Today Cisco announced two new editions of the Nexus 1000v switch, which is designed for virtual environments. If you haven’t tried it already, we recommend downloading and installing the Essential Edition as this will provide most environments with deeper control and visibility into the network. This version will operate for 240 days, after which a nominal support fee is required.
“The Nexus 1000V Essential Edition provides all the rich Layer-2 networking features to connect virtual applications to the network and integrate into VMware environments, including: VXLAN capability, Cisco vPath service insertion, integration with vCloud Director, and a plug-in for management and monitoring in VMware’s vCenter Server. This free version will enable rapid, low-risk adoption of Cisco’s virtual network technology environments.”
Here’s what other Cisco customers think of the 1000v:
For more information on how BG&A can help your network run better, contact BG&A.
Thursday, April 12, 2012Comments Off on Spearphishing 101 by Brian
What’s the latest attack you need to know about? Spear phishing. By now we all know about the Nigerian wire transfer fraud emails, and we learned about clicking on spam emails way back when…but did you know that cyber criminals are now targeting certain individuals using their people in their social networks? Entrepreneur Magazine has a great article with more info.
Specialists say the attacks are becoming very difficult for recipients to detect. From the New York Times:
“It’s a really nasty tactic because it’s so personalized,” said Bruce Schneier, the chief security technology officer of the British company BT Group. “It’s an e-mail from your mother saying she needs your Social Security number for the will she’s doing.”
Mr. Schneier said the attacks are more like a traditional con game than a technically sophisticated intrusion. “This is hacking the person,” he said. “It’s not hacking the computer.”
The best way to protect yourself is to use a layered approach to security. Here’s the basics:
Use a web security product. A great free service is available from OpenDNS, but this only protects you from certain types of attacks. To fully protect your organization, use an on premise or cloud solution from McAfee or Cisco Systems. These filters are updated hundred of times per hour based on the latest threat information from around the world. They can protect you and your employees from the latest threats as well as provide content filtering and reporting.
Filter your email before it gets inside your network. Many organizations these days have spam filters in place, but how often are they updated? The best, such as from Cisco Systems or McAfee, are updated constantly and pass an email through a half dozen filters. Additionally, these products allow an administrator to block certain types of content according to regulatory compliance or security policies. Want to block the ability to send credit card or SSN numbers? No problem.
Get a quality antivirus product. Most antivirus products these days are great at detecting worms and viruses, but those attacks are so 2002. Make sure your antivirus product has protections against malware and spyware. BG&A’s centrally managed services include one of the best such products combined with our own blend of automated tools that provide defense in depth.
The FBI recommends to never follow a link to a secure site from an e-mail—always enter the URL manually. This includes Facebook, Google, banks, credit cards, etc. Assume an email asking for this or directing you to their site is fradulent.
Use your instincts. If your mother sends you an email asking for you or your childrens SSN in an email, alarms should go off. Always best to confirm this type of information is needed and provide it over the phone in any case.
Unfortunately, the risks associated with the Internet are not going away and it’s getting more complicated every day to protect personal and business information, intellectual property, and bank information. If you have any questions, don’t hesitate to give us a call at 775.284.7100 or send us a message .
Friday, April 6, 2012Comments Off on Flashback Trojan hits Mac users by Brian Gifford
Well it turns out that all those Mac users touting the imperviousness of the Mac OSX operating system are going to have to worry like everyone else. Thanks to a well documented flaw that Apple didn’t patch for 3 months, a vulnerability has allowed over 500,000 computers worldwide to become infected by a “trojan” that allows attackers to intercept usernames and passwords. That’s 500,000+ computers infected, not vulnerable.
Let’s survey the damage: bank accounts, emails, ebay, etc. What’s happening now is that these attacks are happening in eastern Europe or China. Once they have access to your checking, savings, or investment accounts, they initiate an account transfer to an offshore account. The infected computer then intercepts the websites you visit and can rewrite the account balance so that it appears your balance is normal when in fact it is empty. Tidbit: Once the money is offshore, Federal bank insurance (FDIC) will typically not protect you unless you can preserve forensic evidence to prove the transfer was done by someone else and not you (on your own computer).
While Windows users are also affected by this, a patch for them was released months ago. The Flashback trojan vulnerability is found in previous versions of Java software and is explained in detail here.
A word of advice: after updating, go get yourself a quality antivirus program like ESET and install it today. The built in antivirus that Apple provides is in adequate, as these compromised computers prove.
Going forward, it seems that Apple users are going to become increasingly more likely targets of attacks like these as the company continues to gain market share with its personal computers. Additionally, with the Bring Your Own Device (BYOD) trend of employees connecting to business networks, it’s only a matter of time before smartphones and tablets like the iPhone and iPad are used as a launchpad for cyber crime.
It really is a game of whack-a-mole, and proactive, multilayer security is the only way to protect yourself from this. I’ll cover this approach in upcoming posts.
Here’s an interesting (but not too technical) read on not only the current state of security, but of trends in computing and the ramifications they can have to your business. Click here to download the Cisco Systems 2011 Annual Security Report.
Some key topics that every manager or business owner should have an understanding of:
Attitudes of young professionals toward work and technology-and the effect on security
The “bring your own device” trend and its impact on workers and the enterprise
Security implications of “hacktivism” and social media-driven political uprisings
Ten crucial actions to take to improve enterprise security
Items 1 and 2 are especially relevant to nearly every business in the world these days. Unfortunately, most organizations I talk to don’t have a strategy or policy in place to handle these changes. Take a look at the section entitled “2012 Action Items for Enterprise Security” for some great information that will help improve the security of your business data.
If you have any questions or would like more information, send us a note or call (775) 284-7100, option 3.
Friday, October 28, 2011Comments Off on Sometimes, tech truly is transformative by Brian Gifford
So I was having lunch with a business owner today, chatting about family, business, and technology. I made the comment, “it’s amazing how fast things progress, isn’t it?” After finishing our meal, I thought about that a little bit more. While things do change quickly in technology, when you zoom out and take a little broader view, it turns out that big innovations don’t happen all that often.
Take the new Apple iPhone 4s, for example. Although the original iPhone changed the cell phone business, each susequent release has mostly been a series of incremental improvements. Nothing earth shattering. Until now.
This is not meant to be an Apple promo, but Siri is some pretty impressive technology. Maybe you’ve seen this:
I can’t describe this as anything less than game-changing innovation. In bringing intelligent human language interaction to consumers, Apple has raised the bar for both competitors and the technology business in general. My prediction is that once people get used to interacting with a machine like this, it will become expected, and any company that can’t meet that expectation will be left in the dust.
More importantly, think for a moment about how this will empower people who have previously struggled with technology or been unable to take advantage of some of the tools available. Obviously, people across all generations have embraced tech, but I know my 90 yr. old grandfather will never send me a tweet or setup a Skype video call. But with this kind of technology, he could talk to a phone. In the near future, we might be able to have an online video chat or exchange pictures in a way that doesn’t require him to learn several steps that must be done in a certain order.
I’m looking forward to seeing other companies incorporate voice interaction in unexpected ways. Nuance, the company that Apple worked with to create Siri, has partnerships with IBM, Ford, and many other well known businesses. Might we soon see our doctor talking to an IBM Watson computer to get a differential medical diagnosis by speaking to it as he would a colleague? According to the Wall Street Journal, WellPoint already is moving to make that a reality. But that’s a topic for another day.
Siri is something that all of us as individuals and consumers can use and enjoy the benefits of every day. The bar has been raised and each day/month/year will bring refinements and new features, but I believe we are seeing the beginning of a transformational shift in human/computer interaction that will spread like wildfire across the technology landscape.