• January 16, 2021

    How Having a Sonicwall Firewall Installed Can Protect Against Hackers

    You’ve seen the headlines — US Suffered Massive Cybersecurity Breach Worst-Ever US Government Cyberattack.  You may have even paused long enough to read beyond the headlines. Now is the time to think about having  a sonicwall and firewall installed.

    That’s not exactly true.  Your business may not be the target of an elaborate attack, but there are plenty of insights to be gained from a more in-depth look at SolarWind’s Sunburst Vulnerability.

    What Happened?

    SolarWind offers network monitoring tools that help detect, diagnose, and resolve network performance problems and outages.  Its monitoring solutions are used by numerous US Government Agencies as well as large multi-national corporations to ensure their networks perform as optimally as possible.  Like many software providers, SolarWind offers automatic updates.

    SolarWind maintains a server that stores its updates.  Customers may request updates from the server and install them manually, or they can have the updates downloaded and installed automatically.  Hackers were able to compromise SolarWind’s update server and place malicious code in the updates.  The code gave the bad actors remote access to any network running the compromised update.

    Based on initial assessments, the attack began in March of 2020. Still, it was not discovered until December, when FireEye, a cybersecurity firm, conducted an internal investigation into a breach of its system.  During this investigation, FireEye determined that hackers gained remote access to its network through the malicious code embedded in SolarWind’s updates.

    What Can We Learn?

    SolarWind’s compromise was an example of a supply chain attack, where hackers exploit a vulnerability in one system to compromise other organizations.  Part of the success of a supply chain attack rests with the traditional cybersecurity mindset that everything inside a network is secure.  In other words, companies would fortify the perimeter of their networks, assuming everything inside the walls was secure.  In today’s environment, boundaries are more porous, and it’s not as simple as an us-versus-them approach to cybersecurity.

    Trust No One

    Zero Trust Architecture is a cybersecurity model that assumes that every user, application, or resource is a potential hacker.  It uses hardware and software to ensure that the entity requesting access has permission.  Part of a zero-trust framework is micro-segmenting and least-privileged access, making it more difficult for users to move inside as well as outside the network.

    Many organizations implement some form of “whitelisting,” where specific applications, URLs, or static IP addresses do not go through the established scanning or protection protocols.  Software updates from a trusted source such as SolarWind would fall within the category.

    Use Best Practices

    The National Institute of Standards and Technology issued a special publication 800-171, which proposes a cybersecurity framework for non-federal organizations.  It’s intended to provide best practices for cybersecurity.  For example, NIST 800-171 Section 3.4 discusses the importance of proper firewall configuration and management, including the use of black-and-white-listing.

    Investigations are still underway regarding the precise nature of the SolarWind breach; however, it has been suggested that the front-facing update server was compromised.  Given that the NIST 800-171 was published in February of 2020, it’s unlikely that SolarWind had adopted any of NIST’s security recommendations.

    Review Update Policies

    Managing software updates for an enterprise can be challenging.  Should updates be downloaded automatically?  If so, should they be segmented from the rest of the network until scanned?  Should updates be installed automatically without checking for possible compromises?  Most SolarWind clients who were infiltrated allowed updates to be downloaded and installed without manual intervention.

    While the automatic updating of software applications is common practice, more companies need to revisit their policies given the SolarWind incident.  Cybersecurity has multiple layers that must be analyzed to ensure that no vulnerabilities are exposed.  Partial implementation can lead to system compromises.

    Remember Everyone is a Target

    Many companies do not see themselves as possible targets.  They consider their virtual assets of little value to hackers.  For cybercriminals, size doesn’t matter.  Even a few records with confidential or personal information can be sold on the dark web.  Cybercrime has grown into a criminal network, where organized crime groups perform 55% of all attackers.

    How do SonicWall’s Firewalls Protect Against Attacks?

    Firewalls are the first line of defense for most organizations, but firewalls are not created equal.  Some firewalls focus on keeping malware out.  Others watch traffic in and out of a system.  SonicWall’s series of firewalls offers features to meet rigorous cybersecurity standards.  Depending on the specific firewall, SonicWall’s solutions provide a range of features to protect data from inside and outside a network’s perimeter.

    Traffic Controls

    SonicWall’s solutions provide the following features to control traffic and protect digital assets.

    • Antivirus tools for scanning and quarantining digital materials
    • White- and black-listing of URLs
    • Antispam filters to protect against email spam
    • Content filters based on file extensions
    • Web filter based on the website address
    • Intrusion capabilities to prevent and detect unauthorized access

    With these tools, organizations can control the movement of traffic to and from network locations.

