adfs2-troubleshooting-guide(WS.10).aspx

Posted in microsoft | Leave a comment

Is it time to brush up on some new skills?

This week I’m off to Oslo for a week of Office 365. In reference to my last post on hot security trends for 2011 I began to think what would be the trends for the folks who want to keep their skills up to date. Last week I went on an exam blitz and completed both Lync Server 2010 exams to become an MCITP Lync server Administrator. In this period of what I call the calm before the storm. That’s the period before Microsoft normally release a ton of new products it’s a great time to ensure your skills are up to date. With the economy looking as grim as ever I think it’s important to ensure that you are marketable. Don’t make excuses and wait for somebody else to control your destiny , you have to take the reins.

In 2010 we will no doubt have the latest version of Windows, Office, Exchange and SharePoint (I like to call these the 15 wave). How do you know that I hear you ask? Experience my friend, every time MS have released a new version of Windows the others have been very close behind. So if you are thinking about updating your skills and you are let’s say an MCSE then do it now, don’t wait. 2003, Windows XP they are so OLD. The skills and knowledge gap is slipping away from you my friend. You have hot shot kids snapping at your heels, don’t take knowledge for granted. Microsoft Certification has gone through a bit of a revival recently with partners having to renew out-dated certifications and contractors scrambling to learn the new stuff before new contract are announced.

But what are these golden nuggets of knowledge Andy, I hear you say what are these HOT product areas to focus in on?  Well it’s your lucky day, I’ve listed them below. For more information visit the Microsoft Learning portal www.microsoft.com/learning it’s packed with goodies to help you on your way. Also TechNet is a must at www.microsoft.com/technet Good luck J

  1. 1. Microsoft Windows 7 Upgrade!
  2. 2. Windows Server 2008 R2
  3. 3. Microsoft Lync Server 2010
  4. 4. Microsoft Forefront Identity Manager
  5. 5. Active Directory Federation Services V2.0
  6. 6. Microsoft Virtualization (Check Out System Centre Virtual Machine Manager Beta 2012)
  7. 7. Microsoft SharePoint 2010
  8. 8. Microsoft Exchange Server 2010
  9. 9. Windows Azure
  10. 10. Microsoft Private Clouds

Best of luck!

Posted in microsoft, Quality Training News, Springboard | Tagged | Leave a comment

The Rise of Anonymous & Cyber Security Trends to be aware of…

As the summer rolls on and parts of England have been embroiled in teenagers going on the rampage causing untold damage. I couldn’t help notice that the number of hacking attacks and greatly increased. Yesterday it was reported that kids have been using tools like Blackberry Messenger and Twitter to co-ordinate attacks. Are these the new tools of revolution? In the Middle East it certainly seems so. Combined with Cyber-Attacks they certainly do present themselves as a formidable weapon.
Their argument is that Facebook has grown to powerful and that the information held on people constitutes a threat to privacy. A fair point but at the end of the day we as users post information every day, that to be quite frank should not be there. Perhaps a little lesion in Social Networking Security or Parenting skills on the internet would be helpful. Anyway….something to think about.
Emerging Trends in IT Security
There have been huge changes in the world of IT in recent years. IT teams have a host of new security threats to protect against and, at the same time, core issues such as reliable antivirus and firewall protection are still essential. This article explores some of the emerging trends and what type of measures IT department should implement to improve the level of security in the corporate network:

  1. Society is becoming more tech savvy, as shown by the popularity of modern devices such as iPads, Kindles and netbooks. Unfortunately, the old adage that “a little knowledge is a dangerous thing,” is often proved to be true, and many of this new breed of technical enthusiasts won’t be aware of the damage they can cause to a corporate system if, for example, they plug an infected netbook into an office LAN.
IT departments are advised to take a paranoid approach to these potential breaches in security and make full use of products that monitor the entire network, and quickly notify administratators of new risks to the infrastructure.

