Survey Says… Zero-Day Attacks and Evasive Malware are Biggest Risks

We thought you’d be interested in some initial findings from the recent Palo Alto survey of Ignite attendees. The survey uncovered the cybersecurity pain points these event attendees face, what keeps them up at night, and what specific concerns they have for their organisations.

The majority of respondents reported zero-day attacks and evasive malware represent the biggest risks. Social engineering attacks and insider threats are close behind.

Palo_Alto_Bog_ImagePalo Alto emphasised that with so many attacks detection in itself is not enough – prevention is key – stopping these attacks before they damage your brand or steal your valuable customer and corporate data.

Palo Alto deliver…

 ‘…a tightly integrated enterprise security platform that delivers automated prevention against known and unknown threats at every point in the kill chain.’

Download a copy of Cyber Security for Dummies here for hints and tips on the cybersecurity landscape, why traditional security solutions fail and best practices on how to control APTs.

Want your network to run more smoothly? Here’s 4 ways to do it.

MalcolmBy Malcolm Orekoya, Senior Technical Consultant at Netutils

Views expressed in this post are original thoughts posted by Malcolm Orekoya. These views are his own and in no way do they represent the views of the company.

With user demand increasing at a rapid rate businesses are spending more and more time and money keeping their networks running and highly available. Investment is now consistently made in redundancy everywhere. Two or more of everything in the network is now normal practice; dual routers, dual firewalls, stacked switches, dual ISP’s, multiple application server, dual power inputs etcetera. All this redundancy will no doubt keep the network uptime high, but will it necessarily keep things running smoothly?
Here are 4 tips worth considering:

  1. Optimum Use of Resources

What is the point of having huge bandwidth, the fastest network with great big servers everywhere if you cannot make the best use of them? Allowing ALL types of traffic/users/applications (the good, the bad and the ugly) through your network without any visibility, policing or prioritisation of business critical services and applications, essentially amounts to a waste of all that investment that you’ve put into providing the robust network in the first place. There are good and bad users as well as good and bad applications both inside and outside of your network and they will always seek to utilise or take advantage of any open, free or unpoliced resources they can get hold of. As C-level executives, IT Managers, Network Managers or IT Administrators, it is your responsibility to make sure you can make the best use of your network resources to provide the best user experience, while preventing malicious usage and controlling the usage of unimportant (low priority) application/traffic.

  1. A Proactive Network

Historically network management has always been very reactive in its approach to dealing with network problems and network traffic utilisation. In general, until there’s a problem (usually reported by users) to investigate, everything is considered to be working and traffic is considered to be “normal”. Ever thought of a “learning network”? A network that can monitor the types of traffic coming in and going out, identify applications and users where applicable and even inform you about changes in the types of applications passing through your network when compared to what is normal (i.e. the baseline). A network that can monitor applications and server response times then proactively alert you based on a traffic light system “Red-Amber-Green” highlighting potential issues. A network that can provide you with recommendations on optimum policies to apply to your network based on your traffic and not just wait for you to figure it out (usually only after there is an issue to troubleshoot). It might sound a bit futuristic, but the good news is, it’s not. All of these elements that make up “a proactive network”, already exist in the Exinda Network Orchestrator solutions.

  1. Application Performance Monitoring

Almost everything within a network today comes down to two thing; applications and services. All the infrastructure that underpins everything boils down to providing some sort of application and or service to a user somewhere. Therefore it can be said that keeping the user experience good and ultimately the user happy comes down to making sure the application or service is performing optimally. To do this you first need to have complete visibility of all applications running through your network. Then you need to be able monitor the most critical applications to your business (usually productivity applications) and establish a baseline of what can be considered “normal”. You then need to be able to observe when these applications start not performing optimally and very quickly figure out why that is the case. Scrolling through pages of log data will not speed up this process, so most importantly you need something that can do all of this for you easily and provide that information back to you in simple (ideally) graphical format.

  1. Speedy Troubleshooting

By making sure your network resources are used optimally and your network proactively informs you of the performance and utilisation of your network applications; you will already have decreased the time it takes to troubleshoot network issues. Having done all this however, it is important to have a monitoring tool available to you that can instantly provide real time analysis of traffic passing through your network as well as being able to look instantly at historic utilisation data for comparison. This will inevitably speed up troubleshooting and reduce downtime.