    Data Analysis

    SonicWall’s firewalls capture data for all firewall functions.  They store the information, including incidents and user activity, for analysis.  The results can be displayed on a customizable dashboard.  The data can be used to create reports or to provide a visual representation of data.

    Firewall Configuration

    How a firewall operates depends on its configuration.  SonicWall’s firewalls installed will enable network administrators to perform the following:

    • Customize network access rules and workflows.
    • Customize rules to meet compliance requirements.
    • Create application-level proxies to apply security mechanisms while concealing client networks.
    • Determine the maximum number of connections that can be tracked and secured.

    Once installed, SonicWall’s products can be configured to address the most robust security requirements.

    Traffic Monitoring

    SonicWall’s line of firewalls does more than monitor traffic going through the device.  The firewalls can be configured to:

    • Perform load balancing to ensure even distribution of resources.
    • Monitor traffic to scale workloads to match traffic.
    • Detects variations in user access, traffic flows, and standard operations.

    Resource management helps protect against unauthorized activities.  When systems do not perform as designed, they increase the number of possible vulnerabilities.

    Added Functionality

    SonicWall provides added features that can help secure a company’s network.

    • Virtual Private Network (VPN).  Provides a virtualized network.
    • URL Filtering.  Provides tools to control traffic to match firewall policies.
    • Availability.  Provides distributed configuration options to minimize network failure and ensure business continuity.

    With a SonicWall firewall installed and properly configured, an organization is protected even against supply chain attacks.

    How NOT to Be Headline News

    What do Target, Equifax, and Capital One have in common?  They made headlines because of a security breach.  SolarWind recently made headlines in the cybersecurity world because it was an unprecedented supply chain attack, the scope of which is still under investigation.

    One way to ensure your company’s name isn’t part of the next cyberattack headline is to install a SonicWall firewall.  Their solutions are designed to scale from a small business to a multi-firewalled enterprise.

    At Computero, we specialize in the installation and configuration of SonicWall appliances.  Contact Computero to discuss how SonicWall solutions can strengthen your cybersecurity?

  • January 14, 2021

    Negotiating the Spaghetti Maze: How to Deal With Wiring Mess

    Cabling chaos sneaks up on you gradually and causes a wiring mess. You may have started with a simple network that didn’t need a lot of planning to connect up. As your IT staff added devices, things got more complicated, but just a little at a time. At some point, you tried to add one more connection and realized you couldn’t keep track of where everything was. If you bought cables based just on price, you started to notice reliability problems.

    By this point, you may have been reluctant to straighten out the wiring mess. You can figure out a way to add one more cable, and that’s easier than reorganizing everything. But with each new connection, it gets messier. Cabling problems are one of the biggest causes of network downtime.

    The best solution when you reach this point is to get assistance from a professional IT firm. It will not only help you reorganize your wiring, it will give you a more solid base for the future and help with subsequent upgrades. Wiring management is one of the many services that Computero provides. You’ll be able to add equipment and expand your network with a minimum of disruption.

    What happens when you have a wiring mess

    Disorganized cabling can interfere with your business in a lot of ways. It reduces efficiency, robs your office layout of flexibility, and causes maintenance headaches. You spend more time fixing problems and less time getting work done. Here are some of the issues:

    • Bottlenecks. Haphazard cabling results in paths where the bandwidth limits the traffic. Too many connections may converge on a cable that doesn’t have the necessary capacity. Having Cat 5 or older Ethernet cables limits the data rate; so does having an excessively long cable.
    • Office layout constraints. If you can’t get wiring where it needs to go, you need to put people and equipment where the wiring reaches them. The result is poor use of space or extra cables to make up for the problem. Printers can’t be put where they’d be most convenient. Servers can’t go where they’d have the best environment and physical security.
    • Stretching and bending. A cable which is tightly stretched or has a sharp bend won’t last as long. The endpoints can pull loose, resulting in failed or intermittent connections. A kinked cable can interfere with its own signal or break.
    • Overheating. Too many cables in a confined space, poorly arranged, generate too much heat. It can shorten the life of the cables and discolor visible surfaces. This is especially a problem if they carry power, e.g., PoE (Power over Ethernet) cables. The outer jacketing can eventually break, letting twisted pairs unravel and possibly short out.
    • Expansion difficulties. As your business grows, you need to connect up more devices. If your wiring setup is a chaotic mess, each new connection is a challenge. You may have to centralize equipment more than you’d like or even forego some upgrades. Suppose, for instance, you want to add VoIP phones to every desk and run them over Ethernet cables. That means lots of new jacks and cables to go with them. It’s hard if your network is already out of control.
    • Signal interference. Arranging cables carelessly causes interference, slowing down data rates and increasing packet errors. This is especially likely to happen to cables that are near electrical wires, power sources, transmitters, or magnetic fields. Cheap cables often have inadequate shielding. Badly terminated cables are prone to noise and interference.
    • Physical hazards. Some offices resort to stringing cables across rooms, hanging from the ceiling or taped to the floor. They’re an invitation for someone to trip over them, dragging the equipment down with them and hurting themselves. The liability costs can be serious; at a minimum, insurance premiums will go up. Even if no one gets hurt, repeated tugging will eventually pull a connection loose. Hanging cables are unsightly, giving visitors a poor impression.
    • Maintenance. Identifying and fixing problems in a spaghetti maze is hard. Figuring out which connection caused the problem is a challenge. You don’t know where a cable leads and can’t always tell how it’s rated. Disconnect the wrong one, and a critical server goes down. Every maintenance job takes longer than it should.

    Can you escape to Wi-Fi?

    Moving everything to Wi-Fi might seem like the easiest solution to these problems. Sometimes it is. However, it has its limitations, and there are places where you shouldn’t use it.

    Wireless bandwidth can’t match the bandwidth of good Ethernet cables. When you connect a lot of devices to an access point, they share the available bandwidth. An old device that can’t handle the latest, fastest protocols will slow down not just itself but everyone sharing the access point.

    Properly set up with encryption and a strong password, Wi-Fi is secure, but it adds a point of risk. A configuration error could let outsiders access the network. An employee could unintentionally leak the password.

    An access point is a potential point of failure. Electronics are more likely to fail than properly installed cables, and a failure brings down multiple devices till it’s fixed. The more access points and repeaters you have, the greater the chances of a problem are.

    Using Wi-Fi for backend servers is an especially bad idea, for all of these reasons. They need speed, security, and reliability. The right combination of Wi-Fi and wired connections can be very effective, though.

    How professional wiring management works

    A professional data wiring update starts with an assessment of your existing network and your current and future needs. An engineer will look at the management issues with the current setup and where it falls short of your current requirements. You will be asked about your plans for expansion and upgrading. After this, you will get a proposal for improving your wiring.

    The proposal may include other equipment. Strategically placed hubs and switches will reduce the need to string cables and improve network performance. Wi-Fi can be part of the mix, reducing the need to run cables where they aren’t strictly necessary.

    Professional technicians will use cables of the right length, so they aren’t wastefully long or tightly stretched. They’ll install good quality cables, not the cheapest ones available; good wiring pays for itself quickly.

    Everything will be consistently color-coded, and labels will be applied where appropriate. You’ll know what you have.

    The benefits of professionally installed wiring

    Once you’ve upgraded from a spaghetti maze to well-managed wiring, you’ll experience the benefits immediately. Throughput will be better. When everything is right, speeds in the multiple gigabit range are possible. Machines will be more responsive. You’ll be able to connect devices that were too much trouble before.

    The long term will bring more benefits. Cable failures will be rare. If there is a problem, it won’t be hard to find the source and fix it. Expansion projects will be easier than they would have been.

    You don’t have to live with chaotic wiring mess. In most cases, we can upgrade your wiring with hardly any downtime. We can help with your wiring and with many other IT issues. You can focus on making your business better and not worry so much about hardware problems. Get in touch with Computero today to get started.

  • October 25, 2017

    Ransomware: How to Keep Your Company Safe

    Imagine your company’s most valuable assets being held hostage by wrongdoers. What would you pay to get them back? How far would you go to prevent them from being taken in the first place? Most of us can’t conceive of malicious infiltrators storming our offices and work sites, holding our employees, work products, and intellectual property hostage until we pay up. But that is exactly what is happening with alarming regularity in recent years — virtually, through the use of ransomware.

    In 2016, ransomware attacks grew by 600%, costing businesses 1 billion dollars.

    As the wave of worldwide attacks strengthens, businesses of all types and sizes are forced into the agonizing choice between paying criminals or sacrificing their priceless and sensitive data, their competitive edge, and the confidence of their customers and investors.

    Continue Reading