Enterprise Security

The Need for Speed

Who wants more speed?  I know I do, but unfortunately I don't have the bandwidth at home to take full advantage of Palo Alto Networks latest masterpiece - the PA-7080.

Palo Alto Networks 7080 Firewall

Palo Alto Networks PA-7050 Now Available

With the release of PAN-OS 6.0 and the PA-7050, Palo Alto Networks continues to bring new, innovative products and platforms to the security market that enable enterprises, governments and service providers to combat the most advanced and evasive cyber attacks.  In addition to the PA-7050 chassis and new cyber attack protection functionality, this release brings more than 60 additional new features that will allow you to accelerate virtualization and software defined network projects, and embrace mobile computing.

A Case for Aruba’s ClearPass Access Management System

A recent article from the CIO Journal (see below) discusses the security challenges in the workplace posed by tablet computers.

This is a case where the workplace can benefit from Aruba’s ClearPass Access Management System.  (Especially in this ever-expanding mobile landscape, where personal devices have taken the lead!)

Palo Alto Firewall Schedules

Recently we had a request from a client to create a schedule for their Palo Alto Firewall that would restrict access to social media and streaming media. The client wanted to restrict access between the hours of 8:30 PM and 6:00 AM. The client is running the 4.1.7 operating system on their PA-5020. Initially the client tried to setup the schedule as recurring weekly schedule Monday-Thursday from 20:30 - 06:00. The policy was not being hit when we looked at the traffic logs.

Palo Alto Firewall Update 4.1.7

PAN-OS Version 4.1.7 has been released. You can read about the new features and bug fixes here.

Note: In order to upgrade to PAN-OS 4.1, the device must be running PAN-OS 4.0.0 or later. Attempts to upgrade to PAN-OS 4.1 from earlier releases will be blocked.

Mobile Enterprise Security

We have all spent a lot of time talking about the perils of open-door BYOB policies.  The attached white paper by the Enterprise Strategy Group (ESG) takes a quantitative look at the impact of BYOB on typical enterprises.  This paper discusses the challenges (especially security) created by all of the new mobile devices and the “de-perimeterization” of organizations.  And finally it recommends some architectural solutions for these security issues.  In particular, the paper addresses – at a high level – mobile device management solutions.

Those darn SSH connections...

One problem that every network administrator has had to deal with at some point in their careers is securing their equipment from outside attacks that come from the internet.  A firewall is especailly vulnerable since it is the device that protects your network from all those attacks and probes.  One thing that is truly annoying is when you check your logs and find out that someone has been trying to log in to your firewall.  You'll see something like this: