Suddenly people cannot get to the internet at my business

Android, Apple, broadband, Business, CCTV, Cisco, Computer Repair, Computer Sales, Computer Security, Computer Service, Computer Support, Connectivity, Homeland Secure IT, iPad, iPhone, Licensing, Linux, Mac, Microsoft, Mobile, OS X, Sales, security, Windows, Windows Server No Responses »
Jan 202012

So you have been cruising along at your business for years and all has been great, but now, out of the blue, people on your network are having trouble viewing websites.

You found that if you reboot that firewall (pull the plug on the thing since there is no power supply) that YOU get back online right away, but then later that day, someone else on the network is now having trouble accessing websites so you reboot the firewall and all is well, for a while.

What could it be? It MUST be the firewall going bad since that fixes it.

Before jumping to that conclusion and just replacing the device, think back. Has your company grown? Maybe you have added a few new employees, or, maybe you have added tablets or other connected devices.

What could be happening here is that you have added one too many devices to your network and exceeded the number of seats that your firewall appliance supports. When you originally purchased that device, a technician counted the number of computers, servers and connected devices and said “You need a 25 user firewall and it will cost $xxx.xx”, to which you agreed and promptly forgot about.

Now, flash forward to today and your 12 users and a server have grown to 15 users, two servers and many people have iPads or Android tablets or phones, taking you past the 25 user limit.  The last person to connect once you go over the limit will generally be denied access to websites by the firewall, as a warning that you have exceeded the license terms, and it probably won’t “reset” just by turning that computer off, you will have to reboot the firewall to free unused seats up.

So what are you going to do about it? I guess you could tell the employees to stop connecting their personal phones to your network, or you could replace the firewall with a cheap router that has no limitations.

Both will work, but are bad ideas.

The real solution is to correct the licensing issue. Determine how many connected devices you have within your network, and estimate how many you will need for the next year, then talk to a vendor who can provide the proper licenses and apply those for you. Don’t forget to include VoIP and security systems, even copiers and connected printers, as they may require a seat too.

If you are experiencing rapid growth, consider upgrading to an unlimited license.

Just a note – If you have an old device, say 4-5 years old, now may be the time to consider upgrading the entire device to the latest technology at the same time you correct the user limitation!

Should you require help with this, Homeland Secure IT offers sales and support of most major brands of firewalls. We partner with Cisco, WatchGuard, SonicWALL, TrendNet, D-Link, NetGear and more! Call us for more information in the Greenville / Upstate SC area – 864.990.4748 or email info@homelandsecureit.com

Posted by JohnMHoyt at 5:43 pm Tagged with: , , , , , , , , , , , , , , , , , , , , , ,

WatchGuard offers the “Red Instead” campaign for upgrading your unified threat management

Business, Cisco, Cloud Computing, Computer Repair, Computer Sales, Computer Security, Computer Service, Computer Support, Connectivity, Homeland Secure IT, Licensing, Sales, security No Responses »
Oct 202011

Do you have a unified threat management or spam protection device that is not from WatchGuard?

If so, and you would like to upgrade to the WatchGuard XTM or XCS series UTMs, then through December 2011 you can take advantage of their offer to allow trade-ins of competitor’s appliances for a three-year XTM Security Bundle on selected models or a three-year XCS Email Security Bundle and pay ONLY for the services.

You get the box for free!

Some of the brands that are acceptable trade-ins are:

  • Aastaro
  • Barracuda
  • Cisco
  • Clearswift
  • Fortigate
  • IronPort
  • Juniper
  • M86 MailMarshal
  • McAfee Email Gateway
  • ProofPoint
  • SonicWall
  • St. Bernard
  • Symantec
  • Trend Micro

For more information, please contact your WatchGuard reseller, or if you’re in the Greenville / Upstate SC area, please call Homeland Secure IT at 864.990.4748 or email info@homelandsecureit.com

Posted by JohnMHoyt at 3:11 pm Tagged with: , , , , , , , , , ,

Cisco IOS potentially susceptible to two zero day vulnerabilities

broadband, Business, Cisco, Computer Repair, Computer Sales, Computer Security, Computer Service, Homeland Secure IT, Sales, Secure IT Alert, security, Technology No Responses »
May 062011

SecurityFocus has two posts indicating that Cisco IOS 15.0 is vulnerable to attackers.

Both are DoS (Denial of Service) issues and at this time there is no solution being offered from Cisco to correct the problem.

Should your network be non-responsive, you could attempt to reboot your Cisco device to restore connectivity.