Want to know more? Please get in touch. info@netutils.com

If you’re responsible for managing your company network bandwidth we would like to personally invite you to join our free half day technical workshop on Wednesday 3rd December 2014 at the National Space Centre, Leicester, UK. For more information and to sign up visit: http://www.netutils.com/exindaSpace.php

About Malcolm
As Senior Technical Presales Consultant at Netutils Malcolm consults and advises on specialist IT Networking, Security and Service Management requirements.

 

We don’t just shift the tin we lift customer expectations

By Jay Ludgrove, Account Manager at Netutils.

Jay Blog 2Views expressed in this post are original thoughts posted by Jay Ludgrove. These views are his own and in no way do they represent the views of the company

Ok, so we know we are not the only IT technology reseller out there. But let me tell you a little about why I think we are different. It’s actually all about when to shift boxes, and when to add real value by working closely with customers to ensure they get the most from our expertise and their technology investment.

When an IT reseller is simply focused on volume sales the likelihood is that the customers’ needs and requirements get left behind when the reseller moves onto the next ‘big volume’ order. This begs the question – can you, the customer, only get the best pricing by sacrificing the service?

I have been with the IT industry for the last 12 years and worked on both sides of the fence, both within technical teams and within sales environments and the one question that has plagued me is how does the customer get the best service at a great price?

This is obviously dependent on the customer’s choice of supplier; do they want a technically accredited company to help with consultancy / development / installation / configuration and future needs? Or would this be plain useless to them because they have an in house team who are already employed specifically for these duties?

As a sales account manager that has emerged from a customer service background, I have always wanted to be able to show my customers a value and experience that they can’t get anywhere else and continue to strive to provide the best service that my technical counterparts are able to deliver.

So what about those customers who are not interested in the services that their resellers can provide, they simply insist on the cheapest price? Is this down to years of being ‘sold to’, that has hardened them to any outside help assuming that all sales people are simply out to get the highest deal value possible without any focus on corresponding service levels? Or do they feel that they have gone through the lengthy recruitment process of employing skilled engineers themselves so they simply don’t see the necessity or value in this level of additional support? And what guarantees do they have that they will be sold the ‘right ‘solution and not just the most expensive?

I believe that this is where the reseller’s reputation comes in. In the past I have worked for IT companies that have quite simply told me ‘Whatever the customer needs we can do. Anything at all, just find out what they need.’ I have never felt comfortable within these types of organisations. Common sense told me, you can’t please all of the people all of the time. I never had the confidence that they were going to be able to deliver on this and although they could be exceedingly cheap the post-sale service was generally left to the vendor who may have little or no knowledge of the initial requirement or challenge. From my personal experience these resellers are used for price comparison only and are seldom called upon to discuss or help deliver future projects or resolve existing problems.

On the other hand resellers that are focused on service over price are going to lose out on a number of deals when the client is only interested in the best price. For this reason I feel it is important to not only have a reputation as an expert in a few core areas but to continuously strive to deliver this message to customers. Ultimately these resellers will not make as many sales as their ‘tin shifting’ counter parts but the retention of business is higher year on year and the customer’s will generally come back for consultancy, development and for open discussions on how to move forward with a particular project or requirement. When you achieve this level of trust you can truly start to become an extension of the customer’s IT team, with their goals and needs coming first and front.

Working for the latter type of reseller requires some adjustment in approach as you will have to concentrate more on what the client needs and less on what you can sell them. This will mean that some sales are smaller than they ‘could’ be and it will mean that you will lose out ‘’on price alone’’. Ultimately building mutual respect can lead to a far superior service and experience for the customer. I sleep better at night, knowing that my customers got the best technology solution that their money can buy that meets their challenges and needs. After 10 years, I finally got to work for a company that promotes relationship building and value with a great ethos that means it’s never really just about the price alone.

So I guess the question you need to ask yourself is for your next technology purchase are you looking for a Tin Shifter or an Expectation Lifter? I know where Netutils fit.

