0800 8047 256

United Kingdom
EACS on LinkedInEACS on TwitterEACS on YouTubeEACS on FacebookEACS on Goolge+EACS on Pintrest
≡ Menu

Sophos XG: A Next Generation Firewall

The security of your business is key, to this end every business has a firewall. This is the protection in either software or hardware form which defends your corporate networks from the internet or other networks. The IT industry has been pushing businesses to choose best of breed solutions for each level of security and firewalls have been considered with the same methodology. However, these decisions are causing a siloed approach to security and protecting an environment.

With the modern threat landscape, it is more and more key that security throughout the organisation is designed with an integrated approach to allow increased visibility for identifying and remediating threats.

Sophos has recently released their next generation firewall, the Sophos XG, to provide this integration at different levels through a network using inter-product communication to strengthen the security within the environment. Utilising a security heartbeat, the next generation firewall is provided with visibility of the endpoint control software on the user device to remediate potential issues based on the actions being seen by the Sophos XG firewall. When the Sophos XG detects malicious traffic it is able to notify the Sophos client endpoint and dynamically update the firewall rules for this device. This endpoint communication action is the first stage to kick off an aggressive inspection and detection of the suspicious process to then terminate and potentially remove components of an infection.

For network or security administrators, the monitoring technologies within their organisation alerts or events are created at one level of the corporate security. By utilising an integrated approach much more visibility of the security event is possible. Rather than creating a time consuming investigation an administrator is able to easily see where the source of the issue has arisen and whether automated remediation was successful, or whether further manual actions are required.

Sophos has been very successful with their UTM firewall providing a unified threat management approach to security. They have been able to build on their experience with this device to create a new next generation firewall in the form of the Sophos XG . Any UTM customers will have the ability to upgrade to the Sophos XG firewall if the current device is running the SG Series hardware appliance.

Integration is the new best of breed!

For further information, please contact EACS.

PB, Infrastructure Team

Current State Assessments – Are your existing IT Systems delivering value?

How many IT projects are started because the business requires something new? How often are systems decommissioned because they are not performing, just to be replaced with a different system? How do you know whether your existing investments in IT are delivering the value that you require?

Not knowing what is possible with your current systems and infrastructure can be a seriously limiting factor when trying to deliver efficient IT for your organisation.

Whether your systems were implemented in house, or by a third party, EACS provides a comprehensive assessment service designed to uncover all aspects of the configuration and performance.

One area that can benefit greatly from a Current State Assessment is Microsoft System Center. Comprising seven core components and varying in scale from a single server installation to a fully resilient distributed infrastructure, keeping System Center running well can be a daunting proposition. Our consultants can investigate the health of the installed components and provide detailed recommendations on Updates and Hotfixes. Even if the system was installed to Best Practices at the time, EACS consultants continue to gain experience in their respective fields and may be able to identify areas where you can benefit from any improved designs, configuration settings and procedures.

As an example, System Center Configuration Manager is one component that has changed greatly over the years both in the feature set and in the way an implementation will be architected. Can your design be simplified, saving you time and reclaiming server resources? Are you making the most of the content distribution features? Is there a report that can provide the information that you are searching for? Can your Operating System Deployment process be improved? Are you ready for Windows 10? A consultant can examine your SCCM implementation and provide answers to these questions.

Do you know all the components in the System Center Suite*? Are you already licensed for a product that you are not using? EACS can help you uncover the benefits of using more of the licensed suite and show where integration between the components can bring even greater functionality.

In summary, any IT system can benefit from a Current State Analysis. EACS consultants are experts in their respective areas and can help you maximise your investment in technology, ensuring that it continues to deliver value for the future.

HL, Systems Management Team

*the components are:
• Configuration Manager
• Virtual Machine Manager
• Operations Manager
• Service Manager
• Orchestrator
• Data Protection Manager
• Endpoint Protection

Solving Remote Access Latency & Packet Loss: When to use Thinwire Plus and Framehawk

Common issues that arise when providing Citrix XenApp \ XenDesktop access across remote locations are Latency and Packet Loss. Citrix understands this and provides a solution for each of these issues. Knowing which one fits the bill is simply down to one question – What does your remote site suffer with – Packet Loss or Latency?

Once you have established what your site suffers from you can identify which technology will help. A breakdown of each solution is as follows:

Packet Loss and Framehawk – How does this technology help me?
Framehawk is based on UDP (User Datagram Protocol), unlike TCP (Transmission Control Protocol), UDP does not care whether the packet has been received by the client, which means packet loss is ignored. Framehawk is a new protocol stack in the HDX protocol and requires a connection of around 5Mbps and 150Kbps per user. It works by essentially flooding the connection with packets and bulldozing its way to the client computer.

There are some pretty strict caveats around using Framehawk through a Netscaler and they can be found here.

You can see a video from Citrix on how Framehawk fairs on high packet loss networks at the following link and you can see how it compares to VMware here.

