How important is your website to your business? Does it just provide information on what your company does, or do you use it for the sale of products or services? If your website goes down how much money would be lost for the time frame that it’s down? If you’re website is an integral part of your business then you‘ll want to make sure you protect yourself against DoS
attacks. DoS stands for Denial of Service and it works by flooding your web server with junk data to the point that the web server is too busy processing the junk data to be able to process legitimate data and/or requests. In the case of a Distributed Denial of Service (DDoS) attack, your web server could crash due to the flood of data. While there are no sure fire ways of preventing a DoS attack, there are ways that you can help protect and mitigate potential attacks to your network.
1. The following registry entries in a Windows server can help protect against a SYN attack, which is a specific type of DoS attack. Keep in mind that modifying the registry can cause unexpected results so before making any changes backup your registry!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip\parameters\Create REG_DWORD named synattackprotect with a value of 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip\parameters\Create REG_DWORD named tcpmaxconnectresponsetransmissions with a value of 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip\parameters\Create REG_DWORD named tcpmaxdataretransmissions with a value of 3
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip\parameters\Create REG_DWORD named enablepmtudiscovery with a value of 0
2. Monitor network traffic going to and from your web server. By reviewing network traffic you can catch the attack as it starts. If you can’t catch the attack when it starts then you’ll at least be able to review the logs of the network monitor to determine what happened.
3. Purchase a Cisco Guard XT unit which is specifically designed to detect DDoS attacks and redirect the potential attack away from the targeted server.
4. Block ICMP requests on the firewall
5. Lastly, contact your ISP and request assistance. As a last ditch effort your ISP can block traffic to your network until the attack stops.
This isn’t an exhaustive list, however if you follow these items you’ll stand a better chance of detecting an attack and protecting your network.
Selecting an IT technology firm to assist your organization with projects or ongoing support is a huge decision. In an ideal world, your IT solutions partner is an extension of your company and a vital asset that is strategically aligned with your business’ processes and growth plans. When done poorly, it can have a disastrous impact on your entire organization’s morale and even its financial health. Here are 15 tips that will assist you with a smooth and successful transition to a Managed Services Provider (MSP):
1. The three rules of real estate are… location, location, location. However, does that rule apply when choosing your IT partner? Just because there is an IT firm that is one mile from your office, it doesn’t necessarily mean that they’ll react to your needs more promptly. A solid IT services firm can remedy most situations remotely and, even further, will be able to identify issues before they are a crisis. As far as location goes, decide on an acceptable service location (60 mile radius is usually the norm) that is acceptable to you and choose a vendor within those parameters.
2. The selection committee is usually not comprised of technical experts. That’s why you’re reviewing options to contract with an IT services firm in the first place! In conversation, ask your potential IT services partner about their last few engagements… size, industry and type of work performed. First of all, can they provide this information? More importantly, can they relay this information in a manner that is concise and that’s not too technical? Does the sales person use continuous industry jargon and acronyms? You can safely assume that the IT company’s support personnel will be extremely technical if the sales person presents in that manner as well.
3. Ask for references and feel free to qualify them very specifically. “I want a reference from a law firm with over 5 partners, specializes in immigration law and is located in Philadelphia”. They may not have an exact match but you can gauge their reaction and see how close they come to providing this.
4. Bigger isn’t always better. It’s great to leverage the economies of scale that you can get from a larger IT support organization. However, the larger the organization, the further removed from the strategic minds in the company, and closer to the resources of a commoditized Call Center. Also, large companies have more overhead… managers, non-billable support staff, investors, compliance concerns and real estate to name a few. You can expect to pay more if you contract with a large firm in most cases.
5. Don’t choose an IT support vendor that is too small either. You’re obviously going to get the personal touch that you’re looking for but you’re locked into their specific skill set and your business will eventually outgrow their availability. The “what if he gets hit by a bus” analogy is the most overused in business but it definitely applies here. It’s a risky move to put your business in the hands of a very small firm for potential cost savings. On this note…
6. Always ask your prospective Managed Service Provider for a Certificate of Insurance and take note of the coverage limits that are selected. Smaller operations will not have one at all, which should automatically preclude them from any further consideration.
7. It’s important to know what your contracted service will include. It’s equally as important to know what your monthly service does not include! Most service expectations and billing arguments can be remedied with a very straight forward conversation on day one. “If I get a new computer, is setting it up included in the monthly service?” This will ensure that there are no surprises when you get your first invoice.
