1-800-TO-MULTI
Quote Cart | Price Quote | Sell Us Your Surplus | Contact Us
Find Products
Home Products Specials Rental/Leasing Service & Support About Us

Posts Tagged ‘Network Security’

Best Security for Your Network

Tuesday, March 9th, 2010

Network security is usually in the forefront of every network administrator’s mind. Protecting critical and confidential data, resources, and multimedia traffic, as well as business continuity from the myriad of potential attackers in cyberspace is key in maintaining not only business functions, but also your customers’ confidence.  What is the best way to secure your network?

Most routers and switches, and other network components have built in security protections like firewalls, intrusion prevention systems, encryption, etc.  But as you expand your network to include laptops, smartphones, and other mobile devices, you broaden the attack surface, leaving your network– and therefore your data– open to hackers.

One way to add an additional level of security, and peace of mind, is through Cisco’s ASA 5500 Series Adaptive Security Appliances. These components, designed for all network sizes, provide intelligent threat defense and highly secure communications services. In short, they help organizations lower their deployment and operational costs while delivering comprehensive network security through a unified security platform. Members of the ASA 5500 Series Adaptive Security Appliances include the ASA5505-50-BUN-K9, the 8-port ASA5505-50-BUN-K8, and the ASA5500-HW .

Keep in mind that you can keep costs down by purchasing these components used for much less than the distribution chain through a reputable alternate distributor.

Tags: , , , ,
Posted in Network Security | Comments Off

What is ‘Secure Borderless Networks from Cisco?’

Wednesday, March 3rd, 2010

Have you heard the buzz phrase ‘Secure Borderless Networks from Cisco‘ and wondered if your network would benefit? We’re here to explain what Cisco’s Secure Borderless Networks is and whether it’s right for you.

First, you need to understand how a network– specifically yours– becomes susceptible to intrusion and attacks. It’s obviously important to keep critical data, resources, and multimedia traffic safe and that protection is typically provided by a laundry list of separate security measures like firewalls, intrusion prevention systems, VPN technology, and the like.  But the difficulty occurs with the addition of any-device connectivity to critical information and applications on the network.  This can be in the form of laptops that employees take with them, mobile smartphone applications, etc.  The more you expand your network’s borders, the higher the security risk you take on. But these expansion devices are necessary. They lower operational costs and increase efficiency. So how do you protect the network with a myriad of these devices out and about?  With Cisco’s ASA 5500 Series Adaptive Security Appliances, Cisco Security Manager, and Cisco Security Monitoring, Analysis and Response System (Cisco Security MARS). These are all  fundamental components of the Cisco Secure Borderless Network.

Cisco ASA 5500 Series Adaptive Security Appliances provide intelligent threat defense and highly secure communications services by creating a unified security platform. The unification allows cutting edge security measures to work together, simultaneously, and prevent security breaches before they affect business continuity.

Is it right for you?  The ASA 5500 Series works on any sized network, so you shouldn’t feel your network is too big or too small. The essential factor is whether your network utilizes the devices that put the network at risk. Even a few mobile devices that are in constant use can make the network susceptible to hackers, viruses, and other attacks. Determine whether the safety it provides is worth the price. If it still seems expensive, consider not only what it would cost you to lose critical data during an attack, but also consider purchasing security appliances used which lower your initial cost but still give you that added measure of security.

Tags: , , , , , , ,
Posted in Network Security | Comments Off

Understanding DLP (Data Loss Prevention)

Tuesday, September 15th, 2009

As a business owner or network administrator, understanding data loss prevention is important. There are essentially three types of DLP systems.

1. Network DLP Systems

Network DLPs are also referred to as gateway-based systems. Usually dedicated hardware/software platforms, they are most often installed on the organization’s internet network connection.  They analyze network traffic to search for unauthorized information transmissions. These transmission methods including email, IM, FTP, HTTP, and HTTPS . Network DLPs are popular because they are relatively easy to install and provide a low ownership cost.  Another benefit of Network DLP systems is that they can also discover data at rest to identify areas of risk. This is ideal because they can access areas where confidential data is being stored in inappropriate or unsecured locations.