  1. The need to comply with various regulatory frameworks is becoming more relevant to an increasing range of organizations.  For example, the Payment Card Industry Data Security Standard (PCI DSS) rules mean that every company that processes details related to credit and debit card transactions must now adhere to a detailed set of standards.
For companies that have not historically needed to comply with information security frameworks, these requirements can be intimidating, especially where compliance is regularly assessed. Using software solutions that are designed to ensure compliance can help IT teams follow the rules.

  1. Multicore processers and inexpensive RAM are leading more and more companies to make heavy use of virtualization technologies within server infrastructures. However, virtual servers are no less vulnerable to exploits from malware and other security threats.
It is sensible to use a vulnerability scanning technology that is fully compatible with virtual environments. This should be able to spot potential security flaws both within the virtual machines, and on the physical hardware supporting them.

  1. Patch management is becoming increasingly difficult to handle without the help of a dedicated solution. The increasing technical awareness of users means that many will wish to use alternative web browsers and other software products. IT departments therefore need to keep on top of security updates for a huge range of programs. Thankfully, good patch management solutions are able to manage updates for a host of third-party products as well as the core operating systems used to run them.
  2. Network security in general has become far more complex. For every machine on the LAN, the IT technician must consider protection from traditional viruses, malware and scareware, spam, and unpatched or unauthorized software. For more and more companies, failure to do this can result in legal implications for failing to adhere to official compliance regulations. Dealing with each risk in isolation is becoming simply too time-consuming for the average IT department, meaning a software solution that oversees every element is becoming a necessity rather than a luxury.
Overall, the size of a company now makes little difference in terms of what is required for effective IT security. Even the smallest firm needs to gauge how vulnerable their systems are, and they need use the right software to protect their network from the growing number of security threats appearing daily.
This guest post was provided by Ben Taylor on behalf of GFI Software Ltd. GFI is a leading software development company that provides a single source for network administrators to address their network security, content security and messaging needs.

All product and company names herein may be trademarks of their respective owners.
Posted in Cybercrime, Security | Tagged | Leave a comment

Office 365 Released! Whoo Hoo!

Office 365 is here! Over the past few months I have been teaching the Office 365 Ignite. The much anticipated on line office platform is a great step forward for partners and customers alike. The cool thing is that is scales from 1 to many, so even if you are a one man band then your business can enjoy the power of cloud computing. If you are an enterprise or larger business integrating the on-line platform with your current on-site solution is a breeze. With technologies like Dirsync and ADFS V2.0 you can have a hybrid or coexistence model for full flexibility.

This week I’ve just returned from delivering the Ignite class in Belgium. We had great feedback about the product and the course. Delegates are super excited about Office 365 and rather than fearing the product many are embracing it as a money making opportunity. If you are a small business then take a look at Small Business Server 2011. This great solution can also integrate with Office 365 to provide and really exciting and cost saving platform. For more details click here http://www.microsoft.com/sbs/en/us/overview.aspx To sign up for a free 30 day trial for Office 365 simply visit www.office365.com If you fancy attending one of the new Ignite classes then visit www.globalknowledge.co.uk for a schedule for the UK. www.globalknowledge.se for Sweden, www.globalknowledge.no for Norway, www.globalknowledge.be for Belgium and www.globalknowledge.dk for Denmark.

Posted in microsoft, Quality Training News, Springboard | Tagged | Leave a comment

GFI LanGuard Review!

This week I’ve been in Jersey teaching a Cyber-Security MasterClass. Thanks to Ronnie for making me feel so welcome. Also a big thanks to everyone who attended my session at the Jersey BCS group. You guy’s rock. For the remainder of this week I’ve been looking over the latest version of GFI LanGuard. I must say that I’m very impressed. Languard boasts a number of pretty cool features including Application patch management. This is something that so many companies can use. I’ve been saying for a while but in terms of keeping systems patched this can be you first line of defence. Now while Microsoft do a pretty good job with Windows, application patch management can be a bit tricky. This is where GFI LanGuard provides a pretty hassle free solution.