8. Ask to schedule a site visit to the IT provider’s local office. First of all, if they refuse, something is amiss. This is a great opportunity to meet some of the people that you may work with and get a sense of company culture. It’s also important to see if they practice what they preach… Is the server room neat? Are there VOIP phones on the desk? Do they take pride in their achievements by hanging their certifications and plaques from their charitable causes in the office? Is the call center orderly and organized? Are the phones ringing off the hook chaotically?
9. Does your potential MSP sell hardware and software? If so, this is not necessarily a bad thing as many of them do. However, you should be careful of the “margin shell game” where they may decrease hardware costs in order to increase their recurring monthly services costs, or vice versa. Also, some providers will push the solution or product that yields the highest margin as opposed to choosing a “best of breed” solution that meets your business requirements.
10. Is there a delivery process? How do they typically engage with a new client? These are common questions and there should be a well-developed answer to this question.
11. Are the MSP’s owners or C-level personnel engaged in the sales process? This may not be possibly for all organizations. However, if the ownership or upper management doesn’t engage in this process, will you be able to reach them if you need to escalate an issue or provide feedback?
12. Is your IT vendor strategic? Do they bundle in quarterly visits to review your account, reports and work orders? An effective MSP should align with your business, not try to fit you into their business model. This is the business equivalent of jamming a square peg into a round hole and is indicative that this may be a one-way relationship as opposed to a true partnership.
13. Are you being presented with a multi-year contract? When this happens, you have to wonder why. It’s understandable when a telecom provider mandates a multi-year contract as they have to make commitments to their ISP and other carriers on the back end. In reality, what does the MSP have to commit to? There isn’t much merit in locking in long term contracts besides the lure of a small discount. Most reputable IT Solutions providers will ask for shorter term commitments and seek a renewal by consistently meeting or exceeding their service obligations.
14. During the sales process, are there any scare tactics employed? It is well known that fear can be a motivating factor in sales. However, this approach is an attempt to prey on an emotional reaction rather than a logical one. An IT consulting firm that is truly interested in partnering with your organization will look to educate and inform, rather than scare.
15. Do you trust the person / company that you’re interviewing to provide you with IT services? All relationships are based on this simple premise. In some cases, if there is an immediate need, this trust has to be established quickly and then built upon over time. The Managed Services Provider that you choose will have access to all of your data, your financials, passwords and, in essence, your reputation. Risks can be mitigated by thoroughly researching your vendor and ensuring that contractual terms protect both parties. However, at the core, the success of this relationship will simply be based on trust.
When designing a Hyper-V environment there are a few methods to consider when provisioning virtual machine storage. Below is a high level overview of the DAS and SAN options:
- Create a directory on your Hyper-V host’s data drive which will be used to house your virtual machines. All VHD's will reside on this volume and within this folder.
- Mark one of the host’s data disks as offline then configure it as a pass-through disk directly to your VM. This method is best suited for data volumes within a VM, not the system volume.
- Carve out a LUN and connect it to your host(s) as a data volume. Create a folder and store your VM's and VHD's within this volume.
- Carve out a LUN, connect it your host(s), mark it offline, then use it has a pass-through disk in a VM, just like if you were using DAS as a pass-through disk.
- Carve out a LUN, load the iSCSI Initiator within your VM, then connecting the LUN directly to your VM, completely bypassing the host. This is not considered a pass-through configuration. It is more akin to option 1 and can really help eliminate the layers I/O overhead present in the other options.
This was just a quick overview as there are obviously many more considerations to take into account depending on the type of shared storage you are using, how your backup scheme is configured, performance and disk I/O requirements, as well as the type of disks and controllers being used.
"What am I doing?" I thought to myself. "I'm here with my friends, and I don't need to be checking e-mail on a Saturday night."
The part that freaked me out was that I hadn't told my hand to reach out for the phone. It seemed to be doing it all on its own. I wondered what was wrong with me until I read a recent study in the journal Personal and Ubiquitous Computing that showed I'm hardly alone. In fact, my problem seems to be ubiquitous.
The authors found smartphone users have developed what they call "checking habits" -- repetitive checks of e-mail and other applications such as Facebook. The checks typically lasted less than 30 seconds and were often done within 10 minutes of each other.
On average, the study subjects checked their phones 34 times a day, not necessarily because they really needed to check them that many times, but because it had become a habit or compulsion.