2. Host-based DLP Systems

These systems run on end-user workstations or servers in the organization. Similar to  network-based systems, host-based can address internal as well as external communications. Because of this, they  can be used to control information flow between groups or types of users. Host-based DLPS’s also check email and instant messenger communications before they are stored in the corporate archive.

Unlike the former, host systems have a unique advantage. They can monitor and control access to mobile devices and other physical devices with data storage capabilities.  At times, they can access information prior to it being encrypted. Some host based DLP systems also have controls to block attempted transmissions of private, confidential information. This type of DLP system does have a disadvantage.They must be installed on every workstation in the network.

3. Data Identification

DLP solutions usually include multiple techniques for identifying sensitive information. Data identification is a process.  Organizations use a DLP technology to determine what to look for. DLP solutions use a number of methods for deep content analysis. The strength of the analysis engine directly correlates to its accuracy. The accuracy of data identification in a DLP system is important to reducing false positives so testing for accuracy is recommended to ensure a solution has virtually zero false positives/negatives.  Many high end routers like the Cisco 7603-DC-BUN offer top notch security  features.

Tags: , , ,
Posted in MLCP News | Comments Off

Router Security Features Made Easy: What is Data Diddling?

Monday, August 10th, 2009

If you’re not an I.T. wiz, some of the descriptions of the router security features might seem more like a foreign language than anything aimed at helping you decipher which integrated services router is right for your company. We’re here to help you understand the security features of a router by breaking them down for you one at a time. Let’s talk about Data Diddling.

First off, what is it?

Data Diddling is one of the worst types of hacker attacks because it’s not immediately obvious that anything has happened. Unlike ‘data destruction’ where the attack results in data being deleted completely – and sometimes, unfortunately, this data is irreplaceable – data diddling changes the data in your system but doesn’t delete so it still appears to be there the assumption is that the data is correct.

Think of it this way, a hacker breaks into a network and deletes your client database and all the data surrounding your account receivables. Your accounting staff come into work, sit down at their computers, and find that the records have vanished. There’s no way know who owes you how much, which invoices are outstanding, who you’ve sold what to. It’s devastating, but at least you can immediately go into crisis mode and get some I.T. professionals in to help you try to recover the data.

With data diddling, the hacker goes in and keeps all the account receivable records, but changes the amounts that you’re owed. Or changes a few bank account numbers. Or tinkers with some addresses, or credit card numbers you have on file, or whatever else he feels like tinkering with. You don’t immediately know anything has happened. It could be weeks or months before a payment comes in that’s completely different than what you expected and someone actually decides to go into the system and start figuring out the source of the discrepancy.

At first, it might be assumed to be human error, but then it happens again a week later, and then again. Finally, you realize you must’ve been hacked—things are different and wrong – but when? How do you know which records are accurate? How can you roll back to the records that you had before the attack when you don’t even know when the attack occurred?

That’s why data diddling is such a problem and keeping your network secure with a security module is necessary to prevent both data diddling and data destruction attacks.

Tags: , , , ,
Posted in IP Telephony, Network Security | Comments Off

Overview of the Cisco NX-OS

Monday, June 29th, 2009

The Cisco NX-OS is a recently-developed data-center-class OS built to meet the evolving demands of the virtualized data center. NX-OS 4.1 designed for Nexus 7000 maintains necessary consistency with the other members of the Cisco Nexus family while also delivering features critical to data centers. These features include continuous system availability; a modular, flexible architecture; and switch virtualization capabilities.

There are several advantages to the NX-OS. They include: a flexible and scalable core built with virtualization, modularity, and resiliency; a unified data center operating system that runs on a multitude of the Cisco Nexus Switches including the the 7000 Series, 5000 Series, MDS Series Multilayer SAN, and the Cisco Nexus 1000V virtual switch for VMware ESX; comprehensive security features; management features that meet challenges imposed by extremely demanding environments; robust feature set with a large variety of Cisco innovations; and the ability to support cutting-edge implementations of IPv4 and IPv6 services.

