KRACK Vulnerabilities creates huge Security risks for WiFi

On October 16th, 2017, ten new security vulnerabilities, referred to as Key Reinstallation Attack (KRACK), were announced that target the session establishment and management process in WPA(1/2)-PSK and WPA(1/2)-Enterprise.  This marks the first security vulnerability of WPA2 since its introduction.  The vulnerabilities are related to different key handshakes, used between the Wi-Fi supplicant (client) and the AP (authenticator) to derive and install encryption keys. Using these vulnerabilities an attacker can force a client or access point (AP) to reinstall the keys used to encrypt wireless data. This gives attackers the option to replay, decrypt, or forge frames from your WiFi network, meaning they can see your traffic or steal your data from devices connected to compromised WiFi.

How to keep your devices safe

Most vendors have already released patches/firmware for their devices in which you can fix these vulnerabilities.  Below are the firmware versions that are protected from the vulnerabilities and steps into upgrading to them if you have not already:

Meraki

MR33s, 30Hs, 74s networks must be upgraded to firmware MR 25.7, all other networks should be upgraded to version 24.11.

To upgrade your firmware, please use the “Firmware Upgrade Tool” on your dashboard.  To be sure that you have the right firmware, you may look for the “802.11r Vulnerability Impact” page on your dashboard.


Aruba

The following ArubaOS are protected from the KRACK vulnerabilities 6.3.1.25, 6.4.4.16, 6.5.1.9, 6.5.3.3, 6.5.4.2, 8.1.0.4.  For InstantOS, please make sure that your firmware is upgraded to 4.2.4.9, 4.3.1.6, 6.5.3.3, 6.5.4.2.


Please note that this takes care of one half (infrastructure), you must also make sure that your other half (clients) are also updated to their latest firmware to keep your whole network secure from these attacks.  Please see below for some of the vendor status for their firmware updates:

Desktops

Microsoft, Ubuntu and Linux have all released firmware updates to protect your clients from the vulnerability.  Although Microsoft has only stated that the current iterations of their products have updates such as Windows 7, 8 and 10.  As of now, macOS has no known fix but will be soon rolling out their fix soon.

Mobile

As of now, Android has already released a statement saying that a patch will be released on November 6, 2017 that will solve these issues.  So be ready to update your firmware for it by then.  Just like macOS, the iOS have no known fix as well, but the upside to this is that there will be a guaranteed update to your apple device so you will be updated the moment the patch is ready.

Again, to ensure you are protected from the KRACK vulnerability, you need to have both infrastructure and client sides protected protected from the vulnerability not one or the other.  We will update this article with the latest updates when they come out so please do check back every so often!

If you have any more inquiries on this, please do contact us at 893-9515 and we will do our best to answer them!

Image Designed by Freepik

Office 2007 Support has officially ended

Office 2007’s support officially ended last October 10, 2017.  This doesn’t mean that you will lose all your Office 2007 apps, nor will you lose any of your data associated with Office 2007.  Then what exactly does this mean then?  One big issue from discontinued support would be security; with no support, you could be exposing yourself to huge security risks.  Below are what you will be losing with the end of support:

  • You’ll no longer receive Office 2007 software updates from Microsoft Update.
  • You’ll no longer receive security updates. Security updates are what help protect your PC from harmful viruses, spyware, and other malicious software.
  • You’ll no longer receive phone or chat technical support.
  • No further updates to support content will be provided. In fact, most online help content will be retired.
  • You’ll no longer be able to download Office 2007 from the Microsoft web site.

Even though Office 2007 is still usable, you may want to consider upgrading to a newer version in lieu with the above benefits that you will be losing.  Below are the upgrades you can consider:

  1. Upgrading to Office 365 – the subscription version of Office that comes with Word, Excel, PowerPoint, and other apps, depending on the plan you choose. With Office 365, the apps are available on your computer for up to 5 users and via browser; one subscription enables you to use them on both your PC and Mac.
  2. Upgrading to Office 2016 – Office 2016 is a one-time purchase (not a subscription) for installation on one computer only.