Once of my favourite features of Windows Server 2008 R2 and Windows 7 is Applocker. It’s a great feature that provides both a whitelisting and blacklisting solution for applications that can be used on your network. Now while this is a great feature the interface can be a little tricky. Fortunately LanGuard builds on this to provide a really easy enterprise solution. With its Automatic remediation of unauthorized applications feature, as part of a routine scan, any unauthorized applications are identified and (optionally) uninstalled automatically by LanGuard, very cool!

Of course at the heart of LanGuard are a set of invaluable tools for security professionals including a number of great venerability scanning and auditing tools which can perform in excess of over 45000 checks on your system.

This week in my session I spoke about the importance of risk management. Tools like LanGuard will help is helping you identify and keep track of your assets as well as ensuring on-going compliance. So in conclusion I am delighted to have had the opportunity to Play around with GFI LanGuard. Sure there are many similar products in the market, but not one that brings all these elements together in such a professional way. For more details on LanGuard you can visit there site here http://www.gfi.com/network-security-vulnerability-scanner/ where you can also download a trial version. Enjoy!

Posted in Cybercrime, Security | Tagged | Leave a comment

Internet Explorer 9 & SCVMM 2012 (Beta) released!

Well this week I am glad to say I am feeling much better after my trip to Lithuania. You guy’s were great! This week I am back in Germany teaching the US Army all about Windows Server. What a great class. These guys are so driven and passionate they are a pleasure to teach. On the subject of passion Microsoft have been very busy this week. First it’s MMS in the US and to celebrate MS have released Internet Explorer 9 which in my opinion goes from strength to strength. Check out the Tracking Protection feature which keeps all those nasty spammers away. Download today http://technet.microsoft.com/en-us/default.aspx

Also released t0o Beta is the o so cool Virtual Machine Manager 2012 or SCVMM 2012 Beta. Now this is a great app. Not only does it allow you to manage VMs in both Hyper-V and VMWare but also manage them anywhere, local, remote and now in the cloud! Anyway find out more here http://technet.microsoft.com/en-gb/evalcenter/gg678609.aspx?wt.mc_id=TEC_88_1_7

Next week I am in Sofia, Bulgaria for MS Days. I have a busy 2 days with not just 1 session but 4! Including a session called Microsoft – Back to the Future… A fun look at where Microsoft have come from and where they may possibly go. Be part of it here! http://www.msbgregistration.com/

Posted in microsoft, Springboard | Leave a comment

From Seattle to Dubai and Now Lithuania, Whew!!

Well it’s been a busy time during the past few weeks. A couple of weeks back I spent the week at Microsoft Corp for the annual MVP Global Summit. It was great catching up with friends and colleagues. As an Enterprise Security guy it’s always great spending time at the mother ship as the stuff you learn lasts a long time. From there I took a quick hop across the Atlantic (Well not so quick) to spend the evening at home before I climbed aboard another flight, this time bound for Dubai.

After Seattle the weather was certainly welcomed. I was in town for TechEd Middle east 2011. What a great event. Microsoft has really put a lot of effort into this year’s event and my congrats go out to the team for all their hard work. Thanks to all the great attendees who attended the Security track sessions, for a 3rd year in a row I am a top 10 speaker so thank you so much for that. Dubai is truly one of the most amazing places on Earth with glitz and opulence that would make your eye’s water.

Well just as I am getting used to walking on home soil I’m off to Lithuania tomorrow for a quick stop off in Vilnius to deliver a couple of Security sessions to 200 or so eager Microsoft beavers, so that should be fun. This will be a first for me and I always feel a little like that famous traveller Michael Palin when I arrive on new shores. Anyway If you are planning tomorrows event here is the link and I look forward to seeing you there. https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032480558&Culture=LT-LT

Posted in Cybercrime, microsoft, Security | Leave a comment