The Cisco NX-OS is highly secure. The operating system provides unmatched data confidentiality and integrity, while supporting standard IEEE 802.1AE link-layer cryptography. Upgrades,
maintenance, and software certification is a seamless process which can be performed without any service interruptions. The Cisco ASA-5500 series, although it doesn’t offer NX-OS, is the core of Cisco’s self-defending network and offers many of the same protections as the NX-OS.

Tags: , , ,
Posted in MLCP News | Comments Off

Router Security Features Made Easy: What is a Botnet?

Wednesday, February 25th, 2009

If you’re not an I.T. wiz, some of the descriptions of the router security features might seem more like a foreign language than anything aimed at helping you decipher which integrated services router is right for your company. We’re here to help you understand the security features of a router by breaking them down for you one at a time. Let’s talk about Botnets.

First off, what is a Botnet?

A Botnet is a collection of computers that are all infected by “bots.” Considered one of the top security threats to any network, an attack of software robots can morph your healthy network into ‘botnet’ and a botnet can host fraudulent websites, steal data, and participate in Denial of Service attacks that can render an entire network useless—at least to you. Once a botnet is created, the system of hijacked computers can then be controlled by the command of a “botmaster.”

One of the most destructive worms to date is the Storm Worm. Spread by spam, no one is sure how many computers are infected with Storm (it could be anywhere from 1 million to 25 million), but it is one of the largest, most powerful botnets ever. Because it has the power of so many computers behind it, it is believed that Storm has the ability to cripple any Website that exists.

Botnets are capable of exposing their host PCs to a plethora of internet threats like spyware, adware, Denial of Service attacks, and phishing. Because they come in so many forms, to protect your network, you need something that will recognize each of these forms as bad and kick them off the network before they do any harm. A simple firewall won’t cut it. To detect malware and mitigate it, it’s important to install not only anti-malware tools, but a reliable IDS and IPS.

Tags: , , , , , , , ,
Posted in Network Security | Comments Off

Router Security Features Made Easy: What is a Firewall?

Sunday, February 22nd, 2009

If you’re not an I.T. wiz, some of the descriptions of the router security features might seem more like a foreign language than anything aimed at helping you decipher which integrated services router is right for your company. We’re here to help you understand the security features of a router by breaking them down for you one at a time. Let’s talk about Firewalls.

First off, what is a Firewall?

A firewall is a device that provides basic security for your computer or network. Network-level firewalls are typically built into your router and acts as sort of a gatekeeper for all the packets of data that enter your network from the expansive internet (which can be a dangerous place). The firewall examines each data packet and looks at the data packet’s header. The header must match a list of ‘rules’ that the firewall knows, and if it does, it can pass. If it doesn’t, the firewall stops it. Who sets these rules? The network administrator typically sets the rules for the firewall to follow, but can also set up the opposite—a set of rules that are negative. If the firewall detects that a packet’s header contains something on the firewall’s list of ‘negative rules,’ it will also stop the packet in its tracks.

While in theory, a firewall might be enough of a security system to protect a network, it usually isn’t. Most firewalls do not detect and defuse viruses, worms, and most application-specific attacks. To the firewall, the headers for these ‘bad packets’ appear to be good headers which is why additional security like and IDS, IPS, application-level firewalls, and anti-spyware/anti-virus applications are needed for more reliable network protection.

Think of it like this. Your network is a night club. The firewall is the bouncer who stands at the door letting people come in. Even the biggest, most intimidating bouncer has no way of knowing that the underage boy showing him a fake ID is really underage. To the bouncer who sees the fake ID, the kid looks legit. And so he lets the kid go in, and in turn, the boy is caught drinking and the entire club is shut down—which is exactly what malware like a virus or worm can do to your network. An IDS/IPS combo, and anti-spyware/anti-virus applications along with application-level firewalls take a harder look at the underage kid’s I.D. So once the kid gets past the bouncer, he hands his ID to a hostess who runs it through a scanner. The ID comes up as a fake, the threat is detected, and the kid is then promptly kicked out of the club before ever reaching the bar. These added layers of security are like the ID scanner. They use complex rules when they examine a packet, scrutinizing its content, its source, the ports involved, the destination address, the type of traffic it is, and the applications being called to open it. Only under this advanced scrutiny can hidden attackers like viruses and worms be detected.

