Sharing the SRX love…

Many congratulations to Vaughan Husband of Hotchkiss Limited who was the lucky winner of an SRX firewall following our free prize draw at this year’s IP EXPO.

At this point we could use this blogging opportunity go into a load of detail about how great the SRX series firewalls from Juniper Networks are and tell you how they enable your organisation to securely, reliably and economically deliver powerful new services and applications to all your campus/branch locations and end-users with best-in-class quality.

We could then mention how the Juniper SRX™ Series Services Gateways for the branch consolidate next-gen firewall and UTM services with routing and switching in a single, high-performance, cost-effective, network device.

But we’d rather you look at this great picture of our lovely Account Manager Leon Ratapu making someones day. (Thank you Hotchkiss for letting us share the picture on our blog.)

If you do want to know more about SRX firewalls and our current promotions take a peek at the website here.

We don’t just shift the tin we lift customer expectations

By Jay Ludgrove, Account Manager at Netutils.

Jay Blog 2Views expressed in this post are original thoughts posted by Jay Ludgrove. These views are his own and in no way do they represent the views of the company

Ok, so we know we are not the only IT technology reseller out there. But let me tell you a little about why I think we are different. It’s actually all about when to shift boxes, and when to add real value by working closely with customers to ensure they get the most from our expertise and their technology investment.

When an IT reseller is simply focused on volume sales the likelihood is that the customers’ needs and requirements get left behind when the reseller moves onto the next ‘big volume’ order. This begs the question – can you, the customer, only get the best pricing by sacrificing the service?

I have been with the IT industry for the last 12 years and worked on both sides of the fence, both within technical teams and within sales environments and the one question that has plagued me is how does the customer get the best service at a great price?

This is obviously dependent on the customer’s choice of supplier; do they want a technically accredited company to help with consultancy / development / installation / configuration and future needs? Or would this be plain useless to them because they have an in house team who are already employed specifically for these duties?

As a sales account manager that has emerged from a customer service background, I have always wanted to be able to show my customers a value and experience that they can’t get anywhere else and continue to strive to provide the best service that my technical counterparts are able to deliver.

So what about those customers who are not interested in the services that their resellers can provide, they simply insist on the cheapest price? Is this down to years of being ‘sold to’, that has hardened them to any outside help assuming that all sales people are simply out to get the highest deal value possible without any focus on corresponding service levels? Or do they feel that they have gone through the lengthy recruitment process of employing skilled engineers themselves so they simply don’t see the necessity or value in this level of additional support? And what guarantees do they have that they will be sold the ‘right ‘solution and not just the most expensive?

I believe that this is where the reseller’s reputation comes in. In the past I have worked for IT companies that have quite simply told me ‘Whatever the customer needs we can do. Anything at all, just find out what they need.’ I have never felt comfortable within these types of organisations. Common sense told me, you can’t please all of the people all of the time. I never had the confidence that they were going to be able to deliver on this and although they could be exceedingly cheap the post-sale service was generally left to the vendor who may have little or no knowledge of the initial requirement or challenge. From my personal experience these resellers are used for price comparison only and are seldom called upon to discuss or help deliver future projects or resolve existing problems.

On the other hand resellers that are focused on service over price are going to lose out on a number of deals when the client is only interested in the best price. For this reason I feel it is important to not only have a reputation as an expert in a few core areas but to continuously strive to deliver this message to customers. Ultimately these resellers will not make as many sales as their ‘tin shifting’ counter parts but the retention of business is higher year on year and the customer’s will generally come back for consultancy, development and for open discussions on how to move forward with a particular project or requirement. When you achieve this level of trust you can truly start to become an extension of the customer’s IT team, with their goals and needs coming first and front.

Working for the latter type of reseller requires some adjustment in approach as you will have to concentrate more on what the client needs and less on what you can sell them. This will mean that some sales are smaller than they ‘could’ be and it will mean that you will lose out ‘’on price alone’’. Ultimately building mutual respect can lead to a far superior service and experience for the customer. I sleep better at night, knowing that my customers got the best technology solution that their money can buy that meets their challenges and needs. After 10 years, I finally got to work for a company that promotes relationship building and value with a great ethos that means it’s never really just about the price alone.

So I guess the question you need to ask yourself is for your next technology purchase are you looking for a Tin Shifter or an Expectation Lifter? I know where Netutils fit.

Proactive Next Gen Firewalls for Smarter Security

Do you have an active firewall project? What should you look for in a next gen firewall? Watch our short video blog with our technical specialist Malcolm Orekoya and find out what Juniper Networks’ Branch SRX series has to offer. Talk to a solutions expect from our team about our current firewall offers; including (for a limited time only) a FREE half day’s training session for new customers purchasing Juniper’s branch SRX series. Conditions apply. Visit our website here for details.

The Shellshock Bug – Hype or Reality?

By David Hone, Security Specialist, Netutils

dave_h_colourViews expressed in this post are original thoughts posted by David Hone. These views are his own and in no way do they represent the views of the company.

So what exactly is Shellshock (CVE-2014-6271) aka the ‘Bash Bug’ and should you believe the hype?

You may not believe that your organisation will be affected by this security flaw because you don’t run Linux, Solaris or Unix systems, but you may want to reconsider.

Let’s cut through the hype and consider exactly what Bash is and what functions it provides in a computer.

Bash stands for Bourne-Again Shell. In essence the Bash function provides the interface between the user and the computer. Its core function is to interpret what you type and allows the computer system to action these commands.

Bash also provides the ability to script commands, scripting being used to automate a number of steps. For example you could command a Bash shell which creates a script to discover all your database files and then copy them to a database located somewhere else in the world.

The key part to understand is that as the Bash shell is text-based the commands could be initiated from a remote computer and doesn’t necessarily have to be connected to a local keyboard. This allows IT departments / individuals to action commands from anywhere in the world. While Bash is interpreting the physical commands inputted by a user the final point to highlight (and this is one that most people overlook or simply do not consider for any number of reasons) is that as individuals, consumers and businesses we are surrounded by computers of all types (commonly referred to as ‘the Internet of things’) that are often connected to the Internet undertaking activities and processes of which we often have little understanding or knowledge.

The Bash Bug vulnerability allows an attacker to remotely execute commands, attacking scripts which have been written in Bash.

For more see http://www.vox.com/2014/9/25/6843949/the-bash-bug-explained

How can you identify which of your devices are vulnerable to this type of attack, the impact, and what you should do to protect your business and private data?

If you have not done so already you should start by implementing a full audit of all devices connected to your network. This should include everything from the routers provided by your internet service provider to any device that your users attach to the network.  It is common practice for manufactures to build ‘the internet of things’ with open source software, so almost any device from the modern fridge, to the ISP’s router, or indeed the core routers and switches in your network are all likely to have a custom built Linux/Unix  operating system derived from a common open source technology which includes the Bash application and therefore all these devices are potentially vulnerable to this attack and are targets for attackers to hijack for any number of illegal activities. 

So how can Netutils help? We specialise in providing networking, security solutions and consultancy and pride ourselves on providing our customers with the highest quality of immediate actionable independent advice and solutions to solve current business security needs. If you have any concerns about the impact of the Bash Bug in your organisation we urge you to get in touch, we are very happy to discuss possible fixes for you and your organisation.

Phishing- Are you ready to be caught out?

By Anthony Mortimer, Account Manager, Netutils

AnthonyMortimerViews expressed in this post are original thoughts posted by Anthony Mortimer. These views are his own and in no way do they represent the views of the company.

In the age of commercialised hacking, organisations are experiencing greater frequency and sophistication of attacks than ever before, this is driven simply by the commercial value corporate data represents to criminals. According to Trend Micro 90% of all known successful data breaches in 2012/2013 were attributed to Phishing attacks.

At Netutils we see and talk to a broad range of organisations all with very different views to the risk these threats pose. For many smaller organisations the presence of a firewall and basic security is seen as sufficient; but here’s why these smaller businesses should be concerned.

For a start criminals are now regularly targeting suppliers or customers of big organisations as the staging point to attack the bigger network. More importantly we are seeing a trend for large businesses to dictate security policy to their suppliers for them to continue to trade with them or to win new contracts.

A significant growth area is in the use of targeted Phishing emails and more focussed spear phishing attacks tailored to specific individuals based on pharmed data. These types of attacks are becoming more difficult to mitigate against putting significant stresses on IT department’s budgets.

We have witnessed organisations handling these threats with 2 broad methodologies:

  • Deployment of technology to counteract attacks
  • End user training

It is generally accepted that by far the greatest risk to the security of your corporate data are your employees themselves who may unwittingly fall victim to phishing attacks. According to industry figures 60% of UK office workers receive a Phishing email at least once a day. In addition the greatest issue with regards to end user training is that for most organisations it is difficult to deliver such a course in a way that will make a real difference. Businesses will often run a single awareness session and hope that will mitigate the risk. Unfortunately Phishing attacks are dynamic, although they follow a similar pattern the content and mechanisms change, unless staff are made aware of these on a regular basis the training deployed may only have value for a few weeks after delivery until a new form of attack is devised.

The second method of combating these threats is via the deployment of technology, this poses real issues to businesses and it can be argued many traditional signature based solutions offer little real protection. This is essentially because they rely on a known database of attack signatures to spot and block an attack. However with the rise in commercial hacking activities self-service malware portals can provide the enterprising hacker with a unique piece of malware for as little as $100 that can sit undetected on corporate machines, up until it is discovered and the signature published.

At Netutils we believe that effective mitigation requires a layered approach to handling these issues. At the heart of our solution set are 2 key elements: ongoing security training via our interactive training platform (PhishAware) and cutting edge signature less technology.

If you have any concerns about the impact of Phishing in your business then do please contact a solutions expert from our team on:

t: 020 8783 3800
e: info@netutils.com

PhishAwareTrial

 

 

Exinda: The Business Case for WAN Orchestration

Do you need improved visibility & control of your WAN traffic to maximise user experience & network performance? Watch our short video blog on the key features of Exinda’s WAN Orchestration. The webinar referenced in this video will be available on this blog shortly.

Busting The Top Four Myths About Hacking

Vanessa Cardwell:

This blog from our partners at SMS Passcode on ‘Busting The Top Four Myths About Hacking’ is well worth a read. Knowing what’s myth and what’s fact is essential to avoid running unnecessary risks to your business. Myths can lead to false assumptions and thinking that your business is not at risk of being breached by hackers.

Originally posted on The SMS PASSCODE Blog - technology leader in multi-factor authentication:

By Torben Andersen, CCO, SMS PASSCODE

Knowing what’s myth and what’s fact is essential to avoid running unnecessary risks to your business. Myths can lead to false assumptions and thinking that your business is not at risk of being breached by hackers. So let’s take a closer look at some of the most common myths out there.


1# Myth – Hackers only target the big brandsMyth one - hackers only target the big brands

When big brands like Target, eBay, Adobe, and Sony are hacked, it’s big news for business and mainstream publications. Don’t be fooled: big companies aren’t the only ones being targeted. In fact, research shows that 31 percent of all hacking attacks were aimed at businesses with fewer than 250 employees.


2# Myth – You have nothing valuable for hackers to steal

Fair enough. Not everyone is fortunate enough to be storing breakthrough research with the potential to revolutionize your industrythe world if only you can keep…

View original 385 more words