Cogenesis Logo

National IT Support for your business (Sydney, Brisbane, Melbourne, Perth)

National Local Call: 1300 88 35 99
Level 13, 155 Castlereagh St, Sydney, NSW 2000

articles

IT Security

The business case for Hosted Exchange

A large amount of organizations have been moving to hosted email solutions. Hosted exchange can be considered a relatively tried and tested way to push services to the cloud, and this, as well as the complexities and costs of managing email systems internally has contributed to the popularity of this cloud service. There are many paths one can take to move to a hosted exchange platform; Microsoft Office 365, Google, your service provider, ISP solutions and cloud service providers all offer varying hosted email services.

Hosted Exchange is a remotely managed 3rd party vendor provided solution to a business’s email needs charged on a monthly per mailbox / user fee. It negates the need to have your own exchange server and the maintenance that goes with it. Different offerings will have different feature sets such as mailbox size, archiving option, additional storage, and discovery and management tools. It is important to note that we are not looking at POP style email solutions which is limited in the way of collaboration and security, and generally stores mail to your local workstation; which is not adequate for any business that relies on email as a key part of communication.
Because of licensing costs, and the fact that managing an exchange server for a small organization can take as much time (or even more) than a larger organization, smaller organization will see most cost benefit from their existing solutions. However, large enterprises, who often have to manage multiple exchange servers, with the added overhead of clustering and redundancy resulting in addition hardware and expert staff have also been migrating to hosted exchange platforms, completely reducing complexities while maintaining redundancy and increasing uptime and potentially security.

Click Here To Read More

What’s new in Windows Server 2016

 

With Windows Server 2016 set for release this year, we take a look at some of the exciting features that have been included in technical previews so far.

Nano Server

Possibly the most interesting feature is the introduction of Nano Server. Nano Server is a purpose built operating system, scaled down to act as a platform of containers (more information below). Reducing the server footprint, Nano Server will require fewer patches and updates, improved resource utilization, less OS components and features as well as tightened security.

Click Here To Read More

Windows Provisioning and BYOD

What is it?

Provisioning packages can be created and deployed to windows 10 devices by using Windows Imaging and Configuration Designer (IDC). IDC creates provisioning packages which can be deployed to Windows 10 devices, including home devices which are not added to a domain. It allows quick configuration of a device without having to re-image. A provisioning packages is a set of rules that can be applied to both domain and non-domain (home) workstations / laptops and home devices, opening the door for a simplified approach to the complexities of managing a BYOD solution in the enterprise.

Click Here To Read More

SRX300 series and all new SRX1500

 

image

 

Juniper has released new “Next Generation” firewalls that come shipped with Junos OS 15.1X49 (October 2015) which leverages 64-Bit BSD 10, that purports to improve SMP multicore performance..  One of the initial standout features is the introduction of MACsec on all these new devices.  MACsec allows for secure (encrypted) layer 2 connections, as long as both ends support the MACsec IEEE standard 802.1ae (ie two srx’s or an SRX into an EX switch).  Up till now this feature was only available on the switching line sometimes with only certain optics and the MX series.

The new line of Intelligent firewalls also bring with them significant advances in Security Analytics, Anti-Malware & Zero Day threat protection through Junipers Sky Advanced

Click Here To Read More

Configuring the Juniper SRX to handle Brute Force attacks

 

The Juniper SRX firewall is very feature rich. License the product with Intrusion Detection or IDP and you have a super smart device capable of detecting the latest shell code exploits and configurable in a granular way to tailor your security response to just about any way you want. A quick word about performance however, while providing IT Support in the field I have noticed that the device performance is consideration once you start playing with these CPU intensive features. For sites with more than 10-15 users make sure the business has an SRX210 and above if you plan on rolling out the UTM, IDP feature sets. Its not mandatory, and it will certainly function but its best practice, at least in my opinion.

Ok so back to how to handle brute force detection. Juniper SRX has the ability to detect consecutive login attempts and then perform an action, like blocking the offending IP for a period of time. This is a great technique to thwart brute force attempts on networks where two factor authentication is not present.

Click Here To Read More

Setting up IDP on the Juniper SRX

———

 

Juniper

 

Intrusion Detection Prevention (IDP); or sometimes known as IPS, is a feature of the Juniper SRX range. IDP is available on the branch SRX’s all the way through to the datacentre versions and is a fantastic item under the IT Services feature set. IDP is particularly useful as another layer of security to inspect data transmissions between client and server and perform an actions upon it, a good example is IDP’s ability to detect known Shell code buffer overflow exploits that are out there in the wild and stop them in their tracks AND also block that IP for set period of time, like 1 hour, 1 day or a week! These buffer overflow style attacks are typically launched at a server once traditional enumeration steps have been performed by the remote attacker. To thwart the enumeration attacks juniper makes use of SCREENS, but that is a discussion for another time.

so how do we configure an SRX for IDP?

Click Here To Read More

Juniper Partnership Requirements

 

Clarity around Junipers partnership levels is murky at best, there are many benefits associated with each individual level so it perplexes me as to why the partnership requirements aren’t more succinctly explained on their website particularly for those engaged in IT Support as their profession. I have gathered what i have learned and presented it below

Juniper offer 3 levels of partnership

  • Reseller Status
  • Select Status
  • Elite Status

The difference in the partner levels equates to a larger percentage discount from equipment RRP buy price(s) plus marketing and engagement incentives.

The requirements for Reseller level is quite straight forward, but the Select and Elite level require partnership levels require multiple engineers and sales staff with JNCIS, JNSS and JNSA qualifications and a significant level of engagement from the company seeking to obtain the high levels. The JNCIS, JNSS and JNSA cover both the technical, product awareness and sales material which is important for pre/post-sales and implementation & advisory work

Click Here To Read More

Get a free IT consultation today

Contact Us Today - IT Consulting Sydney

simply complete your details below and a consultant will get right back to you

Or feel free to call us on
1300 88 35 99