CT Link Systems, Inc. joins Security TRENDs 2017!

Enterprises and organizations are facing next-tier, multifaceted threats that are both familiar and uncharted. As the cloud and the Internet of Things (IoT) ecosystem become more interconnected, it is essential for organizations tore-evaluate and redefine their understanding of threats, risks, and solutions in an ever-changing landscape.

With that, organizations and enterprises must ask: what threats should they prepare for? What risks are involved? What processes and procedures should be implemented?

In the face of next-tier threats, businesses must step up their game and LEVEL UP their defence against these threats.

In lieu of this, CT Link Systems, Inc. has joined Trend Micro’s Security TRENDs 2017 Executive Threat Defence Summit as an exhibitor to help educate businesses in the Philippines on the importance of Cyber Security.

To learn more or register to the event, please visit the site Here!

Citrix Synergy Comes to Manila!

Bringing the best of Synergy to you!

You are invited to join us and hear how Citrix can help you take the next steps towards building your secure digital workspace.

We will share the vision, key insights, and technology updates from Synergy ‘17 that will show you how to realize the full benefits of cloud while avoiding complexity and security challenges. IT and users co-create a software-defined perimeter that protects the business, data, and infrastructure. Digital workspaces secure and integrate technologies, platforms, devices, and clouds, ensuring that organizations can operationalize the future of work and drive business forward.

To register, provide your details HERE!

Program

Venue

To register, provide your details HERE!

Speed up your GDPR Compliance with Microsoft Cloud!

With the European Union’s new General Data Protection Regulation (GDPR) taking effect on May 2018, many companies are now working on complying with it.  Gartner believes that less than 50% of all organizations will be able to fully comply before its takes effect.  However, using the cloud can help dramatically increase compliance rate and Microsoft has worked with countless experts to help make its solutions simple and user friendly.

With roughly 160 GDPR requirements, which include how to collect, store, use personal information and even a mandate for a 72-hour notification for personal data breaches, it’s clear that using cloud technologies can help the speed of compliance in many organizations.  With this in mind, Microsoft has worked on their Trusted Cloud Principles, in which security, privacy, compliance and transparency are included, to help provide a unique journey to GDPR compliance.  Microsoft announced on February of this year that their cloud services would comply with the GDPR by next year May, which include Office 365, Dynamic 365, Azure (including Azure data services), Enterprise Mobility + Security, and Windows 10.

Cloud for compliance

Besides being compliant, Microsoft Cloud provides built-in sophisticated controls that can help you comply with the GDPR requirements.  Azure Information Protection is an example of one of the capabilities in the arsenal of Microsoft.  Azure Information Protection provides document tracking and revocation capabilities, this gives you the ability to monitor the flow of sensitive data and revoke access to it at any time.

Microsoft Cloud can also be used to discover, manage, protect and report on GDPR-related data.  With powerful intelligence capabilities on Microsoft Cloud, using features such as Office 365 Advanced Data Governance can intelligently manage your organization’s data with classifications, which can label sensitive data so that you can apply policies for either protection, retention or deletion.

Microsoft also plans on releasing a new dashboard as well to help provide a quantitative assessment to help identify where you are in your journey to GDPR compliance.

To learn more about Microsoft’s GDPR solution Here or learn more about Microsoft products from our Product page Here!

Migrate your Business to SAP HANA with the affordable SAP HANA Dynamic Tiering

What is SAP HANA?

Deployable on premise or in the cloud, SAP HANA is an in-memory data platform that lets you accelerate business processes, deliver more business intelligence, and simplify your IT environment. By providing the foundation for all your data needs, SAP HANA removes the burden of maintaining separate legacy systems and siloed data, so you can run live and make better business decisions in the new digital economy.

In summary, your company will be able to simplify its IT with one platform for trans-analytic applications.  This means that you will be able to analyze live data to support real-time business while at the same time reduce data redundancy, hardware and IT operations.  You will also be able to modernize your data centre with flexible SAP HANA deployment options, be it public or private cloud.  With SAP HANA, some companies are seeing 575% five-year  ROI by increasing innovation and decreasing data management costs.

If SAP HANA is so beneficial, why is it not a standard?

Even with all the business benefits that SAP HANA can provide, it is still placed on a company’s wish list rather than their next purchase.  Why you may ask?  Price.  The expense for an initial migration project for SAP HANA can cost the company over $2 million when things such as deployment, staff, hardware and licensing are considered.  Even with all its benefits, it is very hard to justify anything with that kind of cost behind it.  However, it is projected that by 2025 that SAP HANA will be a must have business solution, whether or not the company can justify the expense.  You must also take into consideration that just because your company is not getting SAP HANA that your competition will not.

Here is where SAP HANA Dynamic Tiering on an all-flash infrastructure comes in.  Be able to migrate to SAP HANA and gain the benefits of its real-time insights almost immediately without paying the potentially limiting upfront and ongoing costs.

S AP HANA Dynamic Tiering is an add-on for the SAP HANA database.  It allows less frequently used data (warm data) to be moved from the main in-memory SAP HANA database into extended storage.  Using extended storage can dramatically reduce costs by decreasing the size of the SAP HANA database – thereby lowering maintenance, hardware, and software/licensing costs.  When the extended storage is an all-flash infrastructure, performance loss can be minimized compared to keeping all date in SAP HANA itself.

Pure Storage tested the cost and performance impacts of running SAP HANA with SAP HANA Dynamic Tiering on their Pure Storage FlashStack converged-infrastructure solution to see if it was possible to save organizations millions of dollars while still being able to realize all of its benefits.  The results?  Organizations that run SAP HANA with SAP HANA Dynamic Tiering on Pure Storage’s all-flash infrastructure were able to quickly and easily start using SAP HANA at a lower cost (up to 75% lower) while still obtaining performance on par as if running SAP HANA on its own.  As a bonus, with Pure Storage all-flash solution and Pure Storage’s collaboration with SAP, organizations will be ready and able to reduce the overall in-memory data footprint and offload less frequently used war data on to all-flash technology while still obtaining high performance with future SAP HANA capabilities, be it the capabilities of SAP HANA Dynamic Tiering or something else.

To learn more about the Pure Storage test, please read this article for a more in-depth study.  If you want to learn more about Pure Storage, you can visit our product page or call us at 893-9515.

Citrix Announces NetScaler Secure Web Gateway Solution in NetScaler 12.0

Enterprises now are facing more and more attacks on their security from web sessions caused by their employees visiting compromised or malicious websites.  Which in turn can lead to malware or botnet installations, data theft and event ransomware infections on your network.  Even with web encryptions helping to keep things safer, there are now cases in which encryptions are being used to hide malware within your encrypted traffic.  Encryption also means less visibility and control.

Introducing the latest solution from Citrix’s NetScaler Security portfolio: NetScaler Secure Web Gateway (NetScaler SWG).

NetScaler SWG Capabilities:

  • NetScaler SWG solutionprovides Complete Visibility into encrypted traffic allowing security operations teams to inspect, analyze and control web traffic. NetScaler SWG solution acts as a forward proxy for all outgoing traffic enabling deployment of security policies with ease.
  • NetScaler URL Threat Intelligence Subscription is a cloud-based service that blocks access to millions of malware and phishing websites. This subscription service is available as an add-on option to NetScaler SWG solution.
  • NetScaler SWG solution with NetScaler MASprovides User Behavior Analytics based on user risk score.

Business Benefits for Security Operations Teams:

Organizations can Reduce their Business Risk and Increase Employee Productivityby protecting their employees against cyber security threats like phishing, and malware threats.

  • Security Operations teams gain deep visibility and real-time user behavior analytics to protect against malware threats.

Organizations can Ensure Corporate and Regulatory Policy Compliance.

  • Organizations have the visibility and control they need over encrypted traffic while ensuring compliance with their privacy, regulatory and acceptable user policies.

Organizations can Increase their Operational Efficiency by using singe pane of glass view for real-time visibility, analytics, and reporting.

  • Single pane of glass view through NetScaler Management and Analytics System (NetScaler MAS) provides real-time visibility, analytics, and reporting. Within seconds drill down to a per-user web usage view to understand events and correlated threats.

Learn more on Netscaler and other Citrix Products from our Product page or this article here!

Reimagining your Business for the Future with CT Link Systems!

CT Link Systems, Inc. in partnership with MSI-ECS will be hosting a multiple solutions day seminar for you and your business.  Learn more about solutions from HPE (Simplivity and Aruba), Trend Micro, and Velocloud on how they can help keep your business safe and improve on its operational efficiency.  The event will be on September 26, 2017 from 10AM to 3:30PM and will be held in Buffalo Wild Wings, Glorietta 2 (right beside Holiday Inn).   Hope to see you there!

 

Click Here to register! 

CT Link signs up to be a partner of Pure Storage!

All-flash arrays (AFAs) are now the next step when it comes to improving storage for enterprises as traditional solutions are now becoming less effective.  AFAs can help enable unprecedented data-mobility speeds that will allow data to be shared and accessed across functions as well as prevent spikes in latency.  These are just a few benefits that AFAs can provide to enterprise grade businesses.

To help bring these solutions to our clients, CT Link Systems, Inc. has become a partner for Pure Storage in the Philippines.

Who is Pure Storage?

Pure Storage helps companies push the boundaries of what’s possible. The company’s all-flash based technology, combined with its customer-friendly business model, drives business and IT transformation with solutions that are effortless, efficient and evergreen. With Pure’s industry leading Satmetrix-certified NPS score of 83.7, Pure customers are some of the happiest in the world, and include organizations of all sizes, across an ever-expanding range of industries.

To learn more, please visit our product page HERE!

 

Icons made by Freepik from www.flaticon.com is licensed by CC 3.0 BY

Power Shift in the SD-WAN Market

The SD-WAN market is seeing more and more businesses opting to integrate SD-WAN solutions into their IT systems. One of the rising stars of the growing industry, Velocloud, has gone with the approach of making SD-WAN “as a service”.  In an interview with CRN, VeloCloud CEO Sanjay Uppal explained his insights on the SD-WAN market, more specifically SD-WAN as a Service model.

“As things shift into more white-box and commodity hardware with software running as a service on top, the power is shifting,” said Uppal. “The move is afoot in terms of the power shifting to the buyer and they want SD-WAN as a Service, not SD-WAN as just another box. … No longer are people going to be locked in to custom hardware and proprietary platforms.”

VeloCloud, being under the model of “as a Service”, is precisely what sets it apart from the competition as no one else in the industry is following this solution model.  Majority of the competition either sell it as product, software or event more recently as a cloud gateway.  VeloCloud however, sell it to the customers on a consumption basis, what they need is what they get.

At the end of the day, if you go to an enterprise whether it be retail, banks or insurance, their main concern will be the business result or ROIs (return on investment).  In which VeloCloud sells them solutions which are tailor made for their problems, not based on what is the highest performing model.

VeloCloud puts its efforts on the outcome that the CIO is going after and then all of the architecture and programs that they put in place for the channel really support that.  This allows VeloCloud to go to the MSP and service provider and say, ‘We have a running system with over 700 enterprise customers. … We can train you on how to run this service, how to create demand for this service, how to train your people for it, how to do the logistics and support.’ That’s what the channel wants to hear.

To learn more about VeloCloud, visit our product page Here!