Take control of your sensitive corporate data with Safe-T

[vimeo vimeo.com/http://vimeo.com/89708431]

Safe-T allows you to control and secure data exchange of any type and size between people, applications and businesses. This short video will give you a quick snapshot of the solution; suitable for any size of organisation in any industry.

What our customers say

[vimeo vimeo.com/http://vimeo.com/85264748]

We made a short video with a handful of our valued customers. We hope you enjoy it. Take a peek to find out why our customers come back again and again. A big thank you to everyone who took part for their time and their positive words.

Netutils & Juniper Networks Innovation Day – What’s it all about?

By Vanessa Cardwell, Marketing Manager, Netutils

Views expressed in this post are original thoughts posted by Vanessa Cardwell, Marketing Manager, Netutils. These views are her own and in no way do they represent the views of the company.

In short, it was all about the latest networking and security innovations from Juniper Networks topped off with a few thrills! Hosted at Mercedes Benz World the workshop gave our customers the opportunity to hear first-hand from Juniper executives and technical experts about the latest innovations in networking and security from Juniper Networks.

In the morning Juniper experts delivered presentations on BYOD, security and networking innovation. We were delighted to also have the opportunity to experience demos of Juniper Network’s innovative Junos WebApp Secure solution and network management solution Junos Space. Following the workshop sessions our guests had the opportunity to experience the buzz of the Mercedes Benz World Driving experiences both on-track and off-road.

Great day all round – useful to meet and talk to other Juniper users and to hear about the other products that Juniper Networks offer during the various seminars. The afternoon driving experience rounded off a great day … thanks to Netutils!
Steve Collins, IT Manager, A Mclay & Company Ltd


The workshop is a fantastic opportunity for our customers to have some 1-2-1 time with Netutils technical experts and Juniper execs. It’s also great for us to spend some quality time with customers, supporting them and discovering more about their security and networking challenges, but what’s really important to us is the opportunity to get to know our customers better. It was a real pleasure to spend the day with a great bunch of people and we hope our customers valued and enjoyed the event as much as we did.
David Silsby, Sales & Marketing Director, Netutils

Please check out the recent video from a previous event for a taster of what was experienced on the day, or read on for workshop highlights.

Securing BYOD & Beyond
Jonas Gyllenhammar, Sr Consulting Engineer, Pulse Architect, EMEA at Juniper Networks

Jonas&JohnSo we all know that BYOD is a great big fat industry buzz word these days, but what was really engaging about Jonas’ session was his point that the phenomenon of BYOD is not simply about bringing your own device, its more than that; it’s about a robust access management policy solution for your organisation and this requires a dynamic policy driven security enforcement solution. A bit of a mouthful perhaps but Juniper Networks’ end-to-end Pulse solution makes this straightforward. In short, it’s simply about 2 things:

  1. The User – are they known or unknown?
  2. The Device – corporately owned? BYOD, staff member with an unknown device? Or Guest with an unknown device?

Junos Pulse allows you to combine different users and devices. An end-to-end solution which covers all use cases delivering network wide policy orchestration.

Jonas spent some time detailing the different attributes of the Pulse solution – profiling, on-boarding, authentication, device / user authentication, role based access and network wide automatic threat mitigation.  The Pulse solution keeps BYOD simple. It supports the requirement that users need BYOD in different flavours – light and full access. As well as providing full network access to known users and devices, it’s vital to have a simple identity based guest access solution for Wi-Fi access, keeping you compliant and secure. In short, Pulse allows you to deliver the right policies for the right use cases, making the access and on-boarding experience seamless for the user.

Securing the Datacentre
John Pennington, Security Sales Specialist, UKI at Juniper Networks

John’s session covered Juniper Networks’ security strategy. Combined with Juniper’s leadership in firewalls, remote access and their broad security product portfolio, they are the leaders in data centre security. John emphasised that whilst next generation firewalls and “inside-out” security threats are important, the most critical threat facing enterprises today is the emerging ‘outside-in’ threat, which accounts for 73% of all modern attacks. To counter this menace from sophisticated, persistent and well-funded organised groups trying to steal your customers’ money and intellectual property, Juniper have been aggressively investing in leading-edge technology to help secure the data centre now and in the future.

Juniper Networks’ have a suite of security solutions which augment the firewall to protect your business critical web applications.