34 is the average? I probably broke that just reading that article.
I have one of those fancy iPhone's and am completely guilty of checking it way too often than I should. So much so that I think I'm being barred from using my phone during the day when my wife and I go on our next(first) vacation. How do people live without a cell phone in their pocket? I'm not sure I want to even find out.
What happens when your CEO emails you at 3am on a Friday night and you don't have email notifications enabled? I assume you get your termination slip at 6am. That's just my guess. What about you? How often do you check your phone waiting for the next email from your boss?
Analysts pointed to Research In Motion's sluggish response to Apple and Android technology as the BlackBerry maker announced it will lay off 2,000 people, or 11 per cent of its workforce.
“For a long time, it stuck to its guns. It had a magic bullet — encryption,” said Partha Mohanram, the CGA Ontario professor at the Rotman School of Business.
That made RIM late to the game for everything from touch screens on phones to creating apps, allowing third-party apps and two-way video talk, Mohanram said.
“Its strength has weakened with time, because everybody else has gotten better at what BlackBerry does really well. BlackBerry hasn't gotten that much better at what everyone else does well,” he said.
“It's always a danger with any one-trick pony strategy, what you consider to be a distinctive feature, which is going to keep you apart from everybody else, but you ignore everything else people might want.”
I personally have never owned a BlackBerry, so that allows me to poke fun at current ones. That's just the rules.
There was a time where I liked that one before the Pearl. What was that one called? I don't even know anymore. I'll be honest, I didn't even know RIM was still a company until this article.
When you think about it, outside of that awful touchscreen phone they did to combat the iPhone, they really just thought the market would always have demand for their regular old BlackBerry phones. Boy was that a mistake. Don't get me started on the Torch. That things was a mess. I've also been hearing that they may stop production on the Playbook already. Oof!
Maybe it's time to embrace the iPhone, enterprise users. We can help with that.
Long gone are the days when Apple lovers could take pride in their virus-free Macs while snickering at PC owners' constant worries about security. Apple's brand new Mac OS X Lion operating system is already acquiring an unhealthy list of reported vulnerabilities less than a week after its official release.
Some Lion vulnerabilities are carry-overs from Snow Leopard, like the "Mac Defender" class of scareware that first surfaced in May. Apple's recent software update to prep Macs running Snow Leopard for Lion installation includes identification and removal of known variants of the malware.
Like Mac Defender, another newly identified OS X threat called the Olyx backdoor appears to be a variant of Microsoft Windows-targeting malware that's simply been tweaked to go after Macs.
I, for one, and stunned that PC Magazine uses their space to alert their readers to the fact that Mac hardware may be succeptable to malware. Let's ignore the fact that news of the threat to Macs comes from TechNet and continue on.
Obviously, it's entirely possible that Macs will be just as malware-heavy as PCs. That day may even be now. The fact is there just aren't nearly enough Mac users as there are PC users. Right now, there is no reason for malware creators to attack a small userbase, but if it continues it's growth, you better believe things could get hairy.
However, I'm always second guessing the places where claims of new malware come from. More than likely it's from a group that gets funding from Norton or somewhere else. Obviously these people want you to know about the risks and then buy their software. Obviously Microsoft wants you to know about the risks coming to Mac's new OS.
The fact is there will always be risks, and you should always be prepared. That's not hype, that's truth. Trigon can help you with potential malware issues.
Windows Phone "Mango", the first major update to Microsoft's smartphone platform, has reached the Release To Manufacturing (RTM) milestone. Development has been completed, and the finished software has been sent to handset manufacturers and mobile operators for configuration and testing. Public release remains scheduled for fall.
Mango is a substantial upgrade, offering a wealth of features both for users—including Twitter and LinkedIn integration, Facebook and Windows Live Messenger chat, a hugely improved Web browser, turn-by-turn navigation, and rich Bing integration—and developers—a far more complete, capable API, limited multitasking, greater integration with built-in phone features—alike. The improvements all add up to make Mango a much more well-rounded and feature-rich platform than the original release, and do a good job of building on the foundations that the first release laid down: strong visual design, the aggregation of data, and the emphasis on making cloud services like Bing and Facebook an integral part of the platform.
We do have one employee here at Trigon with a Windows Phone as his personal phone, and we don't hold it against him. Why would we? He's been in the military and it would seem like an unwise situation. That and he just grew a mean mustache.
Point being, Windows Phone is in the same situation that the iPhone was in several years ago. Not many folks had them, but they could be considered a better phone than what everyone else was using. It was only a matter of time before the iPhone became the norm accross the planet Earth, so I wonder if that will happen with Windows Phone.
It certainly has some interesting new features, such as chat integration with Windows Live Messenger, Twitter and LinkedIn integration as well as new turn-by-turn navigation. Look for a full enterprise overview from Trigon very soon.
- by Dan, "No Christmas Carol Reference This Time, Jerks", Rodden
As business becomes more and more electronic, there is a growing need to convert all types of business processes to an electronic form. The nice thing about doing this is that human error is removed from the equation, meaning that as long as a system is programmed correctly you can just verify that it is configured for your needs and forget about the daily eyes-on management of it. One of my favorite examples of this is using your Exchange server to manage resources instead of the pen and paper alternative. Why keep around a clipboard that a staff member needs to be responsible when you can roll the entire process into your technology infrastructure?
Resource mailboxes help you forget about this process so that it becomes automated. When you utilize a resource mailbox, the resource that the mailbox represents is scheduled on a first-come, first-serve basis, allowing everyone who is authorized to use the resource to “book it” for a period of time. If anyone else needs to borrow the resource, they will be able to clearly see it from inside of their outlook client or through outlook web access. Maximum time allocation can also be configured to ensure that no one monopolizes the time of the resource so it can be shared responsibly.
Do you feel like resources in Exchange would help your business solve a problem or streamline difficult management of limited resources? Trigon can help with that.
Google has said that it wants Google+ accounts to use real names and personal profiles, at least until it rolls out "Business Profiles." That said, over the weekend, it's been reported that Google+ has begun a massive campaign of culling those it feels have crossed over the line of its "real name policy," doing so without warning, and sometimes deleting all of their Google accounts, not just G+.
Some of these people aren't even using pseudonyms, but instead are using nicknames that they have been known by publicly for years. Others are people that you would expect to have a right to use a pseudonym, such as rapper "Doctor Popular." He Tweeted, "It appears my Google+ profile has been suspended because it lists my name as Doctor Popular instead of Brian Roberts. Totally lamehole."
Something making the rounds, and something to think about is this Google+ post by Bill Noble: "For all the good things - straight-out exciting and satisfying things - about G+, it has one GIGANTIC downside right now: make one misstep with G+ and its TOS, and everything you have in any Google system could be instantly lost when Google freezes or annihilates your cloud, email archives, docs and all. "That, for me, is an absolute deal breaker. How about you?"
No fancy nicknames for you, good sir.
It may seem at first like Google is trying to create a new social network, but to me it seems like much more. Your Google Profile could become the new Yellow Pages if this catches on. You can Google anyone and if they have a Google Profile, which will be required to be public quite soon, you'll be able to see their work history if they've filled it out, and also where you can find them on the web. It could be the one-stop shop for finding information on just about anyone. Frightening!
My own Facebook is hidden from the world just in case I poke fun at the latest fan happening on the internets and upset the wrong person. Plus, I generally don't like talking to people I know. Who wants to do that? Just text me so I can safely ignore you.
Facebook often gets flack for not caring about your privacy, but folks should think twice before signing up for Google+. If anyone ever wants to do background check after a job interview, Google+ Profiles will be front and center, whether you like it or not.
The Mac minis also get an upgrade to Sandy Bridge processors, Thunderbolt I/O, but they lose something in the translation: no more optical drives.
And not only that, but Apple has discontinued their low-end laptop and replaced it with their sleek MacBook Airs. Meaning, the cheapest Mac laptop you can buy won't play your fancy CDs.
Is this the end of the CD-Drive as we know it? Of course not, let's not get silly. But it could mean doom for consumer laptops. Apple was the first to do away with the floppy drive and it looks like they want to get rid of that optical drive as well. What's their reasoning? I'd have to say their mean reason is the success of their own Mac App Store. They don't want consumers installing software with CDs from other vendors. They only want you shopping in their online store.
Microsoft seems to be going the same route with Windows 8 and their rumored Windows App Store. You could say that this is the end for consumer grade computers, but in terms of the enterprise, there will be optical drives for years to come. Can you imagine if HP servers came without optical drives? I think engineers all over the state just spit out their coffee and don't even know why. Don't worry, we'll still support your old school optical drives, friend.