Tags: , , , , , , , , , , ,
Posted in Green, Network Security, Purchasing Tips | Comments Off

Router Security Features Made Easy: What is IDS?

Sunday, February 15th, 2009

If you’re not an I.T. wiz, some of the descriptions of the router security features might seem more like a foreign language than anything aimed at helping you decipher which integrated services router is right for your company. We’re here to help you understand the security features of a router by breaking them down for you one at a time. Let’s talk about IDS.

First off, what is IDS?

IDS stands for ‘intrusion detection system’ and is commonly used along with an IPS (intrusion prevention system) for maximum security protection, but doesn’t always have to. Some IDS’s stand alone, but do little to actually protect a network from intrusion. While an IPS is designed to actually shut down a network the moment an intrusion is detected to keep it safe, an IDS acts more as an observer. The IDS is passive. It simply examines packets of data traversing the network and it does so from afar—the IDS is located in a monitoring port. When the IDS sees something that doesn’t meet configured rules, it sets off an alarm. For systems with the IPS also, the IPS then kicks in and either shuts down the network or isolates the malicious traffic.

The problem with an IDS, other than it doesn’t do more than simply detect something bad has entered the network, is that it tends to be pessimistic—and often sees ‘good’ data as ‘bad’ data simply because it doesn’t recognize that the good data is good. That creates an atmosphere were false positives abound and like a car alarm that goes off not only when a thief is breaking in, but also when the wind hits it just right, or the rain, or a tree branch, administrators spend significant time dealing with things that aren’t problematic at all.

There are certainly some pluses to an IDS though. An IDS has the ability to detect more, and different types of attacks, that a simple firewall can’t. An IDS can sense data-driven attacks, host-based attacks, network attacks, unauthorized logins, and malware like worms, Trojan horses, and viruses. The reason they’re more sensitive is that IDS’s employ multiple methods in threat detection all at once.

Tags: , , , , , , , , , , , ,
Posted in Green, Network Security | Comments Off

Router Security Features Made Easy: What is Malware?

Tuesday, November 30th, 1999

If you’re not an I.T. wiz, some of the descriptions of the router security features might seem more like a foreign language than anything aimed at helping you decipher which integrated services router is right for your company. We’re here to help you understand the security features of a router by breaking them down for you one at a time. Let’s talk about Malware.

First off, what is Malware?

Even the name sounds bad, doesn’t it? For good reason. Malware actually comes from the phrase ‘malicious software’ and describes any type of software designed to infiltrate or damage a computer without the operator’s consent. In legal terms, malware is known as a ‘computer contaminant,’ and comes in many forms including: spyware, adware, viruses, Trojan horses, worms, rootkits, crimeware, and other destructive software. It is important to note that while some software can damage a computer (ie., cause it to crash because it overloads the computer or has some other glitch), the difference between legitimate software and malware is that with malware, the creator intended to create something destructive.

How does Malware work?

Your network can become infected by malware in several ways. If even one computer on the network receives an email with a virus attached, or visits an attack website, the computer, and often the entire network can become infected. The results can be anything from an irritation in which adware keeps popping up to something more serious like spyware capturing credit card information of your customers. In extreme cases, if a computer has been compromised by a virus, a hacker, or a Trojan horse, it can become a ‘zombie computer’ and part of a botnet. Zombie computers are actually under the control of a ‘botmaster’ and are used to send out spam or even spread illegal material like child pornography. This way, the spam and contraband material is difficult to trace back to its source.

Protecting your computer and network from malware is important if you want to keep your system secure. Anti-Malware software is significantly effective in identifying and preventing any Malware from infiltrating your network. Companies like McAfee and Symantec offer subscriptions to software that detects and removes Malware.

Tags: , , , , , , , , , , ,
Posted in Green, Network Security | Comments Off