Junos DDoS Secure
DDos attacks are becoming more and more prevalent and are a major problem for online businesses. Junos DDoS Secure can nullify these problems by continually monitoring and logging all inbound and outbound Web traffic. Junos DDoS Secure uses its CHARM algorithm, a sophisticated heuristic algorithm, to separate malicious from legitimate traffic, and is able to respond intelligently and in real time by dropping suspect or noncompliant packets as soon as the optimum performance from critical resources begins to degrade. DDoS Secure guarantees availability for legitimate users, even under the most extreme attack conditions with zero false positives.

Junos WebApp Secure
Juniper Networks Junos WebApp Secure is the first Web Intrusion Deception System that detects, tracks, profiles and prevents hackers in real-time.

Traditional web application firewalls are seriously flawed because of their reliance on a library of signatures to detect attacks and makes them susceptible to unknown (zero day) web attacks. Junos WebApp Secure stops attackers in the reconnaissance phase by inserting detection points or tar traps into web application code, these traps detect hackers when they manipulate the detection points during the reconnaissance phase of the attack, before they can establish an attack vector.

Junos WebApp Secure tracks attackers beyond the IP address.  Many legitimate users could also be accessing the site from the same IP address—for this reason, Junos WebApp Secure goes beyond the IP address and tracks attackers more granularly, creating a unique digital fingerprint based on more than 200 unique attributes. The tracking techniques allow you to profile the attacker and record the attack. Every attacker is assigned a name and each incident is recorded along with a threat level based on their intent and skill. Junos WebApp Secure also responds to attackers, frustrating them in their efforts to hack your applications by slowing down the connection for example.

John urged customers to take a trial of both solutions and we urge customers to get in touch with us at Netutils if this is something they would like to explore in more detail.

Technical Demos – Junos WebApp Secure, Junos Space – Simplified, Unified Management
Ken O’Kelly, Senior Systems Engineer at Juniper Networks

KenOKellyExponential growth in network traffic, changes in mobile user behavior, and the onslaught of new cloud services and applications are expanding the avenues available to malicious attackers. Managing enterprise security policy in these complex environments can become prone to error and overly time-consuming, especially if management solutions are slow, unintuitive, or restricted in their level of granularity and control. Poor policy management can also lead to security mis-configuration, making the enterprise vulnerable to sophisticated threats and regulatory noncompliance.

Junos Space is an open, secure, and scalable software platform that allows customers, partners, and developers to build and deploy simple, smart applications that manage and analyse network element data and optimise network infrastructure and operations management. Ken demonstrated the attributes of the Junos Space solution that allows customers to maximise their network value and scale solutions while reducing complexity.

Ken demonstrated the 2 main functionalities of Junos Space – Network Director & Security Director. Security Director provides efficient and cost effective management and allows you to scale management reach across your security and network devices and ease administration and reduce configuration errors through a responsive Web interface. Network Director offers a unified wired and wireless network management application featuring full life cycle management including pre and post deployment life cycle tools with single pane visibility to manage Network infrastructure, users and services.

Junos WebApp Secure

A demo which really captures attention, building on from John’s presentation on the solution earlier in the day in this simple demonstration we were able to show how easy it is to detect, identify, track and stop hackers in their tracks. The simple, clean interface of the solution allows for easy monitoring. Junos Web App Secure looks at two areas – Certainty and Specificity. This ensures that you are blocking the right activity without impacting your business, and identifying malicious behaviour that other solutions can’t even start to think about finding.

The demonstration of Junos WebApp Secure illustrates how the Juniper Networks’ security ecosystem adapts at the speed of risk, where allowing easy access is balanced with stopping attackers from getting what they want.

Please do contact a security specialist at Netutils if you would like further information on any of the solutions covered in our Innovation Workshop, and a big thank you to everyone who participated in this informative and fun event.

_DSC4172  _DSC4223

Protecting the Datacenter With Juniper Networks

[vimeo vimeo.com/http://vimeo.com/76119046]

A great little video which really nicely explains the Juniper Networks security story. Well worth a view if you have a spare few minutes. (You’ll need a password to view, no prizes for guessing , it’s ‘juniper‘)