The original posts are as follows:

Cisco IOS UDP Denial of Service Vulnerability

Cisco IOS SNMP Message Processing Denial Of Service Vulnerability

Homeland Secure IT is a Cisco partner and can apply the IOS updates when they become available. We are also partners with and offer sales & support of SonicWall, WatchGuard and other firewall/router manufacturers. If this issue becomes of concern for you or your business, we can provide alternative products which are not vulnerable.  In Greenville / Upstate SC, call 864.990.4748 or email info@homelandsecureit.com

Posted by JohnMHoyt at 10:48 am Tagged with: , , , , , , , , , , , , , , , ,

Do firewall appliances expire like a carton of milk?

Apple, Business, Cisco, Connectivity, Homeland Secure IT, Mac, Microsoft, OS X, security, Technology, Windows No Responses »
Mar 142011

Something that many people don’t know is that there are actually expiration dates on hardware and software.

Let’s say you buy a Cisco ASA 5505 security appliance (firewall) for your business, and you keep it up to date. When do you expect to replace it? Chances are, you feel that the firewall should be left in place until it dies of old age or fails due to some other event like a power surge or lightning strike, etc.

That is exactly what an attacker hopes for, that you will “set it and forget it”. See, each security product receives many updates over the course of its life. The manufacturer finds security holes and produces patches to those vulnerabilities that must be installed, just like on your Microsoft Windows or Apple Mac OS. If you do not apply those patches, you run the risk of a security breach due to an attacker exploiting a known “hole” in a device.

So back to this “expiration date”. Each product actually has an “end of life”, and that is the date that the manufacturer will no longer support it. That comes in many flavors. It may be an end of sales cycle, or a complete end of support. Products that reach the end of life and are no longer updated are the prime targets of attackers.

Manufacturers have to leave behind old hardware because of changes in the firmware technology which could require additional processor or RAM capabilities, far beyond what your 5 year old firewall may have.

If you have an older piece of hardware, you may want to see if it is at its end of life, and at the very least ensure that the latest patches / updates from the manufacturer are installed.

Should you require assistance with this in Greenville or Upstate SC, please call us! We support all common brands of security firewall appliances and we are partners and dealers for Cisco, WatchGuard, SonicWALL and more!

864.990.4748 or email info@homelandsecureit.com

Posted by JohnMHoyt at 5:52 pm Tagged with: , , , , , , , , , , , , , , , , , ,

Safe Browsing from Public Wi-Fi Hotspots is possible with a VPN

Android, Apple, Business, Cisco, Cloud Computing, Computer Sales, Computer Security, Computer Service, Connectivity, Homeland Secure IT, iPad, iPhone, Linux, Mac, Microsoft, Mobile, OS X, security, Technology, Video Link, Windows No Responses »
Feb 082011
Security Padlock

Secure your Wi-Fi Connection with a VPN

WSPA’s Amy Wood (@TVAmy) had a great segment on last night (2011-02-07) in which she had Doug Cone (@nullvariable) a local web/graphics “devsigner” discussing the dangers of using public Wi-Fi. You can find that story here.

He demonstrated a tool which allows even the most novice of “hackers” to see a list of others who are using any given open wireless access point. He did this at a coffee shop and then went around and scared the bejeebus out of people by showing them how much information was at his fingertips.

In a discussion on Facebook the other day with Doug and Russell Tripp (@RussellTripp), I suggested that those two get together and product a video showing the same information in depth and then explaining how to protect yourself from this all-too-real security threat. I believe they may be doing that as a follow-up to the WSPA story and will post that information here as a reply when that becomes a reality.

In the mean time, I thought I give some info about one tool that is both readily available and super-affordable that you can use to secure your connection when using a public Wi-Fi hotspot. That tool is a VPN, or Virtual Private Network. Yes, the same VPN technology that has been around for a very long time and used in businesses and larger corporations, and it is so easy, a caveman could do it. (I’m sure a lawsuit is forthcoming for my use of that slogan)

A VPN connection established to your home will allow you to connect to the open wireless network of your choice, build a “tunnel” to your home connection, and then send all traffic through the wireless network through the encrypted tunnel, providing a very secure transport.

All that is needed is a VPN capable router or firewall at your home. But wait, you say you can’t afford a Cisco ASA 5505 (or WatchGuard or SonicWALL security appliance). That’s okay, you don’t need one.

You may already have a compatible home router that can be setup with the free DD-WRT (the website http://www.dd-wrt.com has a list of compatible routers) which provides VPN capability to your 40 dollar Linksys or similar device!

The setup is pretty straight-forward once the device end is ready. Connecting takes only seconds.

The VPN is not just for Microsoft Windows, but also Apple Mac OSX, iPad, linux, freebsd, solaris, etc. Most smartphones including Android, iPhone, Windows Mobile and Blackberry should have the ability to utilize your VPN too.

