Network Crash Course – Routers and Switches

If servers are like the brains of your network then the switches and routers are the backbone, carrying all the information on your network and making sure it gets to where it is supposed to go. In my time as an IT Pro I have seen this equipment grow from a simple ring of cable chaining a group of devices together to sophisticated equipment that moves data at high speeds and prioritizes traffic based on the type of data that is being sent. Today without routers and switches there would be no networks and no Internet.

Let’s talk about what a switch does. Basic un-managed switches receive packets of data from a device like a server, printer, or computer then using a list it keeps in its memory shoots that packet of data out the port that the intended target of the data is on. Sometimes there are multiple switches between where a packet starts and where it is destined to end up. In this case the switches have to also keep track of if the device is somewhere beyond another switch. Smart switches and managed switches have a host of features that allow a network pro or engineer manage and improve the quality of service on the network or secure groups of traffic and separate them from each other. The latter is important both for security and performance. One example of how using a smart or managed switch can improve security is this: You have a network with your workstations and your server on it and you have financial data for clients on that network. A contractor like an accountant or other business consultant comes in to do some work for your company and they need access to the internet. You have an extra desk and a cable for them to plug their computer into. They do so but their computer is infected with a virus that is able to collect data from your server and computers. It is relatively easy for the virus to do its work because it is directly connected to all the other devices on your network. With a smart switch or managed switch you can wall this one port off from the rest of the network and only allow access to the internet protecting your clients’ valuable data. This is just one of the benefits and features of using a smart or managed switch. Another is that generally they use better components and have faster internal speeds than a basic switch. If you have outside parties accessing your network either wired or wirelessly I highly recommend at least using smart switches in your network. Also if you are thinking about making the switch to VOIP phones a smart switch can allow you separate the voice traffic from your regular data traffic helping to prevent slowdowns on your network. Smart and managed switches require some configuration so like any other device it is a good idea to back up that configuration and back it up again any time it changes. The software on these smarter devices can and should be updated when the manufacturer releases updates. These updates are usually to fix issues or glitches in the software, security or otherwise but can also give the switch access to new features.

A router allows you to take multiple networks that are separated either physically or by software (like I discussed above in the example I gave for smart switches) and pass data between them. Most small and medium sized businesses only have one router on their network and it generally allows their network to connect to the internet. Routers can be set up to only allow certain traffic to go from one network to another and block everything else. Similar to switches routers keep a list, but instead of devices it is a list of networks. This list allows the router to keep track of what port it should send data out in order for it to reach its destination. Keeping with the previous example the router knows about the separate network your guest is on, the internet, and the network all of your devices are on. The router is configured to allow data from the guest network to get to the internet but not to your network. The router also lets your internal network access the internet but nothing from the internet is allowed to come into either network unless it was requested by a device on that network. You can think of a router like a border patrol checkpoint where multiple countries meet. It asks where are you going, why are you going there, and are you carrying anything you shouldn’t. That reminds me — routers have also taken on the role of integrating with firewalls and other next gen security tools. This means that they don’t just ask what is in your digital trunk; they search it, test it, and seize it before sending you on your way. This inspection helps to protect your network from viruses and attackers before the infected data ever gets to your computers. Like the smart and managed switches the software on routers gets updated several times throughout the device’s life. You should keep this software up to date and back up the configuration. Keeping the software up to date is especially important if you are using the advanced firewall features because that could mean the difference between something bad getting in and it being blocked.

Routers and switches can last a long time in your network because the only moving part is the fan. Heat and dust are the 2 major reasons these devices break so they need to be installed in a cool dust free location. Just because the switch is still working though doesn’t mean it should still be in your network. Most routers and switches go out of support or EOL (End-Of-Life) at some point. This is when the manufacturer will no longer provide support or software updates for the device. If your router or switch has been EOL for a year or more it is way past time to replace it. Like Windows XP, when hardware reaches its EOL it becomes a liability. If you have had a switch or router for 5 or 6 years and it is still supported by the manufacturer you might still want to begin planning on replacing it with newer hardware. The electronics in the device after running several years non-stop are likely to experience degraded performance and are, in my experience, more likely to fail. After 5 or 6 years the technology in new switches and routers has changed enough that you are likely to also get substantial benefits in speed, quality, and improved features by replacing your routers or switches. Don’t wait for your routers or switches to fail — this only leads to lost productivity. Have a plan in place for proactively maintaining your network hardware and replacing it as features and performance improve in newer equipment.