Latency and Thinwire Plus – How does this technology help me?
Thinwire in essence is a video codec compression protocol which is the same protocol used to display HD video content over the internet. Thinwire Plus takes the fundamentals of Thinwire and runs low cost algorithms that are more widely compatible than Thinwire alone to produce an even better experience for the end user. Lower CPU usage also means your user density on a server will be increased. There are templates available in XenApp 7.6 FP3 that will tune this feature with specific options for your operating system. There is also a mode called Thinwire legacy which will tune the protocol for legacy operating systems e.g. Windows 2008\R2 and Windows 7.

The good news is lower power user endpoint devices are able to receive an even better experience compared with the previous version of Thinwire. Typically Thinwire will require a connection of around 1.5Mbps and 150Kbps per user.

A video on how Thinwire can also help low powered devices can be found here.

If you would like more information on how to improve remote access for your users, please contact EACS.

IE, End User Computing Team

Azure Backup and Resource Manager Virtual Machines

 

Ask anybody in the Azure team at Microsoft and they will probably tell you that Resource Manager is the future of Microsoft’s Azure strategy. It’s much more versatile, robust and finally gives you the ability to multitask rather than waiting for one task to complete before starting another. For all its benefits though, it must be said that it is still a fairly immature system. For example, one issue we have seen during our deployments is to do with changing Availability Sets once a virtual machine (VM) is created, but that’s not what we’re focusing on today.

Microsoft recommends that all new services in Azure should be created using the Azure Resource Manager model. This is all well and good, unless you want to back these servers up using Azure Backup. In which case you will potentially have a problem.

We recently attempted to do this, running through the guide provided by Microsoft entitled: Deploy and manage backup to Azure for Windows Server/Windows Client using PowerShell. This article includes the following warning:

picture As we didn’t have a backup provider configured yet, we tried to run the command shown above, only to be told that:

register-AzureProvider : The term ‘register-AzureProvider’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:1 + register-AzureProvider -ProviderNamespace Microsoft.DevTestLab + ~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (register-AzureProvider:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException

When researching further, we found that this cmdlet has been deprecated in Azure PowerShell v1.0. Additionally, when looking into this error, we found the following titbit of information on Microsoft’s Preparing your environment to back up Azure virtual machines page:

Backing up Azure Resource Manager-based (aka IaaS V2) virtual machines is not supported.

This small piece of text is potentially a bit of a showstopper! Luckily for us, we simply wanted to schedule a backup of the ADFS database, so to work around this we added a secondary data disk to Azure and used Windows Server Backup to take a System State backup of the Primary ADFS server. For those planning a more extensive Azure Backup Strategy, you may need to rethink your use of v2 (Resource Manager) virtual machines in the short term.

As with all things Azure, feature availability is an ever changing landscape, and we’re sure Microsoft will add support for this feature very soon.

DD, Infrastructure Team, EACS

Human error poses biggest digital threat to business according to new email security survey by EACS and Mimecast

Accidental data leaks via outgoing emails pose a higher security risk to businesses than inbound malicious attacks, announced EACS, the IT solutions and managed services provider. This is the surprising findings of a survey conducted in conjunction with Mimecast, and is now available to download in its White Paper, Email Security Trends 2015/16.

In the survey, which was conducted among a mix of large businesses and SMEs, 28% of respondents cited human error, such as sending confidential data, as being the biggest threat to corporate email security. External threats such as spear phishing and gateway attacks were considered a much lower threat, along with the risk of respondent’s partners or extended supply chains exposing corporate email vulnerabilities.

While human activity is the greatest concern, one in five of businesses surveyed were also worried about the increased use of portable devices such as smart phones and tablets on the corporate network, particularly given the increase in bring-your-own-device (BYOD) usage. Other key concerns included the use of external hardware such as USB sticks, with 17% of respondents acknowledging this as an issue and 16% concerned about spear phishing.

Orlando Scott-Cowley, Cyber Security Strategist, Mimecast, said: “People are the biggest risk factor when it comes to corporate email security and all employees have a valuable role to play in keeping an organisation’s IT system safe. Clear and effective policies and processes need to be in place to minimise this risk and it is crucial that employees understand how their actions can affect the business.

“If company guidelines are too complex, many employees will simply find their own solution, potentially opening up the organisation to attack.”

pic 1

Not surprisingly, upgrading or improving email security protection was the key priority for respondents when thinking about updating their email solutions. This was followed by the desire to reduce or control their IT costs. Other priorities included being able to provide better support for mobility and BYOD schemes as well as the ability to quickly identify and minimise the number of external attacks faster.

pic 2

Mike Dearlove, Managing Director, EACS said: “Email systems are the lifeblood of many businesses. Having effective email security in place is a critical defense barrier against hackers seeking to capture and exploit valuable corporate information and disrupt business operations. It is impossible to prevent attacks on our networks from being attempted but there are a number of systems that we can put in place which integrate seamlessly with existing packages and minimise the impact of such activity.”

EACS designs and implements solutions to deal with email management challenges for companies of all shapes and sizes whether they have local email servers, cloud- based services or hybrid systems for their email.

Survey and report methodology
The underlying data is based on the results of an online survey sent to selected EACS contacts including CIOs, IT directors and IT managers. The online survey was conducted during June-July 2015 and resulted in 65 completed surveys.