If you don’t have a compatible router, you could optionally use OpenVPN on your PC, and last but not least, you could use the OpenVPN HOSTED service. The hosted solution comes with a price tag, but for many it may be worth it to protect their privacy.

If you are fortunate enough to work for a company with a VPN already in place, you could probably use that as an option, assuming the IT policy permits you to do so.

Should you require assistance in Greenville or the Upstate for your personal or business VPN needs, we are partners with Cisco, WatchGuard, SonicWALL, ZyXEL and have a solution that is right for you. Call 864.990.4748 or email info@homelandsecureit.com.

Posted by JohnMHoyt at 7:44 am Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

The End Is Near! All IPv4 Addresses Now Spoken For

Apple, broadband, Business, Cisco, Computer Repair, Computer Sales, Computer Security, Computer Service, Connectivity, Homeland Secure IT, Linux, Microsoft, security, Technology, Windows, Windows Server No Responses »
Feb 012011
IPv4 Exhaustion

IPv4 Exhaustion Prediction

We knew the day was coming, and today we learned that it was sooner than later.

IANA (Internet Assigned Numbers Authority), the organization that manages IP addresses and domain allocations has assigned two IPv4 address blocks to APNIC (The Asian-Pacific Network Information Centre), which in turn has caused a provision in the IANA rules to go into affect, releasing the last five IPv4 address groups totaling 82.5 million addresses to the regional internet registries.

So that’s it for the total pool of 4.3 billion IP addresses!

Where do we go from here? IPv6 baby! It has been there waiting in the wings for this moment, and now it is time for it to shine. ISPs will be left with no choice but to begin deployment.

What is interesting is that the graph on the left, from the Wikipedia site about “IPv4 Address Exhaustion” was spot on in predicting the end…

It is time (actually past time) to be planning for your own future, meaning, getting your infrastructure ready for the IPv6 deployments that will be coming. You may need some new hardware, and certainly a few configuration changes, but either way, you should be working with your network support professional to ensure you are ready.

If you need assistance in the Greenville or Upstate, SC area, please call upon us. We offer computer, server and network support, service, repair, sales and consultation.  864.990.4748 or info@homelandsecureit.com

All of our partner companies (Cisco, WatchGuard, SonicWall, etc) offer IPv6 ready firewalls, security appliances, routers, and more!

Posted by JohnMHoyt at 3:55 pm Tagged with: , , , , , , , , , , , , , , , , , , , , ,

SonicWALL promotion allows you to buy one CDP backup appliance and get one free!

Backup Solutions, Business No Responses »
Jan 212011

We received a promotion announcement today that states SonicWALL has a buy one get one free deal on their CDP backup appliances and thought we would pass this on to you.

If you are looking to purchase a SonicWALL CDP 110 or 210 Backup and Recovery Appliance, please call 864.990.4748 or email info@homelandsecureit.com because this is a great deal for you!

Hurry because there is a small window of opportunity for us to claim this promotion…  This only applies to our Greenville and Upstate business clients.

Homeland Secure IT is a partner and reseller of SonicWALL security and backup appliances. We also offer installation and support!

Posted by JohnMHoyt at 3:34 pm Tagged with: , , , , , , , ,

WatchGuard XCS 370 Awarded CRN Product of the Year in Security Appliance Category

broadband, Business, Cisco, Computer Security, Connectivity, Homeland Secure IT, security, Technology No Responses »
Jan 142011

WatchGuard XCS 370

One of our security partners, WatchGuard, was just awarded the CRN’s “Security Appliance Product of the Year” for their XCS 370 series device!

Here’s the press statement:

WatchGuard XCS 370 Security Appliance Wins in CRN’s 2010 Products of the Year

SEATTLE – January 11, 2011. WatchGuard® Technologies, a global leader of business security solutions, today announced that the company won the coveted CRN Everything Channel’s “2010 Products of the Year: Security Appliance” for the WatchGuard XCS 370.

CRN announces its Product of the Year Awards each December and recognized the XCS 370 for 2010 based upon its price, performance and power capabilities. “Many new products were introduced to the channel this year and narrowing our list was not an easy process. We needed to be sure that each product addressed a critical need, added significant value to the end user and made an immediate impact on how solution providers in the channel deliver technology,” said Kelley Damore, VP, Editorial Director, Everything Channel. “The winners are the best of the best and we congratulate them on producing top quality solutions.” Expanded coverage of the 2010 Products of the Year are featured in the December issue of CRN Magazine and online at www.crn.com.

“E-mail and the web are the main vectors for malware and other electronic threats entering enterprise networks today. No company is immune to this problem, but the deployment of combined WAM (web and messaging) security solutions can drastically reduce the volume of these threats,” said Phil Hochmuth, Program Manager for Security Products at IDC. “WatchGuard’s XCS 370 appliance targets the WAM security issue with a balance between price and performance geared towards mid-sized companies.”

“WatchGuard is very excited to receive this accolade from CRN. We believe that the XCS 370 exceeds the SMB customer’s expectations and provides best in class security and data loss prevention in an intuitive, easy to manage appliance,” said Mark Romano, Director of Global Channel and Field Marketing at WatchGuard Technologies and 2010 CRN Channel Chief.

WatchGuard XCS 370: Powerful Messaging Security for SMBs
WatchGuard XCS (Extensible Content Security) solutions, deliver the industry’s most effective defense-in-depth solution for email security, web security and data loss prevention. These easy-to-use, all-in-one solutions offer the most effective defense from email and web-based threats including spam, viruses, malware, URL filtering, blended threats, spyware and network attacks, as well as outbound content control to prevent data loss.

Small to mid-sized businesses do not need to pay high prices for powerful email security. WatchGuard XCS 370 appliances are affordable, complete email security solutions that defend against inbound threats including viruses, spam, blended threats, phishing, spyware and network attacks. The XCS 370 offers:

  • Protection from bi-directional threats and content security across email and web, all in a single solution.
  • Reputation Enabled Defense, WatchGuard’s innovative cloud/appliance hybrid security service, blocks more than 98% of unwanted and malicious email and web traffic at the connection level for rock-solid security and high performance.
  • Powerful anti-spam with multiple layers of inspection and knowledge-based learning of unique messaging environments for more accurate spam detection.
  • Deep content inspection and contextual analysis provides defense-in-depth approach for stronger protection from inbound spam, malware, blended threats, and network attacks.
  • Zero-hour threat outbreak response closes the window of vulnerability to new threats with fastest response time.
  • Attachment control blocks files that are known to be harmful so they never enter your network.
  • Patented queue replication ensures zero message loss and continuity of business communications.
  • Set-it-and-forget-it administration allows you to apply a single policy for total visibility and control of all email and web traffic without the need for a dedicated, costly management appliance.

More information about WatchGuard XCS solutions is available at www.watchguard.com.

About WatchGuard Technologies, Inc.
Since 1996, WatchGuard® Technologies, Inc. has been the advanced technology leader of business security solutions, providing mission-critical protection to hundreds of thousands of businesses worldwide. The WatchGuard family of wired and wireless unified threat management appliances, messaging, content security and SSL VPN remote access solutions provide extensible network, application and data protection, as well as unparalleled network visibility, management and control. WatchGuard products are backed by WatchGuard LiveSecurity® Service, an innovative support, maintenance, and education program. WatchGuard is headquartered in Seattle and has offices serving North America, Europe, Asia Pacific, and Latin America. To learn more, visitwww.watchguard.com.

WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.

Should you desire more information about the WatchGuard XCS 370 or other WatchGuard security products, please call 864.990.4748 or email info@homelandsecureit.com. We offer sales, consultation and support of WatchGuard and other security devices to Greenville and Upstate SC businesses.

Posted by JohnMHoyt at 9:48 am Tagged with: , , , , , , , , , , , , , , , , , , , , , , , ,

Secure IT Alert: Apple QuickTime for Mac & Windows Vulnerable – Time to Update!

Apple, Business, Computer Repair, Computer Security, Computer Service, Homeland Secure IT, Mac, Microsoft, OS X, Secure IT Alert, security, Windows, Windows Server No Responses »
Dec 092010

Secure IT Alert Header

Homeland Secure IT Alert

Secure IT Alert for Thursday, December 09, 2010

Apple has released a security update that addresses 15 media handling vulnerabilities in Apple QuickTime player on both the Mac and Windows operating systems. These vulnerabilities are similar in nature…

If attacker can coax a user to open a malicious media file, such as an image or a video, the holes can be exploited to allow execution of code on the user’s computer. What damage could be done? If you are a Windows owner, especially if you are using the now outdated Windows XP as an administrator, the attacker can gain full control over your machine. Mac owners are a little more protected as your user account is isolated from the superuser account, however, significant damage can still be done.

The fix? Update to Apple QuickTime 7.6.9 to address these security issues.

If you are using Trend Micro Worry Free Business Security 7, a WatchGuard firewall device or similar, your administrator or computer / network service or support professional can block media files such as AVI, MOV, JP2, FPX, GIF, PCIT, PCT, PIC or QTVR in FTP, HTTP, Email and more. This solution may have a negative impact on your workflow, so the upgrade path to QT 7.6.9 is likely preferable to total blockage of media files.