IE to Start Blocking Out-of-Date Java

Very soon Internet Explorer users may run into some trouble accessing certain websites. Java is a web page technology developed by Microsoft for use with Internet Explorer that allows developers to create richer interactive web applications. Like all software, new versions come out, support ends for older versions, and life goes on. In an effort to make browsing the internet a little more secure Internet Explorer 8 and above will start blocking older registered Java controls based on the version of Java it is using. Microsoft is not going whole hog and blocking all old Java components, just ones using Sun Java controls older than a certain version. This improved security feature has already been installed if your Windows updates for August have been applied and will go into effect on patch Tuesday September 9th.

Microsoft has a very good reason for doing this. Java exploits account for over 80% of the vulnerabilities targeted by hackers based on the articles I have read on the subject and the latest Microsoft Security Intelligence Report. Fear not! You can disable this feature, I wouldn’t recommend it though. When you are using one of the outdated versions of Java you will see a message either at the top or bottom or the browser window, depending on the version of IE you are using, that gives you the option to update your Java or just run it. If one of your application vendors is forcing you to use a specific, blocked version of the Java software then you need to have a long discussion with them about getting their application updated. If not, just update your Java version when it pops up and you will have no problem dealing with this new feature.

Make sure your employees are aware of the new functionality and the pop-up notifications they may see so they are not caught off guard on September 9th. If you have a reason to continue using the out-of-date Java versions talk to your IT admin or consultant about turning this feature off across your business or adding exceptions for only the application URLs that require the out-of-date version until the web application is updated to support new versions of Java.

Ad Networks, YouTube, and Ransomware

Over the past few weeks I have been seeing a rise in security articles and news media talking about ransomware. Ransomware is malware that takes over your computer preventing you from using the computer until you pay the “fine” to unlock it. I say fine here because most ransomware pretends to be from a law enforcement agency such as the FBI. The malware typically covers your screen with a window that cannot be closed demanding you pay a fine for having illegal materials on your computer. Similar ransomware has gained popularity. CryptoLocker and Cryptowall ransomware variants have gained popularity and do some real damage on an infected machine. By encrypting all of your files this ransomware makes retrieval of your data impossible without paying the ransom and having them unlock your files.

One of the most popular ways to spread these viruses is by using advertising networks. Attackers purchase ads on these networks that redirect you to sites that have either been compromised or designed to run a drive by attack on your machine which in turn infect the computer with the ransomware. To refresh your memory a drive by attack runs when you visit a website. The code on the site tests for known vulnerabilities in unpatched software then uses that vulnerability to infect the computer with some sort of virus. Recently reports of YouTube’s ad network being the latest favorite network for ransomware distribution. The reason is because YouTube’s ad network is very low cost and has extremely powerful tools that allow an attacker to target specific groups and geographic areas.

Protecting against this type of malware begins with good security practices. Having solid anti-malware software is only the first step. You should turn on the local firewall either in the operating system or the one that is part of your anti-malware suite. Next patch and update all your software regularly. Software that has the ability to auto update should have that feature turned on. Make sure that when prompted employees run the patches. Some malware looks like valid patch messages so training employees to know what they should see and recognize false patch requests is important. Work with your IT department to implement a patch management and monitoring system or contract a service provider like B.I.T.S. to do it for you. Finally, make sure you are backing up your files both on your computer’s local drives and on your servers. If one of these ransomware variants does make its way onto one of your computers and encrypts your files, restoring from a good backup is the only way to recover.

Amazon Fire Phone

If you haven’t seen an ad for these phones you will soon. The ads are popping up on TV, billboards, and on the internet. I decided to pop into an AT&T store to check this phone out. The front and back are both glass but the sides are a plastic material that feels good in your hand. It gives the device some grip. I opened some apps and checked out the camera — it seemed to all perform well. It felt though like I was using a tiny Kindle Fire. This could be a good thing or a bad thing, though I am leaning more towards bad because I didn’t find the Kindle Fire particularly impressive. I mentioned I stopped in an AT&T store to check the device out. This is because it is exclusive to the AT&T network so the only place to get the Fire Phone is from AT&T or direct form Amazon. The phone costs nearly $650 to purchase out of contract. If you are setting up a new contract or renewing then you can get the Fire Phone for around $200.

First impressions aside, the phone isn’t bad. The hardware is fairly decent if nearly outdated compared to the pace of the market. You can purchase the Fire Phone with 32GB or from what I can tell from my research you can purchase a 64GB version or will be able to soon. The camera is nice weighing in at 13 megapixels and is capable of taking 1080p video. You screen resolution junkies may be disappointed however, because the screen resolution on the 4.7″ screen is only 720p. The rest of the hardware is pretty middle of the road not blowing away any of the current Android based devices.

The Fire Phone runs the Fire OS 3.5 which does not allow you to directly access any of the apps on the Google Play Store that most other Android devices have access to. You can side load apps from other sources but I have never had much luck side loading apps. The Fire Phone excels at giving you access to all of your Amazon and Amazon prime content like books, movies, and music. The Amazon app store is filled with great apps but If you are an Android or iPhone user you might not find all of your favorite apps for this device. One of the big features Amazon is talking about with this device is Firefly, which is an object recognition app that identifies things using the camera then links you to them in the Amazon store. This feels like a way to push users to buy more from Amazon to me and really not that impressive. With the phone, you receive 1 year of Amazon Prime free plus unlimited Cloud Drive storage and automatic backup. That’s nice I suppose.

Based on my first impressions and the reviews I read for this device I wouldn’t recommend this device to anyone but the most diehard Amazon content users who need to make phone calls between movies. I certainly wouldn’t recommend it for a business user as all of its features are centered on accessing amazon content and entertainment leaving little room for productivity. If you want to check out more information about the Fire Phone you can go to Amazon’s site here:

A Network Crash Course – Your Servers

In less than 12 months Windows Server 2003 will be put to rest like its desktop sibling Windows XP. With this end of life date looming I have been working to migrate my clients to the latest version of Windows Server. This process is sometimes difficult to get started because I find many people don’t know or understand what their server actually does. This article is going to serve as an overview, a sort of crash course in what roles your server plays on your network. With Windows Servers there are three main roles I am going to discuss for simplicity sake. First is the Domain Controller, second is the File/Print Server, and third is the Application Server.

The domain controller server roll is the most complicated and least forgiving role when upgrading and migrating. Domain controllers keep a list of user names and passwords, they also keep track of what security rights and privileges users have on their computers and on the servers, kind of like “big brother” for your network. Anytime a user logs in the domain controller is consulted to see if they are allowed. When a user opens up a file on that “x” drive everyone has, the domain controller is asked if the user is allowed to access that file. In most cases the domain controller also provides some other services it needs but also shares with the rest of the devices on the network. One important service is called DNS or the Domain Naming Service. If you have ever typed in a web address or had to browse to a device on your network you have made use of DNS. It is like an address directory for the network it translates computer names like “Jim’s Computer” to a numerical address on the network. The other service usually found on Domain controllers in smaller networks is DHCP. DHCP is the other side of the coin from DNS. When your computer starts up it asks the DHCP service for an address so other computers can find it on the network. The best practice is to let the domain controller do its job and not use it for any other roles. This rarely happens in smaller networks though generally due to initial cost as well as additional maintenance cost for having multiple servers.

Our second role is that of the file and print server. These are two distinct roles but generally are lumped together except in larger networks where usage demands they be split. The file server is really where all the files are physically stored that are on that mysterious “x” drive I mentioned. By the way your, “x” drive might be called p, or z, or t, or any other letter of the alphabet depending on how your IT Pro felt when they set it up. The sole purpose of the file server portion of our dual identity server role is just to store your files and wait diligently until you need to retrieve your files from it. The print server identity is similar in simplistic duty. It waits for you to send a document to print, gathers it all up, and forwards it on to the printer. Additionally, the print server makes it easier on us administrators to manage the printers shared on the network and the drivers needed to install them on all the computers on your network.

Last but not least is the application server. These servers run specific programs like databases like SQL or Oracle, or email servers like Exchange. Sometimes they run multiple applications and perform the duties of a file server. The application server as its most basic function runs an application and stores all the data that application uses or creates. Turn it off and your network accounting software doesn’t work or outlook can’t send or receive email any more.

In small businesses all of these roles are usually stuffed into one single box which is a very cost effective use of the hardware. The upside of having a single server is maintaining it is less expensive because there is only one piece of hardware to worry about and only one device to backup. The downside is this set up isn’t very flexible and can be difficult and time consuming to migrate when it is time to replace or upgrade the server. Migration is especially tricky with the domain controller role running on that single server as well. Splitting up the roles on different hardware makes the system more flexible and resilient. If one server goes down you are not completely dead in the water. You still have access to the remaining services. Many times the domain controller role is set up on at least two servers in order to insure basic network services are always available. Multiple servers though means more cost and more hardware to manage not to mention multiple backups with which to deal. Scaling the hardware in each server can help to mitigate the cost somewhat by choosing hardware that has just the processing power, RAM, and storage needed to perform the role it is designed for.

I hope this brief overview helps you better understand what your servers do and some of the benefits and drawbacks to having a single server or multiple servers on your network. I recommend you have a plan and start with a single server that does it all. Then in a year or two add a separate domain controller and remove the role from that first server. If your applications are running slow or you are running out of space add a server just for the applications and alleviate that first server of those duties as well. Soon it will be time to replace that old server and you will have a solid, reliable, scalable server infrastructure that won’t even blink under the pressures of your business.

My Advice When Buying a Home Computer

It’s back to school time and everybody has a deal on pretty much everything, including computers. Naturally, this is also the time of year I get asked most frequently, what kind of computer should I get for my home? Simply put, my first response is, get what you want. Not to be terse, I follow up with what I am going to share with you now.

Computers have become a commodity technology like your TV or your microwave oven. Unless you have a specific use in mind for your computer like graphic editing or music composition what you choose comes down to what you like. If you like Dell, buy Dell if not, buy HP, or Asus. Most of the hardware inside is sourced from the same companies anyway. The next bit of advice I usually give is to ask yourself, what do you use your computer for now and why do you need a new one? If you are like most people, your home computer use is mainly for browsing the internet, playing a few games, checking email, and maybe organizing photos. If you liked the brand of PC you had and you just need some extra performance get another one just like what you have now with a faster processor and more RAM and you are all set. If you didn’t like the brand you got last time get a different brand. No matter what you get, they all have Windows 8.1… unless you are a Mac like those Apple commercials suggested. In that case just get a new Mac. They upgrade their hardware and OS almost every year.

This next bit is where things get a little sticky…you say you have been thinking about a tablet? Oh well that is a whole different can of worms… same worms, just a different can. I personally feel tablets have computers beat hands down for average day-to-day use. If you want to do all the same stuff you did on your computer well that’s easy just look for a hybrid tablet/laptop that runs Windows 8.1 and is within your budget. There are dozens of them in the marketplace and each has its merits and short-comings. Try before you buy. Find a Walmart, Best Buy, Staples that has these devices on display and go pick them up, hold them in your hand, use the touch screen, find one that makes you feel good. In the end, it is still just a Windows 8 computer. The more you want to do with it the more processor speed and RAM you need just like your computer.

What about iPads or Android tablets? They are both great. What kind of phone do you have? I suggest sticking to the same OS as your cell phone. The content shares much easier between devices running the same OS because they use the same app stores. If you have an iPhone get an iPad, Android phone get an Android tablet. A word of caution: Androids and iPads are not like Windows tablets. You have to think about things like pictures and documents differently. These are devices designed to consume content not really store and manage it. The cloud is your friend or a network attached hard drive as long as there is an app for it.

I find that for most of my home use a tablet is my go to almost 99% of the time and the same is true for my wife and kids. I do some light graphics editing and other things on occasion that I have to reach for my computer to do but by and large it tends to just collect dust. Seriously consider a tablet for your daily use but keep a PC around for that other stuff if you need it. I bet this time next year you will have given up your regular computer completely. If not and your computer still needs replaced don’t break the bank. Pick up something modest that will do just what you need it for or just get the hybrid Windows laptop. My niece just got a Lenovo Yoga to start college and loves being able to turn it into a tablet and use the touch screen. In the end like I said in the beginning, get what you want because that’s what you are going to use.

