Tag Archives: LANguard

FrugalBrothers Software, Inc. featured in GFI Software Case Study

Recently I had the opportunity to participate in a GFI case study for the popular GFI FaxMaker software. Last Tuesday March 10th 2015, a video production company visited me in my home office to record the case study. They carried with them a ton of lighting and state of the art video gear.

For those of you unfamiliar with the term “case study” here is the best way to explain it. A case study is an examination of how a customer uses a product, and how the product benefits their business, and or improves their business processes.
Continue reading

How to License GFI LanGuard

GFI LanGuard 2014 R2 is a network vulnerability scanner, patch management, and network auditing tool. There are currently over 1,500,000 nodes with LanGuard deployed.In this article I will answer some of the most frequent questions I receive about licensing GF LanGuard.

Continue reading

GFI Cloud Explained as Fast as Possible

Over the last several years GFI has been moving some of the functionality of their most popular products to the cloud. As of today there are currently 6 different subscription based services that can be purchased individually or together. The benefit to our customers include lower costs to purchase, no expensive hardware such as servers to purchase, and ease of deployment.
Continue reading

A tale of two security approaches – and why you need both

Once upon a time, attacks on computers and networks were relatively simple. Our primary worry was viruses and their variants – worms, Trojans, rootkits. Their authors set out with malicious intent, to create software that can cause harm by shutting down a system or an entire network, destroying data and/or programs, or collect information and send it back to the attackers.
Continue reading

Target’s tale: Lesson learned or will you be burned?

Written by: March Thaler

Turn back the clock to late last year. At the height of theshutterstock_125177096-300x255 holiday season, between November 27 and December 15, hackers certainly gave new meaning to the term “hit the bull’s-eye!”

Cybercriminals toyed with retail giant Target, known for the circular red and white logo that symbolizes its name. Information from 40 million guest debit and credit card accounts was stolen – or so it was thought. The initial estimate, already among the largest in U.S. corporate history, turned out to be a fraction of the total. Today, it ranges from 70 million to 110 million, depending on reports.
Continue reading

Patching and antivirus tips every sys admin should know

Jenny Duncan on March 19, 2014

When you started out in IT, did you really want to spend allshutterstock_126121670-300x300 your life applying patches to PCs and checking if the antivirus product installed is up to date and working properly? Let’s be honest, these tasks get a little repetitive and monotonous, but if you drop the ball with either of these jobs, your IT department (and you) could end up in hot water. Taking shortcuts on patching and antivirus should never be an option.
Continue reading

13 New Year’s Resolutions for Every SysAdmin

By Christina Goggi

As the year comes to an end and New Year’s Day is right around the corner, everyone starts to think about their resolutions for the New Year. Unlike those you are bound to break, like “I resolve to go to the gym every day” and “I will never order extra cheese again,” here are 13 New Year’s Resolutions that every SysAdmin should not only make, but actually keep.

1. I will finally get patch management under control.

For far too long, you have had servers you didn’t patch, workstations you couldn’t patch, and no real way to know just what the status was of any specific machine. And third-party apps? Forget about it. You don’t even want to know how many machines are running out of date Flash. Stop the madness. Make this the year you finally get patch management under control and deploy an app that can handle operating systems and third party applications, so you know everything is fully up to date.

2. I will use hard fails in my SPF records.

It’s so simple. Change one little ~ to a – and you’re done. If it actually does break something… Good! No one should be sending email from your company domain that you don’t know about, so do us all a favor and make this the year you finally start to use hard fails in your SPF records.

3. I will change all those passwords I haven’t changed this decade.

I have a favorite password too. I came up with it in 1997 and consider it nigh unbreakable. But I know it’s not, and you know that password that you’ve been using since a Bush was in the White House is well past its prime. Go change those passwords now – especially the ones that half a dozen ex-employees know because it doesn’t really matter how much you trust them. They don’t work here anymore and shouldn’t know service account passwords.

4. I will actually validate my backups, at least once.

We all smile and nod and say “of course you need to test backups by restoring” but let’s be honest… we never really do. Until now. 2014 will be the year that we all validate our backups by restoring data. And I don’t just mean mailbox databases and home directories. We probably have to restore those every other day. I mean the backups of SQL databases and websites and application installs and Active Directory. Go make sure you really do have valid backups you can use to restore, because otherwise 2014 may be the year your luck finally runs out.

5. I will learn PowerShell.

Whether you spend an hour a night, three lunch breaks a week, or take a five-day crash course, make this year the year you finally learn PowerShell. It’s amazing how powerful a scripting language it really is, and Microsoft is fully committed to making it the management interface for all their products. Even if you can’t code a “Hello World,” you can learn PowerShell. Go do it.

6. I will successfully test our DR plan.

Don’t just test your DR plan… successfully test every aspect of it to make sure it really works. If it doesn’t, revise it and test it again. Unless your DR plan is to update monster.com, you really need to know your plan is sound, works 100%, and you really can get everything up and running again quickly and reliably.

7. I will check every UPS, fan, filter, and cooling system.

Take the first day of the new year to walk every row of the datacenter, open every rack, shine a flashlight in, and make sure every fan is really spinning. Replace every air filter, confirm every cooling system, and test every UPS. It may take a day to do all of that, but it’s a day well worth the effort since those are the simple things that can mean the difference between a system continuing to run, and one that dies.