Should you require assistance with this or any other computer or network security issue, computer repair or computer service in the Greenville or Upstate, SC area, please call us at 864.990.4748 or email info@homelandsecureit.com. We also offer the full line of Trend Micro Security Products, as well as WatchGuard, Cisco, SonicWALL and other firewall appliance.

Homeland Secure IT Alert Footer

Homeland Secure IT Alert

Posted by JohnMHoyt at 11:24 am Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , ,

Stuxnet virus possibly biggest threat to industry ever

Apple, Computer Repair, Computer Security, Computer Service, Homeland Secure IT, Mac, Microsoft, Microsoft Exchange, Mobile, OS X, security, Windows, Windows Server No Responses »
Nov 182010

Malware Virus Trojan Worm Phishing Rootkit Spyware Spam SecurityAn article from the Associated Press published on news.yahoo.com on Wednesday outlines the threat that the Stuxnet virus poses to industry around the world.

The malicious computer attack appears to primarily target the Iranian nuclear plants, but according to the article, it can be modified to interfere with industrial control systems around the world, and “represents the most dire cyberthreat known to industry”, according to government officials and experts.

Of course government will not be of help, even though Senator Joe Leiberman says that legislation on the matter will be a “top priority” AFTER lawmakers return in January.

This means it is up to businesses to do everything they can to protect their networks from Stuxnet and its variants as well as the plethora of other malicious software aimed at wreaking havok on society.

What can you do to protect your computer network infrastructure? I’m glad you asked! What follows is a rough outline of some actions you can take to prevent malware from infiltrating your network…

  • Whatever physical network firewall you are using should be current, not an end-of-life unit. If you are using anything older than 5 years, chances are good, even with the latest firmware updates, it is of little protection. Consider using a newer product, from a reputable manufacturer such as Cisco, WatchGuard, SonicWall, Jupiter, and make sure it has all the latest updates on it. If you have questions, your network support specialists can help.
  • If your firewall features IDS (Intrusion Detection), use it. Watch logs, look for active attempts by people to get into your network.
  • Never going to do business outside the USA? Don’t require email from various countries? You could lock down your firewall to block traffic from some “hot spots”, such as China, Russia, the Middle East, etc.
  • Lock down unused services (Not using FTP on your servers? Block the port, disable the service)
  • Don’t forget about those servers on your network which are not accessible from the outside world, many times a workstation is exploited and a “bad guy” uses that workstation to gain access to other servers to run their own applications on. If you don’t access these machines often, activity could go unnoticed, for weeks, months and longer!
  • Insure all computers are up to date with the Operating System patches, regardless if they are Mac OS X, Microsoft Windows XP, Vista, 7, linux, etc. Implement a patch management system.
  • Insure all applications have the latest patches and updates applied. (Especially Adobe products and JAVA).
  • Leave behind OLD, unsupported, insecure applications, plugins, extensions, and operating systems. If it is unsupported, how will vulnerabilities be addressed? Security through obscurity probably is not a good idea.
  • Anti-Virus is not an option! Thinking that a free anti-virus is “better than nothing”? Remember the old adage, “You get what you pay for”. Do you really want to take a chance with your security? We recommend quality anti-virus from Trend Micro, or at least Symantec or McAfee. Thinking your Mac is not vulnerable is a fantasy.
  • Browsing – stop it! If you have users on your network who spend their day browsing sites randomly, you may want to consider putting a policy in place to limit the types of sites they use, or at least use web filtering / web reputation (such as is offered in Trend Micro Worry Free Business Security) to help protect you from known bad sites. Trend Micro WFBS allows you to specify types of sites, such as “social media”, “news”, “alternative lifestyle”, “adult”, and more that you may want to prohibit users from visiting.
  • Email filtering is a must, not only can it keep out unwanted & unsolicited email (SPAM!), it can block harmful links and attachments. Again, Trend Micro WFBS Advanced is a great solution for your small and medium business.

This list is by no means a complete checklist, but it will help you get started in analyzing your needs. If you have questions, you may wish to enlist the assistance of a qualified network support specialist. We can help with that and all your computer repair & service needs as well as sales of Trend Micro, Cisco, WatchGuard, SonicWall, Symantec and other products here in Greenville and Upstate of SC. Call 864.990.4748 or email info@homelandsecureit.com for more information or a free consultation!

Be safe out there!

Posted by JohnMHoyt at 1:58 pm Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Older Entries
© 2012 Homeland Secure IT - Blog-O-Rama Suffusion WordPress theme by Sayontan Sinha