Dragonfly – Cyber Espionage

Earlier this month I read an interesting article about recent cyber-attacks on energy companies called Dragonfly. The end goal of Dragonfly is to sabotage whatever infrastructure it infiltrates, in this case power companies. There are two reasons this caught my interest. First it looks like Dragonfly is government sponsored. That means a government has hired cyber-security specialists to craft an attack designed to cripple the power grid or take control of it. Second is that the way Dragonfly works is similar to what many other threats infect computers like the ones I see in offices on a regular basis.

Dragonfly is a multi-staged attack. The group running the attack sends emails known as phishing emails to targeted firms with malware embedded in the messages. The emails are very convincing and look like messages the recipient would get from trusted sources. Next the group set up what is known as a watering hole attack. The way this attack works is the attacking group is able to gain access to a website they know is likely to be frequented by their target. Once the attacker has access they inject what’s known as an exploit kit that will allow them to exploit a flaw in their target’s web browser to deliver additional malware to the target computers. At this point most attacks on the internet at large have what they need from their targets. Dragonfly goes a step further and was able to turn legitimate software patches from several Information and Control Systems equipment manufacturers into Trojan Horses. This gave the attackers control over these systems as well. Any firm infiltrated by this multi-staged attack had their entire system from the devices that control the flow of power to the computers of the highest levels of management breached and under outside control.

If you have made it this far into the article you might be asking why we should worry about this attack. What does it have to do with a small business? This attack and how well it was planned and executed serves to prove a point. Hackers are no longer nerds living in their parent’s basement, they are groups of highly trained security experts hired by governments and private interests alike to gather information and gain control over remote resources. Their targets range from very specific to very broad groups and small businesses are in most cases the least protected. Business owners and managers whose companies use the internet for business in any way need to have a solid plan and strategy in place for making sure their valuable electronic assets are secure. That means working with your IT Pro to reduce the rights each user has on their local machine to just what they need for their daily activities and make sure antivirus is up to date as well as any software and operating systems on your network. Next generation firewalls that scan for malware as the data flows through them from the internet should be implemented. Users should be educated to recognize phishing attacks. They should know what to expect if their computer detects a virus so they are not vulnerable to the popular fake antivirus attacks. Security is important and should be a priority for any business, including small businesses.

Hybrid Cloud Storage

These days it seems like everything is all about the cloud, which we all know is just a fancy buzzword for the Internet. Cloud storage is a hot commodity and everyone wants their piece of the pie. The cloud and by extension cloud storage providers have a near endless supply of low cost storage. Getting to it and using it however has not been quite as easy as we in the small and medium business market had hoped. Most of the time using this cloud storage requires third party software that speaks directly to the cloud storage, a kind of middle man that controls the flow of data. If you have moved your infrastructure out to the cloud and your apps, then accessing this plethora of storage is no problem. For the rest of us there is hybrid cloud storage and the software and hardware vendors that make it possible.

What is hybrid cloud storage? Great question… Depending on which vendor you talk to it can be a few different things, in general it is either storage that replicates to the cloud and allows you to access your data from anywhere or it is just a cheap tier of storage you can add on to your existing local storage. In addition both views of hybrid cloud storage provide fast local access to data that then syncs back up to the cloud. One name that seems to come up frequently associated with hybrid cloud storage is Egnyte. Egnyte is one of those providers that allows you to share your data and access it from anywhere through the cloud. Starting at $40/mo billed annually you get everything you need to turn your storage into hybrid cloud storage for 5 users with 1TB of storage. Microsoft has a storage appliance called StorSimple that integrates with their Azure cloud storage. StorSimple provides fast local access to frequently used data and then moves stale or infrequently used data out to the Azure cloud. The locally stored data is synced with Azure providing a backup of your frequently used data as it changes. With a little work you can access you data that is stored in Azure via the cloud; however, it isn’t baked into the solution like it is with Egnyte. I was also not able to find a price for the StorSimple appliances so more than likely this particular solution “isn’t in the budget” for most small networks.

I see innumerable benefits to small businesses where the cloud is involved; however, the more I look into these exciting new buzzwords and their amazing technology the less it looks like they are designed for small businesses. Hybrid cloud storage looks to be another one of these not quite small business ready technologies. If you have a lot of data and need to get off of your local storage devices and into a managed cloud environment it is definitely worth exploring. If you are interested in finding out more about hybrid cloud storage solutions give me a call and I would be happy to help you find a solution that meets your needs.