8. I will run monthly vulnerability assessments.

Get an app, schedule the task, run monthly vulnerability assessments against your internal and external systems, and when you find an issue, remediate it. Trust me… the bad guys are scanning you all the time. Make 2014 the year when you finally know just what it is they see, and you don’t have to worry about it, because you have already covered it.

9. I will have 100% antivirus compliance.

Like patching, this is one of those lies we tell ourselves each year. Sure, all my users are running A/V and all my servers have it too. All my exceptions are properly set up for the applications that my company depends upon, and no SysAdmin has turned off A/V because he thinks his app will run faster. No more. This is the year that everything runs antivirus 100 percent of the time, no exceptions.

10. I will better educate my users.

They are your weakest link, and your early warning system. Why do you continue to let them operate in the dark? This is the year you really can do that monthly security newsletter; those brown bag sessions on patching, and convert your users from part of the problem to part of the solution.

11. I will get more proactive.

Nobody likes those phone calls that come in at 15 minutes before quitting time. But they are not quite as bad as the ones that come in at 2:00 in the morning! If you are waiting on tickets to come in and the phone to ring to discover and fix problems, you’re doing it wrong. Get with the times. Implement monitoring on all your systems that can not only tell you when something is broken but warn you before it breaks, so you can address the issues during the regular business day, and take back your nights.

12. I will upgrade all my old Exchange 2003, and Windows 2003 systems

Take a look at that calendar, will you? 2014! Wow, how time flies. I guess I really have got a  great decade worth of service out of those old 2003 bases systems. Since everything from the server operating system to the core applications have gone through two major new releases, it’s time to take anything running a 2003 version and put it out to pasture. They’ve earned their retirement. Let them go. 2014 will be the year of the upgrade for many of you. Resolve to make it count.

13. I will upgrade all my old XP and Office 2003 users.

And speaking of legacy, XP is dead. As of April, it is no more… no more patches, no more security updates. The same goes for Office and plenty of other systems out there. The difference between 12 and 13 on this list is that 12 is the purview of the SysAdmin, who knows he or she needs to upgrade. 13 is going to involve a user who just can’t update because learning new things is hard and it still works, so why replace it. Hey, if they want to drive that ’79 Pinto with 330K miles on it, that’s their business, but they cannot run systems on your network that can no longer be maintained, and both XP and Office 2003 are going the way of the DoDo come April. It’s time to pull the plug. Just make sure you give them 8.1 and Office 2013 so you don’t have to do this again for at least the next several years!

If you don’t want to resolve to give up coffee or take up running, don’t. I’m not about to tell you to do something you don’t want to do, if you don’t have to do it. The resolutions above are not like that. These are all things that are good, good for you, and take less effort than the alternatives will should you choose not to. Getting proactive, taking care of business, and upgrading things you can no longer support will all help to protect your nights and weekends, and hey, you might even have time to hit the gym if each morning is no longer a fire-drill. Have a great, happy, and safe New Year, and resolve to do right by your network and your users.

– See more at: http://www.gfi.com/blog/13-new-years-resolutions-for-every-sysadmin/#sthash.nzgpyAeG.dpuf

GFI Cloud™ Survey Shows Customers Are Getting More for Less

By: Jackie Wake

The IT network is secure, costs are down, end user GFI-Cloud-Survey-300x200service has improved and businesses are saving more IT time! Is that possible? The answer is a resounding yes. According to our latest survey, GFI Cloud customers in their majority have benefited from ALL the above.

So what changes have customers seen since implementing GFI Cloud?

First and foremost – 60 percent of respondents believe their IT network is now more secure, while 40 percent report security is ‘about the same’, indicating they had security solutions in place previously but moved to GFI Cloud for other reasons such as the convenience of working remotely across multiple sites. Continue reading

BYOD: 16 Rules to Avoid “Bring Your Own Disaster” [Infographic]

Written by: Christina Goggi

Productivity is what you want in your business; and productivity increases when your employees are happy in their  jobs. Giving them space and a level of freedom to use their own devices on the company network is one approach that shows trust– and that makes them happy. At the same time, you do not want that ‘freedom’ to negatively impact the hard work that went into standardizing and protecting your system.
Continue reading

51 Things You Need to Stop Doing Now

Written by: Christina Goggi

Here’s a list of 51 things you need to stop doing NOW. Parse this list, and if anything on it lines up with how things are done in your environment, stop it. Trust me on this. Each and every one of these things is bad, wrong, or even dangerous, and while it may seem like the simple thing to do right now, it is going to cost you much more in the long term.

1. Using default passwords

It takes 10 seconds to change the password on any device. Do it, or don’t be surprised when someone owns your access points, or your printers start to display “Insert Coins to Continue…”

2. Using password policies that are either too strong or too weak

Password length, complexity, and expiration requirements should strike a balance between security and functionality. A password that must be changed every 30 days is probably excessive, and will lead to admins ticking the box so their password never expires. Not requiring complexity makes it trivial to brute force or crack using simple dictionary methods. You should neither assume you won’t be a target, nor think you work for the NSA when setting the password policy for your users.

3. Forcing password